000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event,\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:20 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x400000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:20 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x0, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:16:20 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008b12, &(0x7f0000000000)="0adc1f023c123f3188a070") r1 = socket(0x200000000000011, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'dummy0\x00', 0x0}) bind$packet(r1, &(0x7f0000000040)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) 22:16:20 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x0, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) [ 1649.628368] FAT-fs (loop5): bogus number of reserved sectors [ 1649.666830] FAT-fs (loop5): Can't find a valid FAT filesystem [ 1649.689071] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1649.719028] CPU: 0 PID: 30327 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1649.726384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1649.735747] Call Trace: [ 1649.738363] dump_stack+0x172/0x1f0 [ 1649.742025] handle_userfault.cold+0x41/0x5d [ 1649.746471] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1649.751082] ? __handle_mm_fault+0x36b7/0x3f20 [ 1649.755680] ? find_held_lock+0x35/0x130 [ 1649.759770] ? __handle_mm_fault+0x36b7/0x3f20 [ 1649.764373] ? kasan_check_read+0x11/0x20 [ 1649.768553] ? lock_downgrade+0x810/0x810 [ 1649.772730] ? kasan_check_read+0x11/0x20 [ 1649.776899] ? do_raw_spin_unlock+0x57/0x270 [ 1649.781786] __handle_mm_fault+0x36c8/0x3f20 [ 1649.786218] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1649.791059] ? find_held_lock+0x35/0x130 [ 1649.795116] ? handle_mm_fault+0x322/0xb30 [ 1649.799353] ? kasan_check_read+0x11/0x20 [ 1649.803499] handle_mm_fault+0x43f/0xb30 [ 1649.807562] __do_page_fault+0x5da/0xd60 [ 1649.811623] do_page_fault+0x71/0x581 [ 1649.815417] ? page_fault+0x8/0x30 [ 1649.818950] page_fault+0x1e/0x30 [ 1649.822403] RIP: 0033:0x451880 [ 1649.825588] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1649.844497] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1649.850114] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1649.857378] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1649.864644] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1649.871906] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1649.879349] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:20 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000100)='/dev/input/mouse#\x00', 0xb9, 0x801) write$FUSE_NOTIFY_STORE(r1, &(0x7f0000000140)=ANY=[@ANYBLOB="29000000040000000000000000f8ffffffffffffff0000008000000000000000000000000000000000"], 0x29) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000180)={0x3, r1}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = shmget$private(0x0, 0x12000, 0x28, &(0x7f0000fee000/0x12000)=nil) shmctl$SHM_LOCK(r4, 0xb) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:16:20 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:20 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x0, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:16:20 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) openat$mixer(0xffffffffffffff9c, &(0x7f0000000200)='/dev/mixer\x00', 0x4a0543, 0x0) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0adc1f023c123f3188a070") r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x0, 0x0) sendmsg$can_raw(r1, &(0x7f0000000180)={&(0x7f0000000080), 0x10, &(0x7f0000000140)={&(0x7f0000000100)=@can={{0x0, 0x7, 0x2f, 0x2}, 0x1, 0x3, 0x0, 0x0, "bab2f57068283178"}, 0x10}, 0x1, 0x0, 0x0, 0x4040010}, 0x4008000) r2 = socket(0x200000000000011, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'dummy0\x00', 0x0}) bind$packet(r2, &(0x7f0000000040)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @broadcast}, 0x14) sendmmsg(r2, &(0x7f0000000d00), 0x400004e, 0x0) [ 1650.046840] FAT-fs (loop5): bogus number of reserved sectors [ 1650.069554] FAT-fs (loop5): Can't find a valid FAT filesystem [ 1650.093067] gfs2: not a GFS2 filesystem 22:16:21 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, 0x0) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:16:21 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x6b6b6b, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:21 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x2200, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2ed284d4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xffffffffffff9bf0}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mISDNtimer\x00', 0x101001, 0x0) ioctl$KDGKBSENT(0xffffffffffffffff, 0x4b48, &(0x7f0000000100)={0x400, 0xf2, 0x3}) 22:16:21 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event-\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:21 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:21 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, 0x0) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:16:21 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x8000a0, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:21 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, 0x0) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) [ 1650.504292] gfs2: not a GFS2 filesystem 22:16:21 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f203c123f3710dd050bd87334ab69b1467b74d8e831894d76b02d88a070") r1 = socket(0x200000000000011, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'dummy0\x00', 0x0}) bind$packet(r1, &(0x7f0000000040)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) writev(r0, &(0x7f0000000240)=[{&(0x7f0000000100)="8f0a57effe4700d3406f83be518fec92ea0587964464e50037e381d9514e10f669d9103059444f1262c50187ee99a6b462d75aa444c7b49b84cf97f4074dc3ee32122b37be1c9ce104384bcf5adebb0602f925871f705991e593c082bd7ead9842db2b61f3565851a9519c13d8b40f90bed0df96ed3bdbbd72f35398b734c0", 0x7f}, {&(0x7f0000000080)="05ce8613425b3dbd6f959cd2896681006f1ec7cd7e81bae80391c3dfe9be3cb0204180ed191f7a97d5c072a3dd41c36a6b7d28949935d1f2", 0x38}, {&(0x7f0000000180)="b808503e647ded1a5c019ffa9977965a653f76a0ced57199446718058b5d6f8a0024ddbce24cacc901fb7cd58d63327a6473d8e9fff6400820d0738e8c70f3f290c1f1f0b3cd56d8cd56093376e687562c916d6b1a889f5b254edbcfc20cc64d8258869ad8b0367d4811fa20a6f90429b8b91b1ba37b06720e023b5ad8e26f3bb78655bfd05675cf0c923d9074da03e9e5e8fb298d3a4d0b43ae34f905dc698c9c86ec176208136c56bf11848576265461", 0xb1}], 0x3) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) 22:16:21 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) r3 = syz_open_dev$vbi(&(0x7f0000000100)='/dev/vbi#\x00', 0x2, 0x2) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffff9c, 0x84, 0xe, &(0x7f0000000140)={0x0, 0x8, 0x2ed, 0x9, 0x0, 0x1, 0x4, 0x6, {0x0, @in={{0x2, 0x4e22, @broadcast}}, 0x3f, 0x8, 0x6, 0x2, 0x4}}, &(0x7f0000000200)=0xb0) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000240)={r4, 0x5}, 0x8) sendto$inet(r3, &(0x7f0000000280)="545ebeee454cbed11dad5c167ef02d78ce802f5c2ef85ca8a02d4210c0d193a87a1743632817b3f48d35e47b8d0df85e9fc76983fa65e1575f11172fdbc774f6c56aa7d542958f81c11bfa59f42ef2fe140959ea8c646317b87a011adbf0c94025e982a3f7779eb9641fdead2406b1f20c76889b44563501c4ed56dad454c58e7cecdfcf400371a206609f147f30fbdef55cb433d7929ffbc8e54d9807696ecbddfac03fdd6f9f6c536703eb2a07cbf7436a11ef5e3d65631949ba9ec07bff9b79032dfb", 0xc4, 0x810, &(0x7f0000000380)={0x2, 0x4e20, @remote}, 0x10) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) flock(r1, 0xc) 22:16:21 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:16:21 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event.\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1650.662771] gfs2: not a GFS2 filesystem 22:16:21 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x8002a0, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:21 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:16:21 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:21 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event0\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1650.903027] gfs2: not a GFS2 filesystem 22:16:21 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x1000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:21 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) [ 1650.969003] gfs2: not a GFS2 filesystem 22:16:21 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000000100)=0x4f) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1651.021676] handle_userfault: 3 callbacks suppressed [ 1651.021684] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1651.025776] FAT-fs (loop5): bogus number of reserved sectors [ 1651.037898] CPU: 1 PID: 30423 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1651.045739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1651.055119] Call Trace: [ 1651.057600] FAT-fs (loop5): Can't find a valid FAT filesystem [ 1651.057739] dump_stack+0x172/0x1f0 [ 1651.067274] handle_userfault.cold+0x41/0x5d 22:16:22 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(0x0, 0x0, 0x0) [ 1651.071729] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1651.076343] ? __handle_mm_fault+0x36b7/0x3f20 [ 1651.076362] ? find_held_lock+0x35/0x130 [ 1651.085359] ? __handle_mm_fault+0x36b7/0x3f20 [ 1651.089979] ? kasan_check_read+0x11/0x20 [ 1651.094143] ? lock_downgrade+0x810/0x810 [ 1651.094163] ? kasan_check_read+0x11/0x20 [ 1651.102463] ? do_raw_spin_unlock+0x57/0x270 [ 1651.106996] __handle_mm_fault+0x36c8/0x3f20 [ 1651.111430] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1651.116305] ? find_held_lock+0x35/0x130 [ 1651.120367] ? handle_mm_fault+0x322/0xb30 [ 1651.124698] ? kasan_check_read+0x11/0x20 [ 1651.128867] handle_mm_fault+0x43f/0xb30 [ 1651.132939] __do_page_fault+0x5da/0xd60 [ 1651.137272] do_page_fault+0x71/0x581 [ 1651.141072] ? page_fault+0x8/0x30 [ 1651.144623] page_fault+0x1e/0x30 [ 1651.148069] RIP: 0033:0x451880 [ 1651.151258] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1651.170775] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1651.176131] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1651.184172] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1651.191441] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1651.199251] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1651.206782] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:22 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0adc1f023c123f3188a070") r1 = socket(0x200000000000011, 0x4000000000080002, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000001b40)={{{@in6=@dev, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in6=@mcast2}}, &(0x7f0000001c40)=0xe8) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001c80)={'dummy0\x00', r2}) bind$packet(r1, &(0x7f0000000040)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @broadcast}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) 22:16:22 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:22 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(0x0, 0x0, 0x0) [ 1651.304259] FAT-fs (loop5): bogus number of reserved sectors [ 1651.310385] FAT-fs (loop5): Can't find a valid FAT filesystem 22:16:22 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000100)={{{@in6=@empty, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in=@multicast2}}, &(0x7f0000000200)=0xe8) fstat(r1, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f00000002c0)={{{@in6=@local, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in=@broadcast}}, &(0x7f00000003c0)=0xe8) write$P9_RSTATu(r2, &(0x7f0000000400)={0x67, 0x7d, 0x1, {{0x0, 0x49, 0x9, 0x5, {0x8, 0x1}, 0x50900000, 0x3, 0x2, 0x5, 0x0, '', 0x1, '(', 0x9, '/dev/kvm\x00', 0xc, '/vboxnet0+lo'}, 0x9, '/dev/kvm\x00', r3, r4, r5}}, 0x67) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:16:22 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x2000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1651.378095] gfs2: not a GFS2 filesystem 22:16:22 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(0x0, 0x0, 0x0) [ 1651.435851] gfs2: not a GFS2 filesystem 22:16:22 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2k', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1651.497252] FAT-fs (loop5): bogus number of reserved sectors [ 1651.521367] FAT-fs (loop5): Can't find a valid FAT filesystem [ 1651.626397] FAT-fs (loop5): bogus number of reserved sectors [ 1651.635876] FAT-fs (loop5): Can't find a valid FAT filesystem [ 1651.653780] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1651.679639] CPU: 0 PID: 30428 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1651.686897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1651.696269] Call Trace: [ 1651.698899] dump_stack+0x172/0x1f0 [ 1651.702555] handle_userfault.cold+0x41/0x5d [ 1651.707000] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1651.711608] ? __handle_mm_fault+0x36b7/0x3f20 [ 1651.716205] ? find_held_lock+0x35/0x130 [ 1651.720285] ? __handle_mm_fault+0x36b7/0x3f20 [ 1651.724897] ? kasan_check_read+0x11/0x20 [ 1651.729061] ? lock_downgrade+0x810/0x810 [ 1651.733225] ? kasan_check_read+0x11/0x20 [ 1651.737381] ? do_raw_spin_unlock+0x57/0x270 [ 1651.741803] __handle_mm_fault+0x36c8/0x3f20 [ 1651.746235] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1651.751088] ? find_held_lock+0x35/0x130 [ 1651.755167] ? handle_mm_fault+0x322/0xb30 [ 1651.759422] ? kasan_check_read+0x11/0x20 [ 1651.763586] handle_mm_fault+0x43f/0xb30 [ 1651.767665] __do_page_fault+0x5da/0xd60 [ 1651.771747] do_page_fault+0x71/0x581 [ 1651.775558] ? page_fault+0x8/0x30 [ 1651.779112] page_fault+0x1e/0x30 [ 1651.783003] RIP: 0033:0x451880 [ 1651.787246] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1651.806161] RSP: 002b:00007f04692b57a8 EFLAGS: 00010202 [ 1651.811549] RAX: 00007f04692b5850 RBX: 0000000000000003 RCX: 000000000000000e [ 1651.818825] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692b5850 [ 1651.826115] RBP: 000000000073bfa0 R08: 00000000000003ff R09: 0000000000000000 [ 1651.833477] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692b66d4 [ 1651.840773] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:22 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event1\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:22 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040), 0x0, 0x0) 22:16:22 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x48a, &(0x7f0000000000)={0x3f, 0x7, 0x6c4}, 0xc) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0adc1f023c123f3188a070") r1 = socket(0x200000000000011, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'dummy0\x00', 0x0}) bind$packet(r1, &(0x7f0000000040)={0x11, 0x400000000000000, r2, 0x1, 0x6, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) 22:16:22 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) fcntl$setflags(r1, 0x2, 0x1) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) connect$netlink(r3, &(0x7f0000000100)=@unspec, 0xc) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:16:22 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\xa0', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:22 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x3000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:22 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040), 0x0, 0x0) [ 1652.062115] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1652.094314] CPU: 0 PID: 30474 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1652.101555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1652.111099] Call Trace: [ 1652.113714] dump_stack+0x172/0x1f0 [ 1652.117370] handle_userfault.cold+0x41/0x5d [ 1652.121810] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1652.126513] ? __handle_mm_fault+0x36b7/0x3f20 [ 1652.131115] ? find_held_lock+0x35/0x130 [ 1652.135200] ? __handle_mm_fault+0x36b7/0x3f20 [ 1652.139808] ? kasan_check_read+0x11/0x20 [ 1652.143998] ? lock_downgrade+0x810/0x810 [ 1652.148180] ? kasan_check_read+0x11/0x20 [ 1652.148196] ? do_raw_spin_unlock+0x57/0x270 [ 1652.148216] __handle_mm_fault+0x36c8/0x3f20 [ 1652.148237] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1652.148249] ? find_held_lock+0x35/0x130 [ 1652.148263] ? handle_mm_fault+0x322/0xb30 [ 1652.148288] ? kasan_check_read+0x11/0x20 [ 1652.166139] handle_mm_fault+0x43f/0xb30 [ 1652.166165] __do_page_fault+0x5da/0xd60 [ 1652.166189] do_page_fault+0x71/0x581 [ 1652.166205] ? page_fault+0x8/0x30 [ 1652.182733] page_fault+0x1e/0x30 [ 1652.182746] RIP: 0033:0x451880 [ 1652.182762] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1652.182770] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1652.182781] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1652.182791] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1652.194203] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1652.194212] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1652.194221] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:23 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040), 0x0, 0x0) 22:16:23 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event2\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1652.297346] FAT-fs (loop5): bogus number of reserved sectors [ 1652.314899] FAT-fs (loop5): Can't find a valid FAT filesystem 22:16:23 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{}], 0x2000000000000006, 0x0) [ 1652.413124] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1652.437566] CPU: 0 PID: 30495 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1652.444850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1652.454218] Call Trace: [ 1652.456834] dump_stack+0x172/0x1f0 [ 1652.460532] handle_userfault.cold+0x41/0x5d [ 1652.464972] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1652.469575] ? __handle_mm_fault+0x36b7/0x3f20 [ 1652.474176] ? find_held_lock+0x35/0x130 [ 1652.478275] ? __handle_mm_fault+0x36b7/0x3f20 [ 1652.478297] ? kasan_check_read+0x11/0x20 [ 1652.478316] ? lock_downgrade+0x810/0x810 [ 1652.478335] ? kasan_check_read+0x11/0x20 [ 1652.487062] ? do_raw_spin_unlock+0x57/0x270 [ 1652.499759] __handle_mm_fault+0x36c8/0x3f20 [ 1652.504209] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1652.509060] ? find_held_lock+0x35/0x130 [ 1652.513156] ? handle_mm_fault+0x322/0xb30 [ 1652.517534] ? kasan_check_read+0x11/0x20 [ 1652.521695] handle_mm_fault+0x43f/0xb30 [ 1652.526127] __do_page_fault+0x5da/0xd60 [ 1652.530320] do_page_fault+0x71/0x581 [ 1652.534132] ? page_fault+0x8/0x30 [ 1652.537678] page_fault+0x1e/0x30 [ 1652.541136] RIP: 0033:0x451880 [ 1652.544334] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1652.563245] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1652.568614] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1652.575888] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 22:16:23 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\xa0', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:23 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0adc1f023c123f3188a070") r1 = socket(0xf, 0x100000000080f, 0xa88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'dummy0\x00', 0x0}) bind$packet(r1, &(0x7f0000000040)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) 22:16:23 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x4000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:23 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2318, 0x2) ioctl$UI_DEV_DESTROY(r3, 0x5502) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet6_udp_SIOCINQ(r0, 0x541b, &(0x7f0000000100)) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1652.583163] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1652.590448] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1652.597721] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:23 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{}], 0x2000000000000006, 0x0) [ 1652.661151] FAT-fs (loop5): bogus number of reserved sectors [ 1652.667015] FAT-fs (loop5): Can't find a valid FAT filesystem 22:16:23 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0adc1f023c123f3188a070") r1 = socket(0x200000000000011, 0x4000000000080002, 0x0) fcntl$getownex(r1, 0x10, &(0x7f0000000000)={0x0, 0x0}) fcntl$setown(r1, 0x8, r2) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000004c0)='TIPC\x00') recvmmsg(r1, &(0x7f0000003380)=[{{&(0x7f0000000600)=@can, 0x80, &(0x7f00000007c0)=[{&(0x7f0000000680)=""/33, 0x21}, {&(0x7f00000006c0)=""/255, 0xff}], 0x2}}, {{0x0, 0x0, &(0x7f0000001c00)=[{&(0x7f0000000800)=""/52, 0x34}, {&(0x7f0000000840)=""/117, 0x75}, {&(0x7f00000008c0)=""/146, 0x92}, {&(0x7f0000000980)=""/82, 0x52}, {&(0x7f0000000a00)=""/101, 0x65}, {&(0x7f0000000a80)=""/221, 0xdd}, {&(0x7f0000000b80)=""/94, 0x5e}, {&(0x7f0000000c00)=""/4096, 0x1000}], 0x8, &(0x7f0000001c80)=""/91, 0x5b}, 0x1f}, {{&(0x7f0000001d00)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x80, &(0x7f0000002f40)=[{&(0x7f0000001d80)=""/39, 0x27}, {&(0x7f0000001dc0)=""/195, 0xc3}, {&(0x7f0000001ec0)=""/117, 0x75}, {&(0x7f0000001f40)=""/4096, 0x1000}], 0x4, &(0x7f0000002f80)=""/95, 0x5f}, 0x100000000}, {{&(0x7f0000003000)=@rc, 0x80, &(0x7f00000032c0)=[{&(0x7f0000003080)=""/18, 0x12}, {&(0x7f00000030c0)=""/145, 0x91}, {&(0x7f0000003180)=""/201, 0xc9}, {&(0x7f0000003280)=""/50, 0x32}], 0x4, &(0x7f0000003300)=""/95, 0x5f}, 0x4}], 0x4, 0x20, 0x0) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f00000005c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x68, r3, 0x400, 0x70bd29, 0x25dfdbfb, {{}, 0x0, 0x4109, 0x0, {0x4c, 0x18, {0x3, @link='broadcast-link\x00'}}}, ["", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x8000}, 0x4000) setsockopt$inet6_udp_int(r1, 0x11, 0x66, &(0x7f0000000440)=0x20, 0x4) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'dummy0\x00', 0x0}) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000200)={{{@in6=@local, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in=@broadcast}}, &(0x7f0000000080)=0xe8) setsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000300)={{{@in=@remote, @in6=@loopback, 0x4e21, 0x0, 0x4e21, 0x0, 0xa, 0x80, 0xa0, 0x88, 0x0, r5}, {0x9, 0x3, 0xfffffffeffffffff, 0xffff, 0x7fffffff, 0x9, 0x1a2, 0x1000}, {0xde02, 0x2, 0x1ff, 0xfffffffffffffffb}, 0x3, 0x6e6bbb, 0x3, 0x1, 0x2, 0x2}, {{@in6=@mcast2, 0x4d2, 0x2b}, 0xa, @in=@rand_addr=0x2, 0x3502, 0x3, 0x0, 0x34, 0x1, 0x5, 0x400}}, 0xe8) bind$packet(r1, &(0x7f0000000040)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @broadcast}, 0x14) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000100)={0x0, 0x3, 0x6}, &(0x7f0000000140)=0x8) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000180)=ANY=[@ANYRES32=r6, @ANYBLOB="79160600f7ff57ab00000000040057d9"], &(0x7f0000000400)=0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) 22:16:23 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event9\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:23 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{}], 0x2000000000000006, 0x0) [ 1652.769801] FAT-fs (loop5): bogus number of reserved sectors [ 1652.809136] FAT-fs (loop5): Can't find a valid FAT filesystem [ 1652.881700] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1652.898386] CPU: 0 PID: 30523 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1652.905815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1652.915191] Call Trace: [ 1652.917812] dump_stack+0x172/0x1f0 [ 1652.921458] handle_userfault.cold+0x41/0x5d [ 1652.925917] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1652.930523] ? __handle_mm_fault+0x36b7/0x3f20 [ 1652.935129] ? find_held_lock+0x35/0x130 [ 1652.939297] ? __handle_mm_fault+0x36b7/0x3f20 [ 1652.943904] ? kasan_check_read+0x11/0x20 [ 1652.948767] ? lock_downgrade+0x810/0x810 [ 1652.952937] ? kasan_check_read+0x11/0x20 [ 1652.957098] ? do_raw_spin_unlock+0x57/0x270 [ 1652.961525] __handle_mm_fault+0x36c8/0x3f20 [ 1652.965948] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1652.970804] ? find_held_lock+0x35/0x130 [ 1652.975073] ? handle_mm_fault+0x322/0xb30 [ 1652.979332] ? kasan_check_read+0x11/0x20 [ 1652.983491] handle_mm_fault+0x43f/0xb30 [ 1652.987572] __do_page_fault+0x5da/0xd60 [ 1652.991657] do_page_fault+0x71/0x581 [ 1652.995900] ? page_fault+0x8/0x30 [ 1652.999484] page_fault+0x1e/0x30 [ 1653.002941] RIP: 0033:0x451880 [ 1653.006148] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1653.025057] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1653.030427] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1653.037706] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1653.044989] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1653.052264] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1653.059548] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:24 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x5000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:24 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:16:24 executing program 0: r0 = socket(0x2000000000000021, 0x2, 0x2) sendmmsg(r0, &(0x7f0000000080)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[{0x10, 0x110, 0x9}], 0x10}}], 0x1, 0x0) 22:16:24 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:24 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/eventP\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:24 executing program 0: r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(r0, 0x800000c0045005, &(0x7f0000000000)) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x200000, 0xfffffffffffffffd, 0x2012, r0, 0x0) read(r0, &(0x7f00000000c0)=""/243, 0xf3) [ 1653.221572] FAT-fs (loop5): bogus number of reserved sectors [ 1653.247379] FAT-fs (loop5): Can't find a valid FAT filesystem [ 1653.315179] FAT-fs (loop5): bogus number of reserved sectors [ 1653.330331] gfs2: not a GFS2 filesystem [ 1653.335135] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1653.336848] FAT-fs (loop5): Can't find a valid FAT filesystem [ 1653.343008] audit: type=1400 audit(1549923384.242:108): avc: denied { map } for pid=30547 comm="syz-executor.0" path="/dev/dsp1" dev="devtmpfs" ino=18458 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:sound_device_t:s0 tclass=chr_file permissive=1 [ 1653.377101] CPU: 0 PID: 30544 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1653.384371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1653.393744] Call Trace: [ 1653.396355] dump_stack+0x172/0x1f0 [ 1653.400004] handle_userfault.cold+0x41/0x5d [ 1653.404444] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1653.409042] ? __handle_mm_fault+0x36b7/0x3f20 [ 1653.413641] ? find_held_lock+0x35/0x130 [ 1653.417731] ? __handle_mm_fault+0x36b7/0x3f20 [ 1653.422330] ? kasan_check_read+0x11/0x20 [ 1653.426495] ? lock_downgrade+0x810/0x810 [ 1653.430836] ? kasan_check_read+0x11/0x20 [ 1653.434997] ? do_raw_spin_unlock+0x57/0x270 [ 1653.439429] __handle_mm_fault+0x36c8/0x3f20 [ 1653.443864] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1653.448736] ? find_held_lock+0x35/0x130 [ 1653.453172] ? handle_mm_fault+0x322/0xb30 [ 1653.457433] ? kasan_check_read+0x11/0x20 [ 1653.461602] handle_mm_fault+0x43f/0xb30 [ 1653.465683] __do_page_fault+0x5da/0xd60 [ 1653.469790] do_page_fault+0x71/0x581 [ 1653.473607] ? page_fault+0x8/0x30 [ 1653.477243] page_fault+0x1e/0x30 [ 1653.480712] RIP: 0033:0x451880 [ 1653.483920] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1653.502830] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1653.508851] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1653.516127] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1653.523667] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1653.530971] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1653.538251] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:24 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) syz_open_dev$cec(&(0x7f0000000100)='/dev/cec#\x00', 0x1, 0x2) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:16:24 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x6000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:24 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:24 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0adc1f023c123f3188a070") r1 = socket(0x200000000000011, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'dummy0\x00', 0x0}) openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x602, 0x0) bind$packet(r1, &(0x7f0000000040)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) 22:16:24 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/eventi\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1653.734944] FAT-fs (loop5): bogus number of reserved sectors [ 1653.756282] gfs2: not a GFS2 filesystem [ 1653.775153] FAT-fs (loop5): Can't find a valid FAT filesystem [ 1653.821765] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1653.836454] CPU: 0 PID: 30569 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1653.843739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1653.853125] Call Trace: [ 1653.855742] dump_stack+0x172/0x1f0 [ 1653.859395] handle_userfault.cold+0x41/0x5d [ 1653.863832] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1653.868430] ? __handle_mm_fault+0x36b7/0x3f20 [ 1653.873025] ? find_held_lock+0x35/0x130 [ 1653.877105] ? __handle_mm_fault+0x36b7/0x3f20 [ 1653.881715] ? kasan_check_read+0x11/0x20 [ 1653.885881] ? lock_downgrade+0x810/0x810 [ 1653.890135] ? kasan_check_read+0x11/0x20 [ 1653.894295] ? do_raw_spin_unlock+0x57/0x270 [ 1653.898721] __handle_mm_fault+0x36c8/0x3f20 [ 1653.903152] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1653.908004] ? find_held_lock+0x35/0x130 [ 1653.912077] ? handle_mm_fault+0x322/0xb30 [ 1653.916335] ? kasan_check_read+0x11/0x20 [ 1653.920780] handle_mm_fault+0x43f/0xb30 [ 1653.924859] __do_page_fault+0x5da/0xd60 [ 1653.928940] do_page_fault+0x71/0x581 [ 1653.932748] ? page_fault+0x8/0x30 [ 1653.936300] page_fault+0x1e/0x30 [ 1653.939756] RIP: 0033:0x451880 [ 1653.942964] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1653.961877] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1653.967248] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1653.974530] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1653.981808] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1653.989093] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1653.996368] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:24 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:24 executing program 0: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000080)={0x2, 0x1004e23, @local}, 0x10) [ 1654.050112] FAT-fs (loop5): bogus number of reserved sectors [ 1654.062828] FAT-fs (loop5): Can't find a valid FAT filesystem 22:16:25 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000180)='/proc/capi/capi20\x00', 0x1, 0x0) fstat(r0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0}) getgroups(0x4, &(0x7f0000000240)=[0x0, 0x0, 0xffffffffffffffff, 0xee01]) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000000280)={{{@in, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@local}}, &(0x7f0000000380)=0xe8) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='fuse\x00', 0x1102002, &(0x7f00000003c0)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id', 0x3d, r3}, 0x2c, {'group_id', 0x3d, r4}, 0x2c, {[{@allow_other='allow_other'}], [{@uid_eq={'uid', 0x3d, r5}}]}}) r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) 22:16:25 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x7000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1654.155329] gfs2: not a GFS2 filesystem 22:16:25 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event\x85\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:25 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f000014f000)={0x0, 0xf00000000000000, &(0x7f00000bfff0)={&(0x7f0000000180)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@mcast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa, 0x9946}}}, 0xb8}}, 0x0) 22:16:25 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0adc1f023c123f3188a070") r1 = socket(0x200000000000011, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'dummy0\x00', 0x0}) bind$packet(r1, &(0x7f0000000040)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) setsockopt$inet_sctp_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f0000000000)=0x6, 0x4) sendmmsg(r1, &(0x7f0000000d00), 0x400004e, 0x0) eventfd2(0x6, 0x800) 22:16:25 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000000080)=0x1000000, 0x4) [ 1654.323647] FAT-fs (loop5): bogus number of reserved sectors [ 1654.330402] gfs2: not a GFS2 filesystem [ 1654.342772] FAT-fs (loop5): Can't find a valid FAT filesystem [ 1654.385073] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1654.405990] CPU: 0 PID: 30596 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1654.413402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1654.413412] Call Trace: [ 1654.425475] dump_stack+0x172/0x1f0 [ 1654.425497] handle_userfault.cold+0x41/0x5d [ 1654.425523] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1654.438160] ? __handle_mm_fault+0x36b7/0x3f20 [ 1654.442769] ? find_held_lock+0x35/0x130 [ 1654.446856] ? __handle_mm_fault+0x36b7/0x3f20 [ 1654.451492] ? kasan_check_read+0x11/0x20 [ 1654.455679] ? lock_downgrade+0x810/0x810 [ 1654.459945] ? kasan_check_read+0x11/0x20 [ 1654.464109] ? do_raw_spin_unlock+0x57/0x270 [ 1654.468568] __handle_mm_fault+0x36c8/0x3f20 [ 1654.473078] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1654.477937] ? find_held_lock+0x35/0x130 [ 1654.482008] ? handle_mm_fault+0x322/0xb30 [ 1654.486276] ? kasan_check_read+0x11/0x20 [ 1654.490443] handle_mm_fault+0x43f/0xb30 [ 1654.494526] __do_page_fault+0x5da/0xd60 [ 1654.498654] do_page_fault+0x71/0x581 [ 1654.502463] ? page_fault+0x8/0x30 [ 1654.506011] page_fault+0x1e/0x30 [ 1654.509470] RIP: 0033:0x451880 [ 1654.512670] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1654.532992] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1654.538387] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1654.546133] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 22:16:25 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:25 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f0000000100)="dfde642e67650f01cb0f18dc0f01ca0f01c90f20d86635080000000f22d8baf80c66b8e6fca98166efbafc0cb000ee0fc71cb8eb008ed80f01c9"}], 0xaaaaaaaaaaaab2e, 0x4, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000080)="c7442400614bb3ebc7442402e2000000c7442406000000000f011424660f0138c4c235b7890e6700000f01c90f0666b8a5000f00d8d19a77bd4697b9b8090000b85d340000ba000000000f3066bad004ecc4c3f979670023", 0x58}], 0x1, 0x14, &(0x7f0000000180)=[@cr0, @cstype0={0x4, 0x4}], 0x2) [ 1654.553441] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1654.561305] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1654.568969] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:25 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event\xc1\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:25 executing program 0: r0 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000200)='/selinux/mls\x00', 0x0, 0x0) ioctl$DRM_IOCTL_ADD_BUFS(r0, 0xc0206416, &(0x7f0000000240)={0x9, 0x6, 0x7fe, 0x4, 0x2, 0x9}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rfkill\x00', 0x10e80, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r4, 0x404c534a, &(0x7f0000000140)={0x1f, 0x5, 0x5}) openat$urandom(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/urandom\x00', 0x100, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f00000001c0)={0x0, 0x0}) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) socketpair(0x2c, 0x3, 0x0, &(0x7f0000000140)={0x0, 0x0}) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 1654.655869] FAT-fs (loop5): bogus number of reserved sectors [ 1654.667771] FAT-fs (loop5): Can't find a valid FAT filesystem 22:16:25 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x8000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1654.784302] gfs2: not a GFS2 filesystem [ 1654.846033] gfs2: not a GFS2 filesystem [ 1654.885212] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1654.895036] CPU: 0 PID: 30619 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1654.902280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1654.911644] Call Trace: [ 1654.914260] dump_stack+0x172/0x1f0 [ 1654.921674] handle_userfault.cold+0x41/0x5d [ 1654.926113] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1654.930809] ? __handle_mm_fault+0x36b7/0x3f20 [ 1654.935414] ? find_held_lock+0x35/0x130 [ 1654.939501] ? __handle_mm_fault+0x36b7/0x3f20 [ 1654.944106] ? kasan_check_read+0x11/0x20 [ 1654.948721] ? lock_downgrade+0x810/0x810 [ 1654.952901] ? kasan_check_read+0x11/0x20 [ 1654.957066] ? do_raw_spin_unlock+0x57/0x270 [ 1654.961497] __handle_mm_fault+0x36c8/0x3f20 [ 1654.965937] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1654.970795] ? find_held_lock+0x35/0x130 [ 1654.974877] ? handle_mm_fault+0x322/0xb30 [ 1654.979143] ? kasan_check_read+0x11/0x20 [ 1654.983317] handle_mm_fault+0x43f/0xb30 [ 1654.987399] __do_page_fault+0x5da/0xd60 [ 1654.991486] do_page_fault+0x71/0x581 [ 1654.995474] ? page_fault+0x8/0x30 [ 1654.999049] page_fault+0x1e/0x30 [ 1655.002508] RIP: 0033:0x451880 [ 1655.005710] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1655.024678] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1655.030060] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1655.037346] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1655.044633] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1655.052461] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1655.059749] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:26 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:26 executing program 4: socket$inet_udplite(0x2, 0x2, 0x88) r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:16:26 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event\xe0\x03', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1655.088941] FAT-fs (loop5): bogus number of reserved sectors [ 1655.127706] FAT-fs (loop5): Can't find a valid FAT filesystem 22:16:26 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x12882, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000140)={0x7b, 0x0, [0x9, 0x5, 0x1, 0x1]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 22:16:26 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f00000000c0)=0x81a, 0x4) getsockopt$packet_buf(r0, 0x107, 0x6, 0x0, &(0x7f0000003740)) [ 1655.234419] gfs2: not a GFS2 filesystem [ 1655.234790] FAT-fs (loop5): bogus number of reserved sectors [ 1655.250586] FAT-fs (loop5): Can't find a valid FAT filesystem 22:16:26 executing program 0 (fault-call:4 fault-nth:0): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:16:26 executing program 4: socket$inet_udplite(0x2, 0x2, 0x88) r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:16:26 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:26 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x02', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:26 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x9000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:26 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:16:26 executing program 4: socket$inet_udplite(0x2, 0x2, 0x88) r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:16:26 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$vsock(0xffffffffffffff9c, &(0x7f00000013c0)='/dev/vsock\x00', 0x80000, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000001400)=[@in={0x2, 0x4e20, @broadcast}, @in={0x2, 0x4e22, @remote}, @in={0x2, 0x4e22, @empty}, @in6={0xa, 0x4e24, 0x9, @local, 0x2}, @in6={0xa, 0x4e24, 0x6, @mcast2, 0x3}, @in={0x2, 0x4e24, @broadcast}, @in={0x2, 0x4e24, @multicast2}, @in={0x2, 0x4e21, @empty}], 0x98) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000380)=[@text64={0x40, &(0x7f0000000280)="66b840008ec86665470f01f8f042874af2f3400f21da66ba4000b800000000ef64263e0f01c90f00d2f30fbd42af3e2e0f01f366660f382463d6", 0x3a}], 0x1, 0x400000000, 0x0, 0xfffffffffffffeb2) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r4 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/mls\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffff9c, 0x84, 0x18, &(0x7f0000000140)={0x0}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r4, 0x84, 0x1, &(0x7f00000001c0)={r5, 0xfffffffffffff800, 0xfffffffffffffff9, 0xcc17, 0x2, 0x4000000}, &(0x7f0000000200)=0x14) ioctl$VIDIOC_S_HW_FREQ_SEEK(r4, 0x40305652, &(0x7f0000000240)={0x101, 0x3, 0x1, 0x1, 0x8, 0x4, 0x9c67}) [ 1655.471597] FAT-fs (loop5): bogus number of reserved sectors [ 1655.478464] FAT-fs (loop5): Can't find a valid FAT filesystem 22:16:26 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x03', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:26 executing program 4: socket$inet_udplite(0x2, 0x2, 0x88) r0 = socket$inet(0x2b, 0x80000000000001, 0x0) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) [ 1655.526106] gfs2: not a GFS2 filesystem 22:16:26 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1, 0x3}], 0x2000000000000006, 0x0) [ 1655.612232] FAT-fs (loop5): bogus number of reserved sectors [ 1655.625538] gfs2: not a GFS2 filesystem [ 1655.630542] FAT-fs (loop5): Can't find a valid FAT filesystem 22:16:26 executing program 4: socket$inet_udplite(0x2, 0x2, 0x88) r0 = socket$inet(0x2b, 0x80000000000001, 0x0) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:16:26 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:26 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x04', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:26 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1, 0x300}], 0x2000000000000006, 0x0) 22:16:26 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xa000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:26 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x10010010000080, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xfd3a, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[0x1f, 0x7, 0x0, 0x1, 0x80, 0x4, 0x4, 0x1da8, 0x5, 0x8001, 0x1, 0x0, 0xa8a8, 0xffffffffffff8000, 0xfffffffe0, 0x5], 0x4001, 0x2000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:16:26 executing program 4: socket$inet_udplite(0x2, 0x2, 0x88) r0 = socket$inet(0x2b, 0x80000000000001, 0x0) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:16:26 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1, 0x3000000}], 0x2000000000000006, 0x0) [ 1655.841168] gfs2: not a GFS2 filesystem [ 1655.854583] FAT-fs (loop5): bogus number of reserved sectors [ 1655.878351] FAT-fs (loop5): Can't find a valid FAT filesystem 22:16:26 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x05', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:26 executing program 4: socket$inet_udplite(0x2, 0x2, 0x88) ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{}], 0x2000000000000006, 0x0) 22:16:26 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:26 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) r3 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/checkreqprot\x00', 0x280000, 0x0) ioctl$SIOCX25GCALLUSERDATA(r3, 0x89e4, &(0x7f0000000140)={0x0, "674c6ce0ece9856910097d6da75f5ce9c4cc74c3106b08b5a0bbd5690e5dd3a3189edc629f72963fd9e20470b9e781872d40a3cee05dac4c2ad831eb9ad5ac7cb7dcfa05ea165c2a380f6469ce5a8200049dd3399b9d934e0c4415a21e594a45063a30ebb6334ce0f0a3aa39430f9006a87af3950146ea10e850ff9577d3aacc"}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:16:26 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xb000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1656.096072] gfs2: not a GFS2 filesystem [ 1656.119078] handle_userfault: 5 callbacks suppressed [ 1656.119086] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1656.141005] CPU: 1 PID: 30710 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1656.149022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1656.158389] Call Trace: [ 1656.161023] dump_stack+0x172/0x1f0 [ 1656.164693] handle_userfault.cold+0x41/0x5d [ 1656.169270] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1656.173880] ? __handle_mm_fault+0x36b7/0x3f20 [ 1656.178483] ? find_held_lock+0x35/0x130 [ 1656.182558] ? __handle_mm_fault+0x36b7/0x3f20 [ 1656.187154] ? kasan_check_read+0x11/0x20 [ 1656.191317] ? lock_downgrade+0x810/0x810 [ 1656.195485] ? kasan_check_read+0x11/0x20 [ 1656.199642] ? do_raw_spin_unlock+0x57/0x270 [ 1656.204067] __handle_mm_fault+0x36c8/0x3f20 [ 1656.208518] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1656.213376] ? find_held_lock+0x35/0x130 [ 1656.217446] ? handle_mm_fault+0x322/0xb30 [ 1656.221712] ? kasan_check_read+0x11/0x20 [ 1656.225882] handle_mm_fault+0x43f/0xb30 [ 1656.229959] __do_page_fault+0x5da/0xd60 [ 1656.234044] do_page_fault+0x71/0x581 [ 1656.237859] ? page_fault+0x8/0x30 [ 1656.241409] page_fault+0x1e/0x30 [ 1656.244870] RIP: 0033:0x451880 [ 1656.248081] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d 22:16:27 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1, 0x3b9ac9ff}], 0x2000000000000006, 0x0) [ 1656.267080] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1656.272461] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1656.279838] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1656.287114] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1656.294507] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1656.301794] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:27 executing program 4: socket$inet_udplite(0x2, 0x2, 0x88) ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{}], 0x2000000000000006, 0x0) [ 1656.330714] FAT-fs (loop5): bogus number of reserved sectors [ 1656.340002] FAT-fs (loop5): Can't find a valid FAT filesystem [ 1656.351912] gfs2: not a GFS2 filesystem 22:16:27 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1, 0xfcffffff}], 0x2000000000000006, 0x0) 22:16:27 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:27 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000100)='/dev/null\x00', 0x100, 0x0) ioctl$BLKALIGNOFF(r3, 0x127a, &(0x7f0000000140)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:16:27 executing program 4: socket$inet_udplite(0x2, 0x2, 0x88) ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{}], 0x2000000000000006, 0x0) [ 1656.483787] FAT-fs (loop5): bogus number of reserved sectors [ 1656.513422] FAT-fs (loop5): Can't find a valid FAT filesystem [ 1656.551549] gfs2: not a GFS2 filesystem 22:16:27 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x06', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:27 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1, 0xffc99a3b}], 0x2000000000000006, 0x0) 22:16:27 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x10000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:27 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) [ 1656.673505] gfs2: not a GFS2 filesystem [ 1656.692242] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1656.697002] CPU: 1 PID: 30748 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1656.704207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1656.713662] Call Trace: [ 1656.716377] dump_stack+0x172/0x1f0 [ 1656.720657] handle_userfault.cold+0x41/0x5d [ 1656.725103] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1656.729702] ? __handle_mm_fault+0x36b7/0x3f20 [ 1656.734301] ? find_held_lock+0x35/0x130 [ 1656.738386] ? __handle_mm_fault+0x36b7/0x3f20 [ 1656.742998] ? kasan_check_read+0x11/0x20 [ 1656.747172] ? lock_downgrade+0x810/0x810 [ 1656.751340] ? kasan_check_read+0x11/0x20 [ 1656.755507] ? do_raw_spin_unlock+0x57/0x270 [ 1656.759942] __handle_mm_fault+0x36c8/0x3f20 [ 1656.764414] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1656.769467] ? find_held_lock+0x35/0x130 [ 1656.773563] ? handle_mm_fault+0x322/0xb30 [ 1656.777912] ? kasan_check_read+0x11/0x20 [ 1656.782997] handle_mm_fault+0x43f/0xb30 [ 1656.787342] __do_page_fault+0x5da/0xd60 [ 1656.791450] do_page_fault+0x71/0x581 [ 1656.795371] ? page_fault+0x8/0x30 [ 1656.798955] page_fault+0x1e/0x30 [ 1656.802680] RIP: 0033:0x451880 22:16:27 executing program 4: r0 = socket$inet(0x2b, 0x0, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) [ 1656.806540] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1656.825890] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1656.831446] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1656.838723] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1656.846519] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1656.853800] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1656.861601] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:27 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1, 0xfffffffc}], 0x2000000000000006, 0x0) 22:16:27 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:27 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\a', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:27 executing program 4: r0 = socket$inet(0x2b, 0x0, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:16:27 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1, 0x1000000000000}], 0x2000000000000006, 0x0) [ 1656.962968] FAT-fs (loop5): bogus number of reserved sectors [ 1656.993349] FAT-fs (loop5): Can't find a valid FAT filesystem 22:16:27 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x9, 0x0, 0x0, 0x9000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x22}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:16:27 executing program 4: r0 = socket$inet(0x2b, 0x0, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) [ 1657.067270] gfs2: not a GFS2 filesystem [ 1657.093257] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1657.103917] CPU: 0 PID: 30770 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1657.111175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1657.120911] Call Trace: [ 1657.120941] dump_stack+0x172/0x1f0 [ 1657.120963] handle_userfault.cold+0x41/0x5d [ 1657.120993] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1657.121010] ? __handle_mm_fault+0x36b7/0x3f20 [ 1657.121025] ? find_held_lock+0x35/0x130 [ 1657.121043] ? __handle_mm_fault+0x36b7/0x3f20 [ 1657.131666] ? kasan_check_read+0x11/0x20 [ 1657.131688] ? lock_downgrade+0x810/0x810 [ 1657.131709] ? kasan_check_read+0x11/0x20 [ 1657.131728] ? do_raw_spin_unlock+0x57/0x270 [ 1657.140914] __handle_mm_fault+0x36c8/0x3f20 [ 1657.140938] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1657.140953] ? find_held_lock+0x35/0x130 [ 1657.140967] ? handle_mm_fault+0x322/0xb30 [ 1657.140993] ? kasan_check_read+0x11/0x20 [ 1657.149623] handle_mm_fault+0x43f/0xb30 22:16:28 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:16:28 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x1a0f0000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1657.149651] __do_page_fault+0x5da/0xd60 [ 1657.149679] do_page_fault+0x71/0x581 [ 1657.149693] ? page_fault+0x8/0x30 [ 1657.149710] page_fault+0x1e/0x30 [ 1657.166537] RIP: 0033:0x451880 [ 1657.166553] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1657.166561] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1657.166573] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e 22:16:28 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1, 0x300000000000000}], 0x2000000000000006, 0x0) 22:16:28 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\t', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1657.166582] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1657.166590] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1657.166601] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1657.179928] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1657.341556] gfs2: not a GFS2 filesystem 22:16:28 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:16:28 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:28 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1, 0xfcffffff00000000}], 0x2000000000000006, 0x0) [ 1657.461018] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1657.465594] CPU: 1 PID: 30790 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1657.472815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1657.482189] Call Trace: [ 1657.484800] dump_stack+0x172/0x1f0 [ 1657.488453] handle_userfault.cold+0x41/0x5d [ 1657.492905] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1657.497513] ? __handle_mm_fault+0x36b7/0x3f20 [ 1657.502204] ? find_held_lock+0x35/0x130 [ 1657.506314] ? __handle_mm_fault+0x36b7/0x3f20 [ 1657.506336] ? kasan_check_read+0x11/0x20 [ 1657.506361] ? lock_downgrade+0x810/0x810 [ 1657.519350] ? kasan_check_read+0x11/0x20 [ 1657.523529] ? do_raw_spin_unlock+0x57/0x270 [ 1657.527956] __handle_mm_fault+0x36c8/0x3f20 [ 1657.527979] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1657.527993] ? find_held_lock+0x35/0x130 [ 1657.528007] ? handle_mm_fault+0x322/0xb30 [ 1657.528032] ? kasan_check_read+0x11/0x20 [ 1657.528051] handle_mm_fault+0x43f/0xb30 [ 1657.528071] __do_page_fault+0x5da/0xd60 [ 1657.528096] do_page_fault+0x71/0x581 [ 1657.528112] ? page_fault+0x8/0x30 [ 1657.565971] page_fault+0x1e/0x30 [ 1657.569729] RIP: 0033:0x451880 [ 1657.572933] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1657.591885] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1657.599189] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e 22:16:28 executing program 2: r0 = syz_open_dev$vcsn(&(0x7f0000000100)='/dev/vcs#\x00', 0x10001, 0x80000) write$P9_RLOPEN(r0, &(0x7f0000000140)={0x18, 0xd, 0x2, {{0x28, 0x2}, 0x3ff}}, 0x18) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) write$cgroup_int(r0, &(0x7f0000001180)=0x9, 0x12) ioctl$EVIOCGBITSW(r0, 0x80404525, &(0x7f0000000180)=""/4096) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 1657.606555] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1657.613834] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1657.621121] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1657.628503] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:28 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x1f000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:28 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) [ 1657.680712] gfs2: not a GFS2 filesystem 22:16:28 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1, 0xffc99a3b00000000}], 0x2000000000000006, 0x0) 22:16:28 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#H', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1657.769338] gfs2: not a GFS2 filesystem 22:16:28 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x0, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:16:28 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1, 0x0, 0x3}], 0x2000000000000006, 0x0) 22:16:28 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1657.845511] FAT-fs (loop5): bogus number of reserved sectors [ 1657.859132] FAT-fs (loop5): Can't find a valid FAT filesystem 22:16:28 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x0, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) [ 1657.931090] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1657.935760] CPU: 0 PID: 30825 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1657.942963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1657.952321] Call Trace: [ 1657.952363] dump_stack+0x172/0x1f0 [ 1657.952386] handle_userfault.cold+0x41/0x5d [ 1657.952412] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1657.952434] ? __handle_mm_fault+0x36b7/0x3f20 [ 1657.958649] ? find_held_lock+0x35/0x130 [ 1657.958671] ? __handle_mm_fault+0x36b7/0x3f20 [ 1657.958692] ? kasan_check_read+0x11/0x20 [ 1657.958712] ? lock_downgrade+0x810/0x810 [ 1657.958729] ? kasan_check_read+0x11/0x20 [ 1657.985888] ? do_raw_spin_unlock+0x57/0x270 [ 1657.985911] __handle_mm_fault+0x36c8/0x3f20 [ 1657.985933] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1657.985944] ? find_held_lock+0x35/0x130 [ 1657.985960] ? handle_mm_fault+0x322/0xb30 [ 1657.994256] ? kasan_check_read+0x11/0x20 [ 1657.994278] handle_mm_fault+0x43f/0xb30 [ 1657.994302] __do_page_fault+0x5da/0xd60 [ 1658.029423] do_page_fault+0x71/0x581 [ 1658.033238] ? page_fault+0x8/0x30 [ 1658.036799] page_fault+0x1e/0x30 [ 1658.040283] RIP: 0033:0x451880 [ 1658.043502] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1658.063334] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1658.068988] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1658.076517] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1658.084489] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1658.091836] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1658.099104] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1658.139177] FAT-fs (loop5): bogus number of reserved sectors [ 1658.145354] FAT-fs (loop5): Can't find a valid FAT filesystem 22:16:29 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x0, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:16:29 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1, 0x0, 0x300}], 0x2000000000000006, 0x0) [ 1658.183703] gfs2: not a GFS2 filesystem 22:16:29 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x20000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:29 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0x4) [ 1658.299983] gfs2: not a GFS2 filesystem 22:16:29 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1, 0x0, 0x3000000}], 0x2000000000000006, 0x0) 22:16:29 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, 0x0) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:16:29 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1658.354268] FAT-fs (loop5): bogus number of reserved sectors [ 1658.380090] FAT-fs (loop5): Can't find a valid FAT filesystem 22:16:29 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#L', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:29 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, 0x0) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:16:29 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1, 0x0, 0x3b9ac9ff}], 0x2000000000000006, 0x0) 22:16:29 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, 0x0) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) [ 1658.528573] FAT-fs (loop5): bogus number of reserved sectors [ 1658.536389] gfs2: not a GFS2 filesystem [ 1658.554498] FAT-fs (loop5): Can't find a valid FAT filesystem 22:16:29 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1, 0x0, 0xfcffffff}], 0x2000000000000006, 0x0) 22:16:29 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x20100000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:29 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:29 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$audion(&(0x7f0000000100)='/dev/audio#\x00', 0x6, 0x1) write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000140)={0x2a, 0x4, 0x0, {0x0, 0x7, 0x2, 0x0, [0x0, 0x0]}}, 0x2a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1658.670020] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1658.674598] CPU: 0 PID: 30873 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1658.681796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1658.691165] Call Trace: [ 1658.693786] dump_stack+0x172/0x1f0 [ 1658.697470] handle_userfault.cold+0x41/0x5d [ 1658.701900] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1658.706516] ? __handle_mm_fault+0x36b7/0x3f20 [ 1658.711121] ? find_held_lock+0x35/0x130 [ 1658.715205] ? __handle_mm_fault+0x36b7/0x3f20 [ 1658.719840] ? kasan_check_read+0x11/0x20 [ 1658.724006] ? lock_downgrade+0x810/0x810 [ 1658.728170] ? kasan_check_read+0x11/0x20 [ 1658.732501] ? do_raw_spin_unlock+0x57/0x270 [ 1658.736925] __handle_mm_fault+0x36c8/0x3f20 [ 1658.741351] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1658.746202] ? find_held_lock+0x35/0x130 [ 1658.750379] ? handle_mm_fault+0x322/0xb30 [ 1658.754649] ? kasan_check_read+0x11/0x20 [ 1658.758819] handle_mm_fault+0x43f/0xb30 [ 1658.762900] __do_page_fault+0x5da/0xd60 [ 1658.766984] do_page_fault+0x71/0x581 [ 1658.770788] ? page_fault+0x8/0x30 [ 1658.774421] page_fault+0x1e/0x30 [ 1658.777886] RIP: 0033:0x451880 [ 1658.782681] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1658.801595] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1658.806966] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e 22:16:29 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) [ 1658.814242] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1658.822743] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1658.830016] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1658.837296] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:29 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1, 0x0, 0xffc99a3b}], 0x2000000000000006, 0x0) 22:16:29 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#`', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1658.968059] gfs2: not a GFS2 filesystem 22:16:29 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:16:29 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1, 0x0, 0xfffffffc}], 0x2000000000000006, 0x0) 22:16:30 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:16:30 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:30 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1, 0x0, 0x1000000000000}], 0x2000000000000006, 0x0) [ 1659.128303] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1659.175700] CPU: 1 PID: 30897 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1659.183121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1659.192570] Call Trace: [ 1659.195164] dump_stack+0x172/0x1f0 [ 1659.198804] handle_userfault.cold+0x41/0x5d [ 1659.203222] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1659.207812] ? __handle_mm_fault+0x36b7/0x3f20 [ 1659.212388] ? find_held_lock+0x35/0x130 [ 1659.216440] ? __handle_mm_fault+0x36b7/0x3f20 [ 1659.221025] ? kasan_check_read+0x11/0x20 [ 1659.225165] ? lock_downgrade+0x810/0x810 [ 1659.229394] ? kasan_check_read+0x11/0x20 [ 1659.233531] ? do_raw_spin_unlock+0x57/0x270 [ 1659.237940] __handle_mm_fault+0x36c8/0x3f20 [ 1659.242350] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1659.247188] ? find_held_lock+0x35/0x130 [ 1659.251249] ? handle_mm_fault+0x322/0xb30 [ 1659.255494] ? kasan_check_read+0x11/0x20 [ 1659.259636] handle_mm_fault+0x43f/0xb30 [ 1659.263694] __do_page_fault+0x5da/0xd60 [ 1659.268728] do_page_fault+0x71/0x581 [ 1659.272526] ? page_fault+0x8/0x30 [ 1659.276056] page_fault+0x1e/0x30 [ 1659.279509] RIP: 0033:0x451880 [ 1659.282691] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1659.301669] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1659.307031] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1659.314291] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 22:16:30 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x23000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1659.321550] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1659.328820] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1659.336252] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:30 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(0x0, 0x0, 0x0) 22:16:30 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1, 0x0, 0x300000000000000}], 0x2000000000000006, 0x0) [ 1659.392073] gfs2: not a GFS2 filesystem [ 1659.406444] FAT-fs (loop5): bogus number of reserved sectors [ 1659.428199] FAT-fs (loop5): Can't find a valid FAT filesystem [ 1659.458790] gfs2: not a GFS2 filesystem 22:16:30 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(0x0, 0x0, 0x0) 22:16:30 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#h', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:30 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100)='/dev/hwrng\x00', 0x200801, 0x0) ioctl$RTC_WKALM_SET(r3, 0x4028700f, &(0x7f0000000140)={0x1, 0x1, {0x13, 0x32, 0x11, 0xf, 0xa, 0x403, 0x6, 0x99, 0xffffffffffffffff}}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000380)={0xffffffffffffffff}, 0x2, 0x100b}}, 0x20) write$RDMA_USER_CM_CMD_QUERY(r3, &(0x7f0000000400)={0x13, 0x10, 0xfa00, {&(0x7f0000000180), r4, 0x1}}, 0x18) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) recvfrom$rxrpc(r3, &(0x7f0000000580)=""/53, 0x35, 0x61, &(0x7f00000005c0)=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e21, @local}}, 0x24) r5 = syz_genetlink_get_family_id$fou(&(0x7f0000000480)='fou\x00') sendmsg$FOU_CMD_GET(r3, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x40000200}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x24, r5, 0x404, 0x70bd2b, 0x25dfdbfc, {}, [@FOU_ATTR_AF={0x8, 0x2, 0xa}, @FOU_ATTR_AF={0x8, 0x2, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x4000800) 22:16:30 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1, 0x0, 0xfcffffff00000000}], 0x2000000000000006, 0x0) 22:16:30 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x2d040000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:30 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1659.657126] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1659.662115] CPU: 0 PID: 30935 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1659.669406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1659.669412] Call Trace: [ 1659.669437] dump_stack+0x172/0x1f0 [ 1659.669460] handle_userfault.cold+0x41/0x5d [ 1659.669483] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1659.694064] ? __handle_mm_fault+0x36b7/0x3f20 [ 1659.698757] ? find_held_lock+0x35/0x130 [ 1659.702838] ? __handle_mm_fault+0x36b7/0x3f20 [ 1659.707589] ? kasan_check_read+0x11/0x20 [ 1659.711757] ? lock_downgrade+0x810/0x810 [ 1659.715926] ? kasan_check_read+0x11/0x20 [ 1659.720091] ? do_raw_spin_unlock+0x57/0x270 [ 1659.724518] __handle_mm_fault+0x36c8/0x3f20 [ 1659.729044] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1659.733904] ? find_held_lock+0x35/0x130 [ 1659.737985] ? handle_mm_fault+0x322/0xb30 [ 1659.742275] ? kasan_check_read+0x11/0x20 [ 1659.746549] handle_mm_fault+0x43f/0xb30 [ 1659.746574] __do_page_fault+0x5da/0xd60 [ 1659.746596] do_page_fault+0x71/0x581 [ 1659.758588] ? page_fault+0x8/0x30 [ 1659.758605] page_fault+0x1e/0x30 [ 1659.758617] RIP: 0033:0x451880 [ 1659.758635] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1659.788230] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1659.788242] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e 22:16:30 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1, 0x0, 0xffc99a3b00000000}], 0x2000000000000006, 0x0) 22:16:30 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(0x0, 0x0, 0x0) 22:16:30 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#l', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1659.788249] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1659.788256] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1659.788264] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1659.788272] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1659.887347] gfs2: not a GFS2 filesystem 22:16:30 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000002, 0x0) 22:16:30 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040), 0x0, 0x0) [ 1659.997300] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1660.002604] CPU: 0 PID: 30957 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1660.009824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1660.019191] Call Trace: [ 1660.019222] dump_stack+0x172/0x1f0 [ 1660.019243] handle_userfault.cold+0x41/0x5d [ 1660.019269] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1660.019284] ? __handle_mm_fault+0x36b7/0x3f20 [ 1660.019302] ? find_held_lock+0x35/0x130 [ 1660.043074] ? __handle_mm_fault+0x36b7/0x3f20 [ 1660.047911] ? kasan_check_read+0x11/0x20 [ 1660.052051] ? lock_downgrade+0x810/0x810 [ 1660.056280] ? kasan_check_read+0x11/0x20 [ 1660.060426] ? do_raw_spin_unlock+0x57/0x270 [ 1660.064828] __handle_mm_fault+0x36c8/0x3f20 [ 1660.069246] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1660.074079] ? find_held_lock+0x35/0x130 [ 1660.078146] ? handle_mm_fault+0x322/0xb30 [ 1660.082394] ? kasan_check_read+0x11/0x20 [ 1660.086538] handle_mm_fault+0x43f/0xb30 [ 1660.090600] __do_page_fault+0x5da/0xd60 [ 1660.094660] do_page_fault+0x71/0x581 [ 1660.098455] ? page_fault+0x8/0x30 [ 1660.101983] page_fault+0x1e/0x30 [ 1660.105440] RIP: 0033:0x451880 [ 1660.108624] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1660.127613] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1660.133052] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1660.140315] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1660.147588] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1660.154847] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1660.162106] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:31 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#t', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:31 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x39040000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:31 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000003, 0x0) [ 1660.247711] gfs2: not a GFS2 filesystem [ 1660.366223] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1660.374049] CPU: 0 PID: 30969 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1660.381285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1660.390656] Call Trace: [ 1660.393708] dump_stack+0x172/0x1f0 [ 1660.397394] handle_userfault.cold+0x41/0x5d [ 1660.401825] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1660.406423] ? __handle_mm_fault+0x36b7/0x3f20 [ 1660.411020] ? find_held_lock+0x35/0x130 [ 1660.415128] ? __handle_mm_fault+0x36b7/0x3f20 [ 1660.419778] ? kasan_check_read+0x11/0x20 [ 1660.423962] ? lock_downgrade+0x810/0x810 [ 1660.428149] ? kasan_check_read+0x11/0x20 [ 1660.432744] ? do_raw_spin_unlock+0x57/0x270 [ 1660.437178] __handle_mm_fault+0x36c8/0x3f20 [ 1660.441603] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1660.446542] ? find_held_lock+0x35/0x130 [ 1660.450617] ? handle_mm_fault+0x322/0xb30 [ 1660.454872] ? kasan_check_read+0x11/0x20 [ 1660.459042] handle_mm_fault+0x43f/0xb30 [ 1660.463141] __do_page_fault+0x5da/0xd60 [ 1660.467393] do_page_fault+0x71/0x581 [ 1660.471323] ? page_fault+0x8/0x30 [ 1660.474868] page_fault+0x1e/0x30 [ 1660.478322] RIP: 0033:0x451880 [ 1660.481527] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1660.500434] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1660.505801] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1660.513072] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1660.520344] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1660.527696] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1660.534955] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:31 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:16:31 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:31 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040), 0x0, 0x0) 22:16:31 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000004, 0x0) 22:16:31 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x3a040000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:31 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#z', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1660.679162] gfs2: not a GFS2 filesystem 22:16:31 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000005, 0x0) 22:16:31 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040), 0x0, 0x0) 22:16:31 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1660.804845] gfs2: not a GFS2 filesystem 22:16:31 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x3b040000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:31 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$sndpcmc(&(0x7f0000000180)='/dev/snd/pcmC#D#c\x00', 0x1, 0x4000) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffff9c, 0x84, 0x6c, &(0x7f00000001c0)={0x0, 0xde, "4e8355a062873ade9100751d5826d6881544222153ed3a699e49efccd22c1a7092612b75d5e1b2f14ffddd8def1ecd42c92cade375bd48ccbff674723d6894fa6ee0f42fec3cd6a396c1d167383dacb4212a641facdbb8ce80d4202e389ff7ebf3ecc7150d26713ec4e4bb50764933d0f5076d68b985a71615c4b64d8c56ad9adb411bf66f086a83ba47bcce2544e19d72d44afc2a151473dd0c6d0c87ea2fc5a92a3fca6720a6898bc2bac9694f58f15b6f611d01862bf6e20c33682a0edba8ffbadadb9faf152e1afeb31742e000d7374842c103f374af1814a9a633d6"}, &(0x7f00000002c0)=0xe6) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f0000000300)=ANY=[@ANYRES32=r3, @ANYBLOB="06000000"], 0x8) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$ASHMEM_GET_NAME(r2, 0x81007702, &(0x7f0000000380)=""/63) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VIDIOC_SUBDEV_G_SELECTION(r2, 0xc040563d, &(0x7f0000000340)={0x1, 0x0, 0x103, 0x4, {0x60f, 0x329, 0x1000, 0x707}}) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vfio/vfio\x00', 0x800, 0x0) ioctl$sock_TIOCOUTQ(r5, 0x5411, &(0x7f0000000140)) 22:16:31 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x3) 22:16:31 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{}], 0x2000000000000006, 0x0) 22:16:31 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:31 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:31 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{}], 0x2000000000000006, 0x0) 22:16:32 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x300) 22:16:32 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x3c040000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1661.078292] gfs2: not a GFS2 filesystem 22:16:32 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:32 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{}], 0x2000000000000006, 0x0) [ 1661.145413] gfs2: not a GFS2 filesystem 22:16:32 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:32 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_PAUSE(r3, 0x54a3) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:16:32 executing program 4 (fault-call:2 fault-nth:0): r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) [ 1661.291102] handle_userfault: 5 callbacks suppressed [ 1661.291109] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1661.319377] CPU: 1 PID: 31043 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1661.326621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1661.335992] Call Trace: [ 1661.338596] dump_stack+0x172/0x1f0 [ 1661.342230] handle_userfault.cold+0x41/0x5d [ 1661.346655] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1661.351274] ? __handle_mm_fault+0x36b7/0x3f20 [ 1661.355877] ? find_held_lock+0x35/0x130 [ 1661.359934] ? __handle_mm_fault+0x36b7/0x3f20 [ 1661.364509] ? kasan_check_read+0x11/0x20 [ 1661.368651] ? lock_downgrade+0x810/0x810 [ 1661.372793] ? kasan_check_read+0x11/0x20 [ 1661.376932] ? do_raw_spin_unlock+0x57/0x270 [ 1661.381336] __handle_mm_fault+0x36c8/0x3f20 [ 1661.385755] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1661.390590] ? find_held_lock+0x35/0x130 [ 1661.394646] ? handle_mm_fault+0x322/0xb30 [ 1661.398911] ? kasan_check_read+0x11/0x20 [ 1661.403231] handle_mm_fault+0x43f/0xb30 [ 1661.407292] __do_page_fault+0x5da/0xd60 [ 1661.411352] do_page_fault+0x71/0x581 [ 1661.415144] ? page_fault+0x8/0x30 [ 1661.418672] page_fault+0x1e/0x30 [ 1661.422114] RIP: 0033:0x451880 [ 1661.425385] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1661.444294] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1661.449663] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1661.456930] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1661.464192] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1661.471452] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1661.478721] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:32 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x3d040000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1661.499582] gfs2: not a GFS2 filesystem 22:16:32 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) [ 1661.605308] gfs2: not a GFS2 filesystem 22:16:32 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:32 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x3e040000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:32 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1661.772546] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1661.781664] CPU: 0 PID: 31069 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1661.788891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1661.798259] Call Trace: [ 1661.798287] dump_stack+0x172/0x1f0 [ 1661.798311] handle_userfault.cold+0x41/0x5d [ 1661.798338] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1661.798359] ? __handle_mm_fault+0x36b7/0x3f20 [ 1661.798375] ? find_held_lock+0x35/0x130 [ 1661.804636] ? __handle_mm_fault+0x36b7/0x3f20 [ 1661.804658] ? kasan_check_read+0x11/0x20 [ 1661.804677] ? lock_downgrade+0x810/0x810 [ 1661.804694] ? kasan_check_read+0x11/0x20 [ 1661.835184] ? do_raw_spin_unlock+0x57/0x270 [ 1661.835207] __handle_mm_fault+0x36c8/0x3f20 [ 1661.835228] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1661.835241] ? find_held_lock+0x35/0x130 [ 1661.835259] ? handle_mm_fault+0x322/0xb30 [ 1661.848298] ? kasan_check_read+0x11/0x20 [ 1661.848319] handle_mm_fault+0x43f/0xb30 [ 1661.848344] __do_page_fault+0x5da/0xd60 [ 1661.848370] do_page_fault+0x71/0x581 [ 1661.877624] ? page_fault+0x8/0x30 [ 1661.881158] page_fault+0x1e/0x30 [ 1661.884598] RIP: 0033:0x451880 [ 1661.887788] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1661.906855] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1661.912310] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1661.919593] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1661.926853] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1661.934119] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1661.941380] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:32 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x3000000) 22:16:32 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0, 0x3}], 0x2000000000000006, 0x0) 22:16:33 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x3f000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1662.060582] gfs2: not a GFS2 filesystem 22:16:33 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$mouse(&(0x7f0000000240)='/dev/input/mouse#\x00', 0x400, 0x240642) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$UI_SET_PHYS(r2, 0x4008556c, &(0x7f0000000200)='syz1\x00') r3 = openat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x4000, 0x81) accept4$unix(r3, &(0x7f0000000140)=@abs, &(0x7f00000001c0)=0x6e, 0x80000) ioctl$KVM_SET_NR_MMU_PAGES(r1, 0xae44, 0xff) [ 1662.108864] gfs2: not a GFS2 filesystem 22:16:33 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:33 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0, 0x300}], 0x2000000000000006, 0x0) [ 1662.221137] FAT-fs (loop5): bogus number of reserved sectors [ 1662.229761] FAT-fs (loop5): Can't find a valid FAT filesystem [ 1662.300838] FAT-fs (loop5): bogus number of reserved sectors [ 1662.307696] gfs2: not a GFS2 filesystem [ 1662.316325] FAT-fs (loop5): Can't find a valid FAT filesystem 22:16:33 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0, 0x3000000}], 0x2000000000000006, 0x0) 22:16:33 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:33 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x3f040000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:33 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:33 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0x5, 0x200) ioctl$sock_bt_hidp_HIDPCONNDEL(r1, 0x400448c9, &(0x7f00000001c0)={{0x101, 0x10001, 0xff, 0x800, 0x7f}, 0xbba9e6e}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = syz_open_dev$sndpcmp(&(0x7f0000000100)='/dev/snd/pcmC#D#p\x00', 0x4ddd, 0x0) setsockopt$llc_int(r4, 0x10c, 0x7, &(0x7f0000000140)=0x7, 0x4) 22:16:33 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0, 0x3b9ac9ff}], 0x2000000000000006, 0x0) [ 1662.548063] gfs2: not a GFS2 filesystem [ 1662.691388] gfs2: not a GFS2 filesystem [ 1662.708215] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1662.712811] CPU: 0 PID: 31126 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1662.720189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1662.729557] Call Trace: [ 1662.732169] dump_stack+0x172/0x1f0 [ 1662.735822] handle_userfault.cold+0x41/0x5d [ 1662.740265] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1662.744872] ? __handle_mm_fault+0x36b7/0x3f20 [ 1662.749482] ? find_held_lock+0x35/0x130 [ 1662.753566] ? __handle_mm_fault+0x36b7/0x3f20 [ 1662.758179] ? kasan_check_read+0x11/0x20 [ 1662.762375] ? lock_downgrade+0x810/0x810 [ 1662.762397] ? kasan_check_read+0x11/0x20 [ 1662.762415] ? do_raw_spin_unlock+0x57/0x270 [ 1662.762434] __handle_mm_fault+0x36c8/0x3f20 [ 1662.770754] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1662.770770] ? find_held_lock+0x35/0x130 [ 1662.770786] ? handle_mm_fault+0x322/0xb30 [ 1662.794521] ? kasan_check_read+0x11/0x20 [ 1662.798687] handle_mm_fault+0x43f/0xb30 [ 1662.798711] __do_page_fault+0x5da/0xd60 [ 1662.798735] do_page_fault+0x71/0x581 [ 1662.798748] ? page_fault+0x8/0x30 [ 1662.798762] page_fault+0x1e/0x30 [ 1662.806870] RIP: 0033:0x451880 [ 1662.806885] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1662.806893] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1662.806905] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1662.806913] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1662.806931] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1662.866850] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1662.874122] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:33 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0, 0xfcffffff}], 0x2000000000000006, 0x0) 22:16:33 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x40000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:33 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:33 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x3b9ac9ff) 22:16:33 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$cgroup_ro(r2, &(0x7f0000000180)='memory.e\xcbUc>-\xaeZ\xa5G\xbdN\xa0ventt\x00M\xfe\xef\x1d\xccz>\xafp\x11\x84k\x81\x88u|\xd9\xc6Rc\xdd\xfc\xfa\t\\\xa7\t\b\xb3Z\xe1@\x1b\xd6\x88\xfeuw\xfb3\xea.\xf5N\xfc-g0\xd8{jV~\x87\xcc\xc1A\xb7i$\x85y\xab\xaenW\x939\xb5M\xd9\xa0\x1c\xbfY\xd0\x9a\xcag\x92\xb2\xe0Y\xea#\xc3\xa1\x14\xeb8\x12\x0e)18\xb0%\xbeb\x8a\x02\xb6\x03\xe3\xd1\x8b\x14\xb7}\x9e\xbe\xd7\x85a\xd7p*\xe0\x81vx\xc5\xa9\xee\r\xcc\x1bX\x84;\x0f\xa8\xb8\xa6n\xc6*\x8bG`\x87$\xd7\xa8\x8agaJ\xd0', 0x0, 0x0) ioctl$VIDIOC_ENUMSTD(r3, 0xc0485619, &(0x7f0000000140)={0x6, 0x0, "9cd0f395ddd7eec04ab07e1f1aa6e4f0bc697a6b856a982a", {0x2, 0x1000}, 0xfff}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:16:33 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0, 0xffc99a3b}], 0x2000000000000006, 0x0) [ 1663.053977] gfs2: not a GFS2 filesystem [ 1663.058699] FAT-fs (loop5): bogus number of reserved sectors [ 1663.090806] FAT-fs (loop5): Can't find a valid FAT filesystem 22:16:34 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1663.176557] gfs2: not a GFS2 filesystem [ 1663.193198] FAT-fs (loop5): bogus number of reserved sectors 22:16:34 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0, 0xfffffffc}], 0x2000000000000006, 0x0) 22:16:34 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1663.228982] FAT-fs (loop5): Can't find a valid FAT filesystem 22:16:34 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0, 0x1000000000000}], 0x2000000000000006, 0x0) 22:16:34 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x40040000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1663.351817] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1663.362525] CPU: 0 PID: 31161 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1663.369901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1663.379263] Call Trace: [ 1663.381889] dump_stack+0x172/0x1f0 [ 1663.385557] handle_userfault.cold+0x41/0x5d [ 1663.390006] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1663.394720] ? __handle_mm_fault+0x36b7/0x3f20 [ 1663.399306] ? find_held_lock+0x35/0x130 [ 1663.399328] ? __handle_mm_fault+0x36b7/0x3f20 [ 1663.399345] ? kasan_check_read+0x11/0x20 [ 1663.407983] ? lock_downgrade+0x810/0x810 [ 1663.408005] ? kasan_check_read+0x11/0x20 [ 1663.408022] ? do_raw_spin_unlock+0x57/0x270 [ 1663.408055] __handle_mm_fault+0x36c8/0x3f20 [ 1663.408080] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1663.408092] ? find_held_lock+0x35/0x130 [ 1663.408106] ? handle_mm_fault+0x322/0xb30 [ 1663.408129] ? kasan_check_read+0x11/0x20 [ 1663.446733] handle_mm_fault+0x43f/0xb30 22:16:34 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0, 0x300000000000000}], 0x2000000000000006, 0x0) [ 1663.450823] __do_page_fault+0x5da/0xd60 [ 1663.454927] do_page_fault+0x71/0x581 [ 1663.458740] ? page_fault+0x8/0x30 [ 1663.462286] page_fault+0x1e/0x30 [ 1663.466277] RIP: 0033:0x451880 [ 1663.469481] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1663.488379] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1663.493744] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e 22:16:34 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x8000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000100)={[{0x91, 0x9, 0x1, 0x0, 0x2, 0x0, 0x4000000000, 0x0, 0x7, 0x7fffffff, 0x5, 0xffffffff, 0xff}, {0x5, 0x5, 0x4, 0xe04a, 0x5, 0x7, 0x7, 0x1, 0x5, 0x0, 0x1, 0x7fffffff, 0x101}, {0x9, 0x5, 0x9, 0x7, 0x7fff, 0x7, 0x0, 0x30000000000000, 0x5, 0x3, 0x7fffffff, 0xff, 0x8e}], 0x5}) r3 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/cachefiles\x00', 0x101000, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x103, 0x0, 0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x4000001000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x801, 0x800000000, 0x0, 0x0, 0x1, 0x9, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, r3, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1663.501278] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1663.508563] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1663.515860] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1663.523155] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1663.575581] gfs2: not a GFS2 filesystem 22:16:34 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0, 0xfcffffff00000000}], 0x2000000000000006, 0x0) 22:16:34 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1663.677630] gfs2: not a GFS2 filesystem [ 1663.838036] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1663.844589] CPU: 1 PID: 31188 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1663.851786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1663.861144] Call Trace: [ 1663.863734] dump_stack+0x172/0x1f0 [ 1663.867387] handle_userfault.cold+0x41/0x5d [ 1663.871802] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1663.876385] ? __handle_mm_fault+0x36b7/0x3f20 [ 1663.881066] ? find_held_lock+0x35/0x130 [ 1663.885124] ? __handle_mm_fault+0x36b7/0x3f20 [ 1663.889701] ? kasan_check_read+0x11/0x20 [ 1663.893849] ? lock_downgrade+0x810/0x810 [ 1663.897993] ? kasan_check_read+0x11/0x20 [ 1663.902148] ? do_raw_spin_unlock+0x57/0x270 [ 1663.906559] __handle_mm_fault+0x36c8/0x3f20 [ 1663.910965] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1663.915800] ? find_held_lock+0x35/0x130 [ 1663.919861] ? handle_mm_fault+0x322/0xb30 [ 1663.924096] ? kasan_check_read+0x11/0x20 [ 1663.928238] handle_mm_fault+0x43f/0xb30 [ 1663.932417] __do_page_fault+0x5da/0xd60 [ 1663.936662] do_page_fault+0x71/0x581 [ 1663.940547] ? page_fault+0x8/0x30 [ 1663.944077] page_fault+0x1e/0x30 [ 1663.947523] RIP: 0033:0x451880 [ 1663.950706] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1663.969599] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1663.974952] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1663.982224] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1663.989659] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1663.996921] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1664.004193] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:35 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0xfcffffff) 22:16:35 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:35 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0, 0xffc99a3b00000000}], 0x2000000000000006, 0x0) 22:16:35 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x41040000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:35 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) r3 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/policy\x00', 0x0, 0x0) ioctl$TUNSETNOCSUM(r3, 0x400454c8, 0x1) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:16:35 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:35 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0, 0x0, 0x3}], 0x2000000000000006, 0x0) [ 1664.219474] gfs2: not a GFS2 filesystem 22:16:35 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x42040000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:35 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rtc0\x00', 0x0, 0x0) ioctl$SG_SCSI_RESET(r2, 0x2284, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet_tcp_SIOCINQ(r2, 0x541b, &(0x7f0000000100)) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) [ 1664.304423] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1664.314024] CPU: 1 PID: 31214 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1664.321279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1664.321286] Call Trace: [ 1664.321308] dump_stack+0x172/0x1f0 [ 1664.321336] handle_userfault.cold+0x41/0x5d [ 1664.341350] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1664.341370] ? __handle_mm_fault+0x36b7/0x3f20 [ 1664.350552] ? find_held_lock+0x35/0x130 [ 1664.354625] ? __handle_mm_fault+0x36b7/0x3f20 [ 1664.359227] ? kasan_check_read+0x11/0x20 [ 1664.363412] ? lock_downgrade+0x810/0x810 [ 1664.363431] ? kasan_check_read+0x11/0x20 [ 1664.363446] ? do_raw_spin_unlock+0x57/0x270 [ 1664.363465] __handle_mm_fault+0x36c8/0x3f20 [ 1664.380670] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1664.385523] ? find_held_lock+0x35/0x130 [ 1664.389591] ? handle_mm_fault+0x322/0xb30 [ 1664.393932] ? kasan_check_read+0x11/0x20 [ 1664.398108] handle_mm_fault+0x43f/0xb30 [ 1664.402187] __do_page_fault+0x5da/0xd60 [ 1664.406356] do_page_fault+0x71/0x581 [ 1664.410162] ? page_fault+0x8/0x30 [ 1664.413709] page_fault+0x1e/0x30 [ 1664.417163] RIP: 0033:0x451880 [ 1664.420446] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1664.439352] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1664.445849] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e 22:16:35 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0, 0x0, 0x300}], 0x2000000000000006, 0x0) [ 1664.453135] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1664.460413] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1664.467777] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1664.475059] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:35 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:35 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1664.673955] gfs2: not a GFS2 filesystem [ 1664.684370] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1664.707561] CPU: 0 PID: 31233 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1664.714894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1664.724279] Call Trace: [ 1664.724309] dump_stack+0x172/0x1f0 [ 1664.724331] handle_userfault.cold+0x41/0x5d [ 1664.724359] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1664.724374] ? __handle_mm_fault+0x36b7/0x3f20 [ 1664.724390] ? find_held_lock+0x35/0x130 [ 1664.730625] ? __handle_mm_fault+0x36b7/0x3f20 [ 1664.730647] ? kasan_check_read+0x11/0x20 [ 1664.730667] ? lock_downgrade+0x810/0x810 [ 1664.730684] ? kasan_check_read+0x11/0x20 [ 1664.765307] ? do_raw_spin_unlock+0x57/0x270 [ 1664.769741] __handle_mm_fault+0x36c8/0x3f20 [ 1664.774180] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1664.779017] ? find_held_lock+0x35/0x130 [ 1664.783080] ? handle_mm_fault+0x322/0xb30 [ 1664.788177] ? kasan_check_read+0x11/0x20 [ 1664.792348] handle_mm_fault+0x43f/0xb30 [ 1664.796440] __do_page_fault+0x5da/0xd60 [ 1664.800539] do_page_fault+0x71/0x581 [ 1664.804378] ? page_fault+0x8/0x30 [ 1664.807935] page_fault+0x1e/0x30 [ 1664.811401] RIP: 0033:0x451880 [ 1664.814617] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1664.833599] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1664.838974] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1664.846240] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1664.853596] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1664.860874] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1664.860882] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:36 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0xffc99a3b) 22:16:36 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0, 0x0, 0x3000000}], 0x2000000000000006, 0x0) 22:16:36 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x43040000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:36 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f00000001c0)="eabb4aaea60d0066ba4300ec2e0f0926660f388252830f0118ea50000000230166bad004ed0f01b475080000003e0f017e000f32"}], 0xaaaaaca, 0x1, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:16:36 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:36 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:36 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0, 0x0, 0x3b9ac9ff}], 0x2000000000000006, 0x0) [ 1665.205060] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1665.214147] gfs2: not a GFS2 filesystem [ 1665.227507] CPU: 1 PID: 31254 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1665.234752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1665.244117] Call Trace: [ 1665.246762] dump_stack+0x172/0x1f0 [ 1665.250411] handle_userfault.cold+0x41/0x5d [ 1665.254859] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1665.259461] ? __handle_mm_fault+0x36b7/0x3f20 [ 1665.264062] ? find_held_lock+0x35/0x130 [ 1665.268175] ? __handle_mm_fault+0x36b7/0x3f20 [ 1665.272784] ? kasan_check_read+0x11/0x20 [ 1665.276963] ? lock_downgrade+0x810/0x810 [ 1665.281162] ? kasan_check_read+0x11/0x20 [ 1665.285505] ? do_raw_spin_unlock+0x57/0x270 [ 1665.289960] __handle_mm_fault+0x36c8/0x3f20 [ 1665.294410] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1665.299310] ? find_held_lock+0x35/0x130 [ 1665.304393] ? handle_mm_fault+0x322/0xb30 [ 1665.309147] ? kasan_check_read+0x11/0x20 [ 1665.313605] handle_mm_fault+0x43f/0xb30 [ 1665.317811] __do_page_fault+0x5da/0xd60 [ 1665.321944] do_page_fault+0x71/0x581 [ 1665.325780] ? page_fault+0x8/0x30 [ 1665.329360] page_fault+0x1e/0x30 [ 1665.332840] RIP: 0033:0x451880 [ 1665.336042] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1665.355403] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1665.361058] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1665.368343] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1665.375707] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1665.382993] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1665.390271] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:36 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x44040000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:36 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:36 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) getpeername$llc(r1, &(0x7f0000000100)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0x10) [ 1665.486047] gfs2: not a GFS2 filesystem 22:16:36 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0, 0x0, 0xfcffffff}], 0x2000000000000006, 0x0) 22:16:36 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1665.707719] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1665.712290] gfs2: not a GFS2 filesystem [ 1665.726228] CPU: 0 PID: 31284 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1665.733544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1665.743101] Call Trace: [ 1665.746064] dump_stack+0x172/0x1f0 [ 1665.749791] handle_userfault.cold+0x41/0x5d [ 1665.754297] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1665.758966] ? __handle_mm_fault+0x36b7/0x3f20 [ 1665.763792] ? find_held_lock+0x35/0x130 [ 1665.767918] ? __handle_mm_fault+0x36b7/0x3f20 [ 1665.772583] ? kasan_check_read+0x11/0x20 [ 1665.776818] ? lock_downgrade+0x810/0x810 [ 1665.781040] ? kasan_check_read+0x11/0x20 [ 1665.785255] ? do_raw_spin_unlock+0x57/0x270 [ 1665.789745] __handle_mm_fault+0x36c8/0x3f20 [ 1665.794184] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1665.799032] ? find_held_lock+0x35/0x130 [ 1665.803110] ? handle_mm_fault+0x322/0xb30 [ 1665.807368] ? kasan_check_read+0x11/0x20 [ 1665.811538] handle_mm_fault+0x43f/0xb30 [ 1665.815612] __do_page_fault+0x5da/0xd60 [ 1665.819737] do_page_fault+0x71/0x581 [ 1665.823543] ? page_fault+0x8/0x30 [ 1665.827091] page_fault+0x1e/0x30 [ 1665.830545] RIP: 0033:0x451880 [ 1665.833748] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1665.852745] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1665.858111] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1665.865384] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1665.872658] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1665.880119] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1665.887393] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1665.927923] gfs2: not a GFS2 filesystem 22:16:36 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0xfffffffc) 22:16:36 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x48000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:36 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0, 0x0, 0xffc99a3b}], 0x2000000000000006, 0x0) 22:16:36 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:36 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0x4) 22:16:36 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1666.128503] gfs2: not a GFS2 filesystem 22:16:37 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0, 0x0, 0xfffffffc}], 0x2000000000000006, 0x0) [ 1666.183523] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1666.190139] FAT-fs (loop5): bogus number of reserved sectors [ 1666.202585] CPU: 0 PID: 31311 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1666.203836] gfs2: not a GFS2 filesystem [ 1666.209838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1666.209844] Call Trace: [ 1666.209871] dump_stack+0x172/0x1f0 [ 1666.209895] handle_userfault.cold+0x41/0x5d [ 1666.209920] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1666.209936] ? __handle_mm_fault+0x36b7/0x3f20 [ 1666.209951] ? find_held_lock+0x35/0x130 [ 1666.209966] ? __handle_mm_fault+0x36b7/0x3f20 [ 1666.209982] ? kasan_check_read+0x11/0x20 [ 1666.209996] ? lock_downgrade+0x810/0x810 [ 1666.210013] ? kasan_check_read+0x11/0x20 [ 1666.210027] ? do_raw_spin_unlock+0x57/0x270 [ 1666.210044] __handle_mm_fault+0x36c8/0x3f20 [ 1666.210062] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1666.220152] FAT-fs (loop5): Can't find a valid FAT filesystem [ 1666.223421] ? find_held_lock+0x35/0x130 [ 1666.223441] ? handle_mm_fault+0x322/0xb30 [ 1666.223474] ? kasan_check_read+0x11/0x20 [ 1666.223491] handle_mm_fault+0x43f/0xb30 [ 1666.300541] __do_page_fault+0x5da/0xd60 [ 1666.305237] do_page_fault+0x71/0x581 [ 1666.309047] ? page_fault+0x8/0x30 [ 1666.312592] page_fault+0x1e/0x30 [ 1666.316048] RIP: 0033:0x451880 22:16:37 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0, 0x0, 0x1000000000000}], 0x2000000000000006, 0x0) [ 1666.319252] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1666.338158] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1666.343533] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1666.350809] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1666.358088] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1666.365370] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1666.372914] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:37 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:37 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1666.488362] FAT-fs (loop5): bogus number of reserved sectors [ 1666.503895] FAT-fs (loop5): Can't find a valid FAT filesystem 22:16:37 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0, 0x0, 0x300000000000000}], 0x2000000000000006, 0x0) 22:16:37 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x101040, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x400004) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1666.560454] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1666.574973] CPU: 1 PID: 31329 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1666.575814] gfs2: not a GFS2 filesystem [ 1666.582390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1666.582396] Call Trace: [ 1666.582424] dump_stack+0x172/0x1f0 [ 1666.582448] handle_userfault.cold+0x41/0x5d [ 1666.582474] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1666.582491] ? __handle_mm_fault+0x36b7/0x3f20 [ 1666.582506] ? find_held_lock+0x35/0x130 [ 1666.582522] ? __handle_mm_fault+0x36b7/0x3f20 [ 1666.624375] ? kasan_check_read+0x11/0x20 [ 1666.628538] ? lock_downgrade+0x810/0x810 [ 1666.632708] ? kasan_check_read+0x11/0x20 [ 1666.637051] ? do_raw_spin_unlock+0x57/0x270 [ 1666.641477] __handle_mm_fault+0x36c8/0x3f20 [ 1666.646187] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1666.651060] ? find_held_lock+0x35/0x130 [ 1666.655142] ? handle_mm_fault+0x322/0xb30 [ 1666.659410] ? kasan_check_read+0x11/0x20 [ 1666.663571] handle_mm_fault+0x43f/0xb30 [ 1666.667670] __do_page_fault+0x5da/0xd60 [ 1666.671775] do_page_fault+0x71/0x581 [ 1666.675585] ? page_fault+0x8/0x30 [ 1666.679145] page_fault+0x1e/0x30 [ 1666.682620] RIP: 0033:0x451880 [ 1666.685816] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1666.704723] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1666.710096] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1666.717375] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1666.724650] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1666.732017] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1666.739295] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1666.796667] gfs2: not a GFS2 filesystem 22:16:37 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x1000000000000) 22:16:37 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x4a260000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:37 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0, 0x0, 0xfcffffff00000000}], 0x2000000000000006, 0x0) 22:16:37 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:37 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x800000) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:16:37 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:38 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0, 0x0, 0xffc99a3b00000000}], 0x2000000000000006, 0x0) [ 1667.100070] gfs2: not a GFS2 filesystem [ 1667.115110] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1667.122177] CPU: 1 PID: 31353 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1667.129396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1667.138754] Call Trace: [ 1667.138783] dump_stack+0x172/0x1f0 [ 1667.138805] handle_userfault.cold+0x41/0x5d [ 1667.138831] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1667.138850] ? __handle_mm_fault+0x36b7/0x3f20 [ 1667.145066] ? find_held_lock+0x35/0x130 [ 1667.145091] ? __handle_mm_fault+0x36b7/0x3f20 [ 1667.167350] ? kasan_check_read+0x11/0x20 [ 1667.171511] ? lock_downgrade+0x810/0x810 [ 1667.175670] ? kasan_check_read+0x11/0x20 [ 1667.175686] ? do_raw_spin_unlock+0x57/0x270 [ 1667.175705] __handle_mm_fault+0x36c8/0x3f20 [ 1667.188771] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1667.194053] ? find_held_lock+0x35/0x130 [ 1667.194071] ? handle_mm_fault+0x322/0xb30 [ 1667.194103] ? kasan_check_read+0x11/0x20 [ 1667.206820] handle_mm_fault+0x43f/0xb30 [ 1667.210895] __do_page_fault+0x5da/0xd60 [ 1667.214988] do_page_fault+0x71/0x581 [ 1667.218889] ? page_fault+0x8/0x30 [ 1667.222528] page_fault+0x1e/0x30 [ 1667.225983] RIP: 0033:0x451880 [ 1667.229180] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d 22:16:38 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x4c000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:38 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x300000000000000) [ 1667.248453] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1667.248466] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1667.248474] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1667.248482] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1667.248490] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1667.248498] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1667.266093] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1667.297258] CPU: 1 PID: 31367 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1667.304463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1667.304470] Call Trace: [ 1667.304497] dump_stack+0x172/0x1f0 [ 1667.304519] handle_userfault.cold+0x41/0x5d [ 1667.304542] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1667.324520] ? __handle_mm_fault+0x36b7/0x3f20 [ 1667.333787] ? find_held_lock+0x35/0x130 [ 1667.337857] ? __handle_mm_fault+0x36b7/0x3f20 [ 1667.342465] ? kasan_check_read+0x11/0x20 [ 1667.346629] ? lock_downgrade+0x810/0x810 [ 1667.350795] ? kasan_check_read+0x11/0x20 [ 1667.354941] ? do_raw_spin_unlock+0x57/0x270 [ 1667.359465] __handle_mm_fault+0x36c8/0x3f20 [ 1667.363915] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1667.368767] ? find_held_lock+0x35/0x130 [ 1667.372831] ? handle_mm_fault+0x322/0xb30 [ 1667.377093] ? kasan_check_read+0x11/0x20 [ 1667.381273] handle_mm_fault+0x43f/0xb30 [ 1667.385367] __do_page_fault+0x5da/0xd60 [ 1667.389456] do_page_fault+0x71/0x581 [ 1667.393260] ? page_fault+0x8/0x30 [ 1667.396804] page_fault+0x1e/0x30 [ 1667.400281] RIP: 0033:0x451880 [ 1667.403480] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1667.422391] RSP: 002b:00007f04692b57a8 EFLAGS: 00010202 [ 1667.427765] RAX: 00007f04692b5850 RBX: 0000000000000003 RCX: 000000000000000e [ 1667.435041] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692b5850 [ 1667.442318] RBP: 000000000073bfa0 R08: 00000000000003ff R09: 0000000000000000 22:16:38 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) syz_open_dev$sndpcmp(&(0x7f0000000100)='/dev/snd/pcmC#D#p\x00', 0x61600000000, 0x80000) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1667.449604] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692b66d4 [ 1667.456885] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:38 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\xa0', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1667.499197] gfs2: not a GFS2 filesystem 22:16:38 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:38 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000002, 0x0) 22:16:38 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0xfcffffff00000000) [ 1667.554998] FAT-fs (loop5): bogus number of reserved sectors [ 1667.589082] FAT-fs (loop5): Can't find a valid FAT filesystem [ 1667.662967] gfs2: not a GFS2 filesystem [ 1667.665119] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1667.673372] FAT-fs (loop5): bogus number of reserved sectors [ 1667.680855] CPU: 1 PID: 31384 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1667.689744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1667.693949] FAT-fs (loop5): Can't find a valid FAT filesystem [ 1667.699102] Call Trace: [ 1667.699134] dump_stack+0x172/0x1f0 [ 1667.699156] handle_userfault.cold+0x41/0x5d [ 1667.699186] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1667.715699] ? __handle_mm_fault+0x36b7/0x3f20 [ 1667.715717] ? find_held_lock+0x35/0x130 [ 1667.728928] ? __handle_mm_fault+0x36b7/0x3f20 [ 1667.728948] ? kasan_check_read+0x11/0x20 [ 1667.728967] ? lock_downgrade+0x810/0x810 [ 1667.728984] ? kasan_check_read+0x11/0x20 [ 1667.728999] ? do_raw_spin_unlock+0x57/0x270 [ 1667.752768] __handle_mm_fault+0x36c8/0x3f20 [ 1667.757484] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1667.762443] ? find_held_lock+0x35/0x130 [ 1667.766537] ? handle_mm_fault+0x322/0xb30 [ 1667.771152] ? kasan_check_read+0x11/0x20 [ 1667.775317] handle_mm_fault+0x43f/0xb30 [ 1667.779392] __do_page_fault+0x5da/0xd60 [ 1667.783465] do_page_fault+0x71/0x581 [ 1667.787293] ? page_fault+0x8/0x30 [ 1667.790851] page_fault+0x1e/0x30 [ 1667.794308] RIP: 0033:0x451880 22:16:38 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000003, 0x0) [ 1667.797707] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1667.817759] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1667.823133] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1667.830409] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1667.838039] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1667.845660] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1667.852939] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:38 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0xffc99a3b00000000) 22:16:38 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0xfffffffffffffce5) openat$pfkey(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/pfkey\x00', 0x801, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x181000) ioctl$sock_inet6_tcp_SIOCINQ(r3, 0x541b, &(0x7f0000000140)) ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r3, 0xc0305302, &(0x7f0000000180)={0x3, 0x1d8f, 0x1ff, 0x0, 0xffffffffffffffa3, 0x80000000}) socket$nl_netfilter(0x10, 0x3, 0xc) 22:16:38 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\xa0', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:38 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x4e260000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1667.950655] gfs2: not a GFS2 filesystem [ 1668.057024] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1668.068962] CPU: 1 PID: 31409 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1668.076308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1668.085784] Call Trace: [ 1668.088572] dump_stack+0x172/0x1f0 [ 1668.092514] handle_userfault.cold+0x41/0x5d [ 1668.097469] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1668.102147] ? __handle_mm_fault+0x36b7/0x3f20 [ 1668.106856] ? find_held_lock+0x35/0x130 [ 1668.110966] ? __handle_mm_fault+0x36b7/0x3f20 [ 1668.115649] ? kasan_check_read+0x11/0x20 [ 1668.120443] ? lock_downgrade+0x810/0x810 [ 1668.124624] ? kasan_check_read+0x11/0x20 [ 1668.128824] ? do_raw_spin_unlock+0x57/0x270 [ 1668.133625] __handle_mm_fault+0x36c8/0x3f20 [ 1668.138841] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1668.143735] ? find_held_lock+0x35/0x130 [ 1668.147815] ? handle_mm_fault+0x322/0xb30 [ 1668.152679] ? kasan_check_read+0x11/0x20 [ 1668.157354] handle_mm_fault+0x43f/0xb30 [ 1668.162214] __do_page_fault+0x5da/0xd60 [ 1668.166811] do_page_fault+0x71/0x581 [ 1668.170624] ? page_fault+0x8/0x30 [ 1668.174160] page_fault+0x1e/0x30 [ 1668.177615] RIP: 0033:0x451880 [ 1668.180806] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1668.200403] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 22:16:39 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000004, 0x0) 22:16:39 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:39 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/hwrng\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000640)=0x7fff) r2 = socket$inet(0x2b, 0x80000000000001, 0x0) socket$nl_route(0x10, 0x3, 0x0) semget$private(0x0, 0x4, 0x3e) ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r2}], 0x2000000000000006, 0x0) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000680)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0) r3 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000600)='/selinux/avc/hash_stats\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000400)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000000c0)={0xffffffffffffffff}, 0x13f, 0x100f}}, 0x20) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r3, 0x4008240b, &(0x7f00000004c0)={0x2, 0x70, 0x1, 0x81, 0x7, 0x0, 0x0, 0x0, 0x2002, 0xb, 0x548218f5, 0x4, 0x1, 0x1, 0x10000, 0xfffffffffffffffd, 0x8, 0x3f, 0xfffffffffffffffb, 0x8a1, 0x8001, 0x3, 0xfffffffffffffffb, 0x1, 0x2, 0x7fffffff, 0xfffffffffffffffc, 0x1, 0x0, 0x7, 0x1, 0x7f, 0x8, 0x0, 0x8, 0x8001, 0x7, 0x101, 0x0, 0x8, 0x0, @perf_bp={&(0x7f0000000480), 0x4}, 0x0, 0x8, 0x10001, 0xd, 0x494c, 0x3, 0x2}) write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000440)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000140)=[{0x18, 0x0, [0x9, 0x4, 0x9, 0x400, 0x4, 0xab5, 0x7, 0x0, 0xff, 0x400, 0xfffffffffffff801, 0x3, 0x200, 0x0, 0x6, 0xa8ee273]}, {0x10, 0x0, [0x9, 0x4, 0x8, 0x413, 0xf28, 0x1, 0x81, 0x0, 0x4, 0xfffffffffffff736, 0x80, 0xf68a, 0x7ff, 0xfffffffffffffffb, 0x9, 0x3]}, {0x30, 0x0, [0xfffffffffffffffa, 0x4, 0x8, 0x6, 0x20, 0x1, 0x2, 0x2, 0x9, 0x8, 0x3, 0x3, 0x3ff, 0x800000000, 0x9, 0x7ff]}, {0x4, 0x0, [0x9, 0x2, 0x9, 0x10001, 0x2, 0x1, 0x0, 0xa8, 0x8001, 0x0, 0x1ff, 0x1ff, 0x47af4646, 0x2, 0x20, 0xfffffffffffffffa]}, {0x12, 0x0, [0x6, 0x3ff, 0x5, 0x8001, 0x5, 0x6, 0x1, 0x2, 0x2, 0x1, 0x200, 0x10000, 0x80000000, 0x0, 0x3, 0x1]}, {0x10, 0x0, [0x6c33, 0x1, 0x6, 0xff, 0x7fffffff, 0x4, 0x8, 0x8e3, 0x7, 0x9, 0x1, 0x400, 0x4, 0x92, 0x0, 0x6]}, {0x14, 0x0, [0x0, 0x0, 0xe5, 0x81, 0x8ac3, 0x8, 0x1, 0x5e7, 0x69, 0xffffffffffff74c9, 0x32c, 0xa56, 0x9b, 0xfffffffffffffffb, 0xfff, 0x4]}, {0x30, 0x0, [0x3d5, 0x3f, 0x2, 0x4, 0x9, 0x0, 0x6, 0xf3, 0x1, 0x9, 0x66, 0x7, 0x4, 0x1, 0x37a0, 0x7]}, {0x0, 0x0, [0x0, 0x7ff, 0x80000000, 0x3f, 0x1, 0x4, 0x7, 0x5, 0x88, 0x3f, 0x8000, 0x0, 0x800, 0x0, 0x1, 0xe7e]}], r4, 0x1, 0x1, 0x288}}, 0x20) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r3, 0x84, 0x71, &(0x7f0000000080)={0x0, 0x9e}, &(0x7f0000000540)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000580)={r5, 0x20, 0x30}, 0xc) [ 1668.205844] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1668.213104] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1668.220365] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1668.227985] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1668.235606] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:39 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x5e030000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:39 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000005, 0x0) 22:16:39 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x9, &(0x7f0000000080)=[{0x3ff, 0x0, 0xe714, 0x2}, {0x9, 0x4, 0x8, 0x101}, {0x5c4, 0x5, 0x240d800000000, 0x3}, {0x1, 0x80000000, 0x9}, {0x2, 0x100, 0x6, 0x3ff}, {0x80, 0x5, 0x1, 0x7}, {0xbbfe, 0x6, 0x100, 0x40}, {0xfff, 0x1, 0x4, 0xa1}, {0x2, 0x3, 0x20, 0x2}]}) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) [ 1668.416832] gfs2: not a GFS2 filesystem 22:16:39 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000100)="660feb44000f1f4000b800008ec864260f0d0566b9bf0300000f320f23c5f2f00812f70000000f0013baf80c66b8b06f478f66efbafc0c66b8ac7d000066ef", 0x3f}], 0x1, 0x31, 0x0, 0xfffffffffffffdd8) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) semget(0x2, 0x4, 0x200) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:16:39 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:39 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x3) [ 1668.548566] gfs2: not a GFS2 filesystem 22:16:39 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x60000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:39 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:39 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0x8, 0x80000) ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r1, 0xc040564a, &(0x7f00000000c0)={0x1, 0x0, 0x301e, 0x7, 0x81, 0x5, 0xdb52, 0x1}) r2 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) ioctl$ASHMEM_PURGE_ALL_CACHES(r1, 0x770a, 0x0) poll(&(0x7f0000000040)=[{r2}], 0x2000000000000006, 0x0) connect$rose(r1, &(0x7f00000002c0)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, 0x3, [@null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default]}, 0x40) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x3, 0x0, &(0x7f0000000140)=""/168, &(0x7f0000000200)=""/11, &(0x7f0000000240)=""/21, 0x1f000}) [ 1668.728013] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1668.741119] FAT-fs (loop5): bogus number of reserved sectors [ 1668.757640] CPU: 0 PID: 31451 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1668.766288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1668.778290] Call Trace: [ 1668.783610] dump_stack+0x172/0x1f0 [ 1668.787766] handle_userfault.cold+0x41/0x5d [ 1668.792968] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1668.797647] ? __handle_mm_fault+0x36b7/0x3f20 [ 1668.802413] ? find_held_lock+0x35/0x130 [ 1668.806581] ? __handle_mm_fault+0x36b7/0x3f20 [ 1668.811525] ? kasan_check_read+0x11/0x20 [ 1668.815911] ? lock_downgrade+0x810/0x810 [ 1668.820219] ? kasan_check_read+0x11/0x20 [ 1668.824469] ? do_raw_spin_unlock+0x57/0x270 [ 1668.829041] __handle_mm_fault+0x36c8/0x3f20 [ 1668.834509] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1668.839624] ? find_held_lock+0x35/0x130 [ 1668.843756] ? handle_mm_fault+0x322/0xb30 [ 1668.848169] ? kasan_check_read+0x11/0x20 [ 1668.853186] handle_mm_fault+0x43f/0xb30 [ 1668.857453] __do_page_fault+0x5da/0xd60 [ 1668.861602] do_page_fault+0x71/0x581 [ 1668.861628] ? page_fault+0x8/0x30 [ 1668.861641] page_fault+0x1e/0x30 [ 1668.861656] RIP: 0033:0x451880 [ 1668.861675] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1668.861682] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1668.861695] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1668.861702] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1668.861709] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 22:16:39 executing program 0: r0 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x1, 0x1) ioctl$KVM_DIRTY_TLB(r0, 0x4010aeaa, &(0x7f0000000240)={0x100000001, 0x80000000}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r2 = socket$inet(0x2b, 0x80000000000001, 0x7fffffff) ioctl$int_in(r2, 0x10005452, &(0x7f0000000000)=0xfffffffffffffd63) r3 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x131000, 0x0) prctl$PR_SET_KEEPCAPS(0x8, 0x1) ioctl$EVIOCGLED(r3, 0x80404519, &(0x7f0000000140)=""/193) poll(&(0x7f0000000040)=[{r2}], 0x2000000000000006, 0x0) 22:16:39 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x300) [ 1668.861722] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1668.861737] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1668.909109] FAT-fs (loop5): Can't find a valid FAT filesystem [ 1668.958719] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1668.963522] CPU: 1 PID: 31457 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1668.964760] gfs2: not a GFS2 filesystem [ 1668.970882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1668.970897] Call Trace: [ 1668.970978] dump_stack+0x172/0x1f0 [ 1668.971039] handle_userfault.cold+0x41/0x5d [ 1668.971070] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1668.985108] ? __handle_mm_fault+0x36b7/0x3f20 [ 1669.005837] ? find_held_lock+0x35/0x130 [ 1669.010037] ? __handle_mm_fault+0x36b7/0x3f20 [ 1669.010063] ? kasan_check_read+0x11/0x20 [ 1669.010081] ? lock_downgrade+0x810/0x810 [ 1669.010098] ? kasan_check_read+0x11/0x20 [ 1669.027601] ? do_raw_spin_unlock+0x57/0x270 [ 1669.027627] __handle_mm_fault+0x36c8/0x3f20 [ 1669.027646] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1669.027659] ? find_held_lock+0x35/0x130 [ 1669.027676] ? handle_mm_fault+0x322/0xb30 [ 1669.036726] ? kasan_check_read+0x11/0x20 [ 1669.054356] handle_mm_fault+0x43f/0xb30 [ 1669.058619] __do_page_fault+0x5da/0xd60 [ 1669.063204] do_page_fault+0x71/0x581 [ 1669.067266] ? page_fault+0x8/0x30 [ 1669.071492] page_fault+0x1e/0x30 [ 1669.074975] RIP: 0033:0x451880 [ 1669.078183] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1669.097096] RSP: 002b:00007f04692b57a8 EFLAGS: 00010202 [ 1669.102497] RAX: 00007f04692b5850 RBX: 0000000000000003 RCX: 000000000000000e [ 1669.109782] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692b5850 [ 1669.117061] RBP: 000000000073bfa0 R08: 00000000000003ff R09: 0000000000000000 22:16:40 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000140), &(0x7f0000000180)=0x4) fsetxattr$security_smack_transmute(r0, &(0x7f0000000080)='security.SMACK64TRANSMUTE\x00', &(0x7f00000000c0)='TRUE', 0x4, 0x2) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:16:40 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) mprotect(&(0x7f0000ff1000/0x2000)=nil, 0x2000, 0x1000000) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r1, 0xc0bc5310, &(0x7f0000000100)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1669.124338] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692b66d4 [ 1669.131618] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:40 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:40 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x0, 0x0) connect$l2tp(r2, &(0x7f00000000c0)=@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x0, 0x1, 0x2, 0x0, {0xa, 0x4e24, 0x0, @mcast1, 0x1f}}}, 0x32) 22:16:40 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1669.258597] FAT-fs (loop5): bogus number of reserved sectors [ 1669.271677] FAT-fs (loop5): Can't find a valid FAT filesystem [ 1669.309334] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1669.323640] CPU: 1 PID: 31482 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1669.330912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1669.340450] Call Trace: [ 1669.343081] dump_stack+0x172/0x1f0 [ 1669.346734] handle_userfault.cold+0x41/0x5d [ 1669.351353] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1669.355961] ? __handle_mm_fault+0x36b7/0x3f20 [ 1669.360645] ? find_held_lock+0x35/0x130 [ 1669.364719] ? __handle_mm_fault+0x36b7/0x3f20 [ 1669.369322] ? kasan_check_read+0x11/0x20 [ 1669.373491] ? lock_downgrade+0x810/0x810 [ 1669.377824] ? kasan_check_read+0x11/0x20 [ 1669.377841] ? do_raw_spin_unlock+0x57/0x270 [ 1669.377861] __handle_mm_fault+0x36c8/0x3f20 [ 1669.377879] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1669.377900] ? find_held_lock+0x35/0x130 [ 1669.390854] ? handle_mm_fault+0x322/0xb30 [ 1669.390883] ? kasan_check_read+0x11/0x20 22:16:40 executing program 0: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0xffffffff8c4838c4, 0x101, 0x9, 0x6, 0x5, 0x2, 0x3f, 0x2, 0x800, 0x40, 0x219, 0x0, 0x8, 0x38, 0x2, 0x4, 0x7fffffff, 0x1}, [{0x4, 0x1, 0xffffffff, 0x9, 0x6, 0x1, 0x7fffffff, 0x48000000}, {0x5, 0x1000, 0x9, 0x7ff, 0x81, 0xfff, 0x2, 0x5}], "3c7eca02121a6d14428f94391e9df27f5be76ad5b6", [[], [], [], []]}, 0x4c5) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockname(r1, &(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @empty}}}, &(0x7f0000000140)=0x80) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r2 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r2}], 0x2000000000000006, 0x0) [ 1669.390905] handle_mm_fault+0x43f/0xb30 [ 1669.412215] __do_page_fault+0x5da/0xd60 [ 1669.416288] do_page_fault+0x71/0x581 [ 1669.420095] ? page_fault+0x8/0x30 [ 1669.423653] page_fault+0x1e/0x30 [ 1669.427115] RIP: 0033:0x451880 [ 1669.430330] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1669.449669] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 22:16:40 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1669.449681] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1669.449689] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1669.449698] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1669.449706] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1669.449715] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:40 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x68000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:40 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) r2 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/hash_stats\x00', 0x0, 0x0) setsockopt$rose(r2, 0x104, 0x7, &(0x7f00000001c0), 0x4) poll(&(0x7f0000000200)=[{r1, 0x503}], 0x1, 0x0) setsockopt$inet6_icmp_ICMP_FILTER(r2, 0x1, 0x1, &(0x7f0000000240)={0x3}, 0x4) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x4e24, @local}]}, &(0x7f0000000140)=0x10) setsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000180)={r3, 0xe4a, 0x8, 0x0, 0x7fff, 0x7}, 0x14) 22:16:40 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vfio/vfio\x00', 0x408400, 0x0) syz_kvm_setup_cpu$x86(r3, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd6000/0x18000)=nil, 0x0, 0xffffffffffffff68, 0x20, 0x0, 0x65) r4 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x200, 0x0) ioctl$DRM_IOCTL_SET_MASTER(r4, 0x641e) perf_event_open(&(0x7f000001d000)={0x0, 0xffffffffffffffe3, 0x0, 0x0, 0xd1b, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1669.565620] gfs2: not a GFS2 filesystem [ 1669.629038] gfs2: not a GFS2 filesystem [ 1669.652267] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1669.656872] CPU: 0 PID: 31498 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1669.664083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1669.673452] Call Trace: [ 1669.676063] dump_stack+0x172/0x1f0 [ 1669.679719] handle_userfault.cold+0x41/0x5d [ 1669.684343] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1669.689075] ? __handle_mm_fault+0x36b7/0x3f20 [ 1669.693678] ? find_held_lock+0x35/0x130 [ 1669.697761] ? __handle_mm_fault+0x36b7/0x3f20 [ 1669.702382] ? kasan_check_read+0x11/0x20 [ 1669.706546] ? lock_downgrade+0x810/0x810 [ 1669.710721] ? kasan_check_read+0x11/0x20 [ 1669.714980] ? do_raw_spin_unlock+0x57/0x270 [ 1669.719413] __handle_mm_fault+0x36c8/0x3f20 [ 1669.723884] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1669.728758] ? find_held_lock+0x35/0x130 [ 1669.732882] ? handle_mm_fault+0x322/0xb30 [ 1669.737146] ? kasan_check_read+0x11/0x20 [ 1669.741316] handle_mm_fault+0x43f/0xb30 [ 1669.745756] __do_page_fault+0x5da/0xd60 [ 1669.749943] do_page_fault+0x71/0x581 [ 1669.753793] ? page_fault+0x8/0x30 [ 1669.757389] page_fault+0x1e/0x30 [ 1669.761892] RIP: 0033:0x451880 [ 1669.765093] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1669.784635] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1669.790015] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1669.797295] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1669.804575] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1669.813514] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1669.820822] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:40 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\xff', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1669.876373] FAT-fs (loop5): bogus number of reserved sectors [ 1669.897670] FAT-fs (loop5): Can't find a valid FAT filesystem 22:16:40 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x3000000) 22:16:40 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:40 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x400000, 0x0) setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000140)={0x9, {{0xa, 0x4e21, 0x79, @mcast2, 0x8b800000000000}}, 0x1, 0x4, [{{0xa, 0x4e21, 0x8, @loopback, 0xfffffffffffff2cf}}, {{0xa, 0x4e21, 0x20, @empty, 0x534}}, {{0xa, 0x4e21, 0xff1, @loopback, 0x2}}, {{0xa, 0x4e22, 0x1000, @rand_addr="d3d4758c3d0e851342af5190b1e193d9", 0x7}}]}, 0x290) syz_open_dev$radio(&(0x7f00000000c0)='/dev/radio#\x00', 0x3, 0x2) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r2 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) setsockopt$inet_buf(r0, 0x0, 0x2f, &(0x7f0000000400)="8f5fce1d71eea385dfc1134bedf617bbaee158e51f39aba83b6a6c2a55394612ec8fb805b0704e7bf4cad51b794e98ee76dac4672990b6ddf81f0224ed2fca8b9a016ceccc4780742448fb99bf13565ae8a9723d324676da93799b7d29a63b885239f7fb3062f02683210d746b9b1e54d5af2d6cc55cedbec60de6aa01c13908594885b0686a08efa2488e18b827f0326776766d22306b5b6285", 0x9a) poll(&(0x7f0000000040)=[{r2}], 0x2000000000000006, 0x0) [ 1669.954299] FAT-fs (loop5): bogus number of reserved sectors [ 1669.965235] FAT-fs (loop5): Can't find a valid FAT filesystem 22:16:40 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x6b6b6b00, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:41 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1670.056965] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1670.070651] CPU: 1 PID: 31526 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1670.077913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1670.087378] Call Trace: [ 1670.089982] dump_stack+0x172/0x1f0 [ 1670.093633] handle_userfault.cold+0x41/0x5d [ 1670.098151] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1670.102949] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1670.107534] ? __handle_mm_fault+0x36b7/0x3f20 [ 1670.112118] ? find_held_lock+0x35/0x130 [ 1670.116187] ? __handle_mm_fault+0x36b7/0x3f20 [ 1670.120774] ? kasan_check_read+0x11/0x20 [ 1670.124935] ? lock_downgrade+0x810/0x810 [ 1670.129104] ? kasan_check_read+0x11/0x20 [ 1670.133243] ? do_raw_spin_unlock+0x57/0x270 [ 1670.137650] __handle_mm_fault+0x36c8/0x3f20 [ 1670.142324] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1670.147168] ? find_held_lock+0x35/0x130 [ 1670.151224] ? handle_mm_fault+0x322/0xb30 [ 1670.155462] ? kasan_check_read+0x11/0x20 [ 1670.159633] handle_mm_fault+0x43f/0xb30 [ 1670.163695] __do_page_fault+0x5da/0xd60 [ 1670.167757] do_page_fault+0x71/0x581 [ 1670.171554] ? page_fault+0x8/0x30 [ 1670.175095] page_fault+0x1e/0x30 [ 1670.178575] RIP: 0033:0x451880 [ 1670.181780] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1670.200788] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 22:16:41 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x81000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x800, 0x0) connect$nfc_llcp(r2, &(0x7f0000000140)={0x27, 0x1, 0x1, 0x5, 0x0, 0x80000000, "adcc394d486a154b0d6248378bd4f4969d053b82995f401ad2d13b3f849fdb4f38980d759ce445c79ff60aa3ccc7e243ad4b6b594f62e41aea4738f2277362", 0xa}, 0x60) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) [ 1670.206423] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1670.213700] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1670.220965] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1670.228396] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1670.235661] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:41 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:41 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) r2 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x2000) ioctl$KDGKBMODE(r2, 0x4b44, &(0x7f00000000c0)) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:16:41 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:41 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x6c000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1670.509679] gfs2: not a GFS2 filesystem 22:16:41 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) ioctl$sock_inet_SIOCGIFBRDADDR(r1, 0x8919, &(0x7f0000000080)={'bridge0\x00', {0x2, 0x4e24, @multicast2}}) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:16:41 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1670.537056] FAT-fs (loop5): bogus number of reserved sectors [ 1670.566014] FAT-fs (loop5): Can't find a valid FAT filesystem [ 1670.656103] gfs2: not a GFS2 filesystem [ 1670.663182] FAT-fs (loop5): bogus number of reserved sectors [ 1670.674433] FAT-fs (loop5): Can't find a valid FAT filesystem 22:16:41 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x3b9ac9ff) 22:16:41 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$dsp(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dsp\x00', 0x200, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = dup3(r1, r0, 0x80000) setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000001c0)={&(0x7f0000000100)=""/130, 0x200000, 0x800, 0x4}, 0x18) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:16:41 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x7, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) r2 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$EVIOCSABS20(r2, 0x401845e0, &(0x7f00000000c0)={0x0, 0xdaa7, 0x0, 0x2, 0x3, 0x6}) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:16:41 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:41 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:41 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x74000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:41 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000002, 0x0) r2 = msgget(0x3, 0x40) msgrcv(r2, &(0x7f0000000140)={0x0, ""/138}, 0x92, 0x3, 0x1800) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1, 0x2000}], 0x1, 0x0) [ 1670.937716] FAT-fs (loop5): bogus number of reserved sectors [ 1670.943751] FAT-fs (loop5): Can't find a valid FAT filesystem [ 1670.954178] gfs2: not a GFS2 filesystem 22:16:41 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1671.064888] gfs2: not a GFS2 filesystem [ 1671.077597] FAT-fs (loop5): bogus number of reserved sectors [ 1671.083474] FAT-fs (loop5): Can't find a valid FAT filesystem 22:16:42 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) r2 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/mls\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_GET_EVENT(r2, &(0x7f00000000c0)={0xc, 0x8, 0xfa00, {&(0x7f0000000140)}}, 0x10) 22:16:42 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:42 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x7a000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:42 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$RTC_EPOCH_READ(r1, 0x8008700d, &(0x7f0000000540)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) r3 = getgid() fstat(r0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f00000003c0)='.\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresgid(r3, r4, r5) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r6 = syz_open_dev$media(&(0x7f00000004c0)='/dev/media#\x00', 0x3ff, 0x480c00) mmap$binder(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x13, r6, 0x0) r7 = syz_open_dev$mouse(&(0x7f0000000280)='/dev/input/mouse#\x00', 0x688b, 0x40000) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r7, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r8 = dup(r2) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000140)={0xffffffffffffffff}, 0x13f, 0x7}}, 0x20) write$RDMA_USER_CM_CMD_JOIN_MCAST(r8, &(0x7f00000001c0)={0x16, 0x98, 0xfa00, {&(0x7f0000000100), 0x0, r9, 0x30, 0x1, @in6={0xa, 0x4e20, 0x8, @ipv4={[], [], @rand_addr=0x5}, 0x3}}}, 0xa0) ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x1) openat$vimc0(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video0\x00', 0x2, 0x0) [ 1671.307546] gfs2: not a GFS2 filesystem [ 1671.350257] FAT-fs (loop5): bogus number of reserved sectors [ 1671.356108] FAT-fs (loop5): Can't find a valid FAT filesystem [ 1671.363998] gfs2: not a GFS2 filesystem [ 1671.504439] FAT-fs (loop5): bogus number of reserved sectors [ 1671.527827] FAT-fs (loop5): Can't find a valid FAT filesystem 22:16:42 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0xfcffffff) 22:16:42 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x7ffffffffffffd, 0x5a9) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000039, 0xfffffffffffffffd) r2 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/btrfs-control\x00', 0x10000, 0x0) setsockopt$RDS_FREE_MR(r2, 0x114, 0x3, &(0x7f00000000c0)={{0x100000000, 0xfff}, 0x51}, 0x10) 22:16:42 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:42 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:42 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) fsetxattr$security_smack_entry(0xffffffffffffffff, 0x0, &(0x7f0000000040)='vmnet0md5sum-@@procem0cgroupeth1ppp0-wlan1security\\{\x00', 0x35, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, 0x0}], 0x1, 0x8, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:16:42 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x8cffffff, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:42 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0xfffffffffffffffd) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) [ 1671.904756] gfs2: not a GFS2 filesystem [ 1671.941026] handle_userfault: 6 callbacks suppressed [ 1671.941034] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1671.966268] CPU: 1 PID: 31632 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1671.973692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1671.973699] Call Trace: [ 1671.973727] dump_stack+0x172/0x1f0 [ 1671.973748] handle_userfault.cold+0x41/0x5d [ 1671.973776] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1671.985760] ? __handle_mm_fault+0x36b7/0x3f20 [ 1671.985778] ? find_held_lock+0x35/0x130 [ 1671.985794] ? __handle_mm_fault+0x36b7/0x3f20 [ 1672.011629] ? kasan_check_read+0x11/0x20 [ 1672.016073] ? lock_downgrade+0x810/0x810 [ 1672.021897] ? kasan_check_read+0x11/0x20 [ 1672.026145] ? do_raw_spin_unlock+0x57/0x270 [ 1672.030574] __handle_mm_fault+0x36c8/0x3f20 [ 1672.035001] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1672.039873] ? find_held_lock+0x35/0x130 [ 1672.043949] ? handle_mm_fault+0x322/0xb30 [ 1672.048212] ? kasan_check_read+0x11/0x20 [ 1672.052383] handle_mm_fault+0x43f/0xb30 [ 1672.056460] __do_page_fault+0x5da/0xd60 [ 1672.060561] do_page_fault+0x71/0x581 [ 1672.064370] ? page_fault+0x8/0x30 [ 1672.068006] page_fault+0x1e/0x30 [ 1672.071461] RIP: 0033:0x451880 [ 1672.074666] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1672.093846] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1672.099218] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1672.106501] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1672.115532] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1672.122818] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1672.130102] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:43 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:43 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:43 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xa0008000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:43 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000140)="b35f85c1cbe1c4e61ee04cf801cc11ef877c4f3e1f94cab51e9b67d07d361723465d610a42bf3e6e9ac63e9d297ffa764777ac23450a89d1dba50f3881485159ecb57bbcb15cdbc686b8ee03bc0e71d5eac3056b896a899b190ae56bd3733e8e1e3921bc1d52693fe1b578a31c25491e6b9b3b506965dc940c657602e1e5c28cf747a5b0f0efbf5ecb0928d113493b64d44835fd3159f688347588204f677172c17a2f4a45769c2e9ef2ff3da2657c6ffbff06b67f35ccba02ff1a382221fa041e248936cc5536aad400db1ab39587b478fa89b4a9d1d5e0ef0094af286d06d63ae3d06848e9117a3efa13f248f416a05c71ca1858fb3f71665e5c79bf") ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x1, 0x10000) write$P9_RRENAMEAT(r1, &(0x7f00000000c0)={0x7, 0x4b, 0x2}, 0x7) r2 = socket$inet(0x2b, 0x80000000000001, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000240)={0x1, [0x0]}, &(0x7f0000000280)=0x8) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f00000002c0)={r3, 0xfff}, &(0x7f0000000300)=0x8) ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r2}], 0x2000000000000006, 0x0) [ 1672.322400] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1672.365263] CPU: 0 PID: 31650 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1672.372687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1672.372693] Call Trace: [ 1672.372719] dump_stack+0x172/0x1f0 [ 1672.372742] handle_userfault.cold+0x41/0x5d [ 1672.372770] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1672.372788] ? __handle_mm_fault+0x36b7/0x3f20 [ 1672.372803] ? find_held_lock+0x35/0x130 [ 1672.372819] ? __handle_mm_fault+0x36b7/0x3f20 22:16:43 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xa0028000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1672.372837] ? kasan_check_read+0x11/0x20 [ 1672.372853] ? lock_downgrade+0x810/0x810 [ 1672.372872] ? kasan_check_read+0x11/0x20 [ 1672.372886] ? do_raw_spin_unlock+0x57/0x270 [ 1672.372903] __handle_mm_fault+0x36c8/0x3f20 [ 1672.372924] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1672.372937] ? find_held_lock+0x35/0x130 [ 1672.372952] ? handle_mm_fault+0x322/0xb30 [ 1672.372978] ? kasan_check_read+0x11/0x20 [ 1672.372995] handle_mm_fault+0x43f/0xb30 [ 1672.373015] __do_page_fault+0x5da/0xd60 [ 1672.399092] do_page_fault+0x71/0x581 [ 1672.399106] ? page_fault+0x8/0x30 [ 1672.399121] page_fault+0x1e/0x30 [ 1672.430477] gfs2: not a GFS2 filesystem [ 1672.434809] RIP: 0033:0x451880 [ 1672.434826] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1672.434834] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1672.434846] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1672.434854] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1672.434863] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1672.434871] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1672.434878] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:43 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0xffc99a3b) 22:16:43 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000080)="0adc1f023c1e3f3152bee6175f658ef900000000d70000") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:16:43 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) r3 = semget$private(0x0, 0x1, 0x100) semctl$SETVAL(r3, 0x4, 0x10, &(0x7f0000000100)=0x20) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = syz_open_dev$mice(&(0x7f0000000140)='/dev/input/mice\x00', 0x0, 0x480) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x7851cfa2}, 0x0, 0xffffffffffffffff, r4, 0xa) ioctl$KVM_RUN(r2, 0xae80, 0x0) r5 = fcntl$getown(r1, 0x9) ioprio_set$pid(0x4000000000800001, r5, 0x4) 22:16:43 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:43 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:43 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xc0ed0000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:43 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x2, 0x3) getitimer(0x80000, &(0x7f0000000080)) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) [ 1672.893216] FAT-fs (loop5): bogus number of reserved sectors [ 1672.908657] gfs2: not a GFS2 filesystem [ 1672.912168] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1672.921127] CPU: 1 PID: 31678 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1672.929330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1672.934114] FAT-fs (loop5): Can't find a valid FAT filesystem [ 1672.938697] Call Trace: [ 1672.938726] dump_stack+0x172/0x1f0 [ 1672.938749] handle_userfault.cold+0x41/0x5d [ 1672.938779] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1672.938796] ? __handle_mm_fault+0x36b7/0x3f20 [ 1672.938812] ? find_held_lock+0x35/0x130 [ 1672.938829] ? __handle_mm_fault+0x36b7/0x3f20 [ 1672.975296] ? kasan_check_read+0x11/0x20 [ 1672.979540] ? lock_downgrade+0x810/0x810 [ 1672.983763] ? kasan_check_read+0x11/0x20 [ 1672.988132] ? do_raw_spin_unlock+0x57/0x270 [ 1672.993056] __handle_mm_fault+0x36c8/0x3f20 [ 1672.997603] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1673.002634] ? find_held_lock+0x35/0x130 [ 1673.006705] ? handle_mm_fault+0x322/0xb30 [ 1673.011068] ? kasan_check_read+0x11/0x20 [ 1673.015493] handle_mm_fault+0x43f/0xb30 [ 1673.019639] __do_page_fault+0x5da/0xd60 [ 1673.023722] do_page_fault+0x71/0x581 [ 1673.027530] ? page_fault+0x8/0x30 [ 1673.031106] page_fault+0x1e/0x30 [ 1673.034979] RIP: 0033:0x451880 [ 1673.038423] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1673.057925] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1673.063674] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1673.070971] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1673.078729] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 22:16:44 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000080)=[{r1, 0x401}, {r1, 0x8}, {r1, 0x4}, {r1, 0x2000}], 0x20000000000001b0, 0x0) [ 1673.086637] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1673.095716] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:44 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:44 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:44 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x404000, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x4000, 0x0) r2 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$VIDIOC_G_EDID(r1, 0xc0285628, &(0x7f0000000140)={0x0, 0x1, 0x0, [], &(0x7f00000000c0)=0xdeee}) ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000180)=[{r2}], 0x1, 0x9) 22:16:44 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xf4ffffff, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1673.328450] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1673.342231] CPU: 1 PID: 31705 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1673.349562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1673.349573] Call Trace: [ 1673.349598] dump_stack+0x172/0x1f0 [ 1673.349618] handle_userfault.cold+0x41/0x5d [ 1673.370156] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1673.374874] ? __handle_mm_fault+0x36b7/0x3f20 [ 1673.379561] ? find_held_lock+0x35/0x130 [ 1673.379587] ? __handle_mm_fault+0x36b7/0x3f20 [ 1673.388478] ? kasan_check_read+0x11/0x20 [ 1673.392748] ? lock_downgrade+0x810/0x810 [ 1673.396960] ? kasan_check_read+0x11/0x20 [ 1673.401146] ? do_raw_spin_unlock+0x57/0x270 [ 1673.405588] __handle_mm_fault+0x36c8/0x3f20 [ 1673.410027] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1673.414909] ? find_held_lock+0x35/0x130 [ 1673.418983] ? handle_mm_fault+0x322/0xb30 [ 1673.423367] ? kasan_check_read+0x11/0x20 [ 1673.428126] handle_mm_fault+0x43f/0xb30 [ 1673.432318] __do_page_fault+0x5da/0xd60 [ 1673.436850] do_page_fault+0x71/0x581 [ 1673.440802] ? page_fault+0x8/0x30 [ 1673.444460] page_fault+0x1e/0x30 [ 1673.447937] RIP: 0033:0x451880 [ 1673.451232] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1673.470497] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1673.476491] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1673.483864] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1673.491152] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1673.498436] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1673.505725] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1673.609178] gfs2: not a GFS2 filesystem [ 1673.654509] gfs2: not a GFS2 filesystem 22:16:44 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0xfffffffc) 22:16:44 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xffffffffffffffff) r3 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vfio/vfio\x00', 0x4000, 0x0) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000240)={r3, &(0x7f0000000140)="12d48f3818b1bf17c28b3052f870d791ac177dac6333494d16f78017e4a1a5d0eb5136fdcf528e29e1aef78da575378c18e9c91942ab21a2dbb716ed4305b32737f35f0489a1362d5a2022e3800f868e9ef8f4264f18177451df74677000f5c7c7d22948aeeb03a76327e7a36fd915fffcf024575397b9dc3d352c50383d027c39c9b8e6bf63ef1b9a1e0cc3f43c3e1109ade2e8ea7f52400d1090423b44b483dc171cd6be", &(0x7f0000000200)=""/14}, 0x18) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:16:44 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:44 executing program 0: setrlimit(0x0, &(0x7f0000000080)={0x7, 0x6}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") pipe2(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000140)={0xffffffffffffffff}, 0x113}}, 0x20) write$RDMA_USER_CM_CMD_NOTIFY(r1, &(0x7f00000001c0)={0xf, 0x8, 0xfa00, {r2, 0x17}}, 0x10) r3 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r3, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r3}], 0x2000000000000006, 0x0) 22:16:44 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xf5ffffff, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:44 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1674.060297] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1674.065113] CPU: 0 PID: 31726 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1674.072325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1674.072332] Call Trace: [ 1674.072357] dump_stack+0x172/0x1f0 [ 1674.072380] handle_userfault.cold+0x41/0x5d [ 1674.072407] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1674.072423] ? __handle_mm_fault+0x36b7/0x3f20 [ 1674.072438] ? find_held_lock+0x35/0x130 [ 1674.072453] ? __handle_mm_fault+0x36b7/0x3f20 [ 1674.072473] ? kasan_check_read+0x11/0x20 [ 1674.072490] ? lock_downgrade+0x810/0x810 [ 1674.088327] ? kasan_check_read+0x11/0x20 [ 1674.123981] ? do_raw_spin_unlock+0x57/0x270 [ 1674.128510] __handle_mm_fault+0x36c8/0x3f20 [ 1674.132951] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1674.137929] ? find_held_lock+0x35/0x130 [ 1674.142035] ? handle_mm_fault+0x322/0xb30 [ 1674.146414] ? kasan_check_read+0x11/0x20 [ 1674.150589] handle_mm_fault+0x43f/0xb30 [ 1674.155035] __do_page_fault+0x5da/0xd60 [ 1674.159211] do_page_fault+0x71/0x581 [ 1674.163048] ? page_fault+0x8/0x30 [ 1674.166753] page_fault+0x1e/0x30 [ 1674.170221] RIP: 0033:0x451880 [ 1674.173436] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1674.192465] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1674.192477] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e 22:16:45 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x76a, 0x40) ioctl$EVIOCGBITKEY(r1, 0x80404521, &(0x7f00000000c0)=""/52) r2 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r2}], 0x2000000000000006, 0x0) getsockopt$EBT_SO_GET_INIT_INFO(r1, 0x0, 0x82, &(0x7f0000000140)={'filter\x00'}, &(0x7f00000001c0)=0x78) 22:16:45 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1674.192487] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1674.192496] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1674.192504] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1674.192513] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1674.241631] gfs2: not a GFS2 filesystem 22:16:45 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xf6ffffff, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:45 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = request_key(&(0x7f0000000100)='id_legacy\x00', &(0x7f0000000140)={'syz', 0x2}, &(0x7f0000000180)='/dev/kvm\x00', 0xfffffffffffffffc) r4 = add_key(&(0x7f0000000200)='pkcs7_test\x00', &(0x7f0000000240)={'syz', 0x2}, &(0x7f0000000280)="ffc708e5867c5bb32aa1ae9292e13f7a0060aa1a483474711618f44c33fa018eee37d94a1714c54a7b1db207b062c3792d08de290f4a239f554cb501bcfef891a219ee0a01edb11ffc5fc4ed6673b82b263f060bbe05432b37f8dce7c8ce8e6c368277e093693075c072f4bf077976ef3ff1daeb86ed27f76b9b2f63dc5b3217cbc000b8a80e8c988c4036fd1c85af72b17b6ffda28380875fe432045f469bc2c4eadea9f83962e3a03c3ab161a6742c3731f41c354d77", 0xb7, 0xfffffffffffffff8) keyctl$instantiate(0xc, r3, &(0x7f00000001c0)=@encrypted_update={'update ', 'ecryptfs', 0x20, 'user:', '/dev/kvm\x00'}, 0x1f, r4) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1674.331696] gfs2: not a GFS2 filesystem 22:16:45 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f0000000080), &(0x7f00000000c0)=0x4) syz_open_dev$vcsa(&(0x7f0000000140)='/dev/vcsa#\x00', 0x100000000, 0x20000) 22:16:45 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\xff', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1674.407088] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1674.423108] CPU: 0 PID: 31752 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1674.431263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1674.431270] Call Trace: [ 1674.431295] dump_stack+0x172/0x1f0 [ 1674.431319] handle_userfault.cold+0x41/0x5d [ 1674.431349] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1674.431367] ? __handle_mm_fault+0x36b7/0x3f20 [ 1674.431383] ? find_held_lock+0x35/0x130 [ 1674.431399] ? __handle_mm_fault+0x36b7/0x3f20 [ 1674.431418] ? kasan_check_read+0x11/0x20 [ 1674.431435] ? lock_downgrade+0x810/0x810 [ 1674.431455] ? kasan_check_read+0x11/0x20 [ 1674.431469] ? do_raw_spin_unlock+0x57/0x270 [ 1674.431488] __handle_mm_fault+0x36c8/0x3f20 [ 1674.431509] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1674.431523] ? find_held_lock+0x35/0x130 [ 1674.431539] ? handle_mm_fault+0x322/0xb30 [ 1674.431568] ? kasan_check_read+0x11/0x20 [ 1674.431587] handle_mm_fault+0x43f/0xb30 [ 1674.431609] __do_page_fault+0x5da/0xd60 [ 1674.431632] do_page_fault+0x71/0x581 [ 1674.431647] ? page_fault+0x8/0x30 [ 1674.525946] page_fault+0x1e/0x30 [ 1674.525990] RIP: 0033:0x451880 [ 1674.526005] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1674.526012] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1674.526026] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1674.565183] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1674.572740] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1674.580158] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1674.587443] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:46 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x1000000000000) 22:16:46 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffff9c, 0x84, 0x6d, &(0x7f0000000140)={0x0, 0x95, "66d3791fe042af455b0854979dfbb0a63fb254ac0546c45b97ed86038bee1e38cd9a04c5c6ea183967d0c7152ced655c435456801ea13746af83d6c14ccd337afcc4bfb44904adc7a7410846609788ad46b24ff369279e65a6e4fc7b88b5061ce08ce1721c3bf02f9cefb21dba632932ddc492c9f57ae9781a8e3268edcaf6def357da69dbb50339dd3dede6b0ea966ee4ba7f889b"}, &(0x7f0000000080)=0x9d) setsockopt$inet_sctp_SCTP_AUTH_KEY(r1, 0x84, 0x17, &(0x7f0000000200)={r2, 0x467, 0xbd, "673b7c48aff6a7171aaea7fc3aa4292844b0abe71599e1500e16bc96cefa82d2496ccf742ee1c63bbab2ed99506665f34972e47b4fa9c047b9443dc90cf18a5a03176cc6ca14e5409b3a206061314ca2754abdeaf9ee90888e225c5f66bdf42ccd54cbdf432f9a63ffc2cd42cafb6b7cec39e48badec9c1c526f5ebf2e6a53db3003d8626e777495a1c9e451071b5fba5c7d78df94415c70a75e9acedbc7eaafacedec5afd9483e3357fba3a5812cbbe0a0a2ac46a7b6d6e27283ea885"}, 0xc5) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:16:46 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:46 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x1, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = dup(r2) bind$ax25(r3, &(0x7f0000000100)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x8}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast]}, 0x48) 22:16:46 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xfbffffff, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:46 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\xff', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:46 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x100) ioctl$KVM_REINJECT_CONTROL(r1, 0xae71, &(0x7f00000000c0)={0x5}) r2 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r2}], 0x2000000000000006, 0x0) [ 1675.215191] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1675.232347] CPU: 0 PID: 31787 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1675.239757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1675.249312] Call Trace: [ 1675.252025] dump_stack+0x172/0x1f0 [ 1675.255697] handle_userfault.cold+0x41/0x5d [ 1675.260239] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1675.264862] ? __handle_mm_fault+0x36b7/0x3f20 [ 1675.269695] ? find_held_lock+0x35/0x130 [ 1675.274017] ? __handle_mm_fault+0x36b7/0x3f20 [ 1675.278814] ? kasan_check_read+0x11/0x20 [ 1675.282989] ? lock_downgrade+0x810/0x810 [ 1675.287166] ? kasan_check_read+0x11/0x20 [ 1675.291398] ? do_raw_spin_unlock+0x57/0x270 [ 1675.295877] __handle_mm_fault+0x36c8/0x3f20 [ 1675.295921] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1675.295936] ? find_held_lock+0x35/0x130 [ 1675.295949] ? handle_mm_fault+0x322/0xb30 [ 1675.295974] ? kasan_check_read+0x11/0x20 [ 1675.317738] handle_mm_fault+0x43f/0xb30 [ 1675.321830] __do_page_fault+0x5da/0xd60 [ 1675.325953] do_page_fault+0x71/0x581 [ 1675.325970] ? page_fault+0x8/0x30 [ 1675.325983] page_fault+0x1e/0x30 [ 1675.325997] RIP: 0033:0x451880 [ 1675.340098] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1675.359073] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 22:16:46 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x300000000000000) 22:16:46 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xfcfdffff, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1675.364646] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1675.372029] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1675.372038] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1675.372047] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1675.372055] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:46 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:46 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0xfcffffff00000000) 22:16:46 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:46 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000080)=0xfffffffffffffd67) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:16:46 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = creat(&(0x7f0000000100)='./file0\x00', 0x44) ioctl$sock_inet_SIOCGARP(r3, 0x8954, &(0x7f0000000140)={{0x2, 0x4e23, @broadcast}, {0x1, @random="5e5aa2d7d606"}, 0x20, {0x2, 0x4e23, @multicast2}, 'ip6gre0\x00'}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$VIDIOC_TRY_FMT(r3, 0xc0d05640, &(0x7f00000001c0)={0x8, @vbi={0x1, 0x4, 0x2, 0x50313134, [0x5, 0x50a], [0x80000000, 0x7f]}}) connect$rds(r3, &(0x7f00000002c0)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) [ 1675.616683] FAULT_FLAG_ALLOW_RETRY missing 70 22:16:46 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0xffc99a3b00000000) 22:16:46 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xfdfdffff, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1675.654733] CPU: 0 PID: 31816 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1675.662642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1675.672052] Call Trace: [ 1675.674762] dump_stack+0x172/0x1f0 [ 1675.678431] handle_userfault.cold+0x41/0x5d [ 1675.682984] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1675.687752] ? __handle_mm_fault+0x36b7/0x3f20 [ 1675.692371] ? find_held_lock+0x35/0x130 [ 1675.696466] ? __handle_mm_fault+0x36b7/0x3f20 [ 1675.701174] ? kasan_check_read+0x11/0x20 [ 1675.705465] ? lock_downgrade+0x810/0x810 [ 1675.709753] ? kasan_check_read+0x11/0x20 [ 1675.714107] ? do_raw_spin_unlock+0x57/0x270 [ 1675.718646] __handle_mm_fault+0x36c8/0x3f20 [ 1675.723096] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1675.728141] ? find_held_lock+0x35/0x130 [ 1675.732229] ? handle_mm_fault+0x322/0xb30 [ 1675.736493] ? kasan_check_read+0x11/0x20 [ 1675.736514] handle_mm_fault+0x43f/0xb30 [ 1675.736535] __do_page_fault+0x5da/0xd60 [ 1675.748945] do_page_fault+0x71/0x581 22:16:46 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/qat_adf_ctl\x00', 0x149000, 0x0) ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0x7, 0x80000001, 0xf6c5, 0x0, 0x16, 0x80, 0x60, 0xffff, 0x2, 0x3}) ioctl$VIDIOC_QUERYBUF(r1, 0xc0585609, &(0x7f0000000140)={0x2, 0xf, 0x4, 0x70000, {0x0, 0x7530}, {0x5, 0x0, 0x1, 0x4, 0x0, 0x6, 'eE#\a'}, 0x400000, 0x7, @fd=r1, 0x4}) poll(&(0x7f00000001c0)=[{r2}, {r1, 0x420c}, {r1, 0x8480}, {r0, 0x1000}, {r2, 0x230}], 0x2e9, 0x800000000000000) [ 1675.753116] ? page_fault+0x8/0x30 [ 1675.756877] page_fault+0x1e/0x30 [ 1675.756890] RIP: 0033:0x451880 [ 1675.756905] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1675.782756] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1675.788153] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1675.795023] QAT: Invalid ioctl 22:16:46 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="240000000d0607031dfffd946fa2830020200a0009000100041d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r2 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r0, 0x400c6615, &(0x7f0000000080)) poll(&(0x7f0000000040)=[{r2}], 0x2000000000000006, 0x0) [ 1675.795504] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1675.802064] QAT: Invalid ioctl [ 1675.806529] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1675.806538] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1675.806546] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1675.826167] QAT: Invalid ioctl [ 1675.846988] QAT: Invalid ioctl [ 1675.855040] gfs2: not a GFS2 filesystem 22:16:46 executing program 4: r0 = socket$inet(0x2b, 0x0, 0x0) r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/enforce\x00', 0x82, 0x0) ioctl$PPPIOCDISCONN(r1, 0x7439) ioctl$int_in(r0, 0x5452, &(0x7f00000000c0)=0xfffffffffffffd61) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) [ 1675.894772] netlink: 'syz-executor.0': attribute type 1 has an invalid length. 22:16:46 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xff0f0000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1675.951576] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 1675.968891] gfs2: not a GFS2 filesystem 22:16:46 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x248000) ioctl$RTC_PIE_OFF(r1, 0x7006) setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r1, 0x84, 0xc, &(0x7f00000013c0)=0x2, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000001280)="0adc1f023c123f3188a070") r2 = socket$inet(0x2b, 0x80000000000001, 0x0) clone(0x28000, &(0x7f0000000140)="c4ff2226c53d6185f094b7743103da8909f6e03a30360722d56401906498e77baadb184e9ceb9da3ce6b654d7b9f15b79256c7d8d2a73191832a0b0619c1c8777bc0dca435e2fe945b5f4a751dc4dcb92899dd29fd0b1c7f9ab24152e1394597ebc51c569d06f0742fb675502498e82c5cefd330fcfa1af0dbe406435f95aa8e59d1b3c0af43358f855fa2f2cb9ff1d0057520c12a3319e68be5a9d7c54f4164c2f092ac1ac6e9e418d4202cf4fa88197404da4d8c6c3896d7f2cd5303062543fe8f8b1f8ba7659b154fd235fa1fba1b6766857589e1c13904e2adb88182d96b498c0c7d79055110b7a8c10b09658b5910a6c20c12697cd298441c0d99b9291585f5b49f4f2b62f6a835f7cdfc74b0786a8d0c13b1204178f1b75fcc5a719f15aa69571186d2ac51dfc05df021ec260ad80942d542c8b8f16eaeaf95e8de9ed784d420c2444e946a760fd8f7a3361337d53bef46f71013026cbecec2e9b365a59d79a1f989b7679af87a4783ae51e0a431baa0e3414db3dd6189b309d307ce67e69647e5fbba04251b9f4e81b0cdbcd2cc0256ef7f914ae8d5b4b90a37974187234155f20f0ec90761f3aea9b58c73f1542b283c59399e1f3cc6c072659d7fb69fd8ce5a6bb888685315a39b565057b19727b5200e68ded2d4df7d0c7fe629b4b373899cade38b33c5a0b7cd5ef692ac44917d9f89998b5c3a6ab3437993a72747933b5151516705c33644e9559fcad1f0baeaed2030c12a2d6941dc586f9f3eb3f31a306daea8db76b491ca8b17122fe783b9351ee5de6dfe51e7726d634036feea99d908a89188e099812c044b76fb3abebe58dbc8124d129a4c04eed763d737f762b484599603962432ffc5c43d6e9c7db4d12f91d93dfef90aab1b96cd8b8049083dcfdef08148c6d72fa9e8be61bdae6f198c2d4c885026a6684279453893a9a68cd17d25a5472029d7ce14506920016a53fe2b8e64baa3468fe2fb235eb67081c54249aecdd5b116e40a4ec9dba57209ca5586a9634c5959023000deb1824ae8646443f8633276d248ab71b72f2ad434b3d0c6c917196f787d1ca05a549dd63e9765727da3305a96a73d02ac1c2c22e0c7bd8ae83ef7908a48f07be3c9607bd9769586ccd679ff9e3bfc128b07a43868a3122ee7adbd236d134c65835cbcf400323a70f59515bf5cf1d7f8bd51dcc1f6ab43847a2accfca61ae62d60fcf0ef5d0e843ebfbb830a6748789e4fcd65430b13d5c5d187bbf6f08d7065dae7d8f38f3aa3dce3b9fe5cea2c9842a1a694c21f4b0688d05e30f75bc00d48bf4335dd70b3682097c298281e499f55b01a7382f09e9de47f926415e2138a34baede3c2fbf40b66c586df0126f5e1c39f55195754c312f5260f5789bbe9ecd9b5b072ec57048559abc5039bdb0ad0edd2abb3d93a67f5af2ccd18eb8109e0edf8db707fc743c299cd2b0bc7182d0a9091ae7fc51397d10491b969f1ccfc45bdb84bf4fa7c4b8046f33b549a2ce098472c7af0159ce7df7359a1b6f60c1e2225c73f7a2dd515879e62ad4d75f0cb0ade12c7ed3a948acbc6cc3000c903d6847f1f04e4181348fcaa893e6111e6fbbab0ff50b6dbdd7d3f4668ec24c4e7c0b818dc02c07f7478c27da1483b4dc07ca48394c26a9128ad208149e10ae6cf578fd978a0902d9c28f39710b0f7b124600b8443fa01f4364b7c7b6eaa5ce42d0c20022de812d63774f733e816b79614a8d7c8a3566b97932b85e5a3c480e9ad418caf4e209e219424a102776fd52fb864d2aa3a735ee106e432d1e2fbeca9031d83152665545a660ce51b5573ee42c2501e305619dcdad2c56e50fe88cf5156fb292eef481f018b56e17fd2676b7fd6d74a0e995dbefdc5d2d22aaa4095ad9d5ce077f9afc5d87a002bd7d78b18883fb88fda54f213aee1a5dc51b57b1cc5f30d6b6433b09e2cd2fafc4969fd8a967141d8319c4c26c5e0d0d3e5e980cfeb59d6779d7a5fcb905172040c1ce1ecc300e3d3441f803b292386a6a92b5f6ba8600de228df51b66bc3631e16175fa167d7a64f4d2a556286d8e0ac6dc2ddac9ecc0a8e6c8133ea5e02bb893c36f2b5c32da6aa70d0922b1ee90c3ac9bba30ca724850db2b07b49fad23607699ea2206a1545832d55e3e2be6c9aac7160a76731efc6ac92ee7050ce956e05c9947a240af3a273343099e844f803f064aeb989d0554d85d81e3adbd7cfdd2b34d6dd89f54737bec983089f74c49d4c088f2af12669c2b000be0b4a15024a2b7defaddb70b76e4ab323ac88ff406faf57a5ef7799921fa588b5c471daf1a33faa7cc04234f3fd9dfd13b276b1c4a3fe8e03d3ef5793b6fe907d9047a3116017c6213d1bfbcbf21ea3176a75687830e65dadd3d8f8e122089a8399ae103eaa24095778d55c746becf4efcd8b4bf68e29eb461828a43d5c266f510f6d75ced58a35ab23ee939a86bb8dbc380ec7dc4201f1285bb79c84e5be877391129f97ab8adb11f6f0cd24c909a2741a0d71a8f3b8504aa988efc1a51efccde5107ee66032bc2257588c91fa4aef8def65871a12ea7474f05f511614a5a01c43701fb9ef37d97a65509e792d16282e89d26f0355c2cff856c73637d3e60de9212a3498659fc3776459a98b3c6deb731cec50f9351c0e79db57df8e3a8470197707ef0b258b04cb933239eab050fba2929f449f60f33d324b1298301d2b8c4533b40107a523d1f66e52c62edec498ee3b8e0d75e38bc106b6eab858ac691752dc43ef68a308bee8c55b18b071fc5d8c97478fb61afcd984743ec869e0cf1fa48efa5d45f2d892e8d1ae99e6158dc2bc77d54d46a2bb74b67a0e4769112335ed88c8603ae04e1dd3151fb8805729dd08aeba35263d55b53b7c9f51da06f1e9f42a86d0d5c609d0afec10609610f24951306ce95f92cdf49acff624961f67cb23784e6842a44e216629b48cf7c08476334861592bf3b8f27d870d742386dfc6a47784a4a60abe617119c0dd7bbb013cf1cce097cf44d7006bdf95487037cf5b5bc4ea82bffffeb1889ee54a81016eb40a01bcfff3fc8a39be546387876f886f357e696e22cb95ca1bbb4159d0efe7ae95e5a7789e54adb2fbe795bc88dfde83a338519158a1617a6ee227a226a25f8cc4dbdc845f18fbadad5f5fee3855fab221fe713833f6c5799ac6a932c607dde3d21a3fbe014481db65d829414fe5a60b53031be6ae5d68dcb1d175da3987b43ba063f04191213efbf0ac0d01da89f2ad77b6bff9e04a46ad2e10d913bcc6fae1b77f757c5ffeb150e8d8904ebcbd804459bfa53bbfeac87917886290ab52ad2303323f2aaa4396777d1ec63872b548f70745e7f805b6cfcae96e54313d2d2953e1b1e92c975f5b090afa0982839ab7cf21024bc6f70201fa58c46b2743bb275c4ac14c0594aa7373a1e7effc5e27a28bf77a2075ef2ad5059e0ef3dcb59d98b7f807ed6dc4e59a8d20e2f2782db7fdd0d0bf1a3fde3e172517549120f9f6cb529f90894bc674afdb56c6c1b5ddaa137804cbcae7a9ea1dc640e099499e89519c44c14211992633f7c5ac5ed94ff2942317861c476325157849b89e5720147d9446e11090ca391e6f939c8ace86a39f0618e45359e49adf26c14cc5bd73d7e67e44be467513dc24cb216cd943f48ce59f6fb1ddbb6f37919a2197717764497f3cbc2e0debdd7b5e7ff326d0cca1cf889aaccc927a0bf8616a8c9cd646909c9350a6c17b0e365b6b0a4789bf2e382f161d7e6782bef3a1300bf51b5a9f9376e309ff8eecaa59c4f79bc94ee90246aa864ad598298ea9e2cbd99c5674e7bde39dd6d359d44c69a81d538cab82176395633c2e7dac937783460ba7e1c06e342ef3ee9cb156e984b63e8205ad9d0157c85226178a12494ac52537793c1043b74c5f1d7ac0cbbde43323db1ba46721b927f8861bae3065dc2ef04fb306052fc836a12a09befeba9b11d8115fde752737fe9720cd987368312bb48d51bb3eb170e52f63e2f468b271e0478d86203afe136d8a087db6f7796cd955be91ca9f9f4bd170b8baaf6fdffff112f7724bd9c15c0a54d23fd714bb4945570f5169000a53560a29fd9d0d249c49f452169a9db1cf82490a0765ba5b587d08991a209d7cf53210cd9df4e4e2bda4f118e3866a165c13ba3cc9a4c9ab94223d0f242cdf9455f3ce8a7c14c3d3d23f5948f7638fe69c05dba41bbb51da02387206c1e0dcc0448ce945ed18aa44f3d28c5106b0644308ecfe15f0e8784deb85b0974770d4e1bc7e259de7638fa6f4bd38c71f69386f6a5ad757989b36bae7ba39c2e90e811dbf51def18e081bf44a76bc1132a57f33e6c50772e923feddf9b337f065f1fe6e1d025137b157e339dde0060b5313711b5b845e342facdc119d8fa7886d206ad987640acec9c0c791a09fd01a6af0a4ef92dff5873ed6f7d20515695caf10a2f9d6d99f9bb45067def567b5ebabdb3786adf35d220d51f6f2be7b70b59edc571088b6018ec94ddbce387c482906f3639109dad2807e7aaf53194e3f13b055fdce60dc4f766bd690a626f2a23135f4f88163dd8e7b570f8fcecc33a9e6e5cea91f823055826696c987356e42b990800f14ef5baa67ac6fd79de523dd826d6050f7b9ecf6fea3dc92d112e2207ae530731b8b43c9fa3511f23988bf97d51e9350f6530730aab06de8a062050dc56d6c25e4b2228d0d6e3b9c9277908263f3f214b362dab3a423400d829338363c9d03f356376f2968c1c3a12eff0318804764562867bba2d8f5fa6ac045c16ac22cd54124007feb257cf925a4bf91ef8421701f6c253309ff463d9093e4dd26c93b2537daf86efa6d3327b8990aa9f507a6ea8ca86cdd563f17750368d30609f6d6d9da6b7e13be7e44c1c748a88e3bd9f4a593ae637a928c2fee5aaf452c45b15e8a175ad9b4af8f4e7f92d9ec7e02f39b36fe4cd76e068c1865332b17c085c080837f79a2cb3b5de821f221043d085dd92dfd04470028475c91519442d63cc108d776ad0a7329bfa36c8826f450f244a6c5c4c80e5ace450ff9e4c478e2088f39ae79edfb2fac4c650147ebd9d40ccea64a2c6a719b687b25187f8f6504e2881457351da060efa48c9b8df90843cf7dad71e4b0d55c0c11cb516a95ec37cb37e980d4c0833e123a742cb4527a7e8354d1aef20076df70792e97ee6f1b7ca2212aa1a306322da5f322451a8a471bce8cbb3a9455dd49a5acc41761967a10b4481a1705e82ccb1186ecf387a0f77a8e761741b261cf88e1883e0c5268e878a9a6c99894268e5802d16227c05fc4ae89f5c20183ed33785063dfb65e8741a269adced2bcac3f359014dd0e58f2a78876249dd893082fa35a05aac3f02a9e4d670e513dbe07df1a80a7c10be46be281e9ec1606a5d6895aea94963313af19968127399e4627a69cd526559fc8b0f822c9ee5de2cefb1d51b112e22e897d591c8e9c4fb55f1cc51b0314ebfcb564b243864fe9644eee09965e92811f6da0dc28bdb5ad208c70f39e574222bd8af355840de9cb397627c8b4e9c2a85ccc17578844f1c0f792a52303ecdfb5ca2a66009ddf95133e5505e0e5d1c9332fc8adc37d576b8fae90cbc406b1676f664560999290fcad70406da3cea4078056b4cd61613dbb4b5965b3e1baae5e8264b012f9d7fdca17e904ba599857480ef3baa53deb78c41af9db7c5b2ee5838b984f683136a910985b7b29899675a88ae0762bf9b07f4cfd7743121bee219ec6720c98b8da265bb4e5ec218172a6af951cbb2a98273348762e607f8b38e9381428", &(0x7f0000001140), &(0x7f0000001180), &(0x7f00000011c0)="1c5d38ea1e95ad29ed8b89cbdf717ee34971dc5c70c759ae9934d4508ebb617968c94cb9a71cee625fa53c90f73bee048f2660115962335601ff094662f0ce6d647a72e99bcac2e4673b078203d65e1346984426725774004ec4f047a5eb6356ea3bed6104418b7f12f7345a906be326f3ed485bf566cf8a5e65c129d0f192fb04dd735e6628d1187d") write$FUSE_INIT(r1, &(0x7f0000001340)={0x50, 0x0, 0x2, {0x7, 0x1c, 0x20, 0x81000, 0x3, 0x4, 0x7f, 0x3}}, 0x50) getsockopt$inet_sctp_SCTP_RECVRCVINFO(r2, 0x84, 0x20, &(0x7f0000000080), &(0x7f00000000c0)=0x4) ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0xff7ffffffffffd65) poll(&(0x7f0000000040)=[{r2, 0x3fffffff}], 0x1, 0x80000005) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000001300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r1, &(0x7f0000001440)={&(0x7f00000012c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000001400)={&(0x7f0000001580)=ANY=[@ANYBLOB="988037a761b36b446eee0000", @ANYRES16=r3, @ANYBLOB="140226bd7000fbdbdf2516000000580004005400070008000400000001000800010020000000080001f70c0000000800020009000000080003007d000000080001000c000000080002000900000008010300740e00000800011b1600000008000100110000002c00090008004f6e310c65c03f02000000080002000900000008000200090000000800020001000000080002000800000026204500100000990cd3f13210583b37658cc4610b7dd26105f8af48a9"], 0x98}, 0x1, 0x0, 0x0, 0x20008004}, 0x4008890) 22:16:47 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:47 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000080)={0x0, 0xb7}, &(0x7f00000000c0)=0x8) socket$packet(0x11, 0x2, 0x300) setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000100)={r1, @in={{0x2, 0x4e22, @remote}}, 0x4, 0x20}, 0x90) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/pfkey\x00', 0x8000, 0x0) ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffff9c, 0xc0106426, &(0x7f0000000240)={0x6, &(0x7f0000000200)=[{}, {}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_NEW_CTX(r2, 0x40086425, &(0x7f0000000380)={r3, 0x1}) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e24, @empty}}, 0x0, 0xbffffffffffffa46, 0x0, "c58de9c27f3ebeb22b23a597749ba9ee98522bbe83dcb5308abd76b5c075bd7b9663eecc7c03338541a631a614c6a103ebd5db63ddb4e3d706f1c581e4b6ea75555e66f0310ea6219418197cd59a848e"}, 0xffffffffffffff86) poll(&(0x7f0000000040)=[{r0, 0x2000}], 0x1, 0x8000000000000) 22:16:47 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1, &(0x7f0000000100)="0bdc1f023c120a6788a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) r2 = dup3(r0, r0, 0x80000) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r2, 0x40505412, &(0x7f0000000080)={0x1, 0x100000001, 0x8, 0x0, 0x5}) 22:16:47 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\xff', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:47 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/checkreqprot\x00', 0x40000, 0x0) ioctl$PPPIOCGDEBUG(r3, 0x80047441, &(0x7f0000000140)) 22:16:47 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xfffffdfc, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1676.287560] net_ratelimit: 10 callbacks suppressed [ 1676.287569] protocol 88fb is buggy, dev hsr_slave_0 [ 1676.298494] protocol 88fb is buggy, dev hsr_slave_1 22:16:47 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008910, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) r2 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000000140)={{{@in6=@ipv4={[], [], @loopback}, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@empty}}}, &(0x7f0000000240)=0xe8) r4 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f00000002c0)='/selinux/mls\x00', 0x0, 0x0) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000340)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_ADD(r4, &(0x7f00000005c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40000001}, 0xc, &(0x7f0000000580)={&(0x7f0000000380)={0x1cc, r5, 0x1, 0x70bd29, 0x25dfdbff, {}, [@TIPC_NLA_NET={0x34, 0x7, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x73a}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x3}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xfd}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x40}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x4}]}, @TIPC_NLA_NODE={0x10, 0x6, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x3}]}, @TIPC_NLA_MEDIA={0xd8, 0x5, [@TIPC_NLA_MEDIA_PROP={0x3c, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x101}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xa0c8}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_TOL={0x8}]}, @TIPC_NLA_MEDIA_PROP={0x44, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x27d}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x753}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_NODE={0x38, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x100000000}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x5}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_NODE={0x18, 0x6, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x3}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_NODE={0x30, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x756}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xfffffffffffffffd}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x101}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_NODE={0x10, 0x6, [@TIPC_NLA_NODE_ADDR={0x8}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_NODE={0xc, 0x6, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}]}, 0x1cc}, 0x1, 0x0, 0x0, 0x10}, 0x0) ioctl$SIOCAX25GETUID(r2, 0x89e0, &(0x7f0000000280)={0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, r3}) ioctl(r2, 0x0, &(0x7f0000000080)="bd47a3b0c9ece7dad966016d78e33da1bba637630e7b1262660126095e92281e01b042b890621e54c1b6279ea7182e80d326c8d37b1d547940f6a2e4d8f321240c12") ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:16:47 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000001100)='/dev/rfkill\x00', 0x28040, 0x0) setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000001140)=0x80000001, 0x4) getpeername$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev}, &(0x7f00000000c0)=0x10) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000100)="2296cdee344b7e2702d445ca51615e0c4e4a7d1c734e705558f864e72f0afb89054982d521570016a6121743fe637702c2cc193a6bbbb4b96317c4a92fa862017ff3ce147929a12ea515ec51245452ca6fbdc45a76b5ea6884eb192cdcf54b5dc8c643eda07fd646dcfca473d6d7b9edeeeb355286b74d02647efb65de3a17fa63ece1fe8cb9eca437de0139372bcd79730b240a49db11df1ab1a8bd058e98551c3704c6dc5dd279c97963309687bd8319e12f87036e139d81d4618914b492e565bbfac3149b43934c726b13fe81628c6bdc6419cb72c50f3703e4df0ca5904fee4b246587e3cf11fc89bc9ab604015092b1c0ae45c7b994294014462d599ea93c680710b2ad972726fe50ed8bbfa536c87d23296da1d30035239b5cd0f6b8a4a863a8fc8804f517b19e131b25c921b9a922774808971d8e0069925502b18f9ba85941b4e3595407e5229aa15e5f321f7835b343d1f5bf051c7192ef85aa96f8fc16d28afb7aa0bf43e7c8cd0fb3fb3c234aaaf9d716d534adcc2eb319f76cd2076ac1d0d715226abf33b44acaaf49b4a0015de7132736b88ccdd1637d52b0470535c04afe51b6ec918b1adec85dfa4163084239e1af79ec0768f5b5e7f3a91d30572569f4620fd0d16ea4a32a44129a0e6526a106945eb22f4086904cc8b8c94f202918825abc82f7e0445057a531148448fb436f7c6b9c773bd6e00ae8aedaae42daf0b40f41729d51fa39bc13c0b3bf700255e6b0f49df171918abd243c1033c126343ea592168b0c0046537055ad7236f0f73393c3708aaa465ed88e1d4d1330ec10181f605c830e67aacc2abf9d218c872f019388895325b109f12c3f54b64623e88e501cc2d9613be450e3b7e4427a3345d86ccff8b8a8cff7d80b3d0185a520cc51d82d7b46c4102c1791fa2e9f20a52c8b8cce858183dde3f22cb1c9a76e16d710b455dbcd781ef6b7d01c2005ca9037ffe9b93ad7aab8f6d313bac307a7f5e3b9b7f555e8acdbcb8da1e1970865a9ab204165734eccd383dd423e7586ef64b35bf23996903079bebb1a422cd4732a72f4933ad633a09d4adff0fa4e4b890ed7a042f53416db6b6c68c86cc8bbddc9de5fc7acc247ffda0fee4ff9256fba3316f12944410f5c848f0b1fb1a7ec97daf1a703b4c91a70ec0dece3c043f9969b77da03a4bff94745fd63dadeb0fed3de32d7d2b4899c985495036ad3fb06299c3add99bbaf87a3133dc8966207d2d96f9189625052e575be0cdb09875f48eb76bb49cd848197cbc3f5c1f9c4e723fded28646e672de5d81a12dea62ca288e0d58985df93b3a71c243c43254c29ff5bb2e8cdd0b9724d5f68a3a04ec91836d7548bb1a0a8fd22a078c8a9cf50de0eb2a0cdf98eeca3221760f4c3f973e902ca3580c143ac24a703169e3327f6df77e4d777da91aac5646293f7106b61486195be29c3aa80cb624e7e65a7d9315e568ec3ef86192efd9c0c90535f12e69c1fe146bd416e987d31eba2055300e9078b965b3aab50dc738196ecd058c4e800c815b05c4b6386aba95ec144b21df8448cf4d90bf346a01cfbcf2850e612b48cf2d9c49341184552db97d210a8c41e936b087e83ead236ac20182dd06105a796c8f80eae361c78dc5fe6bb117d30b7f99538e2aa4f0d3e0e2bde2a9c83df46d817100d0648c4cbea3b4c83e63c9d434e2e1010d71c0e69e6d958251568827a027023434038ea9292d48943b98657320c92691c2df8819860a5f29850d4e7d0d6832e7ef1a5260a336832447785bd28120aa7f6c10d90c82ea784e709cbe4f09e4e8dbce82c306d783e82584bc72d8b6612f1ccbe127de558751a445279629c39054c717ca77c6f17a978d71ef540a9ee01c98d67ffa6e2e64a046e8047927570f7f049b62de4e66ca4fa54a8ea9af0bd74f388a4f0853ab94b47a9a034ad6c44ce9acb7a4de97ab7f8663c911952da7069bcb7245beedb8c51b5a6c060a2ea8e4d9f1e6fad2e134608a5a839f012ad932ea3eab5b1ebe5934d4cf3a7f53d74b09031b0bcadf3cc375671db8d76618f45acf642e5d8fd4d688390e287510f994977cb4aed70d7bef08aec95eeaccb8a4cdcdfb4cda3883d780793961ec20eb77bf7082566fb7d03302c68e7594a98cef3d37156e3600c54ef0c8344221db260b0f3df317ca1a044704bccc12a2e170ef0f900758ab9e6a3bbd7a626f9999045c23d667d7e5ebb7a08f8eee3ee21ca40aaeba6196b0b931f912e096d9b17682aacb8374a4eaaacca8aea60a2a2a83e71ed55ce682348d8aa4acf38f164144ce25252321c4b4f70519c07caad517a660bc2d2928a51947be617c389ba9ba3ffeef951b07af893f36c0c78f4baf9c049a97624a8dacabf89a295dcf57600fdd91375a9df00351937978ff10e91a5c5ed8200a46a3ca3034e10c7077ec1c29f2aee821f718a83fe1d4f29ff56a18b4c70a20451f54f35c0a783df08b8bdf7f453625345ea8debe91b649d5ec3a4144e7a084db3d9b27473398b2e0e56056a389170e603e0789fa72bf7903c8f6981bf61008fc103b74d8b0a861dc970e22aada8197e133d41ae744b7977451b5fad51cc9cd82b5a9476fff61c1ffa903eb7d5f2a0c4d96a98be9115c688c47281f359407b3453aff857de73db720fd16a6d8698dcbf7a11b69454b650e8cd2883b992a0b2f5441ff02fc935c9c6b74c1c27b3179f110f440e31ce0392908f9ba7afdc4ceef0c2df177a9f75dab611e775028c36baa0666d5f07afa5f6468f309e609bee9787683184f0bb53f1e3d79bafc5533132519a6fe4898d7d05082e440fda14799a583ed795e672d9aaa1dfa516012d36feefa47064fc63d4ed8c84b0f1ad0aa2e791f62fa03fd7ceafb1ea526b9a51c32a987e639660683f71e2a0eae37bccc8d71cdd46c6519cf5937b201e17bb9058ab785b0bf1282549fa110a5f5f8ff538f5f55ec70ae436b2c4810adb3922bb094793e050c08ff302274888e2ea8950a4e673362f4df8cbe505d30b08949ea5b9f06e14852c9af722e3263fd0fc99859589d6c0f09b6f7bf771288ff3221d4ad762f05cc19d4eeb433ec1b59a3a3ef1f4c28bb828af1ac5ee95c19afc36be1807f8a7280c2ec2266900c417b3891d40fe230f6fce91a7e05af0c57e8195b2ad7e40e9ba857dd4610ceff9ad84ec292c5ff404e325c179057495c991e9e0b3d90373ec08b9cf28dadee622969a9fd74bd7ad23987f3b24850669ca82fab1ef861d179170f665b9766e5ea0c07bf83088d4c3ce03ba0799af7807796161ac83a6bb4bf68e67c9c46fec1e92d1c2a9632c335dfd6daa40b1cfa92803c9c75754e3588c3be0ebb3f3009b4f2344afef889cc356fb6d93c433c87f31359e8d4c231ac08aea54aecff423c275416275895300a649b271cbd2b7a47e40ad9622faaa419e139c13019e10bbf46eb643eea074eae7af8d4af0389d4507633952f352103191b99bf550e7412f8c7659331bef8ffe943b4c5621630d3501dc0f9681210fb61cbd9e202663e55e3042beed023a27525f738409abb5470a2ad3a745caaba041cb700349f2578f7c980425643899bcffc7f436cc1f336f9eb495f7090b9c2b0e05781391f887ebc97b4df8fb205b4cdd1da580c3f5e7200d6851353c6f414b62ba255e3ee8449417b58036bd703cc1fc40138acd234d3c9e198dfd38e8c3d79a2a23026dd2a6a485bd35adb4ba7561f6cbe9836a812b8ac2af4d3a75b049414bc65cd45f03f42d733a61d21f820919ebf1dd67301aff6be9b73e96607a311aacab1ea5bd63f3f8009f8f4a0cf6b1f0e2379472631de5d5c2807579927c115c7d327b90de0b7f2ca06c4fec1b3c7da2b41705efcb4248b227355f8262c8ba9549ef024fd282bb5b3019271cdf921ba7a53ff37e8fbc96dedccf58d2b10f2085ffb550cf46a6f9a08a48ec884180099c950356282cf90c1c7e12599e229af7b2c4f86e1c43fae259d99e79adab9329dd293214e7e222a06745ba41cc7a91d308ca1e075f0640c9492dfc61ffba28996daa57be098300614908ac7e12209d2416c4702d1b439d4c271b843c2497d7c00fae484ebb81a9f62cabee87b8a865aafb7f0e5c5a79cf3aa1f820500db56de0d1150f955f8f679ca3a57bb3c233cc06afd437e86bcff9df6e57084a0f580ade5d4e0aa88b50fe14c3a129a25812644a95486e72755d1710e67012a3ba288105ad1fd32de823a33e48abd2a2ee7a685f97633e01599d9a376c759c77c2f8ec1cba3b93a1741aa43960d970c6be3eda3c5c45b9db067f2dcc52d34b869cc052830a6caf439bc07f443fa7ee813e7c94913a2e4e9e4c79133a3ca9f46c8cba122af646ff45c53da608175bb5ae0f2fcda3dffae7d0350e4608fe9888782fceb4b826683ea3110abb88d37300a4a7ca65c9da391b5b08fbdb90dee10dd1e24bb95a23deb8a6f93b760cebdcb07c45303403ce15265bdfb30894c0a8f8e783d903b28719258e1f5061f0470a4a568c7cf7b9438b3b6ed447d3fcb45826b271336f8d02f0e8c1b58f1d367d87e50582f71ce17888710c165ef7a39a80d7d7561387c6416032f1ddf688a1d395bd4c186a72c351747ba88dec17d0b2830da4c27183814b8940a631749c062124b332d73c2907c86659385fd80e9d3aff69bbd3b5f0ca1f94da2b3f2365038ed248c51819d2ae013ce73f21a63fabe4acf7da9c7bf9364551333d6a8fc1c561710877ce5574a773e5494e1748f902383083d18ea24a74481eed655ff1a425e5cef05a2a3eef39b8dbb90eeab8045b121c6089e528d4025edd9044870107f70ef03babf37d426c1e1c4dd5e9f41dd0e58a565e27d959112d002a0e3e01536fda7ae9c46114ac0c7da6218594601aaa1d446b4a11b51565649b4a44f2d4a81d0460d638d20e578652731e030552dc445101c3099d5ab72b90c0d62c8dbf54234e89088f7fbcbd83454fbc8d6bac312a9af4e5ca01864b43d8600adb37f489bb752d36d0d88e7733568271ac752b530b5d296ec38be21b8655d20ee5885eedd13e64a1c2cd370085138e064f8856344b73a07503ed9a1e80cdd46acf63c5e58856b74ee65404da919984538ddb04c62e3bfee8cb6fbb712fe20787be69bc8259dba8f7421068dea7ba01faf3e58dbef6f830548d1b7cc2f9a6671f54ce69fc4403019d9f0679b90e30ac7cdcbd9b3c44a1035cc76506a738b21d62121390fc352c9b38658df47c380b14d15f1c850a520762f3189316ccd275bc49338f50e8ee1e1ee81315767ef09e7ff6523fcd6487ff1232b9838c687b640b19183f7b5fc721027e093ad15d8640b71cb5e0965415cb46718b69836f459d6bdedcdecd9d7934e54a7247f83f8ecf14cfde230bf03d139cdfa703481c7a233f44273c9261d192432ef0baa7c3930fc6df254480018751163bf8d554fd41e5467fe34511f807e031ec8e6d605d6ff5497df7bb7b95980b645b1057d786261bda2b8401780ae752ee31c00899c239953c3fe7967759bc584564cbf70033fd3b942c3a174a904cc840f66da6ed2ac4368da740fb0e14e1f0fadb3a1a00b0ff6063eae66c7f619db6aa7a2b1ddaad1a1efc6c7a5b0c923465af6dc607d769c457f87a3151c1aaef20f8bc1d57825085ae2eca33eb94acfb0a7fa8ce3ce979dccd2fc47e5447c572773abe2636c6f88798b1e0030c5d4c44517760a5e293e38b866ac55bb734062e90b40ad29f158fecebbff0733df878bbbda0305c275d5da3291958c1b2cc28f59dead5b2b65bce6eed4143497a", 0x1000) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:16:47 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1676.442065] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1676.450628] CPU: 0 PID: 31884 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1676.457968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1676.470592] Call Trace: [ 1676.470625] dump_stack+0x172/0x1f0 [ 1676.470647] handle_userfault.cold+0x41/0x5d [ 1676.470672] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1676.470688] ? __handle_mm_fault+0x36b7/0x3f20 [ 1676.470704] ? find_held_lock+0x35/0x130 [ 1676.470720] ? __handle_mm_fault+0x36b7/0x3f20 [ 1676.470739] ? kasan_check_read+0x11/0x20 [ 1676.470756] ? lock_downgrade+0x810/0x810 [ 1676.487622] ? kasan_check_read+0x11/0x20 [ 1676.487641] ? do_raw_spin_unlock+0x57/0x270 [ 1676.487661] __handle_mm_fault+0x36c8/0x3f20 [ 1676.487680] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1676.487694] ? find_held_lock+0x35/0x130 [ 1676.487709] ? handle_mm_fault+0x322/0xb30 [ 1676.487734] ? kasan_check_read+0x11/0x20 22:16:47 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000080)=[{r1, 0x4}], 0x0, 0x8) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x100, 0x0) mmap$binder(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1000000, 0x10, r2, 0x0) r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000140)='nbd\x00') sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80010000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x2c, r3, 0x500, 0x70bd2a, 0x25dfdbfb, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x1000}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x10000}]}, 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x44000) 22:16:47 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\xff', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:47 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/sequencer\x00', 0x200, 0x0) ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f0000000200)=0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000280)={{0x9, 0x4, 0x101, 0x5, '\x00', 0x80000000}, 0x6, 0x204, 0x59af, r2, 0x1, 0x8000000000, 'syz0\x00', &(0x7f0000000240)=['md5sum\x00'], 0x7, [], [0xffff, 0x7, 0x7, 0x7]}) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(0xffffffffffffffff, 0xc0a85352, &(0x7f0000000140)={{0x2, 0x100}, 'port0\x00', 0xc0, 0x10000, 0x8, 0x100000000, 0x2, 0x5, 0x2890000, 0x0, 0x4, 0x5}) r3 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r3, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r3}], 0x2000000000000006, 0x0) [ 1676.502071] handle_mm_fault+0x43f/0xb30 [ 1676.502095] __do_page_fault+0x5da/0xd60 [ 1676.502118] do_page_fault+0x71/0x581 [ 1676.510603] ? page_fault+0x8/0x30 [ 1676.510617] page_fault+0x1e/0x30 [ 1676.510628] RIP: 0033:0x451880 [ 1676.510643] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1676.510651] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1676.510662] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1676.510671] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1676.510679] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1676.510687] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1676.510695] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:47 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:47 executing program 4: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) pread64(r0, &(0x7f0000000080)=""/4096, 0x1000, 0x0) r1 = socket$inet(0x2b, 0x1, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000080), 0x0, 0x5d95) 22:16:47 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xfffffdfd, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:47 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x2, 0x40) r2 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_G_OUTPUT(r2, 0x8004562e, &(0x7f0000000140)) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) ioctl$BLKTRACETEARDOWN(0xffffffffffffff9c, 0x1276, 0x0) ioctl$VIDIOC_S_AUDIO(r0, 0x40345622, &(0x7f00000000c0)={0x4, "63bf7791dee33ee40827f8525ec9eace277cd6a93dc1dba5b810c3441bb08452", 0x0, 0x1}) getsockopt$inet_opts(r0, 0x0, 0x9, &(0x7f0000000180)=""/34, &(0x7f00000001c0)=0x22) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:16:47 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\xfc', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1676.857120] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1676.863121] CPU: 0 PID: 31915 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1676.870881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1676.881210] Call Trace: [ 1676.883840] dump_stack+0x172/0x1f0 [ 1676.887680] handle_userfault.cold+0x41/0x5d [ 1676.892302] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1676.892322] ? __handle_mm_fault+0x36b7/0x3f20 [ 1676.892340] ? find_held_lock+0x35/0x130 [ 1676.907287] ? __handle_mm_fault+0x36b7/0x3f20 [ 1676.912068] ? kasan_check_read+0x11/0x20 [ 1676.916366] ? lock_downgrade+0x810/0x810 [ 1676.916385] ? kasan_check_read+0x11/0x20 [ 1676.916401] ? do_raw_spin_unlock+0x57/0x270 [ 1676.930406] __handle_mm_fault+0x36c8/0x3f20 [ 1676.935030] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1676.939978] ? find_held_lock+0x35/0x130 [ 1676.939994] ? handle_mm_fault+0x322/0xb30 [ 1676.940020] ? kasan_check_read+0x11/0x20 [ 1676.940037] handle_mm_fault+0x43f/0xb30 [ 1676.940058] __do_page_fault+0x5da/0xd60 [ 1676.940082] do_page_fault+0x71/0x581 [ 1676.961574] ? page_fault+0x8/0x30 [ 1676.961590] page_fault+0x1e/0x30 [ 1676.961602] RIP: 0033:0x451880 [ 1676.961616] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1676.996117] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 22:16:47 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$RNDGETENTCNT(r0, 0x80045200, &(0x7f0000000140)) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) r2 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/btrfs-control\x00', 0x200080, 0x0) ioctl$TUNSETVNETLE(r2, 0x400454dc, &(0x7f00000000c0)) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f0000000180)={0x0, 0xfffffffeffffffff}, &(0x7f00000001c0)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r2, 0x84, 0x23, &(0x7f0000000200)={r3, 0x4a}, 0x8) [ 1677.001498] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1677.008864] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1677.016140] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1677.023622] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1677.030935] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:48 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f00000001c0)='/selinux/enforce\x00', 0x400400, 0x0) ioctl$PIO_UNIMAPCLR(r1, 0x4b68, &(0x7f0000000200)={0x71, 0x8, 0x5d}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$int_in(r2, 0x5, &(0x7f0000000100)=0x5) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = open(&(0x7f0000000140)='./file0\x00', 0x109000, 0x20) mkdirat$cgroup(r4, &(0x7f0000000180)='syz1\x00', 0x1ff) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:16:48 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:48 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xffffff7f, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:48 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x80100000890e, &(0x7f0000000080)="0adc1f023c123f3188a072") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) r2 = syz_open_dev$sndpcmp(&(0x7f00000000c0)='/dev/snd/pcmC#D#p\x00', 0xffffffff, 0x48b00) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0], 0x4}) 22:16:48 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\xfd', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:48 executing program 0: r0 = syz_open_dev$midi(&(0x7f00000000c0)='/dev/midi#\x00', 0x5, 0x8200) openat$cgroup_ro(r0, &(0x7f0000000140)='cpuacct.usage_sys\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r2 = socket$inet(0x2b, 0x80000000000001, 0x0) pipe2$9p(&(0x7f0000000180), 0x4800) creat(&(0x7f0000000240)='./file0\x00', 0x0) r3 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/capi/capi20ncci\x00', 0x2001, 0x0) ioctl$KDGKBDIACR(r3, 0x4b4a, &(0x7f0000000200)=""/64) ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r2}], 0x2000000000000006, 0x0) ioctl$sock_inet_SIOCGIFADDR(r1, 0x8915, &(0x7f0000000080)={'ip6erspan0\x00', {0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}}) [ 1677.353227] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1677.369882] CPU: 1 PID: 31951 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1677.377587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1677.386980] Call Trace: [ 1677.389607] dump_stack+0x172/0x1f0 [ 1677.393390] handle_userfault.cold+0x41/0x5d [ 1677.397828] ? finish_task_switch+0x118/0x790 22:16:48 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xffffff8c, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1677.402346] ? __switch_to_asm+0x34/0x70 [ 1677.406551] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1677.411346] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1677.415964] ? pci_mmcfg_check_reserved+0x170/0x170 [ 1677.421014] ? __handle_mm_fault+0x36b7/0x3f20 [ 1677.425704] ? preempt_schedule+0x4b/0x60 [ 1677.429904] ? preempt_schedule_common+0x4f/0xe0 [ 1677.434687] ? preempt_schedule+0x4b/0x60 [ 1677.438898] ? ___preempt_schedule+0x16/0x18 [ 1677.443356] __handle_mm_fault+0x36c8/0x3f20 [ 1677.447805] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1677.453103] ? find_held_lock+0x35/0x130 [ 1677.457188] ? handle_mm_fault+0x322/0xb30 [ 1677.461480] ? kasan_check_read+0x11/0x20 [ 1677.465654] handle_mm_fault+0x43f/0xb30 [ 1677.469837] __do_page_fault+0x5da/0xd60 [ 1677.473929] do_page_fault+0x71/0x581 [ 1677.477892] ? page_fault+0x8/0x30 [ 1677.481453] page_fault+0x1e/0x30 [ 1677.484926] RIP: 0033:0x451880 [ 1677.488480] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1677.508132] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1677.513666] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1677.521069] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1677.528356] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1677.535908] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1677.543297] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:48 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) unlink(&(0x7f0000000000)='./file0\x00') socket$inet(0x2, 0x7, 0x7fff) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$RTC_UIE_ON(r1, 0x7003) accept$alg(r1, 0x0, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000080)=0x9) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:16:48 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) socket$caif_stream(0x25, 0x1, 0x1) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:16:48 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\xff', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:48 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$audio(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio\x00', 0x40, 0x0) r2 = open(&(0x7f0000000300)='./file0\x00', 0x20000, 0x1) ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000340)=r2) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f0213001f3188a0702f1453e9556a2ccab837d7ce9679e0043ee606ddbd3aaf14d40c7b7d0090c071a623feacfff7c0e793f5fe3a694b54891e687f90d291e720baeb8e363dd39cc243868f6cd4609080b043947cda3a5b4269d2117d336f922c516654eb82ba947aff9f191c2ed39cbf5a17a6ad9fe315bc57a520903a4513d9e923a0e7b50053ab66a26e33b8cf8c2d45b0d9c05a2f053f52d7c5533abf8d9541df636a876c0329f6ebc410beede9781926845627102de53678e5a3d4a0cdd1892c691d13d519905afcf88e9dd0c2f4c7bccb90aaaec1050017e7cdbecf7cfe98dfd09869196991929c889783116cc5a6011ce19e395305a8745e7fcde800000000000000000000000000000000") r3 = syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, &(0x7f0000000380), &(0x7f00000003c0)=0x4) getsockopt$inet6_tcp_buf(r3, 0x6, 0x1e, &(0x7f0000000100)=""/52, &(0x7f0000000280)=0x34) r4 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r4, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r4}], 0x2000000000000006, 0x0) finit_module(r0, &(0x7f0000000080)='@security:system\x00', 0x2) 22:16:48 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xfffffff4, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:48 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x7f', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1677.979121] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1677.995156] CPU: 1 PID: 31985 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1678.002414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1678.011797] Call Trace: [ 1678.014589] dump_stack+0x172/0x1f0 [ 1678.018254] handle_userfault.cold+0x41/0x5d [ 1678.022775] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1678.027563] ? __handle_mm_fault+0x36b7/0x3f20 [ 1678.032181] ? find_held_lock+0x35/0x130 [ 1678.036363] ? __handle_mm_fault+0x36b7/0x3f20 [ 1678.040973] ? kasan_check_read+0x11/0x20 [ 1678.045151] ? lock_downgrade+0x810/0x810 [ 1678.049338] ? kasan_check_read+0x11/0x20 [ 1678.053590] ? do_raw_spin_unlock+0x57/0x270 [ 1678.058372] __handle_mm_fault+0x36c8/0x3f20 [ 1678.062962] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1678.067888] ? find_held_lock+0x35/0x130 [ 1678.072161] ? handle_mm_fault+0x322/0xb30 [ 1678.076442] ? kasan_check_read+0x11/0x20 [ 1678.080622] handle_mm_fault+0x43f/0xb30 [ 1678.084746] __do_page_fault+0x5da/0xd60 [ 1678.088847] do_page_fault+0x71/0x581 [ 1678.092854] ? page_fault+0x8/0x30 [ 1678.096609] page_fault+0x1e/0x30 [ 1678.100082] RIP: 0033:0x451880 [ 1678.103293] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1678.122475] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 22:16:49 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xfffffff5, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1678.127868] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1678.135240] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1678.142610] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1678.149893] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1678.157186] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:49 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x20000, 0x0) accept4$llc(r2, &(0x7f00000000c0)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000000140)=0x10, 0x80000) [ 1678.270668] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1678.282610] CPU: 0 PID: 31996 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1678.290003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1678.290010] Call Trace: [ 1678.290037] dump_stack+0x172/0x1f0 [ 1678.290059] handle_userfault.cold+0x41/0x5d [ 1678.290085] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1678.290104] ? __handle_mm_fault+0x36b7/0x3f20 [ 1678.290121] ? find_held_lock+0x35/0x130 [ 1678.324079] ? __handle_mm_fault+0x36b7/0x3f20 [ 1678.328705] ? kasan_check_read+0x11/0x20 [ 1678.332944] ? lock_downgrade+0x810/0x810 [ 1678.337115] ? kasan_check_read+0x11/0x20 [ 1678.341302] ? do_raw_spin_unlock+0x57/0x270 [ 1678.345837] __handle_mm_fault+0x36c8/0x3f20 [ 1678.350349] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1678.350364] ? find_held_lock+0x35/0x130 [ 1678.350377] ? handle_mm_fault+0x322/0xb30 [ 1678.350407] ? kasan_check_read+0x11/0x20 [ 1678.368061] handle_mm_fault+0x43f/0xb30 [ 1678.372149] __do_page_fault+0x5da/0xd60 [ 1678.376418] do_page_fault+0x71/0x581 [ 1678.380245] ? page_fault+0x8/0x30 [ 1678.383806] page_fault+0x1e/0x30 [ 1678.387273] RIP: 0033:0x451880 [ 1678.390696] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1678.410736] RSP: 002b:00007f04692b57a8 EFLAGS: 00010202 22:16:49 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\xff', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:49 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000080)={0x0, 0x0, 0x4, 0x0, [], [{0x7fff, 0x5, 0x4, 0x100, 0x1, 0x1000}, {0x83, 0x4, 0x40, 0xec, 0x1, 0x8}], [[], [], [], []]}) 22:16:49 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x8c', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:49 executing program 0: socket$inet_udplite(0x2, 0x2, 0x88) r0 = socket$inet(0x2b, 0x80000000000001, 0x0) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000040)="8e1b9b3be1404581a194ee5017d7", 0xe) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) r1 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video2\x00', 0x2, 0x0) ioctl$VIDIOC_STREAMON(r1, 0x40045612, &(0x7f0000000340)=0x6) poll(&(0x7f0000000080)=[{r0}], 0x1, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x98, 0xb0, 0x1, {"4f5d695d80b229351dd5e005bbeb9c994644dc0981b17fbcf238a6c9ab694618a4e9eb9ac6ed8b21e633c6e131db97a1141db8598c822c5fa06896154b6d7646769eb7e3748624cf08eaae2398cc4e61c68242694fd51742eda779d0f0d396ac8ad94b15822eddedc4a9acc52d5bc745aa4e71bd220edceb6bfd805b9b3a465b4da7297dd8db89e463bbfe7b3c6eb3d3781fb4d6a2566331"}}, {0x0, "6a64f98725423579adcb18b546397e0b9cf5e8f6a5b98ff85a7b3881f80c16b40465d5dfda15cf3fb962619bf8575e9217d13a5b79ea4e7aefd76fde8875d3f80be2ee5f3b89a026ea07afd15c3090a246fa325a1ef414621e13368ff9bb3a6ee55f880a10890ab38ce988a7d5559d0f3c49f9ac6cf78b15db4b"}}, &(0x7f0000000200)=""/181, 0x12c, 0xb5, 0x1}, 0x20) [ 1678.416201] RAX: 00007f04692b5850 RBX: 0000000000000003 RCX: 000000000000000e [ 1678.416210] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692b5850 [ 1678.416217] RBP: 000000000073bfa0 R08: 00000000000003ff R09: 0000000000000000 [ 1678.416225] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692b66d4 [ 1678.416232] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000000100)={r1, 0x0, 0x8, 0xfffffffffffffff8, 0x2}) r3 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vfio/vfio\x00', 0x402, 0x0) openat$cachefiles(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/cachefiles\x00', 0x2200, 0x0) ioctl$BLKSECDISCARD(r3, 0x127d, &(0x7f0000000180)=0x6) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:16:49 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xfffffff6, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:49 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000080)=[{0xffffffffffffff9c, 0x4000}, {r0, 0x1}, {r0, 0x612}, {r0, 0x10}, {r0, 0x1010}], 0x5, 0x0) fcntl$notify(r0, 0x402, 0x4000000010) 22:16:49 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") restart_syscall() utimes(&(0x7f00000000c0)='./file0\x00', &(0x7f00000001c0)) r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) lsetxattr$security_smack_entry(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='security.SMACK64\x00', &(0x7f0000000280)='#\x00', 0x2, 0x1) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) [ 1678.606717] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1678.633489] CPU: 1 PID: 32021 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1678.641051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1678.641059] Call Trace: [ 1678.641085] dump_stack+0x172/0x1f0 [ 1678.641108] handle_userfault.cold+0x41/0x5d [ 1678.641137] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1678.641156] ? __handle_mm_fault+0x36b7/0x3f20 [ 1678.670516] ? find_held_lock+0x35/0x130 [ 1678.670536] ? __handle_mm_fault+0x36b7/0x3f20 [ 1678.670553] ? kasan_check_read+0x11/0x20 [ 1678.670570] ? lock_downgrade+0x810/0x810 [ 1678.670589] ? kasan_check_read+0x11/0x20 [ 1678.670602] ? do_raw_spin_unlock+0x57/0x270 [ 1678.670648] __handle_mm_fault+0x36c8/0x3f20 [ 1678.683518] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1678.683535] ? find_held_lock+0x35/0x130 [ 1678.683552] ? handle_mm_fault+0x322/0xb30 [ 1678.683577] ? kasan_check_read+0x11/0x20 [ 1678.696289] handle_mm_fault+0x43f/0xb30 [ 1678.696315] __do_page_fault+0x5da/0xd60 [ 1678.696337] do_page_fault+0x71/0x581 [ 1678.709698] ? page_fault+0x8/0x30 [ 1678.722217] page_fault+0x1e/0x30 [ 1678.722230] RIP: 0033:0x451880 [ 1678.722245] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1678.722253] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1678.765106] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1678.772495] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 22:16:49 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\xf5', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1678.780675] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1678.788290] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1678.795575] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:49 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xfffffffb, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:49 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) r2 = syz_open_dev$vcsa(&(0x7f0000000180)='/dev/vcsa#\x00', 0x20, 0x48080) mkdirat$cgroup(r2, &(0x7f00000001c0)='syz1\x00', 0x1ff) r3 = socket$alg(0x26, 0x5, 0x0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r4, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") bind$alg(r3, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(aes-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000040)="b93c564b86c1490d5f9ef9ec63ff2d3822e10008004ecf6d1700b4ce360000a2", 0x20) r5 = accept4(r3, 0x0, 0x0, 0x0) sendmmsg$alg(r5, &(0x7f0000006dc0)=[{0x1000000f0ffffff, 0xffffff7f00000000, &(0x7f0000000080)=[{&(0x7f0000000140), 0xfec0}], 0x1}], 0x1, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000200)={0xffffffffffffffff}, 0x113, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_NOTIFY(r2, &(0x7f0000000280)={0xf, 0x8, 0xfa00, {r6}}, 0x10) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:16:49 executing program 4: ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{}], 0x2000000000000006, 0x0) 22:16:49 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:50 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000080)={0x0, @aes256, 0x0, "346342169819859b"}) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x4200, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000100)={{{@in6=@mcast1, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in=@loopback}}, &(0x7f0000000200)=0xe8) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000240)={'vcan0\x00', r2}) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) ioctl$sock_netdev_private(r0, 0x89f4, &(0x7f00000000c0)) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:16:50 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) r3 = syz_open_dev$dspn(&(0x7f0000000240)='/dev/dsp#\x00', 0x8001, 0x80000) ioctl$VIDIOC_S_FBUF(r3, 0x4030560b, &(0x7f0000000280)={0x6, 0x40, &(0x7f0000000340)="31907d8ec24be1d1fa1bfdc8bc59e9d05b0cbfe1d2723db605ef13eae46cde3b5313f483e55d81bfcd64c6fae3025ac3ef25eee1e1af78e489433c4ae3b4958f48ec086954d89d3a4ba23167dd2067c7dd03b2ec804ecd79a568b1acd1dd6a878cc8cc00ac2e5556477bec09198b0fd48140f996f53f7936e84ebaa61232d789325de27d77b6def83f660523b2ebc0cdff858a0105d69204cd6981fd3787345f7581fd36de07f132d0354194b83bb06d71d3f80da20b7b1d62104c1a140cc8d770987490aa29f1304864d4f8ee5cec6c418f65960cadd957f355be2a829f41e80a806bc17416a5b864329d61597f09419365e4100fa5ed4586dbf28b28fd833e737f513db64a992eb179fb305eb6df14432188175d2b4729739bf57039e8915bae739e854ffec017446c1ec5baba9f270f03bdcd7dd1903e06050b90030da988870157a36626bfd75f9aa0d3930e78098a251c168008405add7087b34a41818270107b80ec665120e5dfbba7835ac6cb2458e6ffe9997706278390b955c7b5462159e6317aaabb059514bdaa8eaf821bffdfb07c00bc6e2e89035bc5d17baf94e86191ec94088edbbba440643ffa92f70e528c5ef9161b08b5521bd1741f0e5a7a47b3114530c817e61916d0c7169bd30c1de9707fd793c9e9757a2225a804259bf3bdbbd7368d35c53e35711eaa184befae9c200d1825fce38e73445a9506830e8f719d8b94b4d36a26053a07cb7974c5a0959e97646205392d20615f0b42e4a8188ab77a7ad71b7a45b9df92f8f8ed4c8527461216e912b521b64d87246e2ea11d8672d16b1309c9e0aefb3e09bdb443b174a25500f864feac0988721f6ba99907b4df6262d93b76da39440c3311dc8e2ff24df2291d570ff8caa013629519df19dccb5c6b59456aed7d74bbb08aa56b0f3bc7e0f28f4448d25fa15f233fcb08074904549df7b9d0ba6a38e539438d979b4e113a618234446d511141a9821fc0db52398d4f6c6283a25c345c83f4909a74dda951be66b166a0bf28029fa0ce31ee9b60275ed0d22fef992d0ee57504ab25f5c2916a3b5b9e463b6cf852098ecdece47b27fe4af63125232c7f0b037856069c14a806b116e3b6401946cfa3e90d39313fc88995aa690d250ebd4c7784740dae976554d2ca7039703c7fd4e0026db8469c5db8ce4d44528210cd91660193862e9618bfb09ae5bc6cd7f9c247303395ee2aecee2fa9ddfadc673e5133afcb211f110aa98c4dd66b4b722c9e8ec0502cb5424bb34162c32ebd845ab389a51d9de7599dedaa5f4b767e8181653811a6c3b3a2eda0caefdfe9a6f2b0d72dc9f0241eca0d95f8d42a586db47a66bbb39d131b3a788c8167130015d46c0874a777a6da3cd3055593e6145cb1fc11ca15ea80a557530cc4fcc6244b4ed785baa0ade16b9b1d958c59d58ab46aa8bd795e663c1189ca1f46f7ffdeaa7a678a4a18e05a4bde91420600484cf6974c8e657dbf0a17e244711e9830f9860830e2a3b007f6aab0175b537e20e3304ab6c272127831c886cef2899708a6aa8ee79820cfb00ad854b483b4b2dcb897dda6d31474900423ba2bcc921bc0eaf673a372360cd1c834868f4ef368d6fd5b3c738136dbc756d89a8ce2c50793904bde6b248cdb457873c75835c5f683797c45a9c8e12ac3a40fb8c4b1f77340f972bc8b3f197cc31b6508a2e605c99be87118111b81c6d1a503812de6d06faf639c7ae88c434ae290610e6495e3915fdda02837012153c0547237a72c4bc0806388176186b635252547864ae3510dce25c5aa711650c2a8f7e5c039144e5d1340c39aa3eb4a11f9b54d4cea4c538b6550f0ec24eaa90af33293d82dfea58aa3a481531a411ffff19db369a1ab238538ef2189a8d0b0d59fa356d10ee82e836eb9103e302cc61e386df45af1094d27de4413a2e0f026edbc95850052ff79e5d7ffe417e9a94b6b7a2d19ccc1dce376d101033d43465b43460208fd0f24f95d76fc0b1889eb06abe976ed3eee5ead364003cdcab24c26fa938c14d18027820949068a49d610ca74b0f23a2778754bdc30acd16b7ed26f4d12b14551f7d290e2c37850b06a45cb4ce8f1b70e2bb934a7dafad6c919764c937798d2acc1a6f7a6c01d62fbdbc0a73ef0a7ad0f25518c9636fee50a7c9a985df9d8c8352715d230f6751875829fe041e7c6c1f35532e879b581f53e015e9fe82515efc5d86cb4678b7a255cf4999121b0ce6e66de82918b9fff557d65e4570a8097f5077565a7e9a9843df90e63705eb60a3f73669b42040e2324b9fcaa8a2c5a4af7be7937014c0688bf7a2d2a080647087316435900c132ce9631a64e270b7592105d3edf75136f580a331fe7f7633af0b3205863a31941a747c2dafcfd7eddb2fcbb3078f6b5dcea91b463d21bd7046be0c95434d95ec1e0e4311deb855b79d4ac66f40a910cc6272074ddb5df40164637d5a0ea3a67df1eb5c432a02192a3c18b43f0f0c1c73726d941eda552920bea602be2879c7b203c620cc4bdeb6be2006072c01cc5cc90a8bb704996165b795ee16b1c2cde6e19688d29910365b1e6eb48eeda26a198dc52fcddca44a882798624545bbcfe13452ca25c5e16ed527522061693294312ef2717b7041b1a7c30c81e40ebc672760f6f2eaf105e2618559ccb7888b5f85644d1bdc7a547bb84e1a896e20bcdc2669df775e464d735fc39dbe1a115e9e4a365b321b172c64e18a929fbb1096165ad0391e1b204d0bc970690c2c10887e611d352e577eea11a36ecd10cedc57da0d4faef8d72a589bfd86c8a6c33c9cd1ab15ea6f8cdda6956008992a16d42d780630dca6464bb39f826431e4447f99948b164eb373faf384c0a0890ff7aa29d2601ca05f18b8d14a0e51f20bbe0526490e682ab85391d8e319b5d1d28d8e80cf8f57961143943b8e3290cbfb0d83dad0fa2e76a19f76f5c504ea29df973a80ecd7c93b31c155417d7201a4b33e5fa5362be31a8277e1d0655def923322b671fbf7911d43294519c791355f8fd4555bdf769ec27e4b14ff09f0ddf178f21ab712eaed83a10be264430e199d16e6f4fbf354ee0c353697df6f9e5caa742bf24a77583a3bb318695cad0ceaf9e307117b14b0f32418bef16742e73a14504295c4b8cf435f70ce22178cd7581e38f8625c6caa65dba69bb9dad9007e0e0a1af8dc98e4c7ff4d79e1b0174cc9299f0df4db7ebf0bb18fd844bb29c3217f63e9caa9db38959abad123badb729bd054c2ff2985302ec5cb9545ea9eca45100ea10142bc352c766dca324a2e9ab7009831ce37919be1c9ad5f2ee22f9f970449451c27814efc09d2e4b9890eef30f2ee0e96469d505a26cf409bba6aae30a7a76156d97ce83fa94b5eb3c087137de5a95f3472dec4f22cd457b2a68f8f27236631a72342c11d1795175b4b4a286f9270569474d090b01d417db02cfc7a967bd26ca2c4dd37b7a8320b27f6a486f08d1bed5e867ba64abba7235a2af460097cede1b388a275a7e60f19b4e3c8c83106dbe8cdf54a1d1c6f2bfb129ddfdaf1e18c59b54e82c689ed39ece93d2a9c9e2c182b698726df400a1a54a646a1a1ef58e4bf940b265ee819dcb01540849a3c3d9b7472491af86db3e239bb355e3a3fac9f311ad926d4ef27ace5ede1e82582fbd34b3dd2fdc21f8bf33b70c7aa3723e1176c6f464dc268881fe912ce7483c18b48c8eea0b2a78daf8dcdd84e49bf7840ea883878a6b9f0a93f8821e5b8bc904c65ac979fd7e502e80cdd27a6da4ce5506337dff402365b0370688340e9105b1220ea0c781d6147beb71c0d205024523f29bae7815c99dbe1dea6bf2daefe1f49aa3211d8e0b0423a1023db8d44842923afc25f4a7e1cb39de4fc3d21cc39cf8951434d92ff314826211408cee4a6c9a9f8e69fe0d03790bd6b1e5f659be97818c87155b89360d2bf13d1cc48cb874712481a65d0df511af32283b143539cabc25ff62aa8cc197300d8de176837bebe8c8021492b085e47ee721441480cb64878a4f18d87839cb085c356c0c6e256239d06dc17d6c7c5c16d05e4fb98147360c2ef0c47edf54973f86064a43c91a5f335750362b9e948324880a178b3b0e58fdd03e9b1bda8d57fcc3e8562c0a00ddc9eed66ff43d5045b70b23f275641914d8d92217f718fe3f008629f5aa2e08014a4673d119db7197b1aa360a51c1f9127304dcff174d1a6c0ab327a6119cbefa5c6bb010b8ec120699d98d3e46290c279d282d4453e0f703997e597a2ccb0f35d25caf86690640c58dd4d8c6f52f744394a009d6b70719044e22b2b3b5bd022555a856b3622e05b1904ba4bd870dfcc0452ff9690e1772a1cc2268cbeb5b35d0989b4137ecd2e73ff821a8dc1e03078c59a655e16934814cd73d994a221130e97d4c26a30005e0d79ea72ac83fb6380724bb860533eb617dfebc1bc3b9d39f3cc457283176e4ced6350a885b538d6cde39eb9f75c8db2470c24724bd6d6edf0921f0e1ec2d89297fd1cb22c674ae632f9afda2b49ed15e4905eac22f6d18d757254ea0177bd33f87c1fe1755ddf36b20b5d6d45edc43544b8f8d88bbefecb87d211c87638a82ed2400023645019c66c2c0b6342a0e363d418667ab08aceaf8622dd0a62d847646a83a9f078e88bdd0c158e1fd7708401abcb0ff95aaccf77498352f4f82eb80a5d821388da48ea49ff7c0f8c974426e33285292885c91d04f8ffa4255ed10efe3ac7f1be63be7aff72e65acd01b67e0e769a20a6135ca686fa12ce71053ef6cad8d2388238fa4e0a8b2760561812d37120bc9dbc3ef55f72aaa2ca662e41329fd11af26f72ff8f39e5c62c4b9d3bd387cfee3c3ecfedece7955a63cff31264ebfa358e38b383e38d366937109b964675431db06372e359a119dff07bf20211b2e751a633a7bb0b44ee38515121ff7d06b7f0dc7495b1ef7539e78060d00fc71c678d39aa513f7fd44b64d5fb7a33e17dae9e8e9596250027a30b1972629675f7cf44ca959216cc5fed03c50e79d4683b6462e6495b1bd91be1a07ccb3165279d7cc66e70ae66bc509e89c122f66cf05edb08b48de9e414c9ffb63700981605574cd01e0d1cf869ef7edb72887a8ce07f37c2ad9951206f7e4ca8b15333921a8a5753e7bd156643eab034236bdc75b0970fbafd53cd84da606fd5accb8c4af32e8a3576d984bfd51b770da250f70fc86cbc93317f1e38b2ec336f7a4fca6a6a478751f8c9f0a02e55bd2fcfc1e6866a79a96e1f12dae4a6f2251b3b91509bf453ff3d906cf76e46da13659860df30b82982c313527f34f50f0133bae478904c5a7a08995229ce98bd58c89177bd5db21e188c0f7571282d60666a62f4ce42c6796abb40aafce11b331142e534cc4fbc6a881df0fd9c639441c241fdc686371860a774546ba72a528b173f0db2a8f59a7c5675aeea3f9d324432b042476b9e9bd2aeeb2c28de03ba70f5fb1989a18b89d96fa34ade97db97e0125bd5e550b1f14b02e1c31681ecfd6b83dac888c3c793c645674d3269d4ed9d6e13391b8a84801e192343c7aca7dec9ec7f62341fb32e35b3b36e0ca2a1b4de0b2b32f132060df324ae41a52d992835c29e3c8bf63868d0e1a7f81c16972718787ba0c500dd51335be1e0481d18ef3219856153b4341d15008cf9df5256e0f18cedcbb6a211d0893475229651fe7edac52d7f58205c180c48b637594006b63e07cc98849a1239ac5396b4b30964b563d9ad7b0e9b04c819972b2ec38e4682250311ced736ee0293bc2e5198b8a7a8828a2", {0x1, 0x8, 0x30314752, 0x7, 0x8b, 0x4, 0x2, 0x80000000}}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='overlay\x00', 0x800002, &(0x7f00000002c0)=ANY=[@ANYBLOB="64656661756c745f7065726d697373696f6e732c6e66735f6578706f72743d6f6e2c6d657461636f70793d6f66662c736d61636b66736465663d2f6465762f736e642f70636d4323442363002c00d451d21eea22bf0f5cf0d7b4a88cc6eb"]) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r4 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0xfffffffffffffff9, 0x400000) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000180)={0x7007, &(0x7f0000000100), 0x0, r4, 0x1001}) [ 1679.203076] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1679.210716] CPU: 1 PID: 32061 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1679.218040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1679.227499] Call Trace: [ 1679.227533] dump_stack+0x172/0x1f0 [ 1679.227556] handle_userfault.cold+0x41/0x5d [ 1679.227609] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1679.227628] ? __handle_mm_fault+0x36b7/0x3f20 [ 1679.247799] ? find_held_lock+0x35/0x130 [ 1679.247820] ? __handle_mm_fault+0x36b7/0x3f20 [ 1679.247846] ? kasan_check_read+0x11/0x20 [ 1679.247864] ? lock_downgrade+0x810/0x810 [ 1679.257208] ? kasan_check_read+0x11/0x20 [ 1679.257226] ? do_raw_spin_unlock+0x57/0x270 [ 1679.257248] __handle_mm_fault+0x36c8/0x3f20 [ 1679.265738] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1679.265755] ? find_held_lock+0x35/0x130 [ 1679.265770] ? handle_mm_fault+0x322/0xb30 [ 1679.265796] ? kasan_check_read+0x11/0x20 [ 1679.296695] handle_mm_fault+0x43f/0xb30 [ 1679.300793] __do_page_fault+0x5da/0xd60 [ 1679.304884] do_page_fault+0x71/0x581 [ 1679.308712] ? page_fault+0x8/0x30 [ 1679.312304] page_fault+0x1e/0x30 [ 1679.315772] RIP: 0033:0x451880 [ 1679.319074] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1679.337996] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1679.343425] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e 22:16:50 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\xf6', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:50 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/policy\x00', 0x0, 0x0) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:16:50 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x1000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1679.350862] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1679.358420] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1679.365714] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1679.373305] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:50 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dsp\x00', 0x4000, 0x0) ioctl$VIDIOC_ENUMAUDOUT(r3, 0xc0345642, &(0x7f0000000200)={0x4, "98da3ad80828545c5d247a2c59d1774de83e1602e10b2c024d9650d826a81e75", 0x0, 0x1}) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r4 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm-monitor\x00', 0x400000, 0x0) bind$inet6(r4, &(0x7f0000000140)={0xa, 0x4e20, 0xb55e, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, 0x1c) 22:16:50 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000100000890f, &(0x7f0000000180)="0a01000000af66776e14252408df16de44459c514ab40000000000000000000000000000") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:16:50 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:50 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) ioctl$sock_inet_SIOCGIFBRDADDR(r0, 0x8919, &(0x7f0000000100)={'bond0\x00', {0x2, 0x4e20, @multicast1}}) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) getsockopt$bt_BT_CHANNEL_POLICY(r0, 0x112, 0xa, &(0x7f0000000080)=0x9a59, &(0x7f00000000c0)=0x4) 22:16:50 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x3, &(0x7f0000000080)="7000020000001900836e92") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) poll(&(0x7f0000000040)=[{r1, 0x4}], 0x200000000000021b, 0xffffffffffffffff) utimes(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={{0x77359400}, {0x0, 0x7530}}) tee(r0, r1, 0x80a4, 0x4) 22:16:50 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xedc000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:50 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000100), 0x0, 0x0) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000080)=0x5) 22:16:50 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2p', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1679.743116] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1679.768805] CPU: 0 PID: 32106 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1679.776152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1679.785561] Call Trace: [ 1679.788182] dump_stack+0x172/0x1f0 [ 1679.791930] handle_userfault.cold+0x41/0x5d [ 1679.796383] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1679.800997] ? __handle_mm_fault+0x36b7/0x3f20 [ 1679.805607] ? find_held_lock+0x35/0x130 [ 1679.809727] ? __handle_mm_fault+0x36b7/0x3f20 [ 1679.814340] ? kasan_check_read+0x11/0x20 [ 1679.818626] ? lock_downgrade+0x810/0x810 [ 1679.822816] ? kasan_check_read+0x11/0x20 [ 1679.826987] ? do_raw_spin_unlock+0x57/0x270 [ 1679.831620] __handle_mm_fault+0x36c8/0x3f20 [ 1679.836147] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1679.841010] ? find_held_lock+0x35/0x130 [ 1679.845361] ? handle_mm_fault+0x322/0xb30 [ 1679.849667] ? kasan_check_read+0x11/0x20 [ 1679.854008] handle_mm_fault+0x43f/0xb30 [ 1679.858098] __do_page_fault+0x5da/0xd60 [ 1679.862199] do_page_fault+0x71/0x581 [ 1679.866023] ? page_fault+0x8/0x30 [ 1679.869605] page_fault+0x1e/0x30 [ 1679.873078] RIP: 0033:0x451880 [ 1679.876289] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1679.895211] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1679.900596] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1679.908240] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1679.915577] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1679.923938] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1679.931339] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:50 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) sendto(r0, &(0x7f0000000080)="66e0111e317014f6431a81", 0xb, 0x4, &(0x7f00000000c0)=@l2={0x1f, 0x0, {0x9, 0x1f, 0x1, 0xd2, 0x8001, 0x8}, 0x1f3, 0x7fff}, 0x80) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:16:50 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x18, 0x0, 0x0) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000002a00)='/dev/vga_arbiter\x00', 0x80, 0x0) ioctl$PPPIOCSFLAGS(r3, 0x40047459, &(0x7f0000000100)=0x2000000) read(r0, &(0x7f0000000140)=""/242, 0xf2) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000002a40)={0x10001, 0x0, 0x7fff, 0x7, 0x0}, &(0x7f0000002a80)=0x10) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f0000002ac0)={r4, 0xffff}, 0x8) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:16:50 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm-monitor\x00', 0x10400, 0x0) ioctl$sock_SIOCGIFBR(r1, 0x8940, &(0x7f00000000c0)=@add_del={0x2, &(0x7f0000000080)='ifb0\x00'}) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000680)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_SET(r1, &(0x7f0000000800)={&(0x7f0000000640), 0xc, &(0x7f00000007c0)={&(0x7f00000006c0)={0xd8, r2, 0x400, 0x70bd25, 0x25dfdbff, {}, [@TIPC_NLA_NODE={0x34, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1ff}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xe1e}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_NODE={0x24, 0x6, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9e7}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_LINK={0x6c, 0x4, [@TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x34, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x58}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_TOL={0x8}]}]}]}, 0xd8}, 0x1, 0x0, 0x0, 0x1}, 0x10) r3 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000140)=0x5) ioctl$int_in(r3, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r3}], 0x2000000000000006, 0x0) 22:16:51 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:51 executing program 4: ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{}], 0x2000000000000006, 0x0) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0xc00, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000000c0)={{0x0, 0x3, 0x9, 0x3, 0x7}}) 22:16:51 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x1000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1680.215270] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1680.215289] CPU: 1 PID: 32137 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1680.230451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1680.240012] Call Trace: [ 1680.242847] dump_stack+0x172/0x1f0 [ 1680.247774] handle_userfault.cold+0x41/0x5d [ 1680.252518] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1680.257355] ? __handle_mm_fault+0x36b7/0x3f20 [ 1680.261966] ? find_held_lock+0x35/0x130 [ 1680.266068] ? __handle_mm_fault+0x36b7/0x3f20 [ 1680.270772] ? kasan_check_read+0x11/0x20 [ 1680.275273] ? lock_downgrade+0x810/0x810 [ 1680.280256] ? kasan_check_read+0x11/0x20 [ 1680.284942] ? do_raw_spin_unlock+0x57/0x270 [ 1680.289509] __handle_mm_fault+0x36c8/0x3f20 [ 1680.293962] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1680.298931] ? find_held_lock+0x35/0x130 [ 1680.303246] ? handle_mm_fault+0x322/0xb30 [ 1680.307546] ? kasan_check_read+0x11/0x20 [ 1680.311732] handle_mm_fault+0x43f/0xb30 [ 1680.315867] __do_page_fault+0x5da/0xd60 [ 1680.320290] do_page_fault+0x71/0x581 [ 1680.324119] ? page_fault+0x8/0x30 [ 1680.327682] page_fault+0x1e/0x30 [ 1680.331411] RIP: 0033:0x451880 [ 1680.334705] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1680.353815] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 22:16:51 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x6, 0x4601) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:16:51 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x5) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={0x0}, &(0x7f00000000c0)=0xc) ioprio_set$pid(0x1, r1, 0x0) 22:16:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f0000000140)="3e0f0117d9ee3972000f30b9800000c00f3235008000000f300f01cf3e65a8c20f01d1c4e24538722236d9d0", 0x2c}], 0x1, 0x1, &(0x7f00000001c0), 0x0) r3 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r4 = semget$private(0x0, 0x1, 0x0) semctl$IPC_RMID(r4, 0x0, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r3, 0xc008ae67, &(0x7f0000000100)={0x8000, 0x95}) [ 1680.359755] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1680.367646] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1680.375104] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1680.382502] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1680.389999] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:51 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:51 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1680.550235] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1680.559124] CPU: 0 PID: 32152 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1680.567377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1680.576799] Call Trace: [ 1680.576829] dump_stack+0x172/0x1f0 [ 1680.583085] handle_userfault.cold+0x41/0x5d [ 1680.587542] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1680.592350] ? __handle_mm_fault+0x36b7/0x3f20 22:16:51 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) socket$inet(0x2, 0x7, 0x0) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SNDRV_TIMER_IOCTL_GINFO(r2, 0xc0f85403, &(0x7f0000000140)={{0x0, 0x3, 0x80000001, 0x3, 0x6}, 0x1, 0x1, 'id1\x00', 'timer0\x00', 0x0, 0x3f, 0x94, 0x3ff, 0xa4a}) [ 1680.597219] ? find_held_lock+0x35/0x130 [ 1680.597239] ? __handle_mm_fault+0x36b7/0x3f20 [ 1680.597260] ? kasan_check_read+0x11/0x20 [ 1680.610728] ? lock_downgrade+0x810/0x810 [ 1680.614916] ? kasan_check_read+0x11/0x20 [ 1680.619088] ? do_raw_spin_unlock+0x57/0x270 [ 1680.623600] __handle_mm_fault+0x36c8/0x3f20 [ 1680.628046] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1680.632912] ? find_held_lock+0x35/0x130 [ 1680.637172] ? handle_mm_fault+0x322/0xb30 [ 1680.641516] ? kasan_check_read+0x11/0x20 [ 1680.645689] handle_mm_fault+0x43f/0xb30 [ 1680.649784] __do_page_fault+0x5da/0xd60 [ 1680.653877] do_page_fault+0x71/0x581 [ 1680.657699] ? page_fault+0x8/0x30 [ 1680.661347] page_fault+0x1e/0x30 [ 1680.665956] RIP: 0033:0x451880 [ 1680.669274] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1680.688378] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 22:16:51 executing program 4: r0 = socket$inet(0x2b, 0x80007, 0x1) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0, 0x1}], 0x1, 0x0) restart_syscall() getsockopt$inet_buf(r0, 0x0, 0x2f, &(0x7f0000000080)=""/98, &(0x7f0000000100)=0x62) [ 1680.693768] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1680.701314] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1680.708956] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1680.716250] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1680.723801] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:51 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x2000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:51 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) ioctl$sock_inet_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000240)) poll(&(0x7f0000000740), 0x0, 0x7fc) r1 = add_key(&(0x7f0000000280)='.dead\x00', &(0x7f00000002c0)={'syz', 0x2}, &(0x7f0000000300)="40b08c63e0064ee5cf3da4a95141bfb0ef6e85fa6ed80a6b72a9ed6958d39ec00d56731ae030d718ab97fa2c196d377b21c66ea6a1b889228cd83d4f2596ff8eecfa24afd9e1ee5656c40fe748ee652b46f17812c5afa29741045f8f75a7377c51b4343d9622485e7e0347e3b0fededb02d6269787dc10e7fdb9ea001d4eb3727334b3b98eb6caf67c6ce0b7dc81048097b06b347fafcbf09e83e8fdaf3b8a5de0c74cc5ae", 0xa5, 0xfffffffffffffffc) signalfd4(r0, &(0x7f00000005c0)={0x80}, 0x8, 0x800) r2 = request_key(&(0x7f00000003c0)='keyring\x00', &(0x7f0000000400)={'syz', 0x0}, &(0x7f0000000440)='/selinux/policy\x00', 0xfffffffffffffffa) r3 = add_key(&(0x7f0000000480)='.dead\x00', &(0x7f00000004c0)={'syz', 0x1}, &(0x7f0000000500)="cab71dc28a096d0431ba1c44313374a1e7b0f4ce66db60fc4a30c20d26ed758d41109b2cda58c8984b03ad6650ed7fcff45f8825de0c09921c49bee2cd3f873e38d715f42f23", 0x46, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000580)={r1, r2, r3}, &(0x7f00000005c0), 0x0, &(0x7f0000000700)={&(0x7f0000000600)={'poly1305-simd\x00'}, &(0x7f0000000640)="b21fe71e4a90be684503786f89242465e86f19bb565fb1fc252c3054075970e47b9873d76772c3f0f6baea6e4325eb2bf867597258e05619c6f27e45cc228a0c28107c2f3a3971f16fdf2144a6034f4aeb26a62488ca6652db03d2a9e44a8c20fa7a831f2467ebd19c38e1e7aa1dbd95a294118894f1d7f0bd55fe9d9921f9578f04bab35b1a4b49", 0x88}) membarrier(0x5, 0x0) r4 = syz_open_dev$video4linux(&(0x7f0000000080)='/dev/v4l-subdev#\x00', 0x5, 0x400000) r5 = open(&(0x7f0000000040)='./file0\x00', 0x800, 0x2) ioctl$sock_netrom_SIOCADDRT(r5, 0x890b, &(0x7f0000000740)={0x1, @bcast, @bpq0='bpq0\x00', 0x8, 'syz0\x00', @bcast, 0x3, 0x1, [@null, @default, @bcast, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}) r6 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/policy\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000180)={0x0, 0x1c, &(0x7f0000000140)=[@in6={0xa, 0x4e22, 0x9, @local, 0x45}]}, &(0x7f00000001c0)=0x10) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r6, 0x84, 0x76, &(0x7f0000000200)={r7}, 0x8) ioctl$VIDIOC_SUBSCRIBE_EVENT(r4, 0x4020565a, &(0x7f00000000c0)={0x8001007, 0xf29c}) [ 1680.770198] gfs2: not a GFS2 filesystem [ 1680.837315] gfs2: not a GFS2 filesystem 22:16:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x200, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:16:51 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x3, &(0x7f00000000c0)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:16:51 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:51 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:51 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x4000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1681.093318] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1681.108293] CPU: 0 PID: 32192 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1681.115859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1681.115870] Call Trace: [ 1681.129114] dump_stack+0x172/0x1f0 [ 1681.132955] handle_userfault.cold+0x41/0x5d [ 1681.137662] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1681.142322] ? __handle_mm_fault+0x36b7/0x3f20 [ 1681.147042] ? find_held_lock+0x35/0x130 [ 1681.151145] ? __handle_mm_fault+0x36b7/0x3f20 [ 1681.155848] ? kasan_check_read+0x11/0x20 [ 1681.155871] ? lock_downgrade+0x810/0x810 [ 1681.164663] ? kasan_check_read+0x11/0x20 [ 1681.168852] ? do_raw_spin_unlock+0x57/0x270 [ 1681.173739] __handle_mm_fault+0x36c8/0x3f20 [ 1681.173760] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1681.183226] ? find_held_lock+0x35/0x130 [ 1681.187666] ? handle_mm_fault+0x322/0xb30 [ 1681.192019] ? kasan_check_read+0x11/0x20 [ 1681.196480] handle_mm_fault+0x43f/0xb30 [ 1681.200762] __do_page_fault+0x5da/0xd60 [ 1681.205245] do_page_fault+0x71/0x581 [ 1681.205263] ? page_fault+0x8/0x30 [ 1681.214483] page_fault+0x1e/0x30 [ 1681.218012] RIP: 0033:0x451880 [ 1681.221458] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d 22:16:52 executing program 0: seccomp(0x0, 0x1, &(0x7f00000001c0)={0x3a6, &(0x7f0000000180)=[{0x0, 0x8, 0x0, 0xffff}]}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000088912, &(0x7f00000000c0)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000080)={0x9, 0x6f0, 0x6}) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) r2 = msgget$private(0x0, 0x88) msgsnd(r2, &(0x7f00000002c0)=ANY=[@ANYBLOB="0100000000000000abc1aacc647ce564485fef2e447de7ca8b9787c61259a7df3e17d220e70100000000000000048506ffddf64ceef99d8935c34de93a7ba258aed85278c408411170e5f017f1fd232deb280d025876a8e80e64a973b3326191a2358f0038d0662b28e039cef54ce8b6f2bd04000000000000008de2cfe62bcd89905910c586fab385191686ee4d16eaca921d93b1c445deb3880525"], 0x8b, 0x800) [ 1681.240899] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1681.240911] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1681.240919] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1681.240926] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1681.240933] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1681.240941] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1681.356070] gfs2: not a GFS2 filesystem 22:16:52 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) r2 = syz_open_dev$cec(&(0x7f0000000300)='/dev/cec#\x00', 0x2, 0x2) openat$cgroup_subtree(r2, &(0x7f0000000340)='cgroup.subtree_control\x00', 0x2, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r1, 0x84, 0x74, &(0x7f0000000140)=""/55, &(0x7f0000000180)=0x37) r3 = syz_open_dev$adsp(&(0x7f0000000080)='/dev/adsp#\x00', 0x1ff, 0x4040) connect$bt_sco(r3, &(0x7f00000000c0)={0x1f, {0x2, 0x8000, 0x0, 0x5, 0x1ff, 0x4}}, 0x8) readlinkat(r0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)=""/250, 0xfa) openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000380)='/proc/capi/capi20\x00', 0x200000, 0x0) [ 1681.418577] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1681.423925] CPU: 0 PID: 32196 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1681.431232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1681.440605] Call Trace: [ 1681.443221] dump_stack+0x172/0x1f0 [ 1681.447092] handle_userfault.cold+0x41/0x5d [ 1681.451677] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1681.456580] ? __handle_mm_fault+0x36b7/0x3f20 [ 1681.461552] ? find_held_lock+0x35/0x130 [ 1681.466526] ? __handle_mm_fault+0x36b7/0x3f20 [ 1681.471235] ? kasan_check_read+0x11/0x20 [ 1681.475574] ? lock_downgrade+0x810/0x810 [ 1681.479805] ? kasan_check_read+0x11/0x20 [ 1681.484083] ? do_raw_spin_unlock+0x57/0x270 [ 1681.488609] __handle_mm_fault+0x36c8/0x3f20 [ 1681.493047] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1681.498109] ? find_held_lock+0x35/0x130 [ 1681.502533] ? handle_mm_fault+0x322/0xb30 [ 1681.507702] ? kasan_check_read+0x11/0x20 [ 1681.511990] handle_mm_fault+0x43f/0xb30 [ 1681.516443] __do_page_fault+0x5da/0xd60 [ 1681.520629] do_page_fault+0x71/0x581 [ 1681.524540] ? page_fault+0x8/0x30 [ 1681.528991] page_fault+0x1e/0x30 [ 1681.532801] RIP: 0033:0x451880 [ 1681.536272] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1681.556097] RSP: 002b:00007f04692b57a8 EFLAGS: 00010202 [ 1681.561648] RAX: 00007f04692b5850 RBX: 0000000000000003 RCX: 000000000000000e 22:16:52 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_smc(0x2b, 0x1, 0x0) shutdown(r2, 0x1) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 1681.569418] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692b5850 [ 1681.577233] RBP: 000000000073bfa0 R08: 00000000000003ff R09: 0000000000000000 [ 1681.585337] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692b66d4 [ 1681.593076] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:52 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x7ffffffffffff, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1681.649033] gfs2: not a GFS2 filesystem 22:16:52 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:52 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:52 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) r1 = syz_open_dev$vcsa(&(0x7f0000000140)='/dev/vcsa#\x00', 0x80, 0x0) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x74, &(0x7f0000000180)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}, @in6={0xa, 0x4e21, 0x10000, @local, 0xabdb}, @in6={0xa, 0x4e24, 0xfff, @remote, 0x8}, @in={0x2, 0x4e24, @rand_addr=0x7}, @in6={0xa, 0x4e22, 0x9, @local, 0x7}]}, &(0x7f0000000240)=0x10) setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000280)=@assoc_value={r2, 0xfffffffffffffffb}, 0x8) r3 = syz_open_dev$radio(&(0x7f0000000080)='/dev/radio#\x00', 0x0, 0x2) sendto$x25(r3, &(0x7f00000000c0)="8811f011a0d5303c6a75c77c02e326079537b212842215626eebe3991476a405bade9cff8f8721502e641d08ac", 0x2d, 0x4, &(0x7f0000000100)={0x9, @null=' \x00'}, 0x12) 22:16:52 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000080)=[{}], 0x1, 0x0) 22:16:52 executing program 4: r0 = socket$inet(0x2b, 0x80000000000004, 0x1) ioctl$int_in(r0, 0x5452, &(0x7f0000000080)=0x1b0) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:16:52 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xe000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1681.897911] gfs2: not a GFS2 filesystem 22:16:52 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1681.971369] gfs2: not a GFS2 filesystem 22:16:52 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) pipe2(&(0x7f0000000080)={0xffffffffffffffff}, 0x800) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r2, 0x40485404, &(0x7f0000000140)={{0xffffffffffffffff, 0x1, 0x3ff, 0x1, 0x1000}, 0x9, 0x9}) 22:16:52 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x91) r3 = dup2(r1, r1) setsockopt$netrom_NETROM_T1(r3, 0x103, 0x1, &(0x7f0000000380)=0x3, 0x4) r4 = socket$inet(0x2, 0x80000, 0x2) getpeername$inet(r4, &(0x7f0000000200)={0x2, 0x0, @empty}, &(0x7f0000000240)=0x10) r5 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x400000, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffff9c, 0xc0206434, &(0x7f00000002c0)={0x1, 0x0, 0x2}) ioctl$DRM_IOCTL_AGP_FREE(r5, 0x40206435, &(0x7f0000000300)={0x8, r6, 0x2, 0x1ff}) r7 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) pipe2(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) timerfd_settime(r8, 0x1, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x77359400}}, &(0x7f00000001c0)) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r7, 0xc008551a, &(0x7f0000000280)=ANY=[@ANYBLOB="8a030000000000000000004002000000ffff3436ca3ae0b4ffffff010000050000000e03000000000000f8ffffff"]) ioctl$sock_inet_SIOCGIFADDR(r9, 0x8915, &(0x7f0000000340)={'yam0\x00', {0x2, 0x4e20, @broadcast}}) 22:16:52 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rfkill\x00', 0x40, 0x0) getpeername$netrom(r1, &(0x7f00000000c0)={{}, [@default, @remote, @bcast, @rose, @rose, @default, @null, @netrom]}, &(0x7f0000000140)=0x48) setsockopt$inet6_MRT6_DEL_MFC_PROXY(r1, 0x29, 0xd3, &(0x7f0000000340)={{0xa, 0x4e20, 0x40, @local, 0x7}, {0xa, 0x4e24, 0x6, @dev={0xfe, 0x80, [], 0x15}, 0x6}, 0xffff, [0x8, 0x5, 0xe7a, 0x8000, 0xfffffffffffffffc, 0x9, 0x7fff, 0x3ff]}, 0x5c) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000180)={{{@in=@initdev, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in=@multicast2}}, &(0x7f0000000280)=0xe8) fstat(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchown(r0, r2, r3) 22:16:53 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:53 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:53 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) openat$selinux_status(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f00000005c0)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000600)='/dev/dlm_plock\x00', 0x2000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$cgroup(0xffffffffffffffff, &(0x7f0000000640)='syz1\x00', 0x200002, 0x0) gettid() lstat(0x0, &(0x7f0000000800)) geteuid() openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000fc0)='/dev/dlm-monitor\x00', 0x0, 0x0) getpgid(0x0) getgid() epoll_create1(0x80000) syz_open_dev$sndmidi(0x0, 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, 0x0) lstat(&(0x7f0000003280)='./file0\x00', &(0x7f00000032c0)) getegid() getpgrp(0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000001240)="2e0000002a00815fe45ac187185095cf0400b0eba0b4d65cdbaa98cbb30007fff00000000000000051894d5d1dac", 0x2e}], 0x1}, 0x0) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:16:53 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x40000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:53 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") ioctl$EVIOCREVOKE(r0, 0x40044591, &(0x7f0000000080)=0xda82) r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e22, @remote}, 0x10) [ 1682.242777] gfs2: not a GFS2 filesystem [ 1682.380274] gfs2: not a GFS2 filesystem 22:16:53 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) getsockopt$ARPT_SO_GET_INFO(r0, 0x0, 0x60, &(0x7f0000000080)={'filter\x00'}, &(0x7f0000000100)=0x44) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfefffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:16:53 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:53 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000240)='/dev/rtc0\x00', 0x0, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000002c0)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) getgroups(0x7, &(0x7f0000000340)=[0xee00, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xee01, 0xee01, 0x0]) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000380)={0x0, 0x0, 0x0}, &(0x7f00000003c0)=0xc) setgroups(0x3, &(0x7f0000000400)=[r2, r3, r4]) write$P9_RREADLINK(r1, &(0x7f0000000440)={0x2, 0x17, 0x1, {0x7, './file0'}}, 0x10) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r5 = socket$inet(0x2b, 0xa, 0x200000000009) r6 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x101000, 0x0) getsockopt$inet_pktinfo(r5, 0x0, 0x8, &(0x7f0000001500)={0x0, @remote, @multicast2}, &(0x7f0000001540)=0xc) ioctl$sock_inet6_SIOCDIFADDR(r6, 0x8936, &(0x7f0000001580)={@ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x13}}, 0xe, r7}) ioctl$int_in(r0, 0x5473, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r5}], 0x2000000000000006, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r0, 0xc0305710, &(0x7f0000000200)={0x1, 0x5, 0x8001, 0x5eb}) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f0000000180)=0x100}) getsockname$netlink(r6, &(0x7f00000000c0), &(0x7f0000000140)=0xc) 22:16:53 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:53 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) ioctl$ASHMEM_GET_NAME(r3, 0x81007702, &(0x7f0000000140)=""/44) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:16:53 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x6b6b6b00000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1682.616481] handle_userfault: 4 callbacks suppressed [ 1682.616489] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1682.639472] CPU: 0 PID: 32307 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1682.646892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1682.656426] Call Trace: [ 1682.659039] dump_stack+0x172/0x1f0 22:16:53 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) r1 = accept4(r0, &(0x7f0000000080)=@rc, &(0x7f0000000100)=0x80, 0x800) connect$rxrpc(r1, &(0x7f0000000140)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x4e24, 0xfffffffffffffffa, @mcast1, 0xfffffffffffffe00}}, 0x24) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:16:53 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x1, 0x100) ppoll(&(0x7f00000000c0)=[{r1, 0x2}], 0x1, &(0x7f00000012c0), &(0x7f0000001300)={0x100000001}, 0x8) sendmsg$rds(r1, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000001200)=[{&(0x7f0000000140)=""/4096, 0x1000}, {&(0x7f0000001140)=""/190, 0xbe}, {&(0x7f00000000c0)}], 0x3, &(0x7f0000001240)=[@rdma_dest={0x18, 0x114, 0x2, {0x9, 0x7}}], 0x18, 0x8000}, 0x40000) r2 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r2}], 0x2000000000000006, 0x0) [ 1682.662691] handle_userfault.cold+0x41/0x5d [ 1682.667140] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1682.671743] ? __handle_mm_fault+0x36b7/0x3f20 [ 1682.676359] ? find_held_lock+0x35/0x130 [ 1682.680541] ? __handle_mm_fault+0x36b7/0x3f20 [ 1682.680564] ? kasan_check_read+0x11/0x20 [ 1682.689321] ? lock_downgrade+0x810/0x810 [ 1682.693486] ? kasan_check_read+0x11/0x20 [ 1682.693503] ? do_raw_spin_unlock+0x57/0x270 [ 1682.693521] __handle_mm_fault+0x36c8/0x3f20 [ 1682.693540] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1682.711368] ? find_held_lock+0x35/0x130 [ 1682.715441] ? handle_mm_fault+0x322/0xb30 [ 1682.719704] ? kasan_check_read+0x11/0x20 [ 1682.723864] handle_mm_fault+0x43f/0xb30 [ 1682.727942] __do_page_fault+0x5da/0xd60 [ 1682.732025] do_page_fault+0x71/0x581 [ 1682.735829] ? page_fault+0x8/0x30 [ 1682.739370] page_fault+0x1e/0x30 [ 1682.739381] RIP: 0033:0x451880 [ 1682.739396] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1682.739403] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1682.739415] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1682.739423] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1682.739430] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1682.739437] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1682.739447] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:53 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1682.824341] gfs2: not a GFS2 filesystem 22:16:53 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x8000a0ffffffff, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:53 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xffff) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:16:53 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xffffffeffffffd63) poll(&(0x7f0000000040), 0x2000000d, 0x8) r1 = syz_open_dev$adsp(&(0x7f0000000080)='/dev/adsp#\x00', 0x7fffffff, 0x40) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f00000000c0)={0x1, 0x8, 0x1, 0x8, 0x0, 0x8b1, 0x0, 0x6f8, 0x0}, &(0x7f0000000100)=0x20) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r1, 0x84, 0x17, &(0x7f0000000140)={r2, 0x8001, 0x5f, "c06c1f54ff6beb19a0dd55c17f6bdf261b2b7b807b3df3b1bf8da96f26baf88b99552bb80580d3be57b59d72190932fe0e269dcbcf80ee1dac41a1ebe3b2a86dbab0951e997b20e914f511ae51554fb3b02bc4aeeaf453de0d6f8416a9271e"}, 0x67) madvise(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2) fallocate(r0, 0x50, 0x24, 0x6) r3 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20ncci\x00', 0x240040, 0x0) ioctl$KVM_GET_TSC_KHZ(r3, 0xaea3) [ 1682.969466] gfs2: not a GFS2 filesystem [ 1682.998359] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1683.003299] CPU: 0 PID: 32328 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1683.010517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1683.019869] Call Trace: [ 1683.022461] dump_stack+0x172/0x1f0 [ 1683.026439] handle_userfault.cold+0x41/0x5d [ 1683.030851] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1683.035429] ? __handle_mm_fault+0x36b7/0x3f20 [ 1683.040006] ? find_held_lock+0x35/0x130 [ 1683.044078] ? __handle_mm_fault+0x36b7/0x3f20 [ 1683.048655] ? kasan_check_read+0x11/0x20 [ 1683.052806] ? lock_downgrade+0x810/0x810 [ 1683.056955] ? kasan_check_read+0x11/0x20 [ 1683.061096] ? do_raw_spin_unlock+0x57/0x270 [ 1683.065499] __handle_mm_fault+0x36c8/0x3f20 [ 1683.070079] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1683.075175] ? find_held_lock+0x35/0x130 [ 1683.079229] ? handle_mm_fault+0x322/0xb30 [ 1683.083490] ? kasan_check_read+0x11/0x20 [ 1683.087727] handle_mm_fault+0x43f/0xb30 [ 1683.091797] __do_page_fault+0x5da/0xd60 [ 1683.095965] do_page_fault+0x71/0x581 [ 1683.099757] ? page_fault+0x8/0x30 [ 1683.103298] page_fault+0x1e/0x30 [ 1683.106741] RIP: 0033:0x451880 [ 1683.109924] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1683.129095] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1683.134449] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1683.141717] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 22:16:54 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) socket$unix(0x1, 0x2, 0x0) pselect6(0x40, &(0x7f0000000080)={0x3cb4, 0x5, 0x3, 0xfffffffffffffa45, 0x7ff, 0x6, 0x7, 0x7}, &(0x7f00000000c0)={0x9, 0x9, 0xffff, 0x866, 0x2, 0x3f, 0x7fff, 0x6}, &(0x7f0000000140)={0x131, 0x6, 0x10001, 0x6e68, 0x2, 0xb81, 0x4, 0x9}, &(0x7f0000000180), &(0x7f0000000200)={&(0x7f00000001c0)={0x800}, 0x8}) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:16:54 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1683.148987] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1683.156421] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1683.163694] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:54 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) r1 = geteuid() fstat(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchown(r0, r1, r2) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000140)=[{r0}], 0x1, 0x0) 22:16:54 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x8002a0ffffffff, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:54 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:54 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1, &(0x7f0000000140)="0adc1f023c123f3188a070") openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x2, 0x0) r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) [ 1683.335989] gfs2: not a GFS2 filesystem 22:16:54 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x0, 0x0, 0x0, 0x0) r3 = getuid() ioprio_set$uid(0x3, r3, 0x4) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:16:54 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) getresuid(&(0x7f0000000280), &(0x7f00000002c0), &(0x7f0000000300)=0x0) r2 = geteuid() syz_mount_image$btrfs(&(0x7f00000000c0)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x4, 0x1, &(0x7f0000000240)=[{&(0x7f0000000140)="b78d2346562fd94376f733784dcc6e7c937e13cffd508da23a8d723936d8bb7afac6a4050e622b53a2f018c0e15a1da1c437eaf90baaabc34f88b99317ead532456c6844985fc7af1f31177ea2fa60d9b212e6ee0697931c7c11fd64f5a22fd0bcec15c38ed9d240a87d6891cb7b4b7853035657c9e6c40a5531e871b7e5f724b7b56f486d2282d41212f714b19acd543b8ba28bae7970cebe394392a70a17c55547bec4b4579fa171ca34c8ee9a746287b92d2561f1ada9e83f528d5c05711fec98bc195a2244baaf3e369ab3b5fced6995c0104d7541fc45b6c6cffa0c3342cc6d1092", 0xe4, 0x18}], 0x2200000, &(0x7f0000000340)={[{@commit={'commit', 0x3d, 0x2}}, {@nospace_cache='nospace_cache'}], [{@uid_eq={'uid', 0x3d, r1}}, {@smackfsroot={'smackfsroot', 0x3d, 'trusteduser#em1{&'}}, {@uid_gt={'uid>', r2}}]}) r3 = dup(r0) faccessat(r3, &(0x7f0000000080)='./file0\x00', 0x100, 0x1000) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) dup(r4) 22:16:54 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/pfkey\x00', 0x250000, 0x0) ioctl$VIDIOC_DQBUF(r2, 0xc0585611, &(0x7f0000000140)={0x9, 0x7, 0x4, 0x20, {}, {0x5, 0x2, 0x2, 0x0, 0x81, 0x2000000000008b, "2105b95f"}, 0x1f, 0x6, @fd=r0, 0x4}) poll(&(0x7f0000000040)=[{r1, 0x12}], 0x1, 0x0) [ 1683.421187] gfs2: not a GFS2 filesystem [ 1683.425884] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1683.440934] CPU: 1 PID: 32357 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1683.448182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1683.457819] Call Trace: [ 1683.460439] dump_stack+0x172/0x1f0 [ 1683.464084] handle_userfault.cold+0x41/0x5d [ 1683.468519] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1683.473122] ? __handle_mm_fault+0x36b7/0x3f20 [ 1683.477787] ? find_held_lock+0x35/0x130 [ 1683.481855] ? __handle_mm_fault+0x36b7/0x3f20 [ 1683.486595] ? kasan_check_read+0x11/0x20 [ 1683.490760] ? lock_downgrade+0x810/0x810 [ 1683.490782] ? kasan_check_read+0x11/0x20 [ 1683.490796] ? do_raw_spin_unlock+0x57/0x270 [ 1683.490815] __handle_mm_fault+0x36c8/0x3f20 [ 1683.499103] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1683.499119] ? find_held_lock+0x35/0x130 [ 1683.499135] ? handle_mm_fault+0x322/0xb30 [ 1683.499161] ? kasan_check_read+0x11/0x20 [ 1683.499180] handle_mm_fault+0x43f/0xb30 [ 1683.499211] __do_page_fault+0x5da/0xd60 [ 1683.533389] do_page_fault+0x71/0x581 [ 1683.537198] ? page_fault+0x8/0x30 [ 1683.540759] page_fault+0x1e/0x30 [ 1683.544304] RIP: 0033:0x451880 [ 1683.547595] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1683.566701] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1683.572088] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1683.579367] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1683.586654] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1683.594017] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1683.601297] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:54 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58) r3 = accept4(r2, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) sendmsg$alg(r3, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) sendto$unix(r3, &(0x7f00000001c0), 0x14ded905162a6a4b, 0x0, 0x0, 0xfffffffffffffeae) recvmsg$kcm(r3, &(0x7f00000005c0)={&(0x7f0000000080)=@sco, 0x80, &(0x7f0000000580)=[{&(0x7f0000000480)=""/143, 0xfffffdde}], 0x8}, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000002000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="670f015ec40fc7990b000f0f22b7b8ff0f8ee066b9800000c00f326635004000000f300f380583510566b9800000c00f326635010000000f30362e0f06dbdc660f0159f2", 0x44}], 0xaaaaaaaaaaaab73, 0x150, 0x0, 0xfffffffffffffefd) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r4, 0xc028ae92, &(0x7f0000000100)={0xde9b, 0x80}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 22:16:54 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:54 executing program 0: r0 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vfio/vfio\x00', 0x20040, 0x0) ioctl$int_in(r0, 0x5473, &(0x7f0000000080)=0x31a) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x6, &(0x7f00000002c0)="0a759ead5074ceb879e67fbf7127c615e43bc5db3c809013b985a111a67ce6b38649f73c4db1d5356288a4490a1720780e850eb02a9c5997f9ccdfd75e6db58de4314834390dc3a65cbcee961515d404757738ce5d8fbe2fd33456dcdda4d75397cdb9d40e3117e88fc10ed2700a5d7507e8ace7161910395e77e114a79e068a9c1f6620c06854c2cddec3812bba17e26f1444a6881c391cdb47139f88c8bb654952b7ef391cb459ac1fd8") r2 = openat$vicodec1(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_S_EXT_CTRLS(r2, 0xc0205648, &(0x7f0000000280)={0x9e0000, 0xbfbd, 0x8, [], &(0x7f0000000240)={0x9a092b, 0x9, [], @p_u8=&(0x7f0000000200)=0x1}}) r3 = socket$inet(0x2b, 0x80000000000001, 0x0) setsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f00000000c0)="e84d67c40272395ddc10cfbc1ed4c7640266d91958a1b3e1ce346254171f4faf9acdd7974c58ad6ef35e602a47feb31ecc6777789a515b3be9394dbf90d25e741b0a29b4d10e60c470fdaaf426d1c1f2537404189b3e5af25e8c88e596f19798161d52cc4a6ec0e150f7e9007814a0368068caaebd65b32646f53f4a45ef24b69f605b4dd41b05a26dc9ad1bad551240e566420983beb1f3d4c1860b6f62edf5b40911891e62fb45b4bb1756f0f2f184caac53cbab77e475b42a3a8d0edbb2ac90d9d2", 0xc3) ioctl$int_in(r3, 0x5452, &(0x7f0000000380)=0xfffffffffffffd63) poll(&(0x7f0000000080), 0x2108, 0x7ffe) 22:16:54 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:54 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x100000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:54 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x10002, 0x0) r2 = getuid() ioctl$SIOCAX25GETUID(r1, 0x89e0, &(0x7f00000000c0)={0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, r2}) r3 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r3, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r3}], 0x2000000000000006, 0x0) [ 1683.815972] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1683.857590] CPU: 1 PID: 32383 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1683.864831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1683.874364] Call Trace: [ 1683.876974] dump_stack+0x172/0x1f0 [ 1683.880622] handle_userfault.cold+0x41/0x5d [ 1683.885059] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1683.889657] ? __handle_mm_fault+0x36b7/0x3f20 [ 1683.894251] ? find_held_lock+0x35/0x130 [ 1683.898344] ? __handle_mm_fault+0x36b7/0x3f20 [ 1683.902936] ? kasan_check_read+0x11/0x20 [ 1683.907101] ? lock_downgrade+0x810/0x810 [ 1683.911268] ? kasan_check_read+0x11/0x20 [ 1683.915424] ? do_raw_spin_unlock+0x57/0x270 [ 1683.919938] __handle_mm_fault+0x36c8/0x3f20 [ 1683.924360] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1683.929209] ? find_held_lock+0x35/0x130 [ 1683.933284] ? handle_mm_fault+0x322/0xb30 [ 1683.937540] ? kasan_check_read+0x11/0x20 [ 1683.941714] handle_mm_fault+0x43f/0xb30 [ 1683.945904] __do_page_fault+0x5da/0xd60 [ 1683.950001] do_page_fault+0x71/0x581 [ 1683.953809] ? page_fault+0x8/0x30 [ 1683.957369] page_fault+0x1e/0x30 [ 1683.960825] RIP: 0033:0x451880 [ 1683.964021] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1683.982926] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1683.988329] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1683.995609] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1684.002889] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1684.010159] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1684.017436] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1684.044776] gfs2: not a GFS2 filesystem 22:16:55 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = syz_open_dev$radio(&(0x7f0000000080)='/dev/radio#\x00', 0x2, 0x2) ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000140)={0x5, &(0x7f00000000c0)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(r1, 0xc010641d, &(0x7f00000001c0)={r2, &(0x7f0000000180)=""/29}) r3 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r3, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r3}], 0x2000000000000006, 0x0) ioctl$SG_GET_REQUEST_TABLE(r1, 0x2286, &(0x7f0000000200)) 22:16:55 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) getsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000400)=""/84, &(0x7f0000000480)=0x54) r2 = syz_genetlink_get_family_id$fou(&(0x7f00000000c0)='fou\x00') sendmsg$FOU_CMD_GET(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x90000120}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c00197d", @ANYRES16=r2, @ANYBLOB="100426bd7000ffdbdf2503000000080002000a000000"], 0x1c}, 0x1, 0x0, 0x0, 0x20044844}, 0x20008000) fcntl$setpipe(r0, 0x407, 0x6) sendmsg$nl_netfilter(r1, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000380)={&(0x7f0000000200)=ANY=[@ANYBLOB="80010000140e120025bd7000ffdbdf2505000006ad7425aefb47d961edbf254bb4bb0f9205a2ef186949e1867fbe24b75ff79ed94d48697d0726d61bde32e7b90f0245f11ec35f457507f4124790ea74f174fce6eb3885f5ec9e5b52c77bb81c44083fe5c2d061449a733fbdb7252bc5d501b7cce7a9b3f7103296e18afe43a1cc5c284d62c812ac1cf67c90d90ebcb62140ce3b4d427145309de9548077a18b86ce8745578d3d7fbcee997f604f9050f01c66cc59832a0cbf9b1d185333d7bd20ed90fee6a40d29d154d25c97e9f5776c53da79d33935c1b4d647a793cc35e3ab9fc6b34b35e7e09db3ea78acc59c9a7fe30c13cb166f3d302f966885b4f964177df152ee7d8c62a120229bd1db18a4589b984177bc102b998a7ed4a3c5267b2128053d0c74059c0a4a5f770b42d873c4024e10119b3e5cf47d936fbf84b432297bd8f7e3eed6e4105e71daf2d0d4578dafe277b7e51678bf460f7e85e854fbb613109a77a295879aa554d8bd8e64f5d8a2db2b838955237df351d8e1000000"], 0x180}, 0x1, 0x0, 0x0, 0x1}, 0x80) [ 1684.113920] gfs2: not a GFS2 filesystem 22:16:55 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1684.160944] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3604 sclass=netlink_route_socket pig=32409 comm=syz-executor.4 22:16:55 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:55 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x200000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1684.218559] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3604 sclass=netlink_route_socket pig=32411 comm=syz-executor.4 22:16:55 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") lsetxattr$trusted_overlay_redirect(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='trusted.overlay.redirect\x00', &(0x7f0000000140)='./file0\x00', 0x8, 0x3) r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) [ 1684.318722] gfs2: not a GFS2 filesystem [ 1684.325040] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1684.335444] CPU: 1 PID: 32418 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1684.342689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1684.352058] Call Trace: [ 1684.354673] dump_stack+0x172/0x1f0 [ 1684.358335] handle_userfault.cold+0x41/0x5d [ 1684.362773] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1684.367368] ? __handle_mm_fault+0x36b7/0x3f20 [ 1684.371961] ? find_held_lock+0x35/0x130 [ 1684.376146] ? __handle_mm_fault+0x36b7/0x3f20 [ 1684.380746] ? kasan_check_read+0x11/0x20 [ 1684.384910] ? lock_downgrade+0x810/0x810 [ 1684.389071] ? kasan_check_read+0x11/0x20 [ 1684.393224] ? do_raw_spin_unlock+0x57/0x270 [ 1684.397672] __handle_mm_fault+0x36c8/0x3f20 [ 1684.402095] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1684.406950] ? find_held_lock+0x35/0x130 [ 1684.411023] ? handle_mm_fault+0x322/0xb30 [ 1684.415280] ? kasan_check_read+0x11/0x20 [ 1684.419436] handle_mm_fault+0x43f/0xb30 [ 1684.423511] __do_page_fault+0x5da/0xd60 [ 1684.427851] do_page_fault+0x71/0x581 [ 1684.431658] ? page_fault+0x8/0x30 [ 1684.435200] page_fault+0x1e/0x30 [ 1684.438658] RIP: 0033:0x451880 [ 1684.441850] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1684.460755] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1684.466147] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1684.473505] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1684.480791] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1684.488065] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1684.495363] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:55 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/policy\x00', 0x0, 0x0) r4 = syz_genetlink_get_family_id$team(&(0x7f0000000180)='team\x00') getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x0, &(0x7f00000001c0)={@rand_addr, 0x0}, &(0x7f0000000200)=0x14) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@initdev, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@multicast1}}, &(0x7f0000000340)=0xe8) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000380)={{{@in6=@mcast2, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in=@local}}, &(0x7f0000000480)=0xe8) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f00000004c0)={@local, @multicast1, 0x0}, &(0x7f0000000500)=0xc) accept4$packet(0xffffffffffffff9c, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000580)=0x14, 0x800) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000680)={@mcast1, 0x0}, &(0x7f00000006c0)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffff9c, 0x8933, &(0x7f0000000700)={'nr0\x00', 0x0}) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000000740)={{{@in=@multicast2, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}}}, &(0x7f0000000840)=0xe8) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000880)={'team0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffff9c, 0x8933, &(0x7f00000008c0)={'veth1_to_team\x00', 0x0}) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000940)={{{@in6=@ipv4={[], [], @multicast1}, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in6=@ipv4={[], [], @multicast2}}}, &(0x7f0000000a40)=0xe8) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000000a80)={{{@in=@multicast1, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in6=@empty}}, &(0x7f0000000b80)=0xe8) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000bc0)={@multicast1, @multicast2, 0x0}, &(0x7f0000000c00)=0xc) sendmsg$TEAM_CMD_PORT_LIST_GET(r3, &(0x7f00000010c0)={&(0x7f0000000140), 0xc, &(0x7f0000001080)={&(0x7f0000000c40)={0x42c, r4, 0x500, 0x70bd25, 0x25dfdbfe, {}, [{{0x8, 0x1, r5}, {0x1e8, 0x2, [{0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x5}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8}, {0x8, 0x4, 0xffffffffffffffc0}}, {0x8, 0x6, r6}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r7}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x8}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r9}}, {0x8}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8, 0x4, 0x10001}}}]}}, {{0x8, 0x1, r10}, {0x84, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0xd50}}, {0x8, 0x6, r11}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x22}}, {0x8}}}]}}, {{0x8, 0x1, r12}, {0x50, 0x2, [{0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8}, {0x1c, 0x4, 'hash_to_port_mapping\x00'}}}]}}, {{0x8, 0x1, r13}, {0x7c, 0x2, [{0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x7}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r14}}}]}}, {{0x8, 0x1, r15}, {0x74, 0x2, [{0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x4}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0xfffffffffffffb86}}}]}}, {{0x8, 0x1, r16}, {0x3c, 0x2, [{0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r17}}}]}}]}, 0x42c}, 0x1, 0x0, 0x0, 0x8000}, 0x40080) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:16:55 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\xff', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:55 executing program 4: r0 = socket$inet(0x2b, 0x80000000000005, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) r1 = syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x0, 0x280000) sendmsg$nl_generic(r1, &(0x7f0000000640)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4080000}, 0xc, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[]}}, 0x0) write$FUSE_LSEEK(r1, &(0x7f0000000680)={0x18, 0x0, 0x8, {0x8}}, 0x18) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) bind$ax25(r1, &(0x7f0000000800)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x6}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}]}, 0x48) ioctl$KVM_SET_SREGS(r1, 0x4138ae84, &(0x7f00000006c0)={{0x2004, 0x4, 0xf, 0x74f, 0x0, 0x1, 0xbe, 0x9, 0x1, 0x0, 0x1, 0x3}, {0x107000, 0x16002, 0x8, 0x8, 0x10000, 0x7fff, 0x4711f309, 0x1, 0x7, 0x800, 0x80, 0x8001}, {0x13002, 0x0, 0xf, 0x4, 0x6, 0x3, 0x8001, 0x2, 0x6000, 0x1, 0x8000, 0x2}, {0xd000, 0x0, 0xd, 0x0, 0xffffffffffffffa0, 0x9b, 0x3ff, 0x0, 0x5, 0x800, 0xfbc6, 0x8}, {0x1, 0x104000, 0xd, 0x7, 0x4, 0x40, 0x9, 0x81, 0x4800, 0x7, 0x0, 0x2}, {0x3000, 0x3000, 0x0, 0x2, 0x8, 0xffff, 0xc3d4, 0xffffffffffff8000, 0x6, 0x9, 0x5, 0x6e17}, {0xf000, 0x1, 0x1e, 0x357, 0x3c, 0x4, 0x4, 0x8, 0x2, 0x4, 0x7, 0x80}, {0x0, 0x5000, 0x8, 0xffffffff7fffffff, 0x0, 0x9, 0x6, 0x0, 0x0, 0x200, 0x4, 0x4}, {0x107002, 0x3000}, {0x0, 0xd000}, 0x0, 0x0, 0xf000, 0x4, 0x1, 0x0, 0x3000, [0x2, 0x2, 0x8ae, 0x4]}) 22:16:55 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:55 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") mlock(&(0x7f0000fff000/0x1000)=nil, 0x1000) ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) r1 = fcntl$getown(r0, 0x9) ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f0000000080)=0x0) tgkill(r1, r2, 0x39) poll(&(0x7f0000000040)=[{}], 0x2000000000000006, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) 22:16:55 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x300000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1684.721126] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1684.727015] CPU: 1 PID: 32438 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1684.734238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1684.744035] Call Trace: [ 1684.746663] dump_stack+0x172/0x1f0 [ 1684.750323] handle_userfault.cold+0x41/0x5d [ 1684.754775] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1684.759480] ? __handle_mm_fault+0x36b7/0x3f20 [ 1684.764259] ? find_held_lock+0x35/0x130 [ 1684.768347] ? __handle_mm_fault+0x36b7/0x3f20 [ 1684.773068] ? kasan_check_read+0x11/0x20 [ 1684.777275] ? lock_downgrade+0x810/0x810 [ 1684.781991] ? kasan_check_read+0x11/0x20 [ 1684.786173] ? do_raw_spin_unlock+0x57/0x270 [ 1684.790649] __handle_mm_fault+0x36c8/0x3f20 [ 1684.795083] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1684.799953] ? find_held_lock+0x35/0x130 [ 1684.804027] ? handle_mm_fault+0x322/0xb30 [ 1684.808290] ? kasan_check_read+0x11/0x20 [ 1684.812456] handle_mm_fault+0x43f/0xb30 [ 1684.816549] __do_page_fault+0x5da/0xd60 [ 1684.820732] do_page_fault+0x71/0x581 [ 1684.824547] ? page_fault+0x8/0x30 [ 1684.828111] page_fault+0x1e/0x30 [ 1684.833149] RIP: 0033:0x451880 [ 1684.836351] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1684.855262] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1684.860639] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e 22:16:55 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040), 0x0, 0x0) 22:16:55 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000140)={0x9, {{0x2, 0x4e23, @multicast2}}, 0x1, 0x64, [{{0x2, 0x4e21, @multicast2}}]}, 0x110) r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) [ 1684.868034] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1684.875319] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1684.882599] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1684.889891] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:55 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:55 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x400000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:55 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0, 0x91}], 0x2000000000000201, 0x0) [ 1685.070088] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1685.074658] CPU: 1 PID: 32472 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1685.081857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1685.091237] Call Trace: [ 1685.093855] dump_stack+0x172/0x1f0 [ 1685.097536] handle_userfault.cold+0x41/0x5d [ 1685.101984] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1685.106656] ? __handle_mm_fault+0x36b7/0x3f20 [ 1685.111308] ? find_held_lock+0x35/0x130 [ 1685.111333] ? __handle_mm_fault+0x36b7/0x3f20 [ 1685.111351] ? kasan_check_read+0x11/0x20 [ 1685.120006] ? lock_downgrade+0x810/0x810 [ 1685.120029] ? kasan_check_read+0x11/0x20 [ 1685.132560] ? do_raw_spin_unlock+0x57/0x270 [ 1685.137002] __handle_mm_fault+0x36c8/0x3f20 [ 1685.141433] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1685.146288] ? find_held_lock+0x35/0x130 [ 1685.150372] ? handle_mm_fault+0x322/0xb30 [ 1685.154641] ? kasan_check_read+0x11/0x20 [ 1685.158810] handle_mm_fault+0x43f/0xb30 [ 1685.162889] __do_page_fault+0x5da/0xd60 [ 1685.166976] do_page_fault+0x71/0x581 [ 1685.170790] ? page_fault+0x8/0x30 [ 1685.174381] page_fault+0x1e/0x30 [ 1685.177852] RIP: 0033:0x451880 [ 1685.181224] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1685.200141] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1685.205626] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1685.213088] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 22:16:56 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) utimes(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)={{0x77359400}, {0x0, 0x7530}}) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) r4 = syz_open_dev$vcsa(&(0x7f0000000380)='/dev/vcsa#\x00', 0xc158, 0x20000) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f00000003c0)={0x9, 0x9, 0x1, 0xffffffff, 0x8, 0x66f, 0x10a4, 0x80000000, 0x0}, &(0x7f0000000400)=0x20) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000440)={r5, 0xff, 0x30}, &(0x7f0000000480)=0xc) ioctl$int_in(r1, 0x5452, &(0x7f0000000340)=0x9) select(0x40, &(0x7f0000000080)={0x800, 0xfffffffffffffffa, 0x1000, 0x10001, 0x4, 0x5, 0x100000000, 0x5}, &(0x7f00000000c0)={0x3, 0xc8a, 0xb5, 0x1ff, 0x0, 0x9, 0x1, 0x7fffffff}, &(0x7f0000000140)={0x1f, 0x2, 0xc0000000, 0x6, 0x80, 0x1, 0xe8}, &(0x7f00000001c0)={r2, r3/1000+30000}) r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000200)='/dev/hwrng\x00', 0x400, 0x0) ioctl$UI_END_FF_UPLOAD(r6, 0x406855c9, &(0x7f0000000240)={0x1, 0x1, {0x52, 0x7c0, 0x1, {0x7fff, 0x3}, {0x1, 0x2}, @ramp={0x5, 0x9, {0x40, 0x62, 0x35, 0x7fffffff}}}, {0x56, 0x0, 0x8, {0x3f, 0x100000000}, {0x3, 0x561}, @ramp={0x8, 0x3, {0x3, 0x0, 0x8}}}}) [ 1685.220371] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1685.227652] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1685.227661] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:56 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/avc/cache_stats\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="420f3066420f01bc330c54ffff470f013ccb48b800000000008000000f23d80f21f835400000000f23f8b8010000000f01d9440f01bc5705000000c46149da7770460f3accbb001000003ab9800000c00f3235000800000f300f32", 0x5b}], 0x1, 0x40, &(0x7f0000000200)=[@cr4={0x1, 0x20000}], 0x1) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) eventfd2(0xffffffff, 0x1) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, 0x0, 0xfffffecd, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:16:56 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\xff', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:56 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) io_setup(0x7, &(0x7f0000000000)=0x0) openat$zero(0xffffffffffffff9c, &(0x7f0000000300)='/dev/zero\x00', 0x10000, 0x0) pipe2(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) io_cancel(r1, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x8, 0x9, r0, &(0x7f00000000c0)="d2b2214642c1571ec2a791306297ac0c5625f361db1ae2c7de991ed77becc63289ec86dad26e2c77cd4828d2ce9969a7f056c14639ce10d7cf4e586672bbb034150502dd55602537abc3494436f490973d1d6fb72ae48340d949ca767ec413da94720d84869a1ec133a7fb03d87330fab3b196ade94a80eb7cd5778b17be07fcd971284701b39184cd5754f9b8f302bbeb43ac71df3badc6aa576710ea9206451cbf345ea5fcca93fbdf6f186c74a93f0c201e006f28a989b5ee0e5e9ef7f4176a4860e54b", 0xc5, 0x1f, 0x0, 0x0, r3}, &(0x7f0000000240)) ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0xfffffffffffffd63) ioctl$TIOCGSID(r3, 0x5429, &(0x7f0000000280)=0x0) mq_notify(r2, &(0x7f00000002c0)={0x0, 0x20, 0x4, @tid=r4}) poll(&(0x7f0000000080)=[{r0, 0x8010}, {r0, 0x8020}, {r0, 0x102}, {r0}, {r0, 0x2000}, {r0}, {r0, 0x6020}], 0x2000000000000024, 0x0) 22:16:56 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = dup3(r0, r0, 0x0) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r2 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r2}], 0x2000000000000006, 0x0) 22:16:56 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x500000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:56 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/cache_stats\x00', 0x0, 0x0) accept$inet6(r1, 0x0, &(0x7f0000000140)) ioctl$VHOST_GET_VRING_ENDIAN(r1, 0x4008af14, &(0x7f00000000c0)={0x0, 0x8}) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") ioctl$ASHMEM_GET_PIN_STATUS(r1, 0x7709, 0x0) r2 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r2}], 0x2000000000000006, 0x0) r3 = semget(0x0, 0x3, 0x2) semctl$IPC_RMID(r3, 0x0, 0x0) 22:16:56 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:56 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:56 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000100)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:16:56 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x600000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1685.714213] gfs2: not a GFS2 filesystem 22:16:56 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1, 0x4}], 0x0, 0x0) 22:16:56 executing program 4: r0 = socket$inet(0x2b, 0x803, 0x7) r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/policy\x00', 0x0, 0x0) getsockopt$packet_int(r1, 0x107, 0xe, &(0x7f00000000c0), &(0x7f0000000100)=0x4) ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r1, 0xc0305616, &(0x7f0000000080)={0x0, {0x6, 0x100}}) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) ioctl$BLKTRACESTART(r1, 0x1274, 0x0) [ 1685.759651] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1685.773584] gfs2: not a GFS2 filesystem [ 1685.788008] CPU: 0 PID: 32519 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1685.795279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1685.804740] Call Trace: [ 1685.807342] dump_stack+0x172/0x1f0 [ 1685.807371] handle_userfault.cold+0x41/0x5d [ 1685.815430] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1685.820113] ? __handle_mm_fault+0x36b7/0x3f20 [ 1685.820131] ? find_held_lock+0x35/0x130 [ 1685.820147] ? __handle_mm_fault+0x36b7/0x3f20 [ 1685.820165] ? kasan_check_read+0x11/0x20 [ 1685.820182] ? lock_downgrade+0x810/0x810 [ 1685.820201] ? kasan_check_read+0x11/0x20 [ 1685.820214] ? do_raw_spin_unlock+0x57/0x270 [ 1685.820231] __handle_mm_fault+0x36c8/0x3f20 [ 1685.854697] ? vmf_insert_mixed_mkwrite+0x40/0x40 22:16:56 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/checkreqprot\x00', 0x408002, 0x0) setsockopt$nfc_llcp_NFC_LLCP_MIUX(r3, 0x118, 0x1, &(0x7f0000000140)=0x3, 0x4) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:16:56 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) r1 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x2, 0x40) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffff9c, 0xc0206434, &(0x7f0000000180)={0x3f, 0x0, 0x0, 0x2}) ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f00000001c0)={0x8, r2, 0x0, 0x1}) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) r3 = socket$inet6(0xa, 0x6, 0x7) getsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f00000000c0)=@assoc_value={0x0}, &(0x7f0000000100)=0x8) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000240)={r4, 0x401}, 0x8) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r3, 0x84, 0x22, &(0x7f0000000300)={0x1, 0x4, 0x7, 0x8, r4}, &(0x7f0000000340)=0x10) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r1, 0x40505331, &(0x7f0000000280)={{0x3ff000000000, 0x7}, {0x1, 0x5}, 0x200, 0x1, 0xfffffffffffffffb}) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000080)) connect$pptp(r1, &(0x7f0000000200)={0x18, 0x2, {0x0, @empty}}, 0x1e) [ 1685.859761] ? find_held_lock+0x35/0x130 [ 1685.863860] ? handle_mm_fault+0x322/0xb30 [ 1685.868134] ? kasan_check_read+0x11/0x20 [ 1685.872318] handle_mm_fault+0x43f/0xb30 [ 1685.876407] __do_page_fault+0x5da/0xd60 [ 1685.880489] do_page_fault+0x71/0x581 [ 1685.884299] ? page_fault+0x8/0x30 [ 1685.887865] page_fault+0x1e/0x30 [ 1685.891343] RIP: 0033:0x451880 [ 1685.894542] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1685.913467] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1685.918837] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1685.926201] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1685.933476] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1685.940752] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1685.948115] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1685.970646] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1685.975192] CPU: 0 PID: 32519 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1685.982381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1685.991744] Call Trace: [ 1685.994362] dump_stack+0x172/0x1f0 [ 1685.998027] handle_userfault.cold+0x41/0x5d [ 1686.002478] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1686.007083] ? __handle_mm_fault+0x36b7/0x3f20 [ 1686.011681] ? find_held_lock+0x35/0x130 [ 1686.015768] ? __handle_mm_fault+0x36b7/0x3f20 [ 1686.020370] ? kasan_check_read+0x11/0x20 [ 1686.024548] ? lock_downgrade+0x810/0x810 [ 1686.028720] ? kasan_check_read+0x11/0x20 [ 1686.032877] ? do_raw_spin_unlock+0x57/0x270 [ 1686.037329] __handle_mm_fault+0x36c8/0x3f20 [ 1686.041777] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1686.046633] ? find_held_lock+0x35/0x130 [ 1686.051407] ? handle_mm_fault+0x322/0xb30 [ 1686.056368] ? kasan_check_read+0x11/0x20 [ 1686.060622] handle_mm_fault+0x43f/0xb30 [ 1686.064940] __do_page_fault+0x5da/0xd60 [ 1686.069111] do_page_fault+0x71/0x581 [ 1686.072923] ? page_fault+0x8/0x30 [ 1686.076477] page_fault+0x1e/0x30 [ 1686.079937] RIP: 0033:0x451880 [ 1686.083138] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1686.102226] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1686.107600] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1686.114904] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1686.122189] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1686.129465] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1686.136746] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:57 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:57 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x8, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:16:57 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:57 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x700000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1686.316238] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1686.331680] CPU: 1 PID: 32546 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1686.338928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1686.348389] Call Trace: [ 1686.351140] dump_stack+0x172/0x1f0 [ 1686.354803] handle_userfault.cold+0x41/0x5d [ 1686.359266] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1686.363873] ? __handle_mm_fault+0x36b7/0x3f20 [ 1686.368739] ? find_held_lock+0x35/0x130 [ 1686.372829] ? __handle_mm_fault+0x36b7/0x3f20 [ 1686.377551] ? kasan_check_read+0x11/0x20 [ 1686.381715] ? lock_downgrade+0x810/0x810 [ 1686.386048] ? kasan_check_read+0x11/0x20 [ 1686.390224] ? do_raw_spin_unlock+0x57/0x270 [ 1686.394647] __handle_mm_fault+0x36c8/0x3f20 [ 1686.399074] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1686.403923] ? find_held_lock+0x35/0x130 [ 1686.407999] ? handle_mm_fault+0x322/0xb30 [ 1686.412256] ? kasan_check_read+0x11/0x20 [ 1686.416419] handle_mm_fault+0x43f/0xb30 [ 1686.420510] __do_page_fault+0x5da/0xd60 [ 1686.424595] do_page_fault+0x71/0x581 [ 1686.428841] ? page_fault+0x8/0x30 [ 1686.432543] page_fault+0x1e/0x30 [ 1686.436004] RIP: 0033:0x451880 [ 1686.439209] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1686.458238] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 22:16:57 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) r1 = openat$vfio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vfio/vfio\x00', 0x2800, 0x0) ioctl$VIDIOC_S_JPEGCOMP(r1, 0x408c563e, &(0x7f0000000100)={0x5, 0x7, 0x2a, "d1f311abfb508545f60260aab0e7be121a0d0a846387bd8e42aca568619d6e305ef56576b8471a01c45a474ad41045e12759adffbcaa4f3b1da86ac2", 0xb, "51edf7150918113d8ecaafd93fd1bf9fe6a86fed1f31edf0f266c3cdcc3b22d6a49740145c7ae25d16dcc140f52941da9ceed65a7d347fafa357791a", 0x20}) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f00000001c0)={0x0, 0x9}, &(0x7f0000000200)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000240)={0x80000001, 0x4, 0x0, 0x5, 0x9, 0x4fb, 0x9, 0x5, r2}, 0x20) syz_open_dev$radio(&(0x7f0000000080)='/dev/radio#\x00', 0x1, 0x2) 22:16:57 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rfkill\x00', 0x400400, 0x0) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r2 = socket$inet(0x2b, 0x80000000000001, 0x0) getsockopt$IP_VS_SO_GET_SERVICES(r2, 0x0, 0x482, &(0x7f0000000140)=""/91, &(0x7f00000000c0)=0x5b) ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r2}], 0x2000000000000006, 0x0) openat$cgroup_ro(r1, &(0x7f00000001c0)='cgroup.controllers\x00', 0x0, 0x0) [ 1686.463609] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1686.470895] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1686.478168] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1686.485617] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1686.492892] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1686.507326] gfs2: not a GFS2 filesystem 22:16:57 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1686.590515] IPVS: length: 91 != 8 22:16:57 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x546f, &(0x7f00000000c0)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:16:57 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x800000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1686.623092] IPVS: length: 91 != 8 [ 1686.628236] gfs2: not a GFS2 filesystem 22:16:57 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x200, 0x0) getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r1, 0x84, 0x74, &(0x7f0000000140)=""/151, &(0x7f00000000c0)=0x97) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r2 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0xb, 0x18010, r2, 0x0) poll(&(0x7f0000000040)=[{r2}], 0x2000000000000006, 0x0) 22:16:57 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) socket$packet(0x11, 0x2, 0x300) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, &(0x7f0000000100)="c441d569d9c744240093000000c7442402f3000000ff1c246467460f0d9a4c590000650f06660f38826103c2000066470f380a37b961080000b83e080000ba000000000f308163e6ad0000000fc71f", 0x4f}], 0x1, 0x0, &(0x7f00000001c0)=[@flags={0x3, 0x106}, @dstype3={0x7, 0xd}], 0x2) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:16:57 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:57 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:57 executing program 0: r0 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x4, 0x8000) sendmmsg(r0, &(0x7f0000000b00)=[{{&(0x7f0000000140)=@un=@abs={0x1, 0x0, 0x4e21}, 0x80, &(0x7f0000000240)=[{&(0x7f00000000c0)="91f3bc3f17109b3bd4f617634b03653f13369e9ff953d85fd08c6c531f034cd1430a30360e03e7cbc1fd434795cdb5fd635dac235493572e", 0x38}, {&(0x7f00000001c0)="179703440e35c60ece0f88e9ec6c4bc3b7f5346c574b72735eac279ba4f60da1557a622542c664bbbf85f02583151c1a9327ce2fac3b5ba1b0b4803857e60c54c7bb07c94f72558e41ba184f7319b8c709", 0x51}], 0x2, &(0x7f0000000b80)=ANY=[@ANYBLOB="d000000000000000587a00000300000003cf461125057898649ed672ce5a7612342b420486cba5c10545922e920015796b1d9c6e4115c8da2a9d48215d78c63dc5b018a826b1c474a80514fa72de8a2d781a0e695f1aab8ba9a23cd258040fd8822959e9300d03c5185cb3ff22046dd129083670fb3030cff1189fc80ea49d7f0b7d36485c657aa27c8eb8fcaa9c9fb172c2bfedabb69aa9a04a9a5afa34d87d95740345a9bfab6b5cbda71dbc93a989d8ec89430526d409bc40b93c79eea81f5d755cb397540f804a00000000000000180000000000000005010000060000001c63e3c820ce800bb87400000000000000ff000000070000005200b712ead11236f86e94dc2946eaaeb7685a737e23153f0c1f743ac56bd0c9b96abc3fd5d47314c290fdb0cde53d10b67eb0c3eb43a850eb7333787a0e29e9eb581d1d74c0a83041c560f0566bc3a8468bad6b0b617eb434278d20d1a444efb4db83cb9027bb7be90698a9d2685fa624d92e17a981fe928b36e85c92b070e51877905107aa2b8ce6c11fa6f3ee3ee0bd6d692cb970c83c48fcdbb73b821e94491a88b19f320f008800000000000000160100000100000002f9609bd652a5c03875dbe1ef6d273132606e0927ac2adbc61a3b0515a080ecc21106d26c653f24a092df60cf94d03602437654fd6737a50655d7bf6a2b018da174072ca0b43e20482df06b6766480734051fab58132a6b62475769c6564d8956f4024845fb565f9e27893144851d57d6dcd03993a076a2380000000000000000000000a1c800004b79e91c19a8f406f3776f279e09ebea070f5eb706fc120ed86e88b07f634d7e5fe4d87c68b632ebe40000000000b800000000000000100800000e67032f68b55fe407def90cabbba4d23de5b6fc3502560bc28a30687d2aefa923d692807f42fba25f61f6820a1df029b6a6809d5b413831db1e30436788122a31ff02f7cf48125523591e8dd55ee363dc3d7a313b5455c02068e7a5ec94800521070e5a0db4dcd339528345410919b3dbd59c40622bbb035eef743b4822a345051fc405f470d3104ea8c94f5bffc5a0281ae33f63a105b6b0848b201ccfa5a30a302c04d63d5300002800000000000000ff010000ff0000009c2005d8a5df378ab1cc366b59261417950cb30000000000c8000000000000000000000007000000cc2e15622487e508c0b0c224350cd7ce0bb9881abd775808a5c9c2842f027f1b5f6831f60f74d64a0f142af0223dbe2a88397dbca6104edcef2450d8a7b37667fa7aa7b0f9788c32b223f1ff9ae6e62deddaeccc267ef3b3ba75b0894be1db273b64ea5ed6c263bc318e9d9ec777ce14f41e8cb0b3371e5c69e3fa6749d2685929748a97b86438d3fd28297f0e0b7e1bac2a871f9a9991f6106f84aa379cbcd25b205d0661830282d2aff19cd031a8b14e5db6cd5b000000e80000000000000014010000c0ffffff37f8bfcee5fcbc85ad4a6edcad48a89d6acc03567cfd8c656eecdd4a3f4f33521689c726cf68b2c152ee603c9372c4caebe6088544fd457217ea806107a15b6a8a6c9373ea264febd7d8259b81436da31d8fc43b232908deb2909d7220d540bea8c6158a837407111aedf558cca4b65d343f54702da9ad3bb42166c2dc815f154df639b1c57f93830dc0087025326f158af21dc3061ccf3d9af4a0d1d135fd38a3d32290018b29fd6108af2f59871f3d66c68cf44ea0370223f5978c896e9a858fdf1bed7e4170c1f374f48e0d2c6759409300000000"], 0x4f0}, 0x4}, {{&(0x7f0000000780)=@vsock={0x28, 0x0, 0x2711}, 0x80, &(0x7f0000000a80)=[{&(0x7f0000000800)="8d9870d07a2c41baadfb11c6dda4bcc43ab4aece22e037babadb805cb9c52a5615254a68b1f913714e478da24d68331324a61d256c5237035db369afacc5dab7334f37dee8b32de763f22a08ee56ebf2e1d3c7a1368d3683e0d977e38ff1da7858544bee3c67468027a7c9764dcacf3578a0d7d377f7f5f441254d9dd02166028f13bd14cb90a7bb73117dbf5e216ba2762a76de5db6007b5a858acafa54442d150de138ec8158d11b039577ab5aa9bbf95c7fac3f7d41be3c5448d13911d72683b7dff473a6cc6fdd8abd18f51a2c2b35cb4ead2d6388ca8fc2b9", 0xdb}, {&(0x7f0000000900)}, {&(0x7f0000000940)="63cb28", 0x3}, {&(0x7f0000000980)="c214c2ec572ca02ef8dca3914869a6ea5b8887d31753b9202119b2d0c04d3fceb82348b19c279893cd960249f91c5c0769f511e5709c9f0779f6c9514c9599ae4caed968300ff0e387bff81fb2b184626c9bc2d1245ab1a106114ccf9d3377d153b0873a894a4557d0c8a2d3e11585700042834f316972596dc591c463726736e8d23e8f453f9df4aaa067e7b82c4fd22a318c79016f0c98b5313525851ee5d4a33de9c3b869d378e2001b792b00a8dae60aa764", 0xb4}, {&(0x7f0000000a40)="473b0b28ecc9ccbef393ed1e5076b002d9882a5b7ff9226de35f73766d20e33ece93e24947", 0x25}], 0x5}, 0x3}], 0x2, 0x40040) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r2 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r2}], 0x2000000000000006, 0x0) 22:16:57 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) ioctl$KVM_GET_REGS(r1, 0x8090ae81, &(0x7f0000000080)) 22:16:57 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x900000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1686.891864] gfs2: not a GFS2 filesystem 22:16:57 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:57 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) mount(&(0x7f0000000080)=@md0='/dev/md0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='btrfs\x00', 0x40000, &(0x7f0000000140)='.&\x00') poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) [ 1686.971645] gfs2: not a GFS2 filesystem 22:16:57 executing program 0: r0 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$sock_inet_tcp_SIOCOUTQ(r0, 0x5411, &(0x7f00000000c0)) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r2 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000140)=[{r2}], 0x1, 0x0) 22:16:58 executing program 4: r0 = accept$inet(0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0)=0x10) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000100)={'raw\x00', 0x3, [{}, {}, {}]}, 0x58) openat$vicodec0(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/video36\x00', 0x2, 0x0) r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:16:58 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:58 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:58 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) write$eventfd(r1, &(0x7f0000000100)=0x1, 0x8) 22:16:58 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xa00000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:58 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = socket$inet(0x2b, 0x7ffffffffffffe, 0x0) r2 = syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x8, 0x2) ioctl$SG_GET_LOW_DMA(r2, 0x227a, &(0x7f00000000c0)) ioctl$LOOP_SET_FD(r2, 0x4c00, r0) syz_open_pts(r2, 0x400040) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:16:58 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) setsockopt$inet_buf(r0, 0x0, 0x2f, &(0x7f0000000040)="5547c8d0c18d8fbaec2ac09007d2b5697bac9016fe94eaa88aca800449e009f9cea060031460d8eaeec959b791442ce82e64f78e04099d6337173ea415c3439c96b32bcafc84c5cd5bc8551c1db081249e7adcad4fb54486cab8f53f3e", 0x5d) r1 = socket$pppoe(0x18, 0x1, 0x0) poll(&(0x7f0000000280)=[{r0, 0x400}, {r0, 0x240}, {r1, 0x1000}, {r0, 0x8000}], 0x4, 0x40000000000000) signalfd(r0, &(0x7f00000000c0)={0xfffffffffffff062}, 0x8) r2 = syz_open_dev$vcsn(&(0x7f0000000100)='/dev/vcs#\x00', 0x6, 0x224001) getpeername$packet(r1, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000180)=0x14) ioctl$sock_inet6_SIOCDELRT(r2, 0x890c, &(0x7f0000000200)={@dev={0xfe, 0x80, [], 0xf}, @loopback, @dev={0xfe, 0x80, [], 0x21}, 0x10000, 0x1, 0x5, 0x400, 0x4, 0x40000000, r3}) [ 1687.215217] gfs2: not a GFS2 filesystem 22:16:58 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2000, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r2, 0xc08c5335, &(0x7f0000000200)={0x4, 0x2, 0x4, 'queue0\x00', 0x6}) setsockopt$netrom_NETROM_T1(r2, 0x103, 0x1, &(0x7f00000000c0)=0x4, 0x4) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:16:58 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x2, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1687.294810] gfs2: not a GFS2 filesystem 22:16:58 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) r2 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/policy\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000180)={0xffffffffffffffff}, 0x106, 0x3}}, 0x20) write$RDMA_USER_CM_CMD_LISTEN(r2, &(0x7f0000000200)={0x7, 0x8, 0xfa00, {r3, 0x100000001}}, 0x10) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) r4 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x4, 0x82) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r4, 0x40045542, &(0x7f00000000c0)=0x4) 22:16:58 executing program 4: r0 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/checkreqprot\x00', 0x0, 0x0) write$P9_RATTACH(r0, &(0x7f0000000280)={0x14, 0x69, 0x2, {0x20, 0x2, 0x1}}, 0x14) r1 = socket$inet(0x2b, 0x5, 0x7) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000009c0)={{{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in=@loopback}}, &(0x7f0000000ac0)=0xe8) setsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f0000000b00)={@dev={0xfe, 0x80, [], 0x2b}, r2}, 0x14) ioctl$int_in(r1, 0x5455, &(0x7f00000000c0)=0x9) syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x741, 0x428080) ioctl$SG_GET_REQUEST_TABLE(r0, 0x2286, &(0x7f0000000440)) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:16:58 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:58 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000080)="50f61c661b4a305364d6c9d66fe19700000000000000000000000000") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) clock_nanosleep(0x2, 0x1, &(0x7f00000000c0)={0x0, 0x1c9c380}, &(0x7f0000000100)) 22:16:58 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xb00000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:58 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000100)='/dev/usbmon#\x00', 0x3f, 0x2000) ioctl$KIOCSOUND(r1, 0x4b2f, 0x750) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) r2 = dup3(r0, r0, 0x0) setsockopt$bt_BT_POWER(r2, 0x112, 0x9, &(0x7f00000000c0)=0x9, 0x1) r3 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000080)='/proc/capi/capi20\x00', 0x2, 0x0) ioctl$TUNSETOFFLOAD(r3, 0x400454d0, 0x8200000000000000) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) [ 1687.531259] gfs2: not a GFS2 filesystem [ 1687.623192] gfs2: not a GFS2 filesystem 22:16:58 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x400, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000180)="b982010000b800000000ba010000000f30440f20c03501000000440f22c0470f0848b800000000000000000f23d00f21f8352000000b0f23f866b86f000f00d036450f35b9b20900000f32410f20a2650f01cb460f01c8", 0x57}], 0x1, 0xfffffffffffffffa, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nbd(&(0x7f0000000140)='nbd\x00') epoll_create1(0x80000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:16:58 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x3, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:16:58 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rfkill\x00', 0x601ffd, 0x0) getsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f00000000c0), &(0x7f0000000100)=0x8) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:16:58 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1687.736720] handle_userfault: 8 callbacks suppressed [ 1687.736726] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1687.748692] CPU: 0 PID: 32683 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1687.756006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1687.766122] Call Trace: [ 1687.766150] dump_stack+0x172/0x1f0 [ 1687.766174] handle_userfault.cold+0x41/0x5d [ 1687.766201] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1687.766220] ? __handle_mm_fault+0x36b7/0x3f20 [ 1687.777267] ? find_held_lock+0x35/0x130 [ 1687.777289] ? __handle_mm_fault+0x36b7/0x3f20 [ 1687.777308] ? kasan_check_read+0x11/0x20 [ 1687.777325] ? lock_downgrade+0x810/0x810 [ 1687.777342] ? kasan_check_read+0x11/0x20 [ 1687.786639] ? do_raw_spin_unlock+0x57/0x270 [ 1687.786666] __handle_mm_fault+0x36c8/0x3f20 [ 1687.786689] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1687.786703] ? find_held_lock+0x35/0x130 [ 1687.826096] ? handle_mm_fault+0x322/0xb30 [ 1687.830363] ? kasan_check_read+0x11/0x20 [ 1687.834529] handle_mm_fault+0x43f/0xb30 [ 1687.838611] __do_page_fault+0x5da/0xd60 [ 1687.842694] do_page_fault+0x71/0x581 [ 1687.846505] ? page_fault+0x8/0x30 [ 1687.850061] page_fault+0x1e/0x30 [ 1687.853522] RIP: 0033:0x451880 [ 1687.856983] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1687.876242] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1687.881801] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1687.889254] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1687.896884] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1687.904164] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1687.911446] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:58 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x1a0f000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:58 executing program 4: r0 = socket$inet(0x2b, 0x805, 0x3) r1 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000200)='/selinux/checkreqprot\x00', 0x8000, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240)={0x0, 0xd5, "e416c6f9c583a7d075e03f80f71e9648916126a63e71be75c545ff2967f413fa926df2c4520e69f17276f819cc2fc9ddf0f05dfd5370fc2b306855396636cc46e87e53d31875ea552cef14e06e1855311535a5fe7df0d90118961172ca7160f170c3f1bcd3297ca008e632dd4edfec4f14688fc5930b2a8d650c9d8134820f706536beca645fe2b2456370c0ae46864aeb5c126cd9806893b25d6410db5be8939185de5ab7ea930cb9d772e3fcd8cd719d26edf8385a229c39920c2d3c8751f5f5467dcf0506f9de69061b1956df651308ea4100ce"}, &(0x7f0000000340)=0xdd) getsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000380)={r2, 0xffffffff}, &(0x7f00000003c0)=0x8) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) write$binfmt_script(r0, &(0x7f0000000080)={'#! ', './file0', [{0x20, '),([*vboxnet0wlan0'}, {0x20, ':}proc'}, {}], 0xa, "d03407fdc3577b768cf892453f58692773dd24b2bf4410c75a11993cee6080f9fff592e05c94037bc43bc37e6b10fa95670a4c1b064fec853308e6287a75f7268a19302ae0e930277f8600035ad1b3c7bada21995102345a9decc37fbce7e2d7ca"}, 0x87) 22:16:58 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x159b83, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0) ioctl$KVM_SET_TSC_KHZ(r2, 0xaea2, 0x1ff) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1687.984931] gfs2: not a GFS2 filesystem 22:16:58 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, 0x0}) getpriority(0x0, r1) r2 = syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0x1, 0x800) write$P9_RRENAME(r2, &(0x7f00000000c0)={0x7, 0x15, 0x1}, 0x7) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) [ 1688.057191] gfs2: not a GFS2 filesystem 22:16:59 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x4, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1688.234048] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1688.238793] CPU: 0 PID: 32717 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1688.246003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1688.255368] Call Trace: [ 1688.257977] dump_stack+0x172/0x1f0 [ 1688.261627] handle_userfault.cold+0x41/0x5d [ 1688.266075] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1688.270680] ? __handle_mm_fault+0x36b7/0x3f20 [ 1688.275278] ? find_held_lock+0x35/0x130 [ 1688.279362] ? __handle_mm_fault+0x36b7/0x3f20 [ 1688.283966] ? kasan_check_read+0x11/0x20 [ 1688.288133] ? lock_downgrade+0x810/0x810 [ 1688.292296] ? kasan_check_read+0x11/0x20 [ 1688.296468] ? do_raw_spin_unlock+0x57/0x270 [ 1688.300899] __handle_mm_fault+0x36c8/0x3f20 [ 1688.305327] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1688.310181] ? find_held_lock+0x35/0x130 [ 1688.314251] ? handle_mm_fault+0x322/0xb30 [ 1688.318510] ? kasan_check_read+0x11/0x20 [ 1688.322674] handle_mm_fault+0x43f/0xb30 [ 1688.326755] __do_page_fault+0x5da/0xd60 [ 1688.330867] do_page_fault+0x71/0x581 [ 1688.334765] ? page_fault+0x8/0x30 [ 1688.338318] page_fault+0x1e/0x30 [ 1688.341774] RIP: 0033:0x451880 [ 1688.344979] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1688.363890] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1688.369268] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1688.376669] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 22:16:59 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5421, &(0x7f0000000080)=0xae) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000280)='/dev/dsp\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_DOORLOCK(r2, 0x5380) r3 = syz_open_dev$sndpcmp(&(0x7f00000000c0)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffeffff, 0x218100) getsockopt$inet6_IPV6_IPSEC_POLICY(r3, 0x29, 0x22, &(0x7f0000000140)={{{@in6=@remote, @in=@broadcast}}, {{@in=@loopback}, 0x0, @in=@remote}}, &(0x7f0000000240)=0xe8) 22:16:59 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:16:59 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x71, 0x8000) setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f00000003c0), 0x4) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dsp\x00', 0x200000, 0x0) recvmsg$kcm(r4, &(0x7f0000000300)={&(0x7f00000001c0)=@sco, 0x80, &(0x7f00000002c0)=[{&(0x7f0000000240)=""/107, 0x6b}], 0x1}, 0x2021) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000100)='/dev/full\x00', 0x80000, 0x0) r6 = syz_open_dev$dspn(&(0x7f0000000380)='/dev/dsp#\x00', 0x40, 0x408003) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r5, 0x2405, r6) setsockopt$bt_BT_CHANNEL_POLICY(r5, 0x112, 0xa, &(0x7f0000000140)=0xffffffff, 0x4) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) 22:16:59 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x1f00000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:59 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffff9c, 0x84, 0x66, &(0x7f0000000080)={0x0, 0x3ff}, &(0x7f00000000c0)=0x8) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000100)={r1, 0x10001, 0x4}, 0x8) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) [ 1688.383959] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1688.391238] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1688.398518] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:59 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x5, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1688.517276] gfs2: not a GFS2 filesystem 22:16:59 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f00000000c0)=0xfff7fffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x1acd3792a9f9922, 0x1) openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/mls\x00', 0x0, 0x0) 22:16:59 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) openat$rtc(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rtc0\x00', 0x10000, 0x0) 22:16:59 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x2000000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:16:59 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/avc/hash_stats\x00', 0x0, 0x0) epoll_pwait(r3, &(0x7f0000000140)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x8, 0x6, &(0x7f00000001c0)={0x9}, 0x8) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:16:59 executing program 4: r0 = socket$inet(0x2b, 0x6, 0x4) getsockname$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, &(0x7f00000000c0)=0xfffffce3) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) [ 1688.638731] gfs2: not a GFS2 filesystem [ 1688.674575] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1688.680615] CPU: 1 PID: 32742 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1688.687838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1688.697197] Call Trace: [ 1688.697224] dump_stack+0x172/0x1f0 [ 1688.703453] handle_userfault.cold+0x41/0x5d [ 1688.707883] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1688.707904] ? __handle_mm_fault+0x36b7/0x3f20 [ 1688.707919] ? find_held_lock+0x35/0x130 [ 1688.707934] ? __handle_mm_fault+0x36b7/0x3f20 [ 1688.725855] ? kasan_check_read+0x11/0x20 [ 1688.730030] ? lock_downgrade+0x810/0x810 [ 1688.734199] ? kasan_check_read+0x11/0x20 [ 1688.738363] ? do_raw_spin_unlock+0x57/0x270 [ 1688.742804] __handle_mm_fault+0x36c8/0x3f20 [ 1688.747233] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1688.747249] ? find_held_lock+0x35/0x130 [ 1688.756991] ? handle_mm_fault+0x322/0xb30 [ 1688.761258] ? kasan_check_read+0x11/0x20 [ 1688.765433] handle_mm_fault+0x43f/0xb30 [ 1688.769518] __do_page_fault+0x5da/0xd60 [ 1688.769544] do_page_fault+0x71/0x581 [ 1688.769561] ? page_fault+0x8/0x30 [ 1688.781577] page_fault+0x1e/0x30 [ 1688.785030] RIP: 0033:0x451880 [ 1688.788217] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1688.807394] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1688.813296] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e 22:16:59 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$ARPT_SO_GET_INFO(r0, 0x0, 0x60, &(0x7f0000000080)={'filter\x00'}, &(0x7f0000000180)=0x44) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd5f) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:16:59 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1688.820554] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1688.827831] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1688.835089] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1688.842626] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:16:59 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) ioctl$sock_bt_hci(r0, 0x0, &(0x7f0000000080)="3e13ec5c5baf9e0e18dcae5bdca0007c874027587b69e3ae6e319dfd59439fd256ba26c950caa4c754c3627c7a1dc298a911d9daefd774561121f6499abb331a92cc6512bd63bd9cce78203bab1c81fa48512af1826b20270570c8a2b151f62b00") poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) r1 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000200)='/selinux/status\x00', 0x0, 0x0) ioctl$TIOCLINUX5(r1, 0x541c, &(0x7f0000000240)={0x5, 0x0, 0x0, 0x0, 0x7fff}) r2 = syz_open_dev$adsp(&(0x7f0000000100)='/dev/adsp#\x00', 0x9, 0x101000) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000140)={[0xaaf, 0x9, 0x5, 0x401, 0xf2, 0xc520, 0x100000001, 0x7, 0x0, 0xffff, 0x7ff, 0x1, 0x8, 0x7, 0x6, 0x1], 0x2000, 0x103002}) 22:16:59 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x7, 0x8) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2, 0x0) ioctl$KVM_ARM_SET_DEVICE_ADDR(r2, 0x4010aeab, &(0x7f00000000c0)={0x3, 0x106000}) lstat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000200)={{{@in6=@local, @in6=@ipv4={[], [], @remote}, 0x4e23, 0x0, 0x4e20, 0x4f, 0xa, 0xa0, 0x20, 0x7a, 0x0, r3}, {0x0, 0x8, 0x7fff, 0x0, 0x80000001, 0x5, 0xfffffffffffffffe, 0x3}, {0x3, 0x81, 0x81, 0xe0}, 0x80000000, 0x6e6bba, 0x1, 0x1, 0x1, 0x1}, {{@in6=@empty, 0x4d3}, 0xa, @in=@broadcast, 0x3505, 0x6, 0x3, 0x8, 0x8000, 0x80000000, 0x8}}, 0xe8) [ 1688.922183] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1688.938334] CPU: 0 PID: 32751 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1688.946114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1688.955570] Call Trace: [ 1688.958268] dump_stack+0x172/0x1f0 [ 1688.961930] handle_userfault.cold+0x41/0x5d [ 1688.966368] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1688.966386] ? __handle_mm_fault+0x36b7/0x3f20 [ 1688.966407] ? find_held_lock+0x35/0x130 [ 1688.975657] ? __handle_mm_fault+0x36b7/0x3f20 [ 1688.975678] ? kasan_check_read+0x11/0x20 [ 1688.975695] ? lock_downgrade+0x810/0x810 [ 1688.975712] ? kasan_check_read+0x11/0x20 [ 1688.996799] ? do_raw_spin_unlock+0x57/0x270 [ 1689.001230] __handle_mm_fault+0x36c8/0x3f20 [ 1689.006017] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1689.010873] ? find_held_lock+0x35/0x130 [ 1689.014944] ? handle_mm_fault+0x322/0xb30 [ 1689.019205] ? kasan_check_read+0x11/0x20 [ 1689.023365] handle_mm_fault+0x43f/0xb30 [ 1689.027474] __do_page_fault+0x5da/0xd60 [ 1689.031639] do_page_fault+0x71/0x581 [ 1689.035445] ? page_fault+0x8/0x30 [ 1689.039166] page_fault+0x1e/0x30 [ 1689.042621] RIP: 0033:0x451880 [ 1689.045993] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1689.064905] RSP: 002b:00007f04692b57a8 EFLAGS: 00010202 [ 1689.070296] RAX: 00007f04692b5850 RBX: 0000000000000003 RCX: 000000000000000e [ 1689.077588] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692b5850 [ 1689.084863] RBP: 000000000073bfa0 R08: 00000000000003ff R09: 0000000000000000 [ 1689.092136] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692b66d4 [ 1689.099415] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1689.134660] gfs2: not a GFS2 filesystem 22:17:00 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x2010000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:00 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x10000, 0x0) setsockopt$RXRPC_SECURITY_KEYRING(r2, 0x110, 0x2, &(0x7f00000000c0)='nodev{user*#\x00', 0xd) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:17:00 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x6, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1689.208041] gfs2: not a GFS2 filesystem 22:17:00 executing program 4: prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:17:00 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm_plock\x00', 0x80100, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r3, 0xc0305602, &(0x7f0000000140)={0x0, 0x2, 0x600d, 0x1}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:17:00 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:17:00 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$sock_SIOCGIFBR(r0, 0x8940, &(0x7f0000000180)=@generic={0x0, 0x0, 0x6}) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) mq_open(&(0x7f0000000080)='\x00', 0x1, 0x82, &(0x7f00000000c0)={0x100000, 0xec, 0x7, 0x1, 0x38, 0x81, 0x101, 0x1}) r1 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x9, 0x800) ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8) write$P9_RLINK(r0, &(0x7f0000000100)={0x7, 0x47, 0x2}, 0x7) ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f0000000380)=0x0) lstat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000480)={0x0, 0x0, 0x0}, &(0x7f00000004c0)=0xc) sendmsg$unix(r1, &(0x7f0000000540)={&(0x7f00000001c0)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000000340)=[{&(0x7f0000000240)="1536d539debd5007a2314a618f9e2dcb33b6511e6a22c3b7a60267be46a3866fcf37a081fae589bded9cfbee94fa74fd5dd83b5105e459a8c638937fe5276d3a554e270f1616b59f5763bb3ce48f8d54e865f8aa9bfbdd680f415c79a689b03321e196067ef4a718923e0578e907e618767fe22b820421182516ca7d6e11ed247f6d83e63b786d48bcb2f0b9f0b6b75dc7838148d87ed12d5a4dfba6e4935eecba5d4c427816", 0xa6}, {&(0x7f0000000300)="f31bd297b3a009bad44412e5c2f0901f8adcbb96c31df05cf6d1bcc17d171435346c", 0x22}], 0x2, &(0x7f0000000500)=[@cred={0x20, 0x1, 0x2, r2, r3, r4}], 0x20, 0x4040}, 0x10) [ 1689.398964] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1689.407214] CPU: 1 PID: 326 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1689.414773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1689.416486] gfs2: not a GFS2 filesystem [ 1689.424166] Call Trace: [ 1689.424247] dump_stack+0x172/0x1f0 [ 1689.424276] handle_userfault.cold+0x41/0x5d [ 1689.424310] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1689.424336] ? __handle_mm_fault+0x36b7/0x3f20 [ 1689.448209] ? find_held_lock+0x35/0x130 [ 1689.452330] ? __handle_mm_fault+0x36b7/0x3f20 [ 1689.456975] ? kasan_check_read+0x11/0x20 [ 1689.461550] ? lock_downgrade+0x810/0x810 [ 1689.465772] ? kasan_check_read+0x11/0x20 [ 1689.470011] ? do_raw_spin_unlock+0x57/0x270 [ 1689.474460] __handle_mm_fault+0x36c8/0x3f20 [ 1689.474482] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1689.474502] ? find_held_lock+0x35/0x130 [ 1689.487962] ? handle_mm_fault+0x322/0xb30 [ 1689.492261] ? kasan_check_read+0x11/0x20 [ 1689.492284] handle_mm_fault+0x43f/0xb30 [ 1689.492311] __do_page_fault+0x5da/0xd60 [ 1689.504716] do_page_fault+0x71/0x581 [ 1689.508532] ? page_fault+0x8/0x30 [ 1689.512075] page_fault+0x1e/0x30 [ 1689.515536] RIP: 0033:0x451880 [ 1689.518736] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1689.537640] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 22:17:00 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) r1 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vfio/vfio\x00', 0xc01, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r1, 0xc040564a, &(0x7f00000000c0)={0x4, 0x0, 0x300b, 0x3, 0x1, 0x8, 0xdad0}) 22:17:00 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x2300000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:00 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f00000001c0)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) r2 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x7, 0x400) ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(r2, 0xc0905664, &(0x7f0000000200)={0x0, 0x0, [], @bt={0x9, 0x9, 0xee, 0x2, 0x100000000, 0xffff, 0x1, 0x2}}) write$FUSE_STATFS(r2, &(0x7f0000000140)={0x60, 0xfffffffffffffffe, 0x2, {{0x6, 0x800000, 0x1f, 0x8, 0x3, 0x3, 0x100000001, 0x80000001}}}, 0x60) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) [ 1689.537652] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1689.537660] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1689.537667] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1689.537675] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1689.537683] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:17:00 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000001c0)={{{@in6=@mcast1, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@remote}}, &(0x7f00000002c0)=0xe8) mount$9p_rdma(&(0x7f00000000c0)='127.0.0.1\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x4, &(0x7f0000000300)={'trans=rdma,', {'port', 0x3d, 0x4e21}, 0x2c, {[{@rq={'rq', 0x3d, 0x6}}, {@rq={'rq'}}, {@common=@cache_loose='cache=loose'}, {@sq={'sq', 0x3d, 0xff}}, {@timeout={'timeout', 0x3d, 0x2000}}], [{@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@obj_type={'obj_type', 0x3d, 'self'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '('}}, {@smackfshat={'smackfshat', 0x3d, '('}}, {@euid_gt={'euid>', r2}}]}}) clock_getres(0x7, &(0x7f0000000080)) 22:17:00 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/policy\x00', 0x0, 0x0) write$nbd(r3, &(0x7f0000000140)={0x67446698, 0x1, 0x3, 0x2, 0x4, "2fb6ab52647e04736d0b0fe421ab447aa230600bbd838514c4427ffc272d478e92328bb4ba77c42eefcc8bc14bf659ba3fcfa56eed0b911fa3ee8ce49c81936bdf1508808a9c18411044f4db654ec71fb8b1b1809dd520a1075893fb2c4aaec7ef7cb2e5591770461173b890a654e08e27b6855e64c21daabfe93ad1c5f88e0fbbad1a72fc9e2d7ddcfff15706fcbbd95f24e77720e704a0b9300836f2e6644504a60897c4704af0fedb56eaef83468606a60dc6c1317caeac74d2da1d307fced3133933f1e439899a8ec4138f7a5951d1cf55440dda6c477c41d2f367343f687c49"}, 0xf2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="c4e131dc9580000000c4c1a5ecb5000000000f080fb4bfcced2a470f08672e0f2018b9ad080000b8ca000000ba000000000f300f52417d0f9d7fca66b877000f00d8", 0x42}], 0x1, 0x0, 0x0, 0x0) ioctl$UI_SET_SWBIT(r3, 0x4004556d, 0x8) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000002c0)=[@text64={0x40, &(0x7f0000000240)="66b8d5008ed0c744240038720000c7442402d5050000c7442406000000000f011424c442959e8708c1087a450f0057c766b891000f00d0c4e17b10bc25b945e9dc460ff84d00660f22a77021c4834d78f400", 0x52}], 0x1, 0x11, &(0x7f0000000300)=[@dstype3={0x7, 0xd}, @cstype0={0x4, 0x3}], 0x2) bind$unix(r3, &(0x7f0000000340)=@abs={0x1, 0x0, 0x4e22}, 0x6e) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 1689.635611] gfs2: not a GFS2 filesystem 22:17:00 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x7, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:00 executing program 4: r0 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000180)='/selinux/policy\x00', 0x0, 0x0) ioctl$KVM_GET_PIT(r0, 0xc048ae65, &(0x7f00000001c0)) r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000140)={'hsr0\x00', &(0x7f0000000080)=@ethtool_rx_ntuple={0x35, {0x1f, @hdata="61a52653523065f59c3b48480de6806e2a3b82f1469e1806a5e6aa0769c8aa27994a62270e764ecdbfdb47a742f9ddbf1df248a0cc0542e7bfac7d9b4275ec413982fcec808d42ee", @tcp_ip4_spec={@broadcast, @multicast2, 0x4e24, 0x4e24, 0x4}, 0x2, 0x100000001, 0x5, 0x0, 0xfffffffffffffffe}}}) fsetxattr$trusted_overlay_redirect(r1, &(0x7f0000000240)='trusted.overlay.redirect\x00', &(0x7f0000000280)='./file0\x00', 0x8, 0x3) 22:17:00 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1689.804100] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1689.817612] CPU: 1 PID: 357 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1689.824704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1689.834069] Call Trace: [ 1689.836688] dump_stack+0x172/0x1f0 [ 1689.840345] handle_userfault.cold+0x41/0x5d [ 1689.845662] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1689.850289] ? __handle_mm_fault+0x36b7/0x3f20 [ 1689.854897] ? find_held_lock+0x35/0x130 [ 1689.858983] ? __handle_mm_fault+0x36b7/0x3f20 [ 1689.863583] ? kasan_check_read+0x11/0x20 [ 1689.867776] ? lock_downgrade+0x810/0x810 [ 1689.871955] ? kasan_check_read+0x11/0x20 [ 1689.876115] ? do_raw_spin_unlock+0x57/0x270 [ 1689.880543] __handle_mm_fault+0x36c8/0x3f20 [ 1689.885234] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1689.890095] ? find_held_lock+0x35/0x130 [ 1689.894165] ? handle_mm_fault+0x322/0xb30 [ 1689.898430] ? kasan_check_read+0x11/0x20 [ 1689.902690] handle_mm_fault+0x43f/0xb30 [ 1689.906779] __do_page_fault+0x5da/0xd60 [ 1689.910871] do_page_fault+0x71/0x581 [ 1689.914688] ? page_fault+0x8/0x30 [ 1689.918246] page_fault+0x1e/0x30 [ 1689.921883] RIP: 0033:0x451880 [ 1689.925083] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1689.944271] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 22:17:00 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x2d04000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:00 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) getsockopt$inet_tcp_buf(r0, 0x6, 0x3f, &(0x7f0000000080)=""/4096, &(0x7f0000001080)=0x1000) 22:17:00 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000002180)='/dev/audio\x00', 0x200, 0x0) setsockopt$bt_BT_POWER(r1, 0x112, 0x9, &(0x7f00000021c0)=0x3ff, 0x1) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r2 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r2, 0x5452, &(0x7f0000000080)=0xfffffffffffffd63) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x1, 0x0) ioctl$sock_proto_private(r2, 0x89e0, &(0x7f0000002280)="3771237c5f6a36a4303b98ec337ef1402070368c398d615322c8f89757f5aaf4fb8cbd97559f49f134317d0ade1b141d8ba788d7b5b9cc07c54ea65d2925395e835ac26e75c9f83b9afc842b2ea0639a5961618f1901528016328cbd7ba8c31523700acdf5c036974f5e2323971cc62ae8b2ee07ce4177c08f4765c1b68da2067187033b06c1116eb544c1cd3d96a2519b87c78c73617dd3492e0d8f5a2c1814ad086dc359d3") pwrite64(r3, &(0x7f0000002240)="e8abbb5eae2f8b80b97c7a87559ff9fb9a2265d126a3b5c362803b4e2f36beada9e1f7ba25d98ad1c01a26497435536032d2", 0x32, 0x0) r4 = syz_open_dev$vcsn(&(0x7f0000002140)='/dev/vcs#\x00', 0x9, 0x8440) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000000c0)={r3, &(0x7f0000000140)="b3e7c49f7e1eee0806868a4bfe8567e9db2618fdecfcbd3bbcd3a087f8bdc499d78e742fcfddcca014ebd0b60de868e5ea73ec0fa07243d07b16e46e2f7af53a0892cf3f40dd4a45a8ee1d066917d76e16c91adee85e49daf821e0a28740f6e360d754725aa75d36377390234204a275880ff142e967369ff7b1def5f45ac96e944345015295ba7f468ff63ca7a5a60592fc810cdf778bf6b660117e9f4f6976e1deef67da8e33b72c7c7ca7c5ede8680405898ef5ae36b6dba61b39e305854e99855f211331df97929571ff7f2d95f4570625f5670fad7aa888369c5d1e50ef381c534052b4aeaafb434febc80aa7158805be377a66f8d5288f0b6cae3d7858be13ce203c33214587b6a6dc5126f79a83b950237f34ea420de54bd1f4fe6da8acd0fd04147d8b11affab1bb0defe271750f7e5e479f76088c1fcf86f566cd61797582d6478cac2a6c6c4eef457a1242397999e2fbb6c53a4eb590dbebea4d802cd37a71790583d8cf7868036678178dd056052842e7e614a39a5babbca335d19bb6c76b728b561759f5213dcf0c689de678772a67956df39b532a4cb18cb7db8723421420ac3daf7c1cbe7db8a5c8b356a5d7239aa2259bd43ea8fd35ef5e5c1b35e89ffab5a08851391b378fb2177f3b37377ae10b44c0bcec4e25bb522567496b6306b03c367af75b03a5bdd359140c7fb1a8fa1679381c857b41bedf8336b6b9c51137b88f55723378ff91c91ea18ef624dd59a9129d8e63a1fe5af6c41b03765c3aa07597137954a69991a8a787f399b164fbd6b8b31eb568728b68f95b6c57627e30b09de006a291cc0276608f16df37ce4b0d64fb230408c8777af9c52afe181701eabfccc0d9018f6152d328a645d0666e374040ac6f0061c12a12ee1c4485d5060f88faff7451689425891f4588c567ddb55cd12d3e6451b8c447712fb5b8b708b2da15e1b95a936488fbcda4a2012b72698736d15dbe46beae89288aaa1831cbf7d95d0e6561ea02d764e66c0d78d20630559739302f0f915821acc381398a0f9b8b8b4fb328f6ca6158b863cb77437d3c33eddb09daa2f427493bf2fbe78c372ecea6b5982d402ea647883b3f47bbc06d6e6bfb8e6d5b051618b727ee17370f3940a432ff62212bf0ea1c22286cc34a4df0409caff104b8e297e0a447da0418aa80b3f76ea0307c327d82612b8edce52985c56f110f40097acf1fa3e4ff73016c53ecb1cae15aee6f147c7f7b22984cec2cccb10caaf58dcefb7ff8a449e5e4f949f03a5d2a0e50a49c87fe9aa3cd747c18141acffa46ce61870294c85e0df48adfc83d7c2eaacbca0781eac997b46dcdec29cb7294457db10828a11f147b30f64256af3a6125bfd53c597f8fd35a19b20c7df76a111e8e37a9009c3478ea5d5d48ae8d5a6dfe1cf9f607243aaba1207d8f26df7affda82823de0dca6df97efbbecb0099a879248bcdaa0e1ca1f812f5ccaa3e45d9662308d0363bd24df427061f5bfa416c5fc0e1c9654ef5f68f84353f9fd9181251e7451573487852f1d0080c8e89ca054afd811f6a45f55f0d51b92e29d3872b05e0f0069343c273dc594757ef8f9e711a00a271c5d15c7c1591d1309e14f53c93c50b38a17f3dbb5c20ee400a62158a53c9e3556ee19aa0844bb9dad68a5a2d0b6774aff08df6019d47d125d1eb7ab9bfcbc2ff19de2cc96aa1a598503cd4644a524c490327f03e1999e2c99ad02cc02f59850daae6d728682b27136eec6af9b2250d1c3589e0564d96aa1ac0cf148d2a5431856ef88619c569fb92e76edf2ab25c3636b26bdddf2b353fa9270e03a0d64627d4fe182ddd1520177f1bd0dc8e04541d1e5644af9fbea7908bad8084548993a9573707136f6e673c5f92ff0d425565430c85ad628ea7794cedf49b0ba78f07fcc09bbffffc8ac59336ea3f1764249d6224ce99f46e12704e938983665b3de055788a47484e2fd3303e07986674316b722df434b2cffd1925eb83ce1b274f52c3bcfac40609eff10fe259c55125d5d1e3615fa36f3ae21ee3c50a4d646d34ce9f4cc61346d3cfffd03d8cc30c6eca5768c4e9481e24097166d4537ceafa0321539410fada19c2e85cbf94ab9adc290c494d0d353b6586a7bfc62704bf1beebc6ec59c1f341d2d95682b6c7dbeb8fa106ca1bebb7e76e90e07f826cf21b9c77f0cbe455ef55915f8040245de374808a156ba5f1009759024943cda0f86eee9f1a7e2b65f41d54159c8685b1421964d7d0e3950fa5e9205443bb74868a5dd242504b38ed9481c90af423f5bec3b094fb73bcade561df97b86846e3783d78098a06b1c22db3bec81084ce8c1cf5cdc8e36b09bb46c953c6535e29c385904c6352334d77cea3b32543258c5b49be06d0e946846f57326f7d9e80d8e6c13daac1356f14da745026c9c9b4d1da881686a4e34d522908887133d1747bfbd1b44267f6cd93ea645c433b5dab204f958a97ecf1e69f5135eb6364aa1285721aa25fe960c51b83e97d5bfb1307286408131ba73535c6f538220d1550ebb3a16d7276e84cd1f867fdb84e9189ea658250b236c1c13b81fd6459d1ee308c1aed262ae56a18dbf01a136386190c747f31945093913e71ded7c96a58f7bfb6499276fa15bfa7ef27d21d71413fc00e72316279368296a6bb71f5cb86351d048794d5f8d014f779c39e2fc33332982f5904f1401ebe4b5ceb150c27afa942193ea694623e660278df792c7dbf3939195758b359b6a3b882fca74df78d2bba1204d60b0436f74fb54f406f57fb1cd7d2ef7cd83880f39857bbfd79bb314ecdb2ec6a10eec965aa3ad6f79d8d6b6f66d555f58238f8591e18acd636915c15cebb635d3047fe8c192cb64c91958a6275a83822c72dffbd0797da16b9dd2b7dea5058cc3a4ee668912a012729a55e0c1354c380d2345e1c5fd81f8ce9dff8e5a7f72f9d51005369d6fa7d91aa06f5ff73fc8664a7d3ec752fadacc36dcabbf19508d6f07d850f7e572bca9fcb0b3d324d416d106d6289b7c6720a138a04e0d1204090de237d15ad73618b11614a5ce6b65d28e5774a785b2a631fb49fc61c357bdcfdfafc602fbed8c98751092a7bc446c89ef0e9aec71537e50dee1e169d137df58edee3102cf8f303baea3ccec09720de07c299bb99326a0c6235a14feeb4841db667ba51420af9491ae9b0388442d29b3f095fdeb6acd1b3f51dc0f153becd9098da85ce9c4a8c6c8f7b79eab79f3a5b16ad1b3717e8d39d9b0d7e011229e34d8ef95f72ef352c1c714f66e0a6f531bc2ae1e3c0f3c9b6e4530ab09bd930808e509534149b55e9f2c384e92d1b5691c846c527e8ec444f764bb27c0d6b9f12f86ea00707bd4d3b4a309640c9c5cff9be6cde04982d44b31e2002c2d8218e1d01e3da83e44bd688beda08cbd8956abb86c3e1915a3fd6e9f45eef6b32398d73d04b4f0f5db591371a7d321725e029a9fb0e914b8ff16d2fb6a150bc62223a7b8f5a15eaff6d6f055eb82a605f565e21ef26f0581993c29eaf74b0b5c304de9ca772ddbb6acf90ab2eaa92f8d48187e4de21a7a8d80f8d67e55f271160e1c65b1042d46c9e44b825b02c219a802a8dd825e84c343b7155cd8814dc72061571b13e3121b2522e679d23de0b657a1de9fbd2ca6732df65888ce719eb0a972e73a81e263bcfac269d048cdbf1971c0a3f05d683d2ce2d6dba6d96c9f9154542e911f525770d2675057105c2dc470670e0484a1b36ce06c4c4e41561ea736c46b01f518aa72deb00be6fb5464aa720e534e2e181b60fe200abafa84bc3e8c4be3d62eb2314e2e5c316d0668609f66132ac8af935f323fbd3e43ee3ddeafcd31775317feb8b175a0d4998f9566c5cf9956f7ce8a0c87874b633e11072432f4031769eb2ce4a6e6dc607242ac1d6fb12a9ba3bc48cea2734c6f9f3cae24959150afd63e1d91d07d797e857ee3769518c25278ffa002b8334b47b9e329e4b383893a8826604cb5c60346558887251ab339d364fb901cbdd4b84997400587f5a532ea106b23985b874ea5fd1a6d1ca248fda000fe72886198659f750faaa9ce2ebdad7d09eb109a16a77fa27fd1142e3cce57c4428a341ae240e48a30c1341dd5a30542ed7447aa9bd3bf0e15665c7ca1a62786c49336e6820b5b7a2c2c0f6e5815166c33277b6caab37ea9d722c34f1031a5006a9b14afcce2a128c1c180217610144a5f99a3cfae0490e2f6f791eb4c1a210339e5ef024449fc167b9fb19457d88b37160c324acc44b3ff2bb183e1bc5abedfc619460a4ad44affb83192d08349f1d8b86149c48dcc5fd1471fcfa6f3a3eb4f8727324acf945c69ef83ff3cc73c7a0b7ea10eb2bf1a3b9da565dffab8e97b597a9565ce5f023d215cd392714b01139ddc296bc36acdb2fc71f935154dbdb12802759e25ec701514530cee22b0556351151bb95245d3e7fa77d1c451c0d79b3fdb9eae54413bf45833bda8449f93e97ba764a5593dd8cac6c811778bbfb442b27f83e775a0e46c8d8fa41705ef98e0a969284021b8ebeb9447eb45813efc1563c470545e33866a580676b427a34ed2c452b20be7172d49b184ff860098842498fc0306843bfa52d24905aed8bfa71c162be458bdb24030e76ae03a33a2ab26a94f216d207ad6ffae83d7f0102da030dd91f75764567c41515818c108e3ae12916c07a37981bc104e1f25cf8cd86af7033e4fd8a7eb943debff5659bed61e3448958b28860e22485c94c998c3fdd05356866f3c4caabf747fcd7a33439be6b4dfe6aacbef0fca6cffaaa69ec665fd93ff3594561b9f5af583f7c9a1f6f502de52f127d3fc9d8d9dcb146c9547db0b5fb1902854746797918cdf58d86b8e72f8d50bc4227a0187600acc40172cbea9d4bde617ef6eb446e176faac566ff38f99df1be189d8875850fb3ee1a9643eec791f4ed50a7b05b338da392a94e0f60b03254e86ccee37fbb78a82b90d6bb39dc7021d33bd9267fb086848a572407ed72de0b952dadac90dca6d136a5e9248b91759d0ca8e17e3f970d6c147271041d2a09b68a6a7245707a50312e84a4728f7f8723b1fd7417e12af1745a1110ba6f97e30e92d421cf1d7aab97ba0eaa18751454a54c7c5f4dab211741e28bb551eacb0197fdc698720e5bf3ca1604ac68d9dbf6d41306f59bb6fabb40f6a4d826a513d1b1677ef15bfebb4e517f6f669337f0e4cf3ffda8306d91b3330f4575e314664da56f5e6a376a4b8ee6061da136ca210c4fe77978d47c483e1f4015564ea6fc1d733743dcbeed96b3483d8df06b556e0befad543cfbc7f42d8dd03337a4bca1c54adfd295ba6fa0b6c97e17f3484df76ba89e3d00ab6f2c27fabfa34cd1ff6504695f4a95e86c488880c6fab61d96f709709098483b6a4a2025858eb8d8e5e2cdbca3518b1ae4e51774d757eca5f2497034d648dbe4190b92a02a8e8e2cb4d90e4753194034bc0f4f82ce479c0a2c31faa2541db046d22cf1599b5e48d5cae0a947bb1f840dbca50954c0e38d9054f8a4210d730cff36247175572793e64a03f2b74e4a9e105dbbdbad9cef715fd61647b5aff1fcab9edc7a44b61a5cc7777c7a3c82c85e8b55f25b00cc9b8552e84aceb3983329162fb14866893b5760a2172077fca569757a4b42e8882c7cb527e6f077b899fcd16e46d630e25dfd40983a9e1d6cec1d15d4a3a6745724b0e759b8bac7cf26190e34886eac5604cfdb77db4727eac6dd18226fd8ebfb326f366f4a4365e75636da5684b733462cf9ef1734e9c8892e20bdc179fe0e3f1cd2a6", &(0x7f0000001140)=""/4096}, 0x18) poll(&(0x7f0000000040)=[{r2}], 0x2000000000000006, 0x0) ioctl$BLKBSZGET(r4, 0x80081270, &(0x7f0000002340)) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40106614, &(0x7f0000002200)={0x0, @speck128}) [ 1689.949990] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1689.957265] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1689.964539] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1689.971826] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1689.979103] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1690.045148] gfs2: not a GFS2 filesystem 22:17:01 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x9, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:01 executing program 4: r0 = socket$inet(0x2b, 0x80000001200001, 0x2) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x84000, 0x0) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000480)={r1, 0x10, &(0x7f0000000440)={&(0x7f0000000240)=""/87, 0x57, 0xffffffffffffffff}}, 0x10) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0x10, &(0x7f00000002c0)={&(0x7f00000003c0)=""/83, 0x53, r2}}, 0x10) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000380)={r1, 0x10, &(0x7f0000000340)={&(0x7f0000000200)=""/5, 0x5, r3}}, 0x10) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd65) r4 = syz_open_dev$dmmidi(&(0x7f0000000140)='/dev/dmmidi#\x00', 0x3, 0x440003) renameat2(r4, &(0x7f0000000080)='./file0\x00', r4, &(0x7f0000000100)='./file0\x00', 0x4) ioctl$TIOCLINUX3(r4, 0x541c, &(0x7f0000000180)) write$P9_RRENAMEAT(r4, &(0x7f00000000c0)={0x7, 0x4b, 0x2}, 0x7) poll(&(0x7f00000001c0)=[{r0, 0x8}, {r0, 0x4000}, {r0, 0x1}], 0x3, 0x3f) 22:17:01 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x3904000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1690.177013] gfs2: not a GFS2 filesystem 22:17:01 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="02f6f7cba4fb4ffd7d0000") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f0000000100)={'filter\x00', 0x7, 0x4, 0x478, 0x140, 0x0, 0x140, 0x390, 0x390, 0x390, 0x4, &(0x7f0000000080), {[{{@uncond, 0xf0, 0x140}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xf}, @empty, @local, @multicast2, 0xf, 0xffffffff}}}, {{@arp={@local, @loopback, 0xff000000, 0xff, @mac, {[0xff, 0x0, 0xff, 0xff, 0xff, 0xff]}, @empty, {[0xff, 0xff, 0xff, 0x0, 0x0, 0xff]}, 0xff, 0x7, 0x6, 0x3, 0x800, 0x8001, 'bpq0\x00', 'ip_vti0\x00', {0xff}, {0xff}, 0x0, 0x10}, 0xf0, 0x138}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x1, 0x2, 0x7}}}, {{@uncond, 0xf0, 0x118}, @unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0x3}}}], {{[], 0xc0, 0xe8}, {0x28}}}}, 0x4c8) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:17:01 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1690.260031] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1690.282162] CPU: 1 PID: 386 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1690.289248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1690.298882] Call Trace: [ 1690.301503] dump_stack+0x172/0x1f0 [ 1690.305171] handle_userfault.cold+0x41/0x5d [ 1690.309613] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1690.314230] ? __handle_mm_fault+0x36b7/0x3f20 [ 1690.318838] ? find_held_lock+0x35/0x130 [ 1690.322934] ? __handle_mm_fault+0x36b7/0x3f20 [ 1690.327566] ? kasan_check_read+0x11/0x20 [ 1690.331741] ? lock_downgrade+0x810/0x810 [ 1690.335920] ? kasan_check_read+0x11/0x20 [ 1690.340103] ? do_raw_spin_unlock+0x57/0x270 [ 1690.344531] __handle_mm_fault+0x36c8/0x3f20 [ 1690.348959] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1690.353813] ? find_held_lock+0x35/0x130 [ 1690.357917] ? handle_mm_fault+0x322/0xb30 [ 1690.362183] ? kasan_check_read+0x11/0x20 [ 1690.366349] handle_mm_fault+0x43f/0xb30 [ 1690.370432] __do_page_fault+0x5da/0xd60 [ 1690.374600] do_page_fault+0x71/0x581 [ 1690.378435] ? page_fault+0x8/0x30 [ 1690.382008] page_fault+0x1e/0x30 [ 1690.385827] RIP: 0033:0x451880 [ 1690.389030] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1690.408647] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1690.414018] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1690.421383] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 22:17:01 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='oom_adj\x00') writev(r0, &(0x7f0000000140)=[{&(0x7f0000000180)='1', 0x1}], 0x1) 22:17:01 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) fsetxattr$trusted_overlay_nlink(r0, &(0x7f0000000280)='trusted.overlay.nlink\x00', &(0x7f00000002c0)={'L+', 0x5}, 0x28, 0x1) r1 = accept4$unix(0xffffffffffffff9c, &(0x7f0000000100), &(0x7f0000000180)=0x6e, 0x80800) ioctl$int_in(r1, 0x5455, &(0x7f0000000000)=0xfffffffffffffd63) ioctl$VIDIOC_G_EXT_CTRLS(r0, 0xc0205647, &(0x7f0000000240)={0x0, 0x1, 0x2, [], &(0x7f0000000200)={0x9b0960, 0x2, [], @p_u16=&(0x7f00000001c0)}}) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) bind$unix(r1, &(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x100, 0x0) ioctl$EVIOCSKEYCODE(r2, 0x40084504, &(0x7f00000000c0)=[0x3, 0x4]) [ 1690.428675] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1690.435951] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1690.443232] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:17:01 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) [ 1690.481034] gfs2: not a GFS2 filesystem [ 1690.500475] syz-executor.2 (407): /proc/403/oom_adj is deprecated, please use /proc/403/oom_score_adj instead. 22:17:01 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) read(r0, &(0x7f0000000100)=""/4, 0x4) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_emit_ethernet(0x207843, &(0x7f0000000000)={@local, @empty, [], {@ipv6={0x86dd, {0x0, 0x6, "b40900", 0x300002, 0x0, 0x0, @ipv4={[], [], @multicast2}, @mcast2={0x3e}, {[], @icmpv6=@time_exceed={0xffffff83, 0x0, 0x0, 0x0, [0x9, 0x4], {0x0, 0x6, "b680fa", 0x0, 0x0, 0x0, @ipv4={[], [], @broadcast}, @ipv4={[], [], @remote={0xac, 0x14, 0xffffffffffffffff}}}}}}}}}, 0x0) 22:17:01 executing program 4: r0 = socket$inet(0x2b, 0x8007fffffffffe, 0x100001fffffffe) lsetxattr$trusted_overlay_redirect(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='trusted.overlay.redirect\x00', &(0x7f0000000100)='./file0\x00', 0x8, 0x2) r1 = syz_open_dev$admmidi(&(0x7f0000000140)='/dev/admmidi#\x00', 0x8, 0xa000) ioctl$int_in(r0, 0x5452, &(0x7f0000000080)=0xfffffffffffffd63) poll(&(0x7f0000000000)=[{r0, 0x4241}, {r0, 0x20}], 0x2, 0x0) ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000180)={0x3800000, "b471044c47e5f8f1ebbaf92a97b22d04b9cc48e322ba4b66135b5370eb1de05b", 0x3, 0x1}) 22:17:01 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x48, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:01 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x3a04000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1690.653893] gfs2: not a GFS2 filesystem 22:17:01 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:17:01 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) 22:17:01 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f00000000c0)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) [ 1690.765724] audit: type=1400 audit(1549923421.662:110): avc: denied { map } for pid=421 comm="sh" path="/bin/dash" dev="sda1" ino=1473 scontext=system_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 [ 1690.794675] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1690.801328] CPU: 0 PID: 424 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1690.808383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1690.817773] Call Trace: [ 1690.820384] dump_stack+0x172/0x1f0 [ 1690.824027] handle_userfault.cold+0x41/0x5d [ 1690.828473] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1690.833152] ? __handle_mm_fault+0x36b7/0x3f20 [ 1690.837749] ? find_held_lock+0x35/0x130 [ 1690.841825] ? __handle_mm_fault+0x36b7/0x3f20 [ 1690.846422] ? kasan_check_read+0x11/0x20 [ 1690.850588] ? lock_downgrade+0x810/0x810 [ 1690.854770] ? kasan_check_read+0x11/0x20 [ 1690.858932] ? do_raw_spin_unlock+0x57/0x270 [ 1690.863359] __handle_mm_fault+0x36c8/0x3f20 [ 1690.867788] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1690.872660] ? find_held_lock+0x35/0x130 [ 1690.876742] ? handle_mm_fault+0x322/0xb30 [ 1690.881005] ? kasan_check_read+0x11/0x20 [ 1690.885168] handle_mm_fault+0x43f/0xb30 [ 1690.889273] __do_page_fault+0x5da/0xd60 [ 1690.893357] do_page_fault+0x71/0x581 [ 1690.897164] ? page_fault+0x8/0x30 [ 1690.900722] page_fault+0x1e/0x30 [ 1690.904635] RIP: 0033:0x451880 [ 1690.907833] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1690.926743] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1690.927509] protocol 88fb is buggy, dev hsr_slave_0 [ 1690.932131] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1690.932141] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1690.932150] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 22:17:01 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x4c, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:01 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) r1 = syz_open_dev$cec(&(0x7f0000000080)='/dev/cec#\x00', 0x1, 0x2) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f00000000c0)={0x0, @in6={{0xa, 0x4e22, 0xffff, @dev={0xfe, 0x80, [], 0x28}, 0x3}}}, &(0x7f00000002c0)=0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000240)={r2, 0x80, &(0x7f00000001c0)=[@in6={0xa, 0x4e20, 0x81, @empty, 0x2}, @in6={0xa, 0x4e22, 0x8, @empty, 0x9}, @in={0x2, 0x4e24, @multicast2}, @in6={0xa, 0x4e23, 0x1, @mcast1, 0x8001}, @in6={0xa, 0x4e24, 0x200, @loopback, 0x5}]}, &(0x7f0000000280)=0x10) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) ioctl$LOOP_SET_BLOCK_SIZE(r1, 0x4c09, 0x8) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) [ 1690.932159] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1690.932168] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1690.974486] protocol 88fb is buggy, dev hsr_slave_1 22:17:01 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$f2fs(&(0x7f00000000c0)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x2a0, 0x0, 0x0, 0x0, 0x0) 22:17:02 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x9bb, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) [ 1691.062627] gfs2: not a GFS2 filesystem [ 1691.142115] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1691.146761] CPU: 0 PID: 445 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1691.153788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1691.163152] Call Trace: [ 1691.165757] dump_stack+0x172/0x1f0 [ 1691.169678] handle_userfault.cold+0x41/0x5d [ 1691.174121] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1691.178723] ? __handle_mm_fault+0x36b7/0x3f20 [ 1691.183320] ? find_held_lock+0x35/0x130 [ 1691.187397] ? __handle_mm_fault+0x36b7/0x3f20 [ 1691.192005] ? kasan_check_read+0x11/0x20 [ 1691.196170] ? lock_downgrade+0x810/0x810 [ 1691.200333] ? kasan_check_read+0x11/0x20 [ 1691.204546] ? do_raw_spin_unlock+0x57/0x270 [ 1691.208979] __handle_mm_fault+0x36c8/0x3f20 [ 1691.213406] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1691.218256] ? find_held_lock+0x35/0x130 [ 1691.222350] ? handle_mm_fault+0x322/0xb30 [ 1691.226629] ? kasan_check_read+0x11/0x20 [ 1691.231229] handle_mm_fault+0x43f/0xb30 [ 1691.235305] __do_page_fault+0x5da/0xd60 [ 1691.239387] do_page_fault+0x71/0x581 [ 1691.243202] ? page_fault+0x8/0x30 [ 1691.246751] page_fault+0x1e/0x30 [ 1691.250212] RIP: 0033:0x451880 [ 1691.253407] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1691.272317] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1691.277864] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1691.285139] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1691.292416] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1691.299694] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1691.306975] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:17:02 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x3b04000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1691.358220] gfs2: not a GFS2 filesystem 22:17:02 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x0, 0x0) getsockopt$netrom_NETROM_T4(r1, 0x103, 0x6, &(0x7f0000000080)=0xc208, &(0x7f00000000c0)=0x4) ioctl$int_in(r0, 0x5452, &(0x7f0000000140)=0xf9) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:17:02 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x60, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:02 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) r2 = syz_open_dev$usbmon(&(0x7f0000000240)='/dev/usbmon#\x00', 0xd4, 0x101000) setsockopt$CAIFSO_LINK_SELECT(r2, 0x116, 0x7f, &(0x7f0000000280)=0x6, 0x4) getsockopt$IPT_SO_GET_INFO(r1, 0x0, 0x40, &(0x7f0000000080)={'filter\x00'}, &(0x7f0000000140)=0x54) 22:17:02 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1691.459717] F2FS-fs (loop2): Unable to read 1th superblock [ 1691.492153] F2FS-fs (loop2): Unable to read 2th superblock [ 1691.497486] gfs2: not a GFS2 filesystem [ 1691.500987] F2FS-fs (loop2): Unable to read 1th superblock 22:17:02 executing program 4: r0 = accept4(0xffffffffffffffff, 0x0, &(0x7f0000000180), 0x80000) writev(r0, &(0x7f00000001c0), 0x0) r1 = socket$inet(0x2b, 0x3, 0x0) r2 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000100)='/proc/capi/capi20ncci\x00', 0x200, 0x0) connect$inet6(r2, &(0x7f0000000140)={0xa, 0x4e22, 0x9, @remote, 0x45aa0749}, 0x1c) openat$dlm_monitor(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-monitor\x00', 0x800c0, 0x0) setsockopt$l2tp_PPPOL2TP_SO_RECVSEQ(r0, 0x111, 0x2, 0x1, 0x4) openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x140, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:17:02 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) r2 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/hash_stats\x00', 0x0, 0x0) ioctl$NBD_DISCONNECT(r2, 0xab08) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) [ 1691.523687] F2FS-fs (loop2): Unable to read 2th superblock 22:17:02 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x68, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1691.659276] gfs2: not a GFS2 filesystem 22:17:02 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x8000, 0x0) r2 = syz_open_dev$vcsa(&(0x7f00000000c0)='/dev/vcsa#\x00', 0x100, 0x1) syz_mount_image$vfat(&(0x7f00000001c0)='vfat\x00', &(0x7f0000000200)='./file0\x00', 0x401, 0x0, &(0x7f0000000240), 0x2000080, &(0x7f0000000280)={[{@nonumtail='nnonumtail=1'}, {@fat=@nfs='nfs'}, {@shortname_winnt='shortname=winnt'}, {@utf8no='utf8=0'}, {@shortname_win95='shortname=win95'}, {@utf8no='utf8=0'}, {@numtail='nonumtail=0'}], [{@appraise_type='appraise_type=imasig'}]}) write$selinux_attr(r1, &(0x7f0000000140)='system_u:object_r:v4l_device_t:s0\x00', 0xffffffffffffffaf) r3 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r3, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f0000000180)=0x1, 0x4) poll(&(0x7f0000000040)=[{r3}], 0x2000000000000006, 0x0) 22:17:02 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) getcwd(&(0x7f0000000080)=""/6, 0x6) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) [ 1691.761934] F2FS-fs (loop2): Unable to read 1th superblock [ 1691.812630] F2FS-fs (loop2): Unable to read 2th superblock [ 1691.821677] FAT-fs (loop0): Unrecognized mount option "nnonumtail=1" or missing value [ 1691.841918] F2FS-fs (loop2): Unable to read 1th superblock [ 1691.854715] F2FS-fs (loop2): Unable to read 2th superblock 22:17:02 executing program 2: r0 = socket(0x2000000000000021, 0x2, 0x2) sendmmsg(r0, &(0x7f0000000080)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[{0x10, 0x110, 0xd}], 0x10}}], 0x1, 0x0) 22:17:02 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x6c, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:02 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x3c04000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:02 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:17:02 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) r1 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) io_setup(0x4, &(0x7f0000000000)=0x0) io_submit(r2, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0x377140be6b5ef4c7}]) lseek(r1, 0x0, 0x2000000003) creat(&(0x7f0000000040)='./bus\x00', 0x0) r3 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x141000, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x1, &(0x7f00000000c0)={0xffffffffffffffff}, 0x13f, 0xb}}, 0x20) write$RDMA_USER_CM_CMD_REJECT(r3, &(0x7f0000000140)={0x9, 0x108, 0xfa00, {r4, 0xd6, "b13b93", "b39cd4d54a354c70c3f48441bfe9e6bb83fe8d1872bcd5d9a5735d65fe63db55c524cc58ca7eed9ddb80d59f8d4bd42a3a6a0f7f6602ae7eb5d7e7a235dc210ed11fc5825e0b090377df942db89ad4989d8e56c5822a133fad15980588c91b49d1027a2c00e3eb26d9130ac1c178bfc66e548808e986a71ddae72a67036aba07d1cd945bab586e74b1169e6ba591332fdc52370b6a8752dcea37160a0f8b45eb0fba63e0f397eb545074436f7e630885eacfaeea9d93da40492183328a7e8bf03749f11ac5508b87797369d58f1b76d32d29ba4d559e6dffbbf6e80185db3322cfbac59da24935ab6aebd78ac1f120811e7a2506f813fe17ce8cbf479afe279b"}}, 0x110) 22:17:02 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) r2 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_SUBDEV_S_CROP(r2, 0xc038563c, &(0x7f00000000c0)={0x1, 0x0, {0x5, 0x2, 0x80000000, 0x5d5}}) 22:17:03 executing program 4: r0 = socket$inet(0x2b, 0x80000000000003, 0x1) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) 22:17:03 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x74, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:03 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xe, 0x10000000004, 0x4, 0x4}, 0x2c) write$apparmor_current(r2, &(0x7f00000001c0)=ANY=[@ANYBLOB="630000000065686174203078303030303030303030303030303030315e2f6460d82f7666696f2f7666696f002f6465762f7666696f2f7666696f002f6465762f7666696f2f7666696f00"], 0x4a) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)={r2, &(0x7f0000000140), &(0x7f00000001c0), 0x8c03}, 0x20) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) openat$vfio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vfio/vfio\x00', 0x80000, 0x0) [ 1692.119053] gfs2: not a GFS2 filesystem 22:17:03 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x287, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x119000}) ioctl$KVM_NMI(r2, 0xae9a) accept$inet6(0xffffffffffffff9c, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:17:03 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x40, 0x0) ioctl$EVIOCGABS0(r1, 0x80184540, &(0x7f00000000c0)=""/152) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:17:03 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x3d04000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1692.271662] gfs2: not a GFS2 filesystem 22:17:03 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x7a, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1692.324391] QAT: Invalid ioctl [ 1692.335663] QAT: Invalid ioctl 22:17:03 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VIDIOC_SUBDEV_S_SELECTION(r2, 0xc040563e, &(0x7f00000000c0)={0x0, 0x0, 0x3, 0x1, {0x0, 0x1, 0x7, 0x9}}) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) close(r3) read(r2, &(0x7f0000000180)=""/78, 0x4e) write$P9_RFLUSH(r2, &(0x7f0000000140)={0x7, 0x6d, 0x1}, 0x7) 22:17:03 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:17:03 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f00000000c0)=@assoc_value, &(0x7f0000000100)=0x8) r1 = syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0x80000001, 0x101800) ioctl$SIOCX25GDTEFACILITIES(r1, 0x89ea, &(0x7f0000000240)) ioctl$int_in(r1, 0x5454, &(0x7f0000000000)=0xfffffffffffffd63) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000002c0)={&(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x400000000000015c, 0x4, 0x4}) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000280)={0x0, r1, 0x6, 0x3}, 0x14) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:17:03 executing program 2: msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) 22:17:03 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x3e04000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1692.528337] gfs2: not a GFS2 filesystem 22:17:03 executing program 4: r0 = socket$inet(0x2b, 0x803, 0x7) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000007c0)=@filter={'filter\x00', 0xe, 0x4, 0x6d8, [0x0, 0x200000c0, 0x200000f0, 0x20000580], 0x0, &(0x7f0000000080), &(0x7f00000000c0)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0x0, 0x2, [{{{0x9, 0x4, 0xa01, 'bridge_slave_1\x00', 'yam0\x00', 'veth0_to_team\x00', 'rose0\x00', @dev={[], 0x1e}, [0xff, 0xff, 0xff, 0x0, 0xff], @empty, [0x0, 0x0, 0xff, 0x0, 0x0, 0xff], 0xb0, 0xb0, 0x128, [@time={'time\x00', 0x18, {{0x7, 0x22f, 0xed2f, 0xa4ed, 0x0, 0x1, 0x1}}}]}}, @common=@nflog={'nflog\x00', 0x50, {{0x0, 0xd40, 0xffffffffffffff2b, 0x0, 0x0, "1ca340c1791c5c5e72782cf5b7dd6e5951217f17fe09575812addd2e5bd7171efd4480bdd3e7bb7c40cb85c174c49ba352594709b560584aa56d0d40f0fe96a2"}}}}, {{{0x5, 0x44, 0x60ff, 'rose0\x00', 'syzkaller1\x00', 'vxcan1\x00', 'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xf}, [0x0, 0x0, 0x0, 0x0, 0xff], @broadcast, [0xff, 0xff, 0x0, 0x0, 0xff, 0xff], 0x2d8, 0x308, 0x338, [@bpf0={'bpf\x00', 0x210, {{0x36, [{0x7, 0x1, 0x0, 0xffffffff}, {0x2, 0x3, 0x3ff, 0x2}, {0x5, 0x7ff, 0x1, 0x2f42}, {0x5, 0x2ec, 0x7ff, 0x19eb}, {0x0, 0xffff, 0x2a, 0x7}, {0x1, 0x885, 0x0, 0xffffffff}, {0x8, 0x6, 0x9, 0x1}, {0x37b4, 0x10001, 0x2, 0x3}, {0x101, 0x8000, 0x3, 0x8001}, {0x7, 0x6, 0x40, 0x5}, {0x3, 0x8, 0x70, 0xddc}, {0x5ae, 0x5, 0x400, 0x100000001}, {0x5, 0x1f, 0x7, 0x5}, {0x8, 0x5, 0x7fff, 0x3}, {0x8001, 0x3ff, 0x6, 0xad}, {0x3, 0x2, 0x2, 0xfffffffffffffffb}, {0x3, 0x7fff, 0x8001, 0xf6fd}, {0xeb8b, 0x2, 0xfffffffffffffffc, 0x6}, {0x1000, 0x200, 0xb9a0, 0xb2}, {0x1, 0x800, 0x10000, 0x9}, {0xfffffffffffffff7, 0x1, 0xfffffffffffffffa, 0x7}, {0x5, 0xe61, 0x2d, 0x1}, {0x2, 0x8, 0x0, 0x3}, {0x8, 0x3, 0xddf, 0x2}, {0x8, 0x3, 0x26ddc665, 0x1c00000000000}, {0x2, 0x2, 0x4, 0x61}, {0x8a, 0x5b4d4d77, 0x3, 0x5}, {0x10001, 0x9, 0x0, 0x5}, {0xffffffff, 0x6, 0x6b70, 0x4}, {0x5456f7c5, 0xbe, 0x8, 0xfff}, {0x2, 0x3, 0x7, 0xffffffff}, {0x2, 0x0, 0x1000, 0xffff}, {0x8000, 0xffffffffffff0000, 0x0, 0x1}, {0x800, 0x1, 0x3, 0x1}, {0x9, 0x100, 0x1, 0x80000001}, {0xb2, 0x5, 0x7, 0x401}, {0x1, 0x7, 0x8, 0x3}, {0x9, 0x10001, 0x4, 0x400}, {0x1f, 0x1, 0x7, 0x7}, {0x1, 0x6, 0x0, 0x81}, {0x0, 0x79df, 0x2, 0x1}, {0x10001, 0xfd3, 0xffffffffffff0000, 0x6}, {0x3, 0x7, 0x9, 0x40}, {0x5, 0x8, 0x1000, 0x2}, {0x81, 0x5, 0x7, 0x9}, {0x7f, 0x9, 0x1, 0x80000001}, {0xde, 0xc8a, 0x76, 0x5}, {0x4, 0x7, 0x4, 0xf39}, {0x4, 0x8, 0x1, 0x2}, {0x69, 0xffff, 0x401, 0x8000}, {0x2, 0xffffffffffffff1e, 0x6, 0x3}, {0xe8, 0x5, 0x683, 0x10001}, {0x80000001, 0x8, 0x6, 0x400}, {0x5d, 0x7, 0x1, 0x6}, {0x10001, 0x4, 0x9380, 0x5}, {0x40, 0xffffffff, 0x6, 0x4}, {0x2, 0x8, 0x1ff, 0x7fffffff}, {0x9, 0xdc6, 0x80000001, 0x8}, {0x8, 0x1000, 0x8001, 0x7fffffff}, {0x2, 0x6, 0x401, 0x2}, {0x3, 0x7, 0x5, 0x6}, {0x8000, 0x56, 0x8, 0x7}, {0x1863, 0x2, 0x5, 0x400}, {0x9, 0x800, 0x800000000, 0xc52}]}}}, @cpu={'cpu\x00', 0x8, {{0x9}}}]}, [@common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x1}}}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x2, [{{{0xb, 0x8, 0xf9, 'irlan0\x00', 'dummy0\x00', 'tunl0\x00', 'rose0\x00', @random="23da24d60ca2", [0x0, 0xff, 0xff, 0xff, 0xff, 0xff], @local, [0x0, 0xff, 0x0, 0xff, 0x0, 0xff], 0xd0, 0xd0, 0x100, [@arp={'arp\x00', 0x38, {{0x3, 0x88f5, 0xc, @initdev={0xac, 0x1e, 0x1, 0x0}, 0xffffffff, @initdev={0xac, 0x1e, 0x0, 0x0}, 0xff, @random="20391f147cde", [0xff, 0x0, 0xff, 0xff], @remote, [0x0, 0xff, 0xff, 0xff], 0x28, 0x40}}}]}}, @common=@CLASSIFY={'CLASSIFY\x00', 0x8, {{0x4c8ea9a2}}}}, {{{0x9, 0x1, 0x6001, 'ip6tnl0\x00', 'veth0_to_bridge\x00', 'veth0_to_team\x00', 'vxcan1\x00', @empty, [0xff, 0xff, 0xff, 0x0, 0xff, 0xff], @random="c144f167979f", [0xff, 0xff, 0xff, 0xff, 0xff], 0x70, 0x70, 0xb8}}, @common=@RATEEST={'RATEEST\x00', 0x20, {{'syz1\x00', 0x5, 0x51, 0x3}}}}]}, {0x0, '\x00', 0x4, 0xffffffffffffffff}]}, 0x750) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:17:03 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x300, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:03 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) [ 1692.629122] gfs2: not a GFS2 filesystem 22:17:03 executing program 2: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) setsockopt$sock_void(r0, 0x1, 0x24, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x31, &(0x7f0000000040)={0x84, @local, 0x0, 0x600, 'wrr\x00', 0x0, 0xfffffffffffff0b5}, 0x2c) fstatfs(r1, &(0x7f0000000080)=""/109) r2 = syz_open_dev$sndpcmp(&(0x7f0000000240)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffd, 0x400) setsockopt$TIPC_GROUP_LEAVE(r2, 0x10f, 0x88) r3 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x1, 0x2) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r3, 0xc1205531, &(0x7f0000000100)={0x6, 0x101, 0x9, 0x5, [], [], [], 0xffffffffffffffff, 0x62cedb27, 0xfffffffffffffff9, 0x5, "262ac51aa0fcacbec96cbc739d250071"}) 22:17:03 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:17:03 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket$inet(0x2b, 0x80000000000001, 0x0) r2 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vfio/vfio\x00', 0x24500, 0x0) bind$bt_rfcomm(r2, &(0x7f0000000240)={0x1f, {0x96, 0x5, 0x0, 0xe33e, 0x20, 0x8}, 0x5}, 0xa) r3 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-control\x00', 0x40, 0x0) r4 = gettid() lstat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_GET_CLIENT(r3, 0xc0286405, &(0x7f00000001c0)={0x3b000000000000, 0x4, r4, 0x0, r5, 0x0, 0x1, 0x401}) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:17:03 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x4e24, @loopback}, {0x2, 0x4e24, @loopback}, {0x2, 0x4e21, @local}, 0x10, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000080)='team_slave_1\x00', 0x9, 0x3809, 0x2a}) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:17:03 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x500, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:03 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x3f00000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1692.840419] gfs2: not a GFS2 filesystem 22:17:03 executing program 2: r0 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r0, 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_mount_image$btrfs(&(0x7f0000000140)='btrfs\x00', &(0x7f0000000900)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x404000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000100)='/dev/full\x00', 0x280000, 0x0) ioctl$KVM_SET_ONE_REG(r1, 0x4010aeac, &(0x7f00000002c0)={0x5}) setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f0000000040)={0x2, 'veth0_to_team\x00', 0x1}, 0x18) setxattr$system_posix_acl(0x0, &(0x7f0000000380)='system.posix_acl_default\x00', 0x0, 0x0, 0x0) 22:17:03 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x1, 0x0) [ 1692.895636] gfs2: not a GFS2 filesystem 22:17:03 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)) r1 = socket$inet(0x2b, 0x80000000000001, 0x0) r2 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25GSUBSCRIP(r2, 0x89e0, &(0x7f00000000c0)={'syz_tun\x00', 0x7fff, 0x98}) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) setsockopt$IP_VS_SO_SET_DEL(r0, 0x0, 0x484, &(0x7f0000000080)={0x5e, @loopback, 0x4e23, 0x4, 'lblc\x00', 0x4, 0x6d, 0x57}, 0x2c) fsetxattr$security_ima(r2, &(0x7f00000001c0)='security.ima\x00', &(0x7f0000000200)=@md5={0x1, "d8b6f2aa36c989f2cdf9f17ac3679afc"}, 0x11, 0x1) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) 22:17:03 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1692.959612] handle_userfault: 10 callbacks suppressed [ 1692.959620] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1692.986767] CPU: 1 PID: 597 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1692.993845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1693.003210] Call Trace: [ 1693.005824] dump_stack+0x172/0x1f0 [ 1693.009476] handle_userfault.cold+0x41/0x5d [ 1693.013948] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1693.018568] ? __handle_mm_fault+0x36b7/0x3f20 [ 1693.023176] ? find_held_lock+0x35/0x130 [ 1693.027263] ? __handle_mm_fault+0x36b7/0x3f20 [ 1693.028548] IPVS: set_ctl: invalid protocol: 94 127.0.0.1:20003 [ 1693.031860] ? kasan_check_read+0x11/0x20 [ 1693.031882] ? lock_downgrade+0x810/0x810 [ 1693.031902] ? kasan_check_read+0x11/0x20 [ 1693.031915] ? do_raw_spin_unlock+0x57/0x270 [ 1693.031938] __handle_mm_fault+0x36c8/0x3f20 22:17:03 executing program 0: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x8080, 0x0) getsockname$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, 0x0}, &(0x7f0000000100)=0x14) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000140)={r1, 0x0, 0x5, 0x3, 0x377, 0x5, 0x100000001}) r2 = socket(0x15, 0x80005, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000001c0)='TIPC\x00') sendmsg$TIPC_CMD_GET_MAX_PORTS(r2, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x11}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r4, 0x1, 0x70bd2a, 0x25dfdbfd, {}, ["", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x810) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") mmap(&(0x7f0000000000/0xc72000)=nil, 0xc72000, 0xfffffffffffffffc, 0x32, 0xffffffffffffffff, 0x0) r5 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt(r5, 0x65, 0x10000000006, &(0x7f0000000040)="f0000003", 0x4) getsockopt(r2, 0x200000000114, 0x2715, 0xffffffffffffffff, &(0x7f0000000000)=0x2a5) [ 1693.041499] IPVS: set_ctl: invalid protocol: 94 127.0.0.1:20003 [ 1693.042323] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1693.042340] ? find_held_lock+0x35/0x130 [ 1693.042356] ? handle_mm_fault+0x322/0xb30 [ 1693.042382] ? kasan_check_read+0x11/0x20 [ 1693.065520] handle_mm_fault+0x43f/0xb30 [ 1693.065546] __do_page_fault+0x5da/0xd60 [ 1693.065573] do_page_fault+0x71/0x581 [ 1693.065590] ? page_fault+0x8/0x30 [ 1693.078729] page_fault+0x1e/0x30 [ 1693.078743] RIP: 0033:0x451880 [ 1693.078758] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1693.078776] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1693.129243] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1693.136528] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1693.143812] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1693.151089] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 22:17:04 executing program 4: ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) pipe(&(0x7f0000000140)) r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-control\x00', 0x242101, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f00000000c0)={0x1ff, 0x809, 0x66}) poll(&(0x7f0000000040)=[{}], 0x2000000000000006, 0x0) [ 1693.158388] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1693.174623] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth0_to_team, syncid = 1, id = 0 22:17:04 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x600, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1693.327294] FAULT_FLAG_ALLOW_RETRY missing 70 22:17:04 executing program 4: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000200)='/dev/rfkill\x00', 0x80000, 0x0) ioctl$DRM_IOCTL_GET_UNIQUE(r0, 0xc0106401, &(0x7f00000001c0)={0x51, &(0x7f00000000c0)=""/81}) r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000080)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) r2 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/enforce\x00', 0x40, 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r2, 0x114, 0xa, &(0x7f0000000180)=ANY=[@ANYBLOB="81845a"], 0x3) [ 1693.358415] gfs2: not a GFS2 filesystem [ 1693.368190] CPU: 1 PID: 626 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1693.375299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1693.384702] Call Trace: [ 1693.387369] dump_stack+0x172/0x1f0 [ 1693.391070] handle_userfault.cold+0x41/0x5d [ 1693.391574] overlayfs: missing 'lowerdir' [ 1693.395546] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1693.395575] ? __handle_mm_fault+0x36b7/0x3f20 [ 1693.395596] ? find_held_lock+0x35/0x130 [ 1693.395619] ? __handle_mm_fault+0x36b7/0x3f20 [ 1693.395645] ? kasan_check_read+0x11/0x20 [ 1693.395666] ? lock_downgrade+0x810/0x810 [ 1693.395683] ? kasan_check_read+0x11/0x20 [ 1693.395699] ? do_raw_spin_unlock+0x57/0x270 [ 1693.395714] __handle_mm_fault+0x36c8/0x3f20 [ 1693.395732] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1693.395752] ? find_held_lock+0x35/0x130 [ 1693.448817] ? handle_mm_fault+0x322/0xb30 [ 1693.453078] ? kasan_check_read+0x11/0x20 22:17:04 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x3f04000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:04 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000080)=0xfffffffffffffd64) poll(&(0x7f0000000040)=[{r0}], 0x200000cf, 0x0) [ 1693.457248] handle_mm_fault+0x43f/0xb30 [ 1693.461330] __do_page_fault+0x5da/0xd60 [ 1693.465436] do_page_fault+0x71/0x581 [ 1693.469259] ? page_fault+0x8/0x30 [ 1693.472824] page_fault+0x1e/0x30 [ 1693.472836] RIP: 0033:0x451880 [ 1693.472850] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1693.472858] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 22:17:04 executing program 0: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000480)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@afid={'afid'}}]}}) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) 22:17:04 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x700, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1693.472870] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1693.472879] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1693.472886] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1693.472900] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1693.479531] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:17:04 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) ioctl$PPPIOCGFLAGS1(0xffffffffffffffff, 0x8004745a, &(0x7f0000000340)) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740)) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f00000007c0)='./file0\x00', 0x0, 0x0) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000240)='TIPC\x00') sendmsg$TIPC_CMD_GET_BEARER_NAMES(r1, &(0x7f00000004c0)={&(0x7f0000000200), 0xc, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, r2, 0x400, 0x70bd2a, 0x25dfdbfc, {}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x8040) r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000380)={{{@in=@multicast1, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@ipv4={[], [], @multicast1}}}, &(0x7f0000000140)=0xe8) setuid(r4) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vga_arbiter\x00', 0x200, 0x0) mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff) ioctl$PIO_FONT(r1, 0x4b61, &(0x7f0000000240)) r5 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setgroups(0x0, &(0x7f0000000500)) getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2) ioctl$GIO_UNIMAP(r1, 0x4b66, &(0x7f0000000100)={0x8, &(0x7f0000000000)=[{}, {}, {}, {}, {}, {}, {}, {}]}) write$UHID_SET_REPORT_REPLY(r5, &(0x7f0000000800)=ANY=[@ANYBLOB], 0x1) ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f) syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0) getrlimit(0x0, 0x0) syz_open_dev$dri(&(0x7f0000000280)='/dev/dri/card#\x00', 0x1, 0x0) 22:17:04 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) r1 = socket$inet_udplite(0x2, 0x2, 0x88) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) syncfs(r1) 22:17:04 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1693.725040] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1693.747563] CPU: 0 PID: 649 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1693.754638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1693.764004] Call Trace: [ 1693.766616] dump_stack+0x172/0x1f0 [ 1693.770263] handle_userfault.cold+0x41/0x5d [ 1693.774710] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1693.779787] ? __handle_mm_fault+0x36b7/0x3f20 [ 1693.785002] ? find_held_lock+0x35/0x130 [ 1693.789082] ? __handle_mm_fault+0x36b7/0x3f20 [ 1693.793684] ? kasan_check_read+0x11/0x20 [ 1693.797856] ? lock_downgrade+0x810/0x810 [ 1693.802018] ? kasan_check_read+0x11/0x20 [ 1693.806178] ? do_raw_spin_unlock+0x57/0x270 [ 1693.810691] __handle_mm_fault+0x36c8/0x3f20 [ 1693.815639] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1693.820560] ? find_held_lock+0x35/0x130 [ 1693.824612] ? handle_mm_fault+0x322/0xb30 [ 1693.828847] ? kasan_check_read+0x11/0x20 [ 1693.833001] handle_mm_fault+0x43f/0xb30 [ 1693.837059] __do_page_fault+0x5da/0xd60 [ 1693.841118] do_page_fault+0x71/0x581 [ 1693.844917] ? page_fault+0x8/0x30 [ 1693.848445] page_fault+0x1e/0x30 [ 1693.851890] RIP: 0033:0x451880 [ 1693.855085] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1693.873995] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1693.879361] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1693.886623] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1693.893886] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1693.901157] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1693.908524] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:17:04 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x4000000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:04 executing program 4: r0 = syz_genetlink_get_family_id$tipc(&(0x7f0000000100)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, r0, 0x1, 0x70bd2b, 0x25dfdbff, {{}, 0x0, 0x4, 0x0, {0x8, 0x11, 0xff}}}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x4000000) r1 = socket$inet(0x2b, 0x80000000000001, 0x0) fcntl$getownex(r1, 0x10, &(0x7f0000000080)) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) r2 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000200)='/selinux/mls\x00', 0x0, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f0000000240)={&(0x7f0000ffc000/0x3000)=nil, 0x3000}, &(0x7f0000000280)=0x10) 22:17:04 executing program 2: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0xf6) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rtc0\x00', 0x0, 0x0) ioctl$sock_inet6_tcp_SIOCOUTQ(r1, 0x5411, 0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x200c2, 0x0) ioctl$DRM_IOCTL_GET_UNIQUE(r2, 0xc0106401, &(0x7f0000000000)={0x59, &(0x7f00000000c0)=""/89}) syz_genetlink_get_family_id$ipvs(&(0x7f0000000340)='IPVS\x00') write$binfmt_elf64(r2, &(0x7f0000000480)=ANY=[], 0x2e7) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) madvise(&(0x7f00005a7000/0x3000)=nil, 0x3000, 0xb) clone(0x0, 0x0, 0x0, 0x0, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x100, 0x0) sendfile(r2, r2, &(0x7f00000001c0), 0xa198) [ 1693.975389] gfs2: not a GFS2 filesystem 22:17:05 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x900, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:05 executing program 0: r0 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x1, 0x2) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0x98, r1, 0x320, 0x70bd26, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_SERVICE={0x20, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@empty}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e22}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1}, @IPVS_CMD_ATTR_SERVICE={0x1c, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x10000}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x6e}]}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, [@IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x4}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x7}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x4}]}]}, 0x98}}, 0x40) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00') sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x34, r3, 0x619, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x20, 0x3, [@IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'dummy0\x00'}]}]}, 0x34}}, 0x0) [ 1694.093247] gfs2: not a GFS2 filesystem 22:17:05 executing program 4: r0 = socket$inet(0x2b, 0xe, 0x4) r1 = pkey_alloc(0x0, 0x2) pkey_free(r1) ioctl$int_in(r0, 0x5473, &(0x7f0000000140)=0xfffffffffffffd63) ioctl$KDDELIO(r0, 0x4b35, 0x1) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x125682, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffff9c, 0xc0206434, &(0x7f0000000180)={0xffff, 0x0}) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f0000000200)={0x0, 0xffffffffffffff4f}, &(0x7f0000000240)=0x8) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000280)={0x5fa1, 0x8000, 0x8, 0x9, r4}, &(0x7f00000002c0)=0x10) ioctl$DRM_IOCTL_SG_FREE(r2, 0x40106439, &(0x7f00000001c0)={0x4, r3}) ppoll(&(0x7f0000000080)=[{r0, 0x80}, {r0, 0x4000}, {r0, 0x200}, {r0, 0x6000}, {r0, 0x8600}, {r0, 0x1009}, {r0, 0x1008}], 0x7, &(0x7f00000000c0)={0x77359400}, &(0x7f0000000100)={0x401}, 0x8) poll(&(0x7f0000000040)=[{r0, 0x1}], 0x200000000000024c, 0x0) 22:17:05 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:17:05 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x4004000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:05 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001680)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r3, &(0x7f0000498000)={0x0, 0x0, &(0x7f0000c8d000)={&(0x7f0000000000)=ANY=[@ANYBLOB="20000000010901000000000000000000000000000c00020004000100e0000002"], 0x20}}, 0x0) ioctl$sock_SIOCGPGRP(r3, 0x8904, &(0x7f0000000580)=0x0) r5 = geteuid() r6 = getgid() sendmsg$unix(r1, &(0x7f0000000640)={&(0x7f0000000040)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f00000004c0)=[{&(0x7f0000000140)="b2fbb5b6665c35c1b43baeb0bd264cca8931062c52a35a831622ae17d03f6bce2dadc24a35c51af99227cf6ee496e268344bcc7a3870e19085135cb24a8b3f6a296ec97402d55b1dd368df84f76f39e8963bfafee12d17604ce13daefaea5598ff", 0x61}, {&(0x7f00000001c0)="f531f524d33597b3289bccb0419d43d91e6465b5d05a17f105b8cd6f5d224c198c487fc6d1c43d8cb6e2c34a2bcfc13d1158c63fac94dd39f83c56529bf632fb7cc1976937021fad41b077045f7803e1", 0x50}, {&(0x7f00000000c0)="b2799e10af52c411e3ae860beec75d614bee8c15e558190d1eef6228db1b7751fd43def8806fb76596466d43577921eefe", 0x31}, {&(0x7f0000000240)="9eaa9dece9feaabb55ce2c2cd4aa72f7d8e8ff367b8358c7e25b484615b14f259e836a3cfd07aade2b7e43ec731c442da277e253ead710f4c1df3f68e6acf39cc0c98bcfdebca4473ea115c3bfbacf27750cdac23b3be6ba45ff0458eff277a04df7d5348d7b8b6b0528ed458488fd16ff7265ae8026f87301cfc42971aeb58b1bfc2d35de7d436ac6dc59cf697f81fa7bd65eee4997b202ebb7ee192d22d9f5f4275029ed92f79856ee0374c2e975", 0xaf}, {&(0x7f0000000300)="19c486e38421be354d47fa0779d4064cd8e08d111b11df1b1201dcb640aa4124f3687ef147e3ed45e27c66ebeaba987bbb660a63f607f2529b126ee4e8746c442391ee8379b43ee10e41ade0a120fd1d961730e6f36c9a25d49816ec89df7d6484923a07cd6f990cf3f4f9830a9653f1ffccf8fc2ef4b4f105", 0x79}, {&(0x7f0000000380)="fed51ebdbaf71d4a2f1609519ed3da3fa9d9be3ca136b90afd989b5dbb868552b7755e5706d7ab9630dea893c78cdc1682a15678afa72858e778799948bcb69acd93718d4736e6893141d1615eaef9c037add325bf2f37b22d25c5a529483f945dcc5c5b67fc628b3f8ea08cf75362914ef0de12b8c62394632c3a5b997f9e41", 0x80}, {&(0x7f0000000400)="8066ba525b5c6b9b2b4a20472bc8fa6107b2015ac2de8202ec4cae94db4427cff0a171df29f56c07111036d4124ef3d2ddf1a3aa1b35200252aa984cc103dbbf", 0x40}, {&(0x7f0000000440)="c42cb010933ad261e43221742a4f076dbdbd45b7c696a84dee41bdda193973e8b32618eee95cbd3ecf18", 0x2a}, {&(0x7f0000000480)="2edc89f1b20baf82eb3da56d9893bae91802e27b7f081dbb12535134f596e42e38", 0x21}], 0x9, &(0x7f00000005c0)=[@rights={0x30, 0x1, 0x1, [r1, r1, r1, r0, r0, r1, r0]}, @rights={0x18, 0x1, 0x1, [r3, r0]}, @cred={0x20, 0x1, 0x2, r4, r5, r6}], 0x68, 0x4}, 0x0) [ 1694.401168] gfs2: not a GFS2 filesystem [ 1694.447127] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1694.458715] CPU: 1 PID: 696 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1694.465791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1694.475157] Call Trace: [ 1694.477856] dump_stack+0x172/0x1f0 [ 1694.481529] handle_userfault.cold+0x41/0x5d [ 1694.485963] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1694.490562] ? __handle_mm_fault+0x36b7/0x3f20 [ 1694.495156] ? find_held_lock+0x35/0x130 [ 1694.499232] ? __handle_mm_fault+0x36b7/0x3f20 [ 1694.503835] ? kasan_check_read+0x11/0x20 [ 1694.508013] ? lock_downgrade+0x810/0x810 [ 1694.512201] ? kasan_check_read+0x11/0x20 [ 1694.516385] ? do_raw_spin_unlock+0x57/0x270 [ 1694.520819] __handle_mm_fault+0x36c8/0x3f20 [ 1694.525245] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1694.530187] ? find_held_lock+0x35/0x130 [ 1694.534262] ? handle_mm_fault+0x322/0xb30 [ 1694.538531] ? kasan_check_read+0x11/0x20 [ 1694.542702] handle_mm_fault+0x43f/0xb30 [ 1694.546778] __do_page_fault+0x5da/0xd60 [ 1694.550869] do_page_fault+0x71/0x581 [ 1694.554687] ? page_fault+0x8/0x30 [ 1694.558252] page_fault+0x1e/0x30 [ 1694.561730] RIP: 0033:0x451880 [ 1694.564942] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1694.583961] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1694.588083] netlink: 'syz-executor.0': attribute type 1 has an invalid length. 22:17:05 executing program 2: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0xf6) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rtc0\x00', 0x0, 0x0) ioctl$sock_inet6_tcp_SIOCOUTQ(r1, 0x5411, 0x0) r2 = open(&(0x7f0000000040)='./file0\x00', 0x200c2, 0x0) ioctl$DRM_IOCTL_GET_UNIQUE(r2, 0xc0106401, &(0x7f0000000000)={0x59, &(0x7f00000000c0)=""/89}) syz_genetlink_get_family_id$ipvs(&(0x7f0000000340)='IPVS\x00') write$binfmt_elf64(r2, &(0x7f0000000480)=ANY=[], 0x2e7) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) madvise(&(0x7f00005a7000/0x3000)=nil, 0x3000, 0xb) clone(0x0, 0x0, 0x0, 0x0, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x100, 0x0) sendfile(r2, r2, &(0x7f00000001c0), 0xa198) [ 1694.589500] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1694.589509] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1694.589521] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1694.619102] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1694.626379] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1694.655266] gfs2: not a GFS2 filesystem 22:17:05 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x4104000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:05 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1694.677658] netlink: 'syz-executor.0': attribute type 1 has an invalid length. 22:17:05 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001680)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r3, &(0x7f0000498000)={0x0, 0x0, &(0x7f0000c8d000)={&(0x7f0000000000)=ANY=[@ANYBLOB="20000000010901000000000000000000000000000c00020004000100e0000002"], 0x20}}, 0x0) ioctl$sock_SIOCGPGRP(r3, 0x8904, &(0x7f0000000580)=0x0) r5 = geteuid() r6 = getgid() sendmsg$unix(r1, &(0x7f0000000640)={&(0x7f0000000040)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f00000004c0)=[{&(0x7f0000000140)="b2fbb5b6665c35c1b43baeb0bd264cca8931062c52a35a831622ae17d03f6bce2dadc24a35c51af99227cf6ee496e268344bcc7a3870e19085135cb24a8b3f6a296ec97402d55b1dd368df84f76f39e8963bfafee12d17604ce13daefaea5598ff", 0x61}, {&(0x7f00000001c0)="f531f524d33597b3289bccb0419d43d91e6465b5d05a17f105b8cd6f5d224c198c487fc6d1c43d8cb6e2c34a2bcfc13d1158c63fac94dd39f83c56529bf632fb7cc1976937021fad41b077045f7803e1", 0x50}, {&(0x7f00000000c0)="b2799e10af52c411e3ae860beec75d614bee8c15e558190d1eef6228db1b7751fd43def8806fb76596466d43577921eefe", 0x31}, {&(0x7f0000000240)="9eaa9dece9feaabb55ce2c2cd4aa72f7d8e8ff367b8358c7e25b484615b14f259e836a3cfd07aade2b7e43ec731c442da277e253ead710f4c1df3f68e6acf39cc0c98bcfdebca4473ea115c3bfbacf27750cdac23b3be6ba45ff0458eff277a04df7d5348d7b8b6b0528ed458488fd16ff7265ae8026f87301cfc42971aeb58b1bfc2d35de7d436ac6dc59cf697f81fa7bd65eee4997b202ebb7ee192d22d9f5f4275029ed92f79856ee0374c2e975", 0xaf}, {&(0x7f0000000300)="19c486e38421be354d47fa0779d4064cd8e08d111b11df1b1201dcb640aa4124f3687ef147e3ed45e27c66ebeaba987bbb660a63f607f2529b126ee4e8746c442391ee8379b43ee10e41ade0a120fd1d961730e6f36c9a25d49816ec89df7d6484923a07cd6f990cf3f4f9830a9653f1ffccf8fc2ef4b4f105", 0x79}, {&(0x7f0000000380)="fed51ebdbaf71d4a2f1609519ed3da3fa9d9be3ca136b90afd989b5dbb868552b7755e5706d7ab9630dea893c78cdc1682a15678afa72858e778799948bcb69acd93718d4736e6893141d1615eaef9c037add325bf2f37b22d25c5a529483f945dcc5c5b67fc628b3f8ea08cf75362914ef0de12b8c62394632c3a5b997f9e41", 0x80}, {&(0x7f0000000400)="8066ba525b5c6b9b2b4a20472bc8fa6107b2015ac2de8202ec4cae94db4427cff0a171df29f56c07111036d4124ef3d2ddf1a3aa1b35200252aa984cc103dbbf", 0x40}, {&(0x7f0000000440)="c42cb010933ad261e43221742a4f076dbdbd45b7c696a84dee41bdda193973e8b32618eee95cbd3ecf18", 0x2a}, {&(0x7f0000000480)="2edc89f1b20baf82eb3da56d9893bae91802e27b7f081dbb12535134f596e42e38", 0x21}], 0x9, &(0x7f00000005c0)=[@rights={0x30, 0x1, 0x1, [r1, r1, r1, r0, r0, r1, r0]}, @rights={0x18, 0x1, 0x1, [r3, r0]}, @cred={0x20, 0x1, 0x2, r4, r5, r6}], 0x68, 0x4}, 0x0) 22:17:05 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x4204000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1694.854734] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 1694.871464] gfs2: not a GFS2 filesystem 22:17:05 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$inet6_tcp_int(r0, 0x6, 0x22, &(0x7f0000000040)=0xb, 0x4) ptrace$setopts(0x4206, r2, 0x0, 0x0) fcntl$setstatus(r1, 0x4, 0x42803) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0)='TIPC\x00') sendmsg$TIPC_CMD_GET_REMOTE_MNG(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10010000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r3, 0x0, 0x70bd2b, 0x25dfdbfc, {}, ["", "", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x94}, 0x400c000) [ 1694.942661] gfs2: not a GFS2 filesystem 22:17:05 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x2000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:05 executing program 2: r0 = socket$inet6(0xa, 0x2000000000000003, 0x10001) socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000340)={0x0, 0x0, 0x1, [0xff]}, &(0x7f0000000380)=0xa) setsockopt$inet_sctp6_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb01001800000000000000000000001800000004000000003d56452e831171bb87f0958dbcd616863502ba2f1e75bcdb6e9db661bc295367d6ab13a0259c179d43310ce8577e47ba993a786cdc31257f157564d605de1a2a535d9e9fe67903009ebb5c772a3bd55104e5bae9332a82849070db61154c9fd0850d33f99288c939c9fea57421e982d9190aa1ee385a5d5ee594513594482cb236944c06804600"], 0x0, 0xa0}, 0x20) r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-monitor\x00', 0x200, 0x0) openat$cgroup_ro(r1, &(0x7f00000000c0)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/qat_adf_ctl\x00', 0x0, 0x0) clone(0x400002502801ffd, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) ioctl$TIOCSSOFTCAR(r2, 0x40096101, &(0x7f0000000000)) 22:17:06 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000180)={0xffffffffffff7fff, 0x57, 0x4}) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) r1 = syz_open_dev$adsp(&(0x7f0000000080)='/dev/adsp#\x00', 0x401, 0x2000) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000000c0)={{0x3, 0x7f}, 'port1\x00', 0x10, 0x170075, 0x3, 0x100000000, 0x401, 0x9, 0x9, 0x0, 0x2, 0x5}) 22:17:06 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:17:06 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x4304000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1695.163294] QAT: Device 0 not found [ 1695.183432] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1695.206999] CPU: 1 PID: 735 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1695.214185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1695.223628] Call Trace: [ 1695.226296] dump_stack+0x172/0x1f0 [ 1695.230440] handle_userfault.cold+0x41/0x5d [ 1695.235266] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1695.239901] ? __handle_mm_fault+0x36b7/0x3f20 [ 1695.244607] ? find_held_lock+0x35/0x130 [ 1695.248699] ? __handle_mm_fault+0x36b7/0x3f20 [ 1695.253741] ? kasan_check_read+0x11/0x20 [ 1695.257920] ? lock_downgrade+0x810/0x810 [ 1695.262078] ? kasan_check_read+0x11/0x20 [ 1695.266318] ? do_raw_spin_unlock+0x57/0x270 [ 1695.270747] __handle_mm_fault+0x36c8/0x3f20 [ 1695.275172] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1695.280022] ? find_held_lock+0x35/0x130 [ 1695.284090] ? handle_mm_fault+0x322/0xb30 [ 1695.288349] ? kasan_check_read+0x11/0x20 [ 1695.292511] handle_mm_fault+0x43f/0xb30 [ 1695.296593] __do_page_fault+0x5da/0xd60 [ 1695.300676] do_page_fault+0x71/0x581 [ 1695.304482] ? page_fault+0x8/0x30 [ 1695.308034] page_fault+0x1e/0x30 [ 1695.311496] RIP: 0033:0x451880 [ 1695.314696] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1695.333606] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1695.338972] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1695.346255] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1695.353563] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1695.360835] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1695.368111] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1695.385237] QAT: Device 0 not found 22:17:06 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='hfsplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) 22:17:06 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x4404000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1695.473326] gfs2: not a GFS2 filesystem 22:17:06 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video37\x00', 0x2, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) r1 = syz_open_dev$amidi(&(0x7f00000000c0)='/dev/amidi#\x00', 0x6, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000100)={{{@in6=@initdev, @in6}}, {{@in=@remote}, 0x0, @in6=@empty}}, &(0x7f0000000200)=0xe8) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:17:06 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x4000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1695.538713] hfsplus: creator requires a 4 character value [ 1695.557312] gfs2: not a GFS2 filesystem [ 1695.563428] hfsplus: unable to parse mount options 22:17:06 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:17:06 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000080)=ANY=[@ANYBLOB="0200001d7aa14c611bb452f58029df09950800000000000200000000000000010000000600000003000000000200000000000000000000040000000000000001010000000f000000000000000000000000000000000000000400000000160000000000000000000300070000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000b600000000000000eb040000000000000000000000000000000000000000000080"]) ioctl$PPPIOCGFLAGS1(0xffffffffffffffff, 0x8004745a, &(0x7f0000000340)) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740)) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f00000007c0)='./file0\x00', 0x0, 0x0) openat$random(0xffffffffffffff9c, 0x0, 0x0, 0x0) mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff) ioctl$PIO_FONT(r1, 0x4b61, &(0x7f0000000240)) openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setgroups(0x0, &(0x7f0000000500)) getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2) write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, 0x0, 0x0) getrlimit(0x0, 0x0) poll(&(0x7f0000000040)=[{r0}], 0x4fe9e64592fd081, 0x7) [ 1695.702238] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1695.707026] CPU: 0 PID: 773 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1695.714226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1695.714232] Call Trace: [ 1695.714256] dump_stack+0x172/0x1f0 [ 1695.714278] handle_userfault.cold+0x41/0x5d [ 1695.734276] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1695.738874] ? __handle_mm_fault+0x36b7/0x3f20 [ 1695.743475] ? find_held_lock+0x35/0x130 [ 1695.747544] ? __handle_mm_fault+0x36b7/0x3f20 [ 1695.747565] ? kasan_check_read+0x11/0x20 [ 1695.747584] ? lock_downgrade+0x810/0x810 [ 1695.747602] ? kasan_check_read+0x11/0x20 [ 1695.747617] ? do_raw_spin_unlock+0x57/0x270 [ 1695.747634] __handle_mm_fault+0x36c8/0x3f20 [ 1695.747654] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1695.747667] ? find_held_lock+0x35/0x130 [ 1695.747683] ? handle_mm_fault+0x322/0xb30 [ 1695.747716] ? kasan_check_read+0x11/0x20 [ 1695.760576] handle_mm_fault+0x43f/0xb30 [ 1695.760602] __do_page_fault+0x5da/0xd60 22:17:06 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000200)='/selinux/policy\x00', 0x0, 0x0) accept4$bt_l2cap(r2, &(0x7f0000000240), &(0x7f0000000280)=0xe, 0x0) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x4200, 0x0) ioctl$SNDRV_TIMER_IOCTL_GINFO(r3, 0xc0f85403, &(0x7f0000000080)={{0x0, 0x1, 0x8, 0x2, 0x1}, 0x6, 0x80, 'id1\x00', 'timer0\x00', 0x0, 0x5, 0x1759, 0x3, 0x6}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) 22:17:06 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='hfsplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) [ 1695.760625] do_page_fault+0x71/0x581 [ 1695.769162] ? page_fault+0x8/0x30 [ 1695.769178] page_fault+0x1e/0x30 [ 1695.769204] RIP: 0033:0x451880 [ 1695.769217] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1695.769224] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1695.769235] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1695.769244] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1695.769252] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1695.769259] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1695.769267] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:17:06 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x4800, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:06 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x4800000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1695.905953] gfs2: not a GFS2 filesystem [ 1695.981260] hfsplus: creator requires a 4 character value [ 1695.987673] hfsplus: unable to parse mount options [ 1696.000667] gfs2: not a GFS2 filesystem [ 1696.021177] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1696.036613] CPU: 0 PID: 791 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1696.043676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1696.043683] Call Trace: [ 1696.043709] dump_stack+0x172/0x1f0 [ 1696.043733] handle_userfault.cold+0x41/0x5d [ 1696.043759] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1696.068323] ? __handle_mm_fault+0x36b7/0x3f20 [ 1696.072921] ? find_held_lock+0x35/0x130 [ 1696.076993] ? __handle_mm_fault+0x36b7/0x3f20 [ 1696.077013] ? kasan_check_read+0x11/0x20 [ 1696.077033] ? lock_downgrade+0x810/0x810 [ 1696.077052] ? kasan_check_read+0x11/0x20 [ 1696.094077] ? do_raw_spin_unlock+0x57/0x270 [ 1696.094097] __handle_mm_fault+0x36c8/0x3f20 [ 1696.094116] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1696.107747] ? find_held_lock+0x35/0x130 [ 1696.111826] ? handle_mm_fault+0x322/0xb30 [ 1696.116085] ? kasan_check_read+0x11/0x20 [ 1696.120249] handle_mm_fault+0x43f/0xb30 [ 1696.124335] __do_page_fault+0x5da/0xd60 [ 1696.128421] do_page_fault+0x71/0x581 [ 1696.132232] ? page_fault+0x8/0x30 [ 1696.132248] page_fault+0x1e/0x30 [ 1696.132259] RIP: 0033:0x451880 [ 1696.132274] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1696.139263] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1696.139276] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1696.139285] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 22:17:07 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='hfsplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) 22:17:07 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0adc1f023c123f3188a070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r1, 0x29, 0x41, &(0x7f0000000300)={'security\x00', 0x4, [{}, {}, {}, {}]}, 0x68) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x9c, &(0x7f0000000000)=[@in={0x2, 0x4e22, @multicast2}, @in={0x2, 0x4e23, @loopback}, @in={0x2, 0x4e22, @local}, @in={0x2, 0x4e22, @loopback}, @in={0x2, 0x4e23, @local}, @in={0x2, 0x4e21, @multicast2}, @in6={0xa, 0x4e23, 0x378, @mcast1, 0x6}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x10}}, @in={0x2, 0x4e22, @remote}]}, &(0x7f0000000100)=0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000140)={r2, 0x10000}, &(0x7f0000000180)=0x8) [ 1696.139294] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1696.139301] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1696.139311] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1696.239005] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1696.243856] CPU: 0 PID: 795 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1696.250880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1696.260243] Call Trace: [ 1696.262856] dump_stack+0x172/0x1f0 [ 1696.266498] handle_userfault.cold+0x41/0x5d [ 1696.270931] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1696.275553] ? __handle_mm_fault+0x36b7/0x3f20 [ 1696.280155] ? find_held_lock+0x35/0x130 [ 1696.284231] ? __handle_mm_fault+0x36b7/0x3f20 [ 1696.288822] ? kasan_check_read+0x11/0x20 [ 1696.292987] ? lock_downgrade+0x810/0x810 [ 1696.297151] ? kasan_check_read+0x11/0x20 [ 1696.301313] ? do_raw_spin_unlock+0x57/0x270 [ 1696.305732] __handle_mm_fault+0x36c8/0x3f20 [ 1696.310170] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1696.315021] ? find_held_lock+0x35/0x130 [ 1696.319089] ? handle_mm_fault+0x322/0xb30 [ 1696.323349] ? kasan_check_read+0x11/0x20 [ 1696.327602] handle_mm_fault+0x43f/0xb30 [ 1696.331680] __do_page_fault+0x5da/0xd60 [ 1696.335773] do_page_fault+0x71/0x581 [ 1696.339581] ? page_fault+0x8/0x30 [ 1696.343130] page_fault+0x1e/0x30 [ 1696.346612] RIP: 0033:0x451880 [ 1696.349824] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1696.368737] RSP: 002b:00007f04692b57a8 EFLAGS: 00010202 [ 1696.374209] RAX: 00007f04692b5850 RBX: 0000000000000003 RCX: 000000000000000e [ 1696.381484] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692b5850 [ 1696.388757] RBP: 000000000073bfa0 R08: 00000000000003ff R09: 0000000000000000 [ 1696.396034] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692b66d4 [ 1696.403305] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:17:07 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x4c00, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:07 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:17:07 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) r0 = add_key(&(0x7f0000000000)='rxrpc\x00', &(0x7f0000000100)={'syz', 0x3}, &(0x7f00000001c0)="6f0a193ab2f87869cacc911a28613149b6f7c01354fdc1a0456e502fc4e1f038c2727e998fe5b4c862fa2bef3b3f091a3232ac4304952b4db74176b059984a9efeb4659434127b7ecf4439f682193541b809f3579194522fbe8676a117fb47948eb1923992f36fbbc741f9365e7c443724", 0x71, 0xfffffffffffffffe) r1 = request_key(&(0x7f0000000480)='cifs.idmap\x00', &(0x7f00000004c0)={'syz', 0x3}, &(0x7f0000000500)='/dev/dsp\x00', 0xfffffffffffffff9) keyctl$instantiate_iov(0x14, r0, &(0x7f0000000440)=[{&(0x7f0000000240)="025247d6d0453753b3fccf7a4f6b9d272e7630e70f2a3b3e74500916f3abba670278daf151fafee2499f6122b9ff6959", 0x30}, {&(0x7f0000000280)="ff997ab53b6601c78ab88c952b2e6e9250d393797bdbeb5c64ecd68d7e6cb4578923d26971e2aac02e23118b2ce5c4dfac12c402a97cbb18cc66d5fd348c447d01938c038882d8acabe7d2b090dfade0ea97f7c275c2c944a4b275fafa1e48b69831f9e120fa07350e2c5d01aa577bbce9a217603c01dcc0c376d46dc2860f17a805f61fbce5fab3e2da49511dbfab849fea93e889b90dcdc6f789f29d95d13189b676b9da1c8c3721f5b48c00fffd81afe4d6036390107fd766be0fc855a5030f2537e219a9fdb9e489bdc110312e6878a2d21a363e0046bc45f1a8b8c6fb47ad3f74d68fa6df3274f95cb20fad29e687", 0xf1}, {&(0x7f0000000380)="58a777785ae0ac08199cb2651ab4a277b6bc7fe740af8c1dd9edead3d755fb2067c2e6bb6b18358339f01901321a8db2bb613d38e58694fde6f3427131916cb0d64cc0d392020ba0f9d456723e943bd677c129d2dfb999890113cf913d8d27f0", 0x60}, {&(0x7f0000000400)="4c496abdaf99765bbfd82dc3c55248d1", 0x10}], 0x4, r1) exit_group(0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0xc000000000000, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)="800000000100000019000300e60100006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x3a}], 0x0, 0x0) ioctl$TIOCNXCL(0xffffffffffffffff, 0x540d) openat$dsp(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dsp\x00', 0x0, 0x0) [ 1696.478568] hfsplus: creator requires a 4 character value [ 1696.493024] hfsplus: unable to parse mount options 22:17:07 executing program 4: pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) ioctl$GIO_FONTX(r0, 0x4b6b, &(0x7f00000000c0)=""/95) r1 = socket$inet(0x2b, 0x80000000000001, 0x0) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$int_in(r1, 0x5421, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) gettid() 22:17:07 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x4a26000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1696.573198] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1696.587140] CPU: 0 PID: 808 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1696.594228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1696.594235] Call Trace: [ 1696.594259] dump_stack+0x172/0x1f0 [ 1696.594280] handle_userfault.cold+0x41/0x5d [ 1696.614292] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1696.618886] ? __handle_mm_fault+0x36b7/0x3f20 [ 1696.618902] ? find_held_lock+0x35/0x130 [ 1696.618917] ? __handle_mm_fault+0x36b7/0x3f20 [ 1696.618937] ? kasan_check_read+0x11/0x20 [ 1696.618954] ? lock_downgrade+0x810/0x810 [ 1696.618971] ? kasan_check_read+0x11/0x20 [ 1696.627602] ? do_raw_spin_unlock+0x57/0x270 [ 1696.627621] __handle_mm_fault+0x36c8/0x3f20 [ 1696.627641] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1696.627654] ? find_held_lock+0x35/0x130 [ 1696.627668] ? handle_mm_fault+0x322/0xb30 [ 1696.627694] ? kasan_check_read+0x11/0x20 [ 1696.627712] handle_mm_fault+0x43f/0xb30 [ 1696.636434] __do_page_fault+0x5da/0xd60 [ 1696.636461] do_page_fault+0x71/0x581 [ 1696.683155] ? page_fault+0x8/0x30 [ 1696.686707] page_fault+0x1e/0x30 [ 1696.690169] RIP: 0033:0x451880 [ 1696.693375] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1696.712286] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1696.717653] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1696.724925] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1696.732349] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1696.739625] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1696.746906] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1696.812352] gfs2: not a GFS2 filesystem 22:17:07 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='hfsplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) 22:17:07 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x6000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1696.894701] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 22:17:07 executing program 4: r0 = socket$inet(0x2b, 0x3, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x0, 0x0) ioctl$PPPIOCSNPMODE(r1, 0x4008744b, &(0x7f00000000c0)={0x2d7, 0x3}) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:17:07 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1697.072089] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1697.077298] CPU: 0 PID: 834 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1697.084328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1697.093804] Call Trace: [ 1697.096423] dump_stack+0x172/0x1f0 [ 1697.100270] handle_userfault.cold+0x41/0x5d [ 1697.104701] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1697.109296] ? __handle_mm_fault+0x36b7/0x3f20 [ 1697.113905] ? find_held_lock+0x35/0x130 [ 1697.118066] ? __handle_mm_fault+0x36b7/0x3f20 [ 1697.122674] ? kasan_check_read+0x11/0x20 [ 1697.126846] ? lock_downgrade+0x810/0x810 [ 1697.131180] ? kasan_check_read+0x11/0x20 [ 1697.135336] ? do_raw_spin_unlock+0x57/0x270 [ 1697.139756] __handle_mm_fault+0x36c8/0x3f20 [ 1697.144202] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1697.149050] ? find_held_lock+0x35/0x130 [ 1697.153133] ? handle_mm_fault+0x322/0xb30 [ 1697.157476] ? kasan_check_read+0x11/0x20 [ 1697.161632] handle_mm_fault+0x43f/0xb30 [ 1697.165708] __do_page_fault+0x5da/0xd60 [ 1697.169785] do_page_fault+0x71/0x581 [ 1697.173590] ? page_fault+0x8/0x30 [ 1697.177140] page_fault+0x1e/0x30 [ 1697.180603] RIP: 0033:0x451880 [ 1697.183804] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1697.202710] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1697.208088] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1697.215380] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 22:17:08 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x4c00000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1697.222655] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1697.229929] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1697.237206] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:17:08 executing program 0: r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x40000ffffff, 0x1) fsetxattr$security_evm(r0, &(0x7f0000000000)='security.evm\x00', &(0x7f0000000100)=ANY=[@ANYBLOB="05010f000000000100645580cee5f4c5532d9dedd1a4ea4fbee6589127ee4ea3f904a0ecc145a729602fca66db9617b88dd1201dd40f3e8d36953cd198b67ca88fb2824784e8b04c703882abd57e5d3ad32b9374866859115f45e5abf4da6bc3b85bb0433d96a991c6"], 0x6e, 0x3) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000180)={0x0, @in={{0x2, 0x4e21, @remote}}, 0x8, 0x6, 0x1ff, 0x7f, 0x7}, &(0x7f0000000080)=0x98) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000240)={r1, 0x3, 0x22, "f38b5b04cf2ab7426256b0f89b05d600e9de0709ac936ba73fa03ea436f3c7932d2e"}, 0x2a) ioctl$FS_IOC_FSGETXATTR(r0, 0x8038550a, &(0x7f0000000040)={0x102, 0x0, 0x0, 0x0, 0x709000, 0x4c00}) [ 1697.289866] hfsplus: creator requires a 4 character value [ 1697.324456] hfsplus: unable to parse mount options [ 1697.325141] gfs2: not a GFS2 filesystem 22:17:08 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x6800, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:08 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) readlinkat(r0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)=""/157, 0x9d) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:17:08 executing program 2: syz_mount_image$hfsplus(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) 22:17:08 executing program 0: r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) r1 = socket$inet(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x0, 0x0, 0x0, 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r1, 0xc0505350, &(0x7f0000000000)={{0x1000, 0x1f}, {0x9, 0x6}, 0x5, 0x1, 0xffffffffffffffff}) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0xc0145401, &(0x7f0000000000)) [ 1697.514587] gfs2: not a GFS2 filesystem 22:17:08 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x6c00, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:08 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x4e26000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:08 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) syz_open_dev$adsp(&(0x7f0000000100)='/dev/adsp#\x00', 0x8, 0x800) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) ioctl$TIOCLINUX3(r1, 0x541c, &(0x7f00000000c0)) 22:17:08 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:17:08 executing program 2: syz_mount_image$hfsplus(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) 22:17:08 executing program 0: socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x3a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa600000499cc4b808004b00002c00000000002f9078ac141400ac1423bb940400000e009078000000000000000000"], &(0x7f0000000100)) 22:17:08 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f00000000c0)=0xffffffffff7ffd63) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm_plock\x00', 0x8080, 0x0) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:17:08 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x5e03000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:08 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x7400, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:08 executing program 0: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") bind$alg(r1, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x0, 0x0) sendmsg$rds(r3, &(0x7f0000000280)={&(0x7f00000000c0)={0x2, 0x4e20, @multicast1}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)=""/168, 0xa8}, {&(0x7f0000000200)=""/16, 0x10}], 0x2, 0x0, 0x0, 0x800}, 0x80) dup3(r0, r1, 0x0) 22:17:08 executing program 4: r0 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000180)='/selinux/status\x00', 0x0, 0x0) ioctl$VIDIOC_G_DV_TIMINGS(r0, 0xc0845658, &(0x7f00000001c0)={0x0, @bt={0xb21c, 0x4, 0x0, 0x2, 0xad, 0x3, 0x9, 0x226113a7, 0x9, 0x5, 0x6, 0x4, 0xfd, 0x1, 0x11, 0x3}}) r1 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r1, 0x5421, &(0x7f00000000c0)=0x4) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r1}], 0x2000000000000006, 0x0) ioctl$VIDIOC_DBG_S_REGISTER(r0, 0x4038564f, &(0x7f0000000280)={{0x0, @addr=0x101}, 0x8, 0x916, 0x9}) r2 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) ioctl$KVM_ASSIGN_SET_INTX_MASK(r2, 0x4040aea4, &(0x7f0000000140)={0x1ff, 0x800, 0xfffffffffffffffb, 0x2, 0x97cc}) openat$vimc1(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video1\x00', 0x2, 0x0) [ 1697.909950] gfs2: not a GFS2 filesystem 22:17:08 executing program 2: syz_mount_image$hfsplus(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) 22:17:08 executing program 0: r0 = syz_open_dev$sndctrl(&(0x7f00000000c0)='/dev/snd/controlC#\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_PVERSION(r0, 0xc008551a, &(0x7f0000000000)) [ 1697.983320] handle_userfault: 2 callbacks suppressed [ 1697.983328] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1698.009922] CPU: 0 PID: 899 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1698.017100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1698.027185] Call Trace: [ 1698.029797] dump_stack+0x172/0x1f0 [ 1698.033473] handle_userfault.cold+0x41/0x5d [ 1698.037925] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1698.042730] ? __handle_mm_fault+0x36b7/0x3f20 [ 1698.047956] ? find_held_lock+0x35/0x130 [ 1698.052048] ? __handle_mm_fault+0x36b7/0x3f20 [ 1698.056684] ? kasan_check_read+0x11/0x20 [ 1698.061037] ? lock_downgrade+0x810/0x810 [ 1698.065206] ? kasan_check_read+0x11/0x20 [ 1698.069629] ? do_raw_spin_unlock+0x57/0x270 [ 1698.074080] __handle_mm_fault+0x36c8/0x3f20 [ 1698.078708] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1698.083561] ? find_held_lock+0x35/0x130 [ 1698.087655] ? handle_mm_fault+0x322/0xb30 [ 1698.092097] ? kasan_check_read+0x11/0x20 [ 1698.099893] handle_mm_fault+0x43f/0xb30 [ 1698.104482] __do_page_fault+0x5da/0xd60 [ 1698.108964] do_page_fault+0x71/0x581 [ 1698.112831] ? page_fault+0x8/0x30 [ 1698.116540] page_fault+0x1e/0x30 [ 1698.120029] RIP: 0033:0x451880 [ 1698.123260] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1698.142204] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1698.148392] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1698.155692] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1698.163014] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1698.170453] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 22:17:09 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) setsockopt$inet_udp_int(r0, 0x11, 0x66, &(0x7f0000000080)=0x8, 0x4) r1 = syz_open_dev$usb(&(0x7f0000000240)='/dev/bus/usb/00#/00#\x00', 0x403, 0x7aaaaab90eb87080) write$P9_RCLUNK(r1, &(0x7f0000000200)={0x7, 0x79, 0x1}, 0x7) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000100)={0x0, 0x2, 0xffffffff}, &(0x7f0000000140)=0x8) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000180)={0x0, 0x20a, 0x4, 0x1, r2}, &(0x7f00000001c0)=0x10) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) [ 1698.177837] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1698.198016] gfs2: not a GFS2 filesystem 22:17:09 executing program 0: r0 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000200)='/proc/capi/capi20ncci\x00', 0x0, 0x0) ioctl$RTC_EPOCH_SET(r0, 0x4008700e, 0xffffffff80000000) r1 = socket(0x10, 0x807, 0x8000) r2 = syz_open_dev$sndpcmc(&(0x7f0000000240)='/dev/snd/pcmC#D#c\x00', 0x401, 0x800) ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f0000000040)={0x0, 0xffffffff}) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r2, 0xc058534f, &(0x7f0000000180)={{0xfff, 0x1}, 0x0, 0x9, 0x100, {0x5, 0x3}, 0x7f, 0x8001}) write(r1, &(0x7f0000000080)="fc0000001c00071bab0925000900071007ab08000c00000081001e93210001c000000000000000000000000000039815fa2c1ec28656aaa79bb94b46fe0000000a00020002036c6c216f1a272fdf0d11d44000000000008934d07302ade01720d3d5bbc91a3e2e80772c05defd5a32e280fc83ab82f605f70cec18444ef92e475ef8b29d3ef3e6a48a170e5bba4a463ae4f5566f91cf190201ded815b2ccd243fa95ed94e0ad91bd0734babc7c6d27392ad23f2eeb57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271777a58a10000c880ac801fe4af3d006f0000080548deac270e33429fd3110175e63fb8d38a00000000", 0xfc) 22:17:09 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:17:09 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x7a00, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:09 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x6000000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:09 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5421, &(0x7f0000000080)=0x2) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:17:09 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='hfsplus\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) 22:17:09 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = dup(r0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000001c0)={0xffffffffffffffff, 0x28, &(0x7f0000000540)}, 0xd) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FICLONE(0xffffffffffffffff, 0x40049409, r0) r3 = dup(r2) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f00000004c0), 0x53) lstat(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000580)={{{@in6=@mcast2, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@empty}, 0x0, @in6=@empty}}, &(0x7f0000000680)=0xe8) r6 = geteuid() syz_mount_image$reiserfs(&(0x7f0000000180)='reiserfs\x00', &(0x7f0000000300)='./file0\x00', 0x82, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000340)="5d6322c4ab6ab29c965b05bfbed614afe6c4ad54b3671a0c7604a0c0449f2c743d81f3b48e22a79068b1cee37ab43533ce15041a29b8c83855e3d663ed9982de27b40a8e96aa048f93ed28c242f6578a9d0b5951d9467ca89bcaacd8e657471f7ddc537af214394626f21c11eaedd42873f983bd9e78551e", 0x78}], 0x1000, &(0x7f0000000840)=ANY=[@ANYBLOB='usrquota,jqfmt=vfsold,smackfsdef=/dev/ashmem\x00,uid=', @ANYRESDEC=r4, @ANYBLOB=',pcr=00000000000000000045,uid>', @ANYRESDEC=r5, @ANYBLOB=',fscontext=user_u,fowner>', @ANYRESDEC=r6, @ANYBLOB="2c736d616378002cfd93b9ad013b9ccd629af6192103f889c9067645e2de13ad451cefd2dd1ff3186d9c614fd9a31011ac284159c9d20e8709b100917401bba04c438b0bea86ffd8a386702a3ffafa1d9735b004a211182f001e1a2539925d9b253f3ad031b2ef83776856d3748942b7af22c7574154290ff5d3b630e3abb8737bec0df180af5b69bcec2181725b256dfc51e835a78a2cd5e3dd46f74d763ea3ae484b3a00000000000000000000000000000000"]) clone(0x70024100, 0x0, &(0x7f00000009c0), &(0x7f0000000000), &(0x7f0000000980)) fcntl$getflags(r1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r7 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r7, 0x0, 0x0) perf_event_open(&(0x7f00000001c0)={0x5, 0x70, 0x0, 0x0, 0x8490, 0x3d, 0x0, 0x0, 0x0, 0xe, 0x6, 0xffa85f1, 0xe89, 0x0, 0x0, 0x7fffffff, 0x7, 0x3, 0x0, 0x0, 0xff4, 0x7, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffffffffff7, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x7, 0x0, @perf_bp={0x0}, 0x10000, 0x0, 0x0, 0x7}, 0x0, 0x4, 0xffffffffffffff9c, 0x0) openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f00000006c0)='/proc/self/attr/exec\x00', 0x2, 0x0) socket$inet(0x2, 0x5, 0x7) syz_genetlink_get_family_id$ipvs(0x0) ioctl$BLKDISCARD(r3, 0x1277, &(0x7f00000000c0)=0xd6a) ioctl$UI_END_FF_UPLOAD(r3, 0x406855c9, &(0x7f0000000280)={0x3, 0x59, {0x57, 0x8, 0x40, {0x8001, 0x2}, {0x8, 0x5}, @period={0x5d, 0x5, 0x4, 0xff, 0x4, {0x2, 0x5, 0x8}, 0x3, &(0x7f0000000140)=[0x7f, 0x15a, 0xf]}}, {0x54, 0xfff, 0xfa7, {0xff, 0x3}, {0x4}, @rumble={0x3, 0x1000}}}) sendmsg$IPVS_CMD_GET_INFO(r1, 0x0, 0x8000) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x200, 0x0) ioctl$TIOCSWINSZ(r0, 0x5414, &(0x7f0000000100)={0xffff, 0x5, 0x7, 0x401}) r8 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ashmem\x00', 0x0, 0x0) mmap(&(0x7f00006ff000/0x3000)=nil, 0x3000, 0xfffffffffffffffe, 0x12, r8, 0x0) fcntl$F_SET_FILE_RW_HINT(r7, 0x40e, &(0x7f0000000500)=0x3) 22:17:09 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) fstat(0xffffffffffffff9c, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0xc) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000000240)={{{@in=@broadcast, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in=@remote}}, &(0x7f0000000340)=0xe8) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000000380)={{{@in, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in=@remote}}, &(0x7f0000000480)=0xe8) stat(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600)=0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000100)='system.posix_acl_access\x00', &(0x7f0000000640)={{}, {0x1, 0x7}, [{0x2, 0x5, r1}, {0x2, 0x4, r2}, {0x2, 0x1, r3}, {0x2, 0x1, r4}, {0x2, 0x3, r5}], {0x4, 0x4}, [{0x8, 0x2, r6}], {0x10, 0x5}, {0x20, 0x5}}, 0x54, 0x3) r7 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r7, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r7}], 0x2000000000000006, 0x0) r8 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cachefiles\x00', 0x0, 0x0) ioctl$IMDELTIMER(r8, 0x80044941, &(0x7f00000000c0)=0x1) [ 1698.483046] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1698.511103] gfs2: not a GFS2 filesystem [ 1698.518246] audit: type=1400 audit(1549923429.392:111): avc: denied { getopt } for pid=939 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 1698.530731] CPU: 0 PID: 928 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1698.549271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 22:17:09 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x6800000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1698.559516] Call Trace: [ 1698.562127] dump_stack+0x172/0x1f0 [ 1698.565779] handle_userfault.cold+0x41/0x5d [ 1698.570221] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1698.574911] ? __handle_mm_fault+0x36b7/0x3f20 [ 1698.580294] ? find_held_lock+0x35/0x130 [ 1698.584373] ? __handle_mm_fault+0x36b7/0x3f20 [ 1698.588987] ? kasan_check_read+0x11/0x20 [ 1698.593149] ? lock_downgrade+0x810/0x810 [ 1698.597307] ? kasan_check_read+0x11/0x20 [ 1698.601465] ? do_raw_spin_unlock+0x57/0x270 [ 1698.605882] __handle_mm_fault+0x36c8/0x3f20 [ 1698.610310] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1698.615166] ? find_held_lock+0x35/0x130 [ 1698.619263] ? handle_mm_fault+0x322/0xb30 [ 1698.623524] ? kasan_check_read+0x11/0x20 [ 1698.627691] handle_mm_fault+0x43f/0xb30 [ 1698.631767] __do_page_fault+0x5da/0xd60 [ 1698.635850] do_page_fault+0x71/0x581 [ 1698.639658] ? page_fault+0x8/0x30 [ 1698.643206] page_fault+0x1e/0x30 [ 1698.646662] RIP: 0033:0x451880 [ 1698.650120] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1698.669382] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1698.674837] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1698.682133] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1698.689420] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1698.696712] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1698.703994] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1698.724618] IPVS: ftp: loaded support on port[0] = 21 22:17:09 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) fallocate(r0, 0x4, 0x4, 0x1f) 22:17:09 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x8000a0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:09 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='hfsplus\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) [ 1698.842678] gfs2: not a GFS2 filesystem 22:17:09 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x6c00000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:09 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:17:09 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2040, 0x4) ioctl$PPPIOCGFLAGS(r1, 0x8004745a, &(0x7f0000000140)) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r1, 0x40045730, &(0x7f0000000180)=0x4) fsetxattr$trusted_overlay_nlink(r0, &(0x7f0000000080)='trusted.overlay.nlink\x00', &(0x7f00000000c0)={'L-'}, 0x28, 0x3) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:17:09 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='hfsplus\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) [ 1699.037900] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1699.047135] CPU: 1 PID: 972 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1699.054204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1699.063569] Call Trace: [ 1699.066187] dump_stack+0x172/0x1f0 [ 1699.069842] handle_userfault.cold+0x41/0x5d [ 1699.074282] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1699.078897] ? __handle_mm_fault+0x36b7/0x3f20 [ 1699.083515] ? find_held_lock+0x35/0x130 [ 1699.087602] ? __handle_mm_fault+0x36b7/0x3f20 [ 1699.092215] ? kasan_check_read+0x11/0x20 [ 1699.096395] ? lock_downgrade+0x810/0x810 [ 1699.100576] ? kasan_check_read+0x11/0x20 [ 1699.104765] ? do_raw_spin_unlock+0x57/0x270 [ 1699.109296] __handle_mm_fault+0x36c8/0x3f20 [ 1699.113729] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1699.113876] IPVS: ftp: loaded support on port[0] = 21 [ 1699.118672] ? find_held_lock+0x35/0x130 [ 1699.118689] ? handle_mm_fault+0x322/0xb30 [ 1699.118718] ? kasan_check_read+0x11/0x20 [ 1699.118736] handle_mm_fault+0x43f/0xb30 [ 1699.118760] __do_page_fault+0x5da/0xd60 [ 1699.118786] do_page_fault+0x71/0x581 [ 1699.118799] ? page_fault+0x8/0x30 [ 1699.118813] page_fault+0x1e/0x30 [ 1699.155294] RIP: 0033:0x451880 [ 1699.158490] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1699.158504] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 22:17:10 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) write$P9_RFLUSH(r0, &(0x7f0000000080)={0x7, 0x6d, 0x2}, 0x7) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) [ 1699.182768] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1699.190385] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1699.190394] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1699.190401] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1699.190409] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1699.208264] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1699.231328] CPU: 1 PID: 978 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1699.238428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1699.247782] Call Trace: [ 1699.247808] dump_stack+0x172/0x1f0 [ 1699.247830] handle_userfault.cold+0x41/0x5d [ 1699.247859] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1699.258477] ? __handle_mm_fault+0x36b7/0x3f20 [ 1699.258493] ? find_held_lock+0x35/0x130 [ 1699.258507] ? __handle_mm_fault+0x36b7/0x3f20 [ 1699.258525] ? kasan_check_read+0x11/0x20 [ 1699.258545] ? lock_downgrade+0x810/0x810 [ 1699.267706] ? kasan_check_read+0x11/0x20 [ 1699.267723] ? do_raw_spin_unlock+0x57/0x270 [ 1699.267744] __handle_mm_fault+0x36c8/0x3f20 [ 1699.267763] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1699.267775] ? find_held_lock+0x35/0x130 [ 1699.267790] ? handle_mm_fault+0x322/0xb30 [ 1699.276453] ? kasan_check_read+0x11/0x20 [ 1699.276474] handle_mm_fault+0x43f/0xb30 [ 1699.276495] __do_page_fault+0x5da/0xd60 [ 1699.276520] do_page_fault+0x71/0x581 [ 1699.288939] ? page_fault+0x8/0x30 [ 1699.288955] page_fault+0x1e/0x30 [ 1699.288971] RIP: 0033:0x451880 [ 1699.288986] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1699.288993] RSP: 002b:00007f04692b57a8 EFLAGS: 00010202 [ 1699.289004] RAX: 00007f04692b5850 RBX: 0000000000000003 RCX: 000000000000000e [ 1699.289018] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692b5850 [ 1699.289026] RBP: 000000000073bfa0 R08: 00000000000003ff R09: 0000000000000000 22:17:10 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x200000, 0x0) [ 1699.289033] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692b66d4 [ 1699.289044] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1699.483371] gfs2: not a GFS2 filesystem [ 1699.572224] gfs2: not a GFS2 filesystem 22:17:10 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = dup(r0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000001c0)={0xffffffffffffffff, 0x28, &(0x7f0000000540)}, 0xd) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FICLONE(0xffffffffffffffff, 0x40049409, r0) r3 = dup(r2) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f00000004c0), 0x53) lstat(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000580)={{{@in6=@mcast2, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@empty}, 0x0, @in6=@empty}}, &(0x7f0000000680)=0xe8) r6 = geteuid() syz_mount_image$reiserfs(&(0x7f0000000180)='reiserfs\x00', &(0x7f0000000300)='./file0\x00', 0x82, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000340)="5d6322c4ab6ab29c965b05bfbed614afe6c4ad54b3671a0c7604a0c0449f2c743d81f3b48e22a79068b1cee37ab43533ce15041a29b8c83855e3d663ed9982de27b40a8e96aa048f93ed28c242f6578a9d0b5951d9467ca89bcaacd8e657471f7ddc537af214394626f21c11eaedd42873f983bd9e78551e", 0x78}], 0x1000, &(0x7f0000000840)=ANY=[@ANYBLOB='usrquota,jqfmt=vfsold,smackfsdef=/dev/ashmem\x00,uid=', @ANYRESDEC=r4, @ANYBLOB=',pcr=00000000000000000045,uid>', @ANYRESDEC=r5, @ANYBLOB=',fscontext=user_u,fowner>', @ANYRESDEC=r6, @ANYBLOB="2c736d616378002cfd93b9ad013b9ccd629af6192103f889c9067645e2de13ad451cefd2dd1ff3186d9c614fd9a31011ac284159c9d20e8709b100917401bba04c438b0bea86ffd8a386702a3ffafa1d9735b004a211182f001e1a2539925d9b253f3ad031b2ef83776856d3748942b7af22c7574154290ff5d3b630e3abb8737bec0df180af5b69bcec2181725b256dfc51e835a78a2cd5e3dd46f74d763ea3ae484b3a00000000000000000000000000000000"]) clone(0x70024100, 0x0, &(0x7f00000009c0), &(0x7f0000000000), &(0x7f0000000980)) fcntl$getflags(r1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r7 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r7, 0x0, 0x0) perf_event_open(&(0x7f00000001c0)={0x5, 0x70, 0x0, 0x0, 0x8490, 0x3d, 0x0, 0x0, 0x0, 0xe, 0x6, 0xffa85f1, 0xe89, 0x0, 0x0, 0x7fffffff, 0x7, 0x3, 0x0, 0x0, 0xff4, 0x7, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffffffffff7, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x7, 0x0, @perf_bp={0x0}, 0x10000, 0x0, 0x0, 0x7}, 0x0, 0x4, 0xffffffffffffff9c, 0x0) openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f00000006c0)='/proc/self/attr/exec\x00', 0x2, 0x0) socket$inet(0x2, 0x5, 0x7) syz_genetlink_get_family_id$ipvs(0x0) ioctl$BLKDISCARD(r3, 0x1277, &(0x7f00000000c0)=0xd6a) ioctl$UI_END_FF_UPLOAD(r3, 0x406855c9, &(0x7f0000000280)={0x3, 0x59, {0x57, 0x8, 0x40, {0x8001, 0x2}, {0x8, 0x5}, @period={0x5d, 0x5, 0x4, 0xff, 0x4, {0x2, 0x5, 0x8}, 0x3, &(0x7f0000000140)=[0x7f, 0x15a, 0xf]}}, {0x54, 0xfff, 0xfa7, {0xff, 0x3}, {0x4}, @rumble={0x3, 0x1000}}}) sendmsg$IPVS_CMD_GET_INFO(r1, 0x0, 0x8000) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x200, 0x0) ioctl$TIOCSWINSZ(r0, 0x5414, &(0x7f0000000100)={0xffff, 0x5, 0x7, 0x401}) r8 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ashmem\x00', 0x0, 0x0) mmap(&(0x7f00006ff000/0x3000)=nil, 0x3000, 0xfffffffffffffffe, 0x12, r8, 0x0) fcntl$F_SET_FILE_RW_HINT(r7, 0x40e, &(0x7f0000000500)=0x3) 22:17:10 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='hfsplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 22:17:10 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x8002a0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:10 executing program 4: r0 = socket$inet(0x2b, 0x2, 0x0) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000100)='/dev/null\x00', 0x80002, 0x0) getsockopt$bt_BT_SNDMTU(r1, 0x112, 0xc, &(0x7f0000000080)=0x100000000, &(0x7f00000000c0)=0x2) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) fsetxattr$security_smack_transmute(r1, &(0x7f0000000140)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000180)='TRUE', 0x4, 0x2) poll(&(0x7f0000000040)=[{r0}], 0x1, 0x2) 22:17:10 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x7400000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:10 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:17:10 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) ioctl$FS_IOC_ENABLE_VERITY(r0, 0x6685) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) [ 1700.025008] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1700.037054] CPU: 0 PID: 1018 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1700.044213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1700.053852] Call Trace: [ 1700.053879] dump_stack+0x172/0x1f0 [ 1700.053904] handle_userfault.cold+0x41/0x5d [ 1700.053934] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1700.053951] ? __handle_mm_fault+0x36b7/0x3f20 [ 1700.053965] ? find_held_lock+0x35/0x130 [ 1700.053979] ? __handle_mm_fault+0x36b7/0x3f20 [ 1700.053996] ? kasan_check_read+0x11/0x20 [ 1700.054016] ? lock_downgrade+0x810/0x810 [ 1700.087794] ? kasan_check_read+0x11/0x20 [ 1700.087812] ? do_raw_spin_unlock+0x57/0x270 [ 1700.087847] __handle_mm_fault+0x36c8/0x3f20 [ 1700.087869] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1700.087881] ? find_held_lock+0x35/0x130 [ 1700.087895] ? handle_mm_fault+0x322/0xb30 [ 1700.087922] ? kasan_check_read+0x11/0x20 [ 1700.087939] handle_mm_fault+0x43f/0xb30 [ 1700.087961] __do_page_fault+0x5da/0xd60 [ 1700.105234] do_page_fault+0x71/0x581 [ 1700.105250] ? page_fault+0x8/0x30 [ 1700.105266] page_fault+0x1e/0x30 [ 1700.105277] RIP: 0033:0x451880 [ 1700.105294] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1700.119187] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 22:17:11 executing program 4: r0 = socket$inet(0x2b, 0x0, 0xf7fffffffffffffd) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) sigaltstack(&(0x7f0000feb000/0x12000)=nil, 0x0) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) [ 1700.119199] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1700.119208] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1700.119217] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1700.119226] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1700.119235] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1700.210450] hfsplus: unable to find HFS+ superblock 22:17:11 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x1000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1700.262421] gfs2: not a GFS2 filesystem 22:17:11 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040), 0x0, 0x0) r1 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x1000, 0x340) ioctl$EVIOCSREP(r1, 0x40084503, &(0x7f0000000080)=[0x4, 0xd8]) 22:17:11 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='hfsplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 1700.370972] IPVS: ftp: loaded support on port[0] = 21 22:17:11 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x7a00000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1700.416158] gfs2: not a GFS2 filesystem [ 1700.425079] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1700.439424] CPU: 1 PID: 1052 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1700.446589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1700.446595] Call Trace: [ 1700.446619] dump_stack+0x172/0x1f0 [ 1700.446642] handle_userfault.cold+0x41/0x5d [ 1700.446667] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1700.471444] ? __handle_mm_fault+0x36b7/0x3f20 [ 1700.476141] ? find_held_lock+0x35/0x130 [ 1700.480224] ? __handle_mm_fault+0x36b7/0x3f20 [ 1700.484818] ? kasan_check_read+0x11/0x20 [ 1700.484837] ? lock_downgrade+0x810/0x810 [ 1700.484857] ? kasan_check_read+0x11/0x20 [ 1700.484872] ? do_raw_spin_unlock+0x57/0x270 [ 1700.484893] __handle_mm_fault+0x36c8/0x3f20 [ 1700.484915] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1700.484929] ? find_held_lock+0x35/0x130 [ 1700.484944] ? handle_mm_fault+0x322/0xb30 [ 1700.484969] ? kasan_check_read+0x11/0x20 [ 1700.493346] handle_mm_fault+0x43f/0xb30 [ 1700.493371] __do_page_fault+0x5da/0xd60 [ 1700.493395] do_page_fault+0x71/0x581 [ 1700.511177] ? page_fault+0x8/0x30 [ 1700.511191] page_fault+0x1e/0x30 [ 1700.511203] RIP: 0033:0x451880 [ 1700.511218] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1700.511226] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1700.511238] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1700.511247] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1700.511255] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1700.511264] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1700.511272] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1700.542341] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1700.613528] CPU: 0 PID: 1059 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1700.620667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1700.620672] Call Trace: [ 1700.620697] dump_stack+0x172/0x1f0 [ 1700.620721] handle_userfault.cold+0x41/0x5d [ 1700.620747] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1700.620764] ? __handle_mm_fault+0x36b7/0x3f20 [ 1700.620789] ? find_held_lock+0x35/0x130 [ 1700.620812] ? __handle_mm_fault+0x36b7/0x3f20 [ 1700.620831] ? kasan_check_read+0x11/0x20 [ 1700.620848] ? lock_downgrade+0x810/0x810 [ 1700.620866] ? kasan_check_read+0x11/0x20 [ 1700.620882] ? do_raw_spin_unlock+0x57/0x270 [ 1700.620901] __handle_mm_fault+0x36c8/0x3f20 [ 1700.620923] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1700.620936] ? find_held_lock+0x35/0x130 [ 1700.620951] ? handle_mm_fault+0x322/0xb30 [ 1700.620980] ? kasan_check_read+0x11/0x20 [ 1700.621000] handle_mm_fault+0x43f/0xb30 [ 1700.621024] __do_page_fault+0x5da/0xd60 [ 1700.621049] do_page_fault+0x71/0x581 [ 1700.621063] ? page_fault+0x8/0x30 [ 1700.621078] page_fault+0x1e/0x30 [ 1700.621090] RIP: 0033:0x451880 [ 1700.621105] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1700.621114] RSP: 002b:00007f04692b57a8 EFLAGS: 00010202 [ 1700.621126] RAX: 00007f04692b5850 RBX: 0000000000000003 RCX: 000000000000000e [ 1700.621136] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692b5850 [ 1700.621145] RBP: 000000000073bfa0 R08: 00000000000003ff R09: 0000000000000000 [ 1700.621155] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692b66d4 [ 1700.621164] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1700.843742] hfsplus: unable to find HFS+ superblock 22:17:12 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = dup(r0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000001c0)={0xffffffffffffffff, 0x28, &(0x7f0000000540)}, 0xd) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FICLONE(0xffffffffffffffff, 0x40049409, r0) r3 = dup(r2) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f00000004c0), 0x53) lstat(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000580)={{{@in6=@mcast2, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@empty}, 0x0, @in6=@empty}}, &(0x7f0000000680)=0xe8) r6 = geteuid() syz_mount_image$reiserfs(&(0x7f0000000180)='reiserfs\x00', &(0x7f0000000300)='./file0\x00', 0x82, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000340)="5d6322c4ab6ab29c965b05bfbed614afe6c4ad54b3671a0c7604a0c0449f2c743d81f3b48e22a79068b1cee37ab43533ce15041a29b8c83855e3d663ed9982de27b40a8e96aa048f93ed28c242f6578a9d0b5951d9467ca89bcaacd8e657471f7ddc537af214394626f21c11eaedd42873f983bd9e78551e", 0x78}], 0x1000, &(0x7f0000000840)=ANY=[@ANYBLOB='usrquota,jqfmt=vfsold,smackfsdef=/dev/ashmem\x00,uid=', @ANYRESDEC=r4, @ANYBLOB=',pcr=00000000000000000045,uid>', @ANYRESDEC=r5, @ANYBLOB=',fscontext=user_u,fowner>', @ANYRESDEC=r6, @ANYBLOB="2c736d616378002cfd93b9ad013b9ccd629af6192103f889c9067645e2de13ad451cefd2dd1ff3186d9c614fd9a31011ac284159c9d20e8709b100917401bba04c438b0bea86ffd8a386702a3ffafa1d9735b004a211182f001e1a2539925d9b253f3ad031b2ef83776856d3748942b7af22c7574154290ff5d3b630e3abb8737bec0df180af5b69bcec2181725b256dfc51e835a78a2cd5e3dd46f74d763ea3ae484b3a00000000000000000000000000000000"]) clone(0x70024100, 0x0, &(0x7f00000009c0), &(0x7f0000000000), &(0x7f0000000980)) fcntl$getflags(r1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r7 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r7, 0x0, 0x0) perf_event_open(&(0x7f00000001c0)={0x5, 0x70, 0x0, 0x0, 0x8490, 0x3d, 0x0, 0x0, 0x0, 0xe, 0x6, 0xffa85f1, 0xe89, 0x0, 0x0, 0x7fffffff, 0x7, 0x3, 0x0, 0x0, 0xff4, 0x7, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffffffffff7, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x7, 0x0, @perf_bp={0x0}, 0x10000, 0x0, 0x0, 0x7}, 0x0, 0x4, 0xffffffffffffff9c, 0x0) openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f00000006c0)='/proc/self/attr/exec\x00', 0x2, 0x0) socket$inet(0x2, 0x5, 0x7) syz_genetlink_get_family_id$ipvs(0x0) ioctl$BLKDISCARD(r3, 0x1277, &(0x7f00000000c0)=0xd6a) ioctl$UI_END_FF_UPLOAD(r3, 0x406855c9, &(0x7f0000000280)={0x3, 0x59, {0x57, 0x8, 0x40, {0x8001, 0x2}, {0x8, 0x5}, @period={0x5d, 0x5, 0x4, 0xff, 0x4, {0x2, 0x5, 0x8}, 0x3, &(0x7f0000000140)=[0x7f, 0x15a, 0xf]}}, {0x54, 0xfff, 0xfa7, {0xff, 0x3}, {0x4}, @rumble={0x3, 0x1000}}}) sendmsg$IPVS_CMD_GET_INFO(r1, 0x0, 0x8000) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x200, 0x0) ioctl$TIOCSWINSZ(r0, 0x5414, &(0x7f0000000100)={0xffff, 0x5, 0x7, 0x401}) r8 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ashmem\x00', 0x0, 0x0) mmap(&(0x7f00006ff000/0x3000)=nil, 0x3000, 0xfffffffffffffffe, 0x12, r8, 0x0) fcntl$F_SET_FILE_RW_HINT(r7, 0x40e, &(0x7f0000000500)=0x3) 22:17:12 executing program 4: r0 = socket$inet(0x2b, 0xec13c192949bc37d, 0x0) ioctl$int_in(r0, 0x5473, &(0x7f0000000000)=0xfffffffffffffd63) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @empty}, 0x10) fsetxattr$security_smack_entry(r0, &(0x7f00000000c0)='security.SMACK64IPIN\x00', &(0x7f0000000100)='\x00', 0x1, 0x1) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:17:12 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:17:12 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x2000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:12 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='hfsplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 22:17:12 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x7fffffffffffffff, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:12 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffefd5f) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) [ 1701.448220] gfs2: not a GFS2 filesystem [ 1701.453797] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1701.462393] CPU: 1 PID: 1083 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1701.469516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1701.469522] Call Trace: [ 1701.469548] dump_stack+0x172/0x1f0 [ 1701.469567] handle_userfault.cold+0x41/0x5d [ 1701.469593] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1701.469610] ? __handle_mm_fault+0x36b7/0x3f20 [ 1701.469626] ? find_held_lock+0x35/0x130 [ 1701.469643] ? __handle_mm_fault+0x36b7/0x3f20 [ 1701.469662] ? kasan_check_read+0x11/0x20 [ 1701.469678] ? lock_downgrade+0x810/0x810 [ 1701.469694] ? kasan_check_read+0x11/0x20 [ 1701.502883] ? do_raw_spin_unlock+0x57/0x270 [ 1701.502913] __handle_mm_fault+0x36c8/0x3f20 [ 1701.502935] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1701.522012] hfsplus: unable to find HFS+ superblock [ 1701.524441] ? find_held_lock+0x35/0x130 [ 1701.524460] ? handle_mm_fault+0x322/0xb30 [ 1701.524493] ? kasan_check_read+0x11/0x20 [ 1701.551358] handle_mm_fault+0x43f/0xb30 [ 1701.555438] __do_page_fault+0x5da/0xd60 [ 1701.559605] do_page_fault+0x71/0x581 [ 1701.563412] ? page_fault+0x8/0x30 [ 1701.566978] page_fault+0x1e/0x30 [ 1701.570436] RIP: 0033:0x451880 [ 1701.573631] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1701.592540] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1701.597913] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1701.605196] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1701.612482] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1701.619768] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1701.627057] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1701.653021] IPVS: ftp: loaded support on port[0] = 21 [ 1701.749915] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1701.755592] CPU: 1 PID: 1083 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1701.762730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1701.772095] Call Trace: [ 1701.774717] dump_stack+0x172/0x1f0 [ 1701.778367] handle_userfault.cold+0x41/0x5d [ 1701.782805] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1701.787402] ? __handle_mm_fault+0x36b7/0x3f20 [ 1701.791998] ? find_held_lock+0x35/0x130 [ 1701.796078] ? __handle_mm_fault+0x36b7/0x3f20 [ 1701.800677] ? kasan_check_read+0x11/0x20 [ 1701.804858] ? lock_downgrade+0x810/0x810 [ 1701.809024] ? kasan_check_read+0x11/0x20 [ 1701.813186] ? do_raw_spin_unlock+0x57/0x270 [ 1701.817621] __handle_mm_fault+0x36c8/0x3f20 [ 1701.822050] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1701.826904] ? find_held_lock+0x35/0x130 [ 1701.831002] ? handle_mm_fault+0x322/0xb30 [ 1701.835273] ? kasan_check_read+0x11/0x20 [ 1701.839439] handle_mm_fault+0x43f/0xb30 [ 1701.843519] __do_page_fault+0x5da/0xd60 [ 1701.847603] do_page_fault+0x71/0x581 [ 1701.851414] ? page_fault+0x8/0x30 [ 1701.854967] page_fault+0x1e/0x30 [ 1701.858422] RIP: 0033:0x451880 [ 1701.861620] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1701.880787] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1701.886176] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1701.893452] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 22:17:12 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x1000, 0x800) writev(r0, &(0x7f0000000740)=[{&(0x7f00000000c0)="fd6043ddd7b8120193afb51719fade95a3823171db8f0fedf539f956495e01862cf1c121ec57ba05eb2e9bfe3095e6df6edfb3104d935637d9f05c9db8c9e7479eacabbd430839d11e070bfc25370cc4e4c65f68054af8a491a393e2470e4eaaee92c37b07662180b950567ac98f71130a343a4e1e0b4465a11afbe374b14c7e6e48d67f", 0x84}, {&(0x7f0000000180)="31a657aab7993103144a4694834613a1a9f031c2d0f0b3b6a4eb3fec587e569026812a97d99c5e578991b801d10d338a9e2d196e93d798219aead50edb179900622a5d559600475a3f5458ec122075ab7f943b7f1bcb857503aea0166a51d46c72f1a40cb6a33a57a54413992ec1751912551ed996094a19a40f9ded2d782b597564b78c84829579384beb5111bf0aa3c96cae066c84af64332c5d0c2558ae", 0x9f}, {&(0x7f0000000240)="4e79f8fbad5339d4b66adb7a1c06022717122bec8b3606911244d972b971b0e1080e76c1ecc7982020e461285283cc39022a493a4611f32e370165437c9d5f68db5cb6539be802cfa579d0f15fa8f26bc8816e6d85b08567abc81c8580d2fa28ed2c5e7363c299ce0bacd2f85dee2a224675f6b7aba09bf193c2f6492455ad662b97ee24ca064fe5f363d89cbfddf686759ccbdce456e16c7c47ad63d9cb3d64d216402c325713e312", 0xa9}, {&(0x7f0000000300)="1fe34679e48412680073f96b026fcda720e9c060eef7cee021d79fce93bc9ffd6f9469948489cd80bf43d96c7b956876a989b216c60f41aaba025305d2c6f843f143cfa8d5475f51bb294a04c044d61197d86ceca1026bff7e42aa2d292888637f370b1c8919d30ce6d1e5d82fa0fa76448db0cbdbe4a6755fd3a2dab46f11c657dacf19945dbf222571c5f863fdbc1a3b53177bef1a444419dbb5755fa9dcf5536992996131a514552214f391c66627ac64942006c7b20354641f651abb16afdcb8aceb858be5275baa61467ac8efda312f0c312e439b2ec370856250fcc7", 0xdf}, {&(0x7f0000000400)="e650fa0edefd7375f4e2a96e6b3ebd3f9747dcef655b4df86115a7cb66b9a83f6c5860b58bf278b0c55bba9211077e51899d239b1e436b15be40ff85b5e048c9d9f222bee88196c5c3debaec3bf58d9616942b5d252cd748d4926e4ca39c0047b6cb8459e7d9cc54ed2814addd9143546e2dfd6c47a7acfb7ea2f0d3654bbc166da86cbdcef17482f14a4494795ccff129b0293fbd0d648c15f9725e616f9056e3cea572edf08e04e23fc8e1e73c20cd3f87a619df549c5dbdb14975bdc6be04c0c5825c9ef3a84d07", 0xc9}, {&(0x7f0000000500)="028ab1c613e012592c53688ff6cb5d6c41822eae8cab3331b33d395bf631aaf32dd0218c99b4f9fc4cd2eff3ca822adbf1425efe690f5c787ee13fb79fbd63b64043dea131c1adb0627ae675449a5b7960cae7b0aa5fc94a5dea0cd35f0cdec350e78ca2685a84be29eeb5127fd1078c8a6ff5a973d0131952cae406065202f5ceda35f530", 0x85}, {&(0x7f00000005c0)="e3b287e6abb7419288fad3841c8b30f739", 0x11}, {&(0x7f0000000600)}, {&(0x7f0000000640)="1caf7c683eac88e2c5861a31df37ff929f8cfc7489cd52b110d4481aa5668012bd7a86357d765b9f3a9defc913508407e491e9f13986ad3af6c07c503df8908fdbd40bf9426da9dee61da7f2e10ab406c025d980f07515ce066a9a7ee6627ef62086549f2af162c7ee5b1d35537b303a0ae881c2bce39cf9e66613244d68256b58e38510de7a678fd9a71310dc36aaa1bbba85abf0a62e12b91e7144b5ec2e80e7f52d96757a5929a0bc98bcf52dff673fac93ad703b92f352c4b79cfb69d660c2a10c2e7bd1b1277b4db24e2b3979c8f5732c9f388eede56ae6", 0xda}], 0x9) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) 22:17:12 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:17:12 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x8000000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:12 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r1 = socket(0x11, 0x2, 0x0) r2 = syz_open_dev$ndb(&(0x7f0000000000)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0) ioctl$NBD_SET_SOCK(r2, 0xab00, r1) ioctl$NBD_SET_SOCK(r2, 0xab00, r1) ioctl$NBD_CLEAR_SOCK(r2, 0xab03) prctl$PR_GET_FPEMU(0x9, &(0x7f0000000040)) [ 1701.900722] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1701.908000] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1701.915277] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:17:12 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x3000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:12 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='hfsplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)) 22:17:13 executing program 4: r0 = socket$inet(0x2b, 0xe, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) poll(&(0x7f0000000080)=[{r0, 0xfffffffffffffffe}], 0x220, 0x2000000000) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/rfkill\x00', 0x50800, 0x0) r2 = openat$cgroup_ro(r1, &(0x7f0000000140)='rdma.current\x004\xb4\x8c\xf2\npB\xd9\x1f\x7f\a\xcd\xb2\n_\"\xcd\xc8t\xdb\xf3\xad\x1f\xda}\xca5\xb7\xc4%\xd0g\xdd2w\xd5RRQ\n\x1eb\xe3R\x1ds\x00\x00\x00\x00\x00\x00\x00\x00\x00b\xac\x88\xfa\x00\x00', 0x0, 0x0) connect$tipc(r2, &(0x7f00000000c0)=@id={0x1e, 0x3, 0x0, {0x4e23, 0x3}}, 0x10) [ 1702.060944] block nbd0: server does not support multiple connections per device. [ 1702.102070] block nbd0: Device being setup by another task [ 1702.114267] block nbd0: server does not support multiple connections per device. [ 1702.123258] gfs2: not a GFS2 filesystem [ 1702.131699] hfsplus: unable to find HFS+ superblock [ 1702.142645] block nbd0: shutting down sockets 22:17:13 executing program 4: r0 = socket$inet(0x2b, 0x80000000000001, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffd63) iopl(0x8) getsockname$inet(r0, &(0x7f0000000080)={0x2, 0x0, @multicast1}, &(0x7f00000000c0)=0x10) poll(&(0x7f0000000040)=[{r0}], 0x2000000000000006, 0x0) sendmsg(r0, &(0x7f00000017c0)={&(0x7f0000000100)=@nfc_llcp={0x27, 0x0, 0x1, 0x5, 0x9bc, 0xffff, "e5ca9543d9805f5b61f1ad1f6d2862fa232f1bcc675c6c124ac8437e1c139cb5c1cf3b0a40993846642be85bd4a3d3b87f13f9aafe3a431a5f44339df93cad", 0x2f}, 0x80, &(0x7f0000001440)=[{&(0x7f0000000180)="8daee014ff37f0b78ae0f1c933df9dbeefe0c6f2fa40ce83565ec8bcfc7d9b0fcce1a1c0e1687298bd85a8e4efaba5a4569e58f1f999a7039c33440898cbd6b558d8c1b7499d8b05f724bd1722a821beb16178cac7004653b28c8da1317f5c562a914dde23b902eb11e5cab861f442bb6dec8d1a3d5c4b345334ca7aafb8321f272655", 0x83}, {&(0x7f0000000240)="b7dd89edc96344f0fd9f267a71855f67ff4109a4818a6591196bcab8d03b35613ad9d62a4d7cfbd98e0bba23ba86ed68d1469f2d7df0354376e66f94a634c896f111918bcf8a94dbb9a3939ac89a88111486b2ecf5836b43623ae5d9b29d9063e3ea5257d4a2afbb7ab192e447efffaa2760ba5562bfe3b46ae06f3f76176f950e94fdcc6c891fd593eb58e469b4ab0d755e6f89abe80426714165fa2ec519eb2e9ed795bca1a1628263ad8f31af307a83fa54f13a35d6fa1ce77e751e5fbfaba4072534f869d8ffa8082d2d2b70c63ba151c6e1209d22410b05101a8f66e73a825c00c9228a2a84d1b7c26dfc5ab181d898cbe185f15721baf622255f7987493802281dd304c18a3cffe79b02495b55fd34a8bf05bd7f427c869801cc5cfdacaff050c47383f09b3556197eea27763217026e3b101184ab5df8d6187d7bd73b55f1eccb7510b7fc86182b3f4f615ccc78ccca199a14e77847ae692853018710fb47c38865581cf018ed74ab94baaec97e757bda25aeca7bca09bfa8961ccdf2849c42af21cfd60782f15828365be205d9e8145c27ce7bcdf50013badf8de3c7d9ddbbdc9bf5b147a48d5401aff09555f66e370fdc21cc8abd56078048b1c329258135980c9a79099815242b19baf2be55e971cb8571df828235b60d412aa7b6f32b31b7aa547cbffffae6d70c89a7b6bed8bbc8851e07c6949d99642eddc32319951e74c5759dfcc510947b1759122e4dd5356c266ccf983f94d8a8534ce7e65bf45965d72766a1012ee810cc945c44ff617ddd66a5034df25fe8665c0de0781d29e839f47106c666cbe46332bbd82270a825b64625c8e91cad3f81ee858413aa01b9937cde04e5176e29daadb369875205eb4513caea365be3a644e6c91ce9a255a0c85621875986842d7a2e84859f3824cac0a057134cedf285fe5cfef1d3166a74e3e7bca93470889adb55689ef84d8bc9b05f073913828a66079f4054783f49c60cb28cdd463c503b4e70475beb8adfd69858f04ee3ea07559a438950015252b5de55a447726edb1a20c1ed381d1563b5dca0ae7aee0165f5149d2575d554956e786a27808a2a412dca135e58461e6e8758a99b70b9e44386b2dbd605b73673092ed5fe6c78a06cc203191988883821d57a02f96871a612487777b3cfdfa0002b9f68912ad405b5cde5c10d8eb811e90a6d2a4b92c0bd89f144dcba05112498c6f9bb07af05e8034942ca4ada814852c1bf51fc21816cb06ff636ab5f1878a2c95fc80466208d7461906c5cfc34ec1091b0dadbcce5515c9daaf506bfda9124ef3fd0575499651931d55fb8cb6a9fe0830ef7cf34f1e2d9b0eddddd799a3f11142f087cf75201f735fbc14e09d2eebb23ebba7c07a750fbf9d26b3e39e088cd8ef8682ef7d0d5422f8cf6258e29e966afddacd0723c738196f9aea5b411fad03f50d251f61f7b5566a404327a6c438ca44b9936b13ee131c2757cd7887dc8530794f323a508cf086f9f6dcd955ba0a73e8ea0b581efad5779042ec1d07bb369d980cf7fb9686b8cea54011e6a8db75cc9b0be6f57be729e19fbc38431a84e305dd0e2c84858d15204089eefe952e65a04ec668aa0ee9ac0ac9d8eb2313576a1b898e6b79d23b055c13b8a93f05f7af5803005cb51597f76dbbe9e4cd51a5dd4498522e0a133b136c0cf65cd283082b6db356499407047a59a205ae4cc756c597400ecfcb44c5f0cb45ea04664cba02b5627faf3b25236a73c1bc4de37ac278f837a0c42d58d2c7d752756f0dd7204528d2e4f7b7be5c25a418c8be7f9a5945d4a96995604e2c40d5dec624d9e019dc4809e570c6479a9e25c06e559abbab60a9857d7777ded8f1c8033bcd7c2135d9eec5f844106900f24a3b228bdcfe7ae56869433e727efcbc7783bf166dee6df6846792e4a6dbacd60a1887a77f3be2225d433d83ffa82ff9f692d5a1ccb4f17d689076c52812d9c5704e0dfa3a71fc5ef89d9ead203405a5cc4c5b6163a69574c1cba914f294435f9cc38ef5a729060a595e8c12fa0560e4c5b9ccc2d05e703684274d1b4a15ebda27b9c8a6ade4dc849b0963d139f287491e7656a356614c82d18c6fc0e7e21fcce02eb0a005fdc6e6a8a1f2b61133fc79838a878c01324bdb8405e55d92827eac9276a2d16cb6f96f4925e86a315e0fef430a04456519986186b4265cd47e7bc75fb3bc9dbe8de13b1f4891b4f5f6670dedd1e54ef2c9a75daf653d3de1ecde988eeeb71f6b84ae0ec96548d7c12dcd23eb099d8b7e7b84e5d333364a5249a7162c126e0a677d9b61eb919cb2569e90f3405a6bbf5e4374ac7706e6a897ddbb4c214e504e29993a31e6a7c2a125b50360bf672ae74ff48c7037d298f6bc1b098d361f2878792eed230cceb3a4bb894d1204ece5759e82aed2956535819ed12f428481f21fdd654176039243d1a0d72b0c2aa198c73bdc4a8cc351621dd0239e9202e76179b6bdcb580c5ff7d9a312e76bd0a8d7efa60d9d2ee9a8feb7cba93b6a256d6f54eda70f8073e623ff70dd95eaa988d3756464e25712af6f8c6145d8599148b8510ccbdf2fa18583e1a1aa6f471d39b812da7880969d9ee7dcda1950dadfaa2fd8c9b5329f9550295a96c4a4a5eb044dc4f68bd9d6d1be6cf0961d53713ca3b80d25c7b1698f4cc896988e9a8cf4e24747fa7159e37bd1125309e12cb6c3aeaff66b09a42e31e47e5e7770df734f5d1bdc7f5f7328f7eefbd31a26a75d9be1f2f7d5bad9e4d98b010b65b8c78100f5358666d725719a9fb35a80585f572a8c8464b180a50c25d2e92529cedb25e55a23bec4ded2aa167a577bf47a9cab5a289bd339282b331a620e8241e5c96ade6e58d5204c228d13b574fa6de672743f6f9e7f18bc07f67d65cbe8bd3c9e0113f2204fa35ded93a7c1017e056cb7bd94723f816a40e97d608670a97ef88ef6dff7fc0eb2494eb0bc11566bc3c1675f65cde9ce00a15f29389044f910d692d4555736310b0580c6a57abdcbdd0561372c9de5aa7beffb12fcca18ae4ea60c967b40f92d26be29382da5a9ad151455ea30a17ff5c5dbbc792c1d86085960ff1a98b8fda2b0125753836f22604b56095e52067c87611d5e3c9e30c6bd00d75a9267297d61736a90ad280fd563551ccee3a37eff9d03f2390113275209e9115bafb1964be2a8363d2c030c8b8102d50afc6445984d580f00c951d92b7d3107db5c12750febc7b5a86315b358caad4b630f7a06d6c1f40d7f2f5bd75a2073bb08875124d53cf1b78ead6bb2e75ac9ec7f129306020da4e4d3f125fb92a2453068e25f2d396b5da4ddbccec29450cd0d9a81de3171a2cc7da15b00a3eb098ebb3d48084dad8fcbadc038c2374810a24c30b841c4ac13d81a9604bcc97a2ea962f01ac000134a1f5e471db25c4679e426ff9def239205e905eddacda1975b47845b6323f8b45a6e56725a0813ea6021ba3bceb4b891c757f2b1fca3bcb9b924e00bf452afcb73133ae43ffafb315cca544897461f36932924c42ff9f0a66de1efa9b3d5eab6fa1e6de5b4e2257a5bfb15d82f5e619cb6ec5c546f00816b0301d2485a59801217accb2808a84dbc35a3e855774e057ce59691aa71ee26cece7364dc73f4af9d3d99197f09cf0f21ea78d3123313e58996bda6b3a48054d801199502646cb6c4d6dc778eea6b7d77872ce1ebc31afb00729388e7e82ecd54e636966868f0370691eeef0ac50085ae58fff12f6ca796bcc63bd3a43dae9e20054d305d54ba72045f71c5ae4dc5be377f8b6120848cff917d9af8dbb7943305b572731ddf95db32445f27b699ec141d5b1cbee3c1210db6c50bbd7fbaea4d0cfb46c49e9125fae99cdce8c95777518896ce86273882384a47630e4dd0fa03a98ff2d6eac3d84f3c5d41525ce1c5939dbb8237d9da6545d08cd5cad701c2783dd3bcea2070d84c044cc943bfd7ce22f1b6691b20aa50c60773250b07c6496f0abd0cfe7abc90bb76e040374ec281b38a13eb42587ff2f44ca13fd22a822111091b0bd472c3c95fc831ccfac2c6b10bd5eae6249176aa05041cd5ed30e0c386faa88ef83dfe481ad6c8283bebfdab8797f231a9a5e27fd7090aaf6e1e569c6aa61213f87870918cd3be7dba710ff085e8e9e1cc42e06abc7fa93455b6c43958507cbff4437fb1c66aff1268b59a7a3883c2c30cf4fc01078dfec1f072c74dd71dac0649f6ec0ede8d8272cbf641e2225daf47777cd065d21ec1a762ed7610e1802209bea0f748a58259a5ba1c003d308d8da6f274d9e77a4525632f2d1a935ceee54fedaafdc329a04ed34814df15bcd86f8df8a8e5296a135c4f8b30538487ec16a6650f834a2c491aae193af2b18acbc5015585c0dbd74ea015145738b328217bf384f62e5aa9fe5b0f25971cb7ab7cf420e3f3c1355606b49e1159d3582c1ee7cd3e7efaf6cc1ca0d80df5e92e7fccae80d47f7c03b5007d69c2adda246a460b670e1d9a920d14a2242e67ed65ce452ee5262b8c561b139165216ef154c897028ef420bf972f835c20c3401241b0df7d5e9bb75e7ab238fe77fa50d467df1eca693b75f52317a97ceddcc5834cec201d9d35b6ae72cb94c956170994d00237aaef94dc27427a21808755a0a32458610b932a432df6da131d527161b03332f5fff0b4c20ab519cea45d19c9093eb0b80b9423aedc0b89eeac0c5302ff2c22a81f241c99cee00306e03518d2a7b50d2eaaaccd9d91bb9463ac28fbfa34f65b0aceabfc196e1018349ff261f62cdc50e3b3a3dd5f5b743b36c415d6276984f57f29ee5154cc1d39a2cff84df927f649d277f2fdd8dfc10e3f41bbefc43f58293cc99d0b9100377aa540b4a8952f8dae7e314dbf7e009edeae54845ea088fe6ee940f367f9e4ec2e5cd08c37e8100d3ab38d37206adab4ab3c693961a403a94c596e759c99ff79518a512a63f7fc5bffc140640f1de5cc3c1248db0c2361edf2fe440615b6482b568a1283c726fa1ac8fc1967328536e3c21365e63e29ea0b84c520ffe6aa04f451c93586080bdbe8c705c8fcf5b0d312331890a4dfd106d05c5cce559b0fadaa990c6177f294e52189d1ef96a0fcff90fed4be53228ef399353f38694dc4e6474dfe195644fc377573e8b1b110d5f0e8653d97bf1f8c9989bb4623915ecb2275247a0a1c3ab54d165d550d2287467e362095f24b28917dbfe25078dd027122fc0a28ed6ae6d285ba23fe4e1f22dc6cd7761aca551be15857bf1a71b643edc8ba8d39bd7a1b6b68346b630a34f7392f4ae2d2eaf1e60b303c1c1270bbb61b6196d15c14773f4ad28365eaea42e518adb479dee423d83e1c56a20b284e81a9afe2e0de366732e999303321e36a21a21c634ee7ef33e2c87bc2b1db7b1d97e22c66771e442926506b9adb0223ccb74524c72d40412fd6ec73aaf7816ef462fad3eabbaff66d6a532df30069fa040c3982694f525278718774f75924b18472d84f69c28f5c0403c5b34bfa30c252bc7bbbb05a5b508ab7f53f6a6b73e976831b8b1ab7098ab17828cb4a41c6ea57302ac6bc63c0765d1f29d17fbe7c7929cc5626814d10db0b2dd0568aee9cfd467a943cb76fa651e9651bd8e0c4e29a4a2890ec750c161d3c5b38bda93b62ce4f15af51f3f1515f83a174e05da395416b89c34658edb2cb28eb1e018a1e84056e8485dc7fd62307f44b6ea2fbc03f87e5d3f5401869ca838cb907cbcad4d358e7bc92387e9135528517cbd7f81984255b64168e3ab02f74172c02c5a6863f029b8862a6c792d057a5dd2", 0x1000}, {&(0x7f0000001240)="44977c056a6be76418e7aa527c338737c37e56e0258c71ffd048af290dc3110f144701fba5464d8e351d6299f7ba23df3728be419b9bc018d28659a2dfdc148111b30b90cb1601d898fd1589693ddf6703460ef27663dce2347ae5a828f092797001c7556edd55fb8c54868f2045b5b51ae131a26bbf71555fb73fd9a11698", 0x7f}, {&(0x7f00000012c0)="63b0b50db7ab5790c96d59c815cd976a3ab10297941a2a3c52cb8e4c278ff6ef41d1a4824767dfb6d8a38fe8b4da2b0c7d8a207f976fed00df3ca68cde3da875117efb781d698b38deec6c128c6fa0e5eaac240dcc633242f9f7e015f7ad546999cc5854cc5b84eaf7df07ff0436b1", 0x6f}, {&(0x7f0000001340)="48351710d9b115a226c4ee1c8f6eab8a6e9f97813b75786f0afbd7f92ee8c6cd8f46b384535b242e34419ea7ea4767707b24ba7ee336bbdec2a0c7442d4be91b1c6b7a3c0d295c8f21b4e54096e8013d63610231fd1518bea9988ac4a34d7e7fe21889d5ddabfb8450a4ec577ef28d3ea0b40e97e29a508bdb0720981911428bee95714b21b4dc9f0670ba470133295e26625c994b20f77c34d5d53bc8c79b2a6c71135d60603c48c1506fcc0b2ed36c6ab34204b3d554d55843f043fd9b63447e0f48846e4588cb", 0xc8}], 0x5, &(0x7f00000014c0)=[{0xd0, 0x0, 0xe206, "410e3ac70c7dddbac1c7ef18ceaace30aafb1eda99458873baec5e8dc40507ad82bba9aeda395af3c27894e1707d250f2d0dda3e8bc8f32dfdaec4f23d8c40c6823e65d65de657f4e7359cf9b1bab92e593ab7daf1ad46052191cc502c8b27b4aaf0efebdc78c33094030dced40c88379c42215f8682012b84ff177c334f9c1dbb7c1c4931c0a18767d0db30367772ea5e4518cf5c2053e9eaca7ca1bd88fd77b8d8dbb0d6d4d3b2ca11b4dfdf92c45d4fed1635df1a0ce7d23c24a7"}, {0x80, 0x88, 0x1, "c074c4fae67b2e1fa4c3d6584857e7efd35767416d4aab5b76e9a586a0b773131a2049cf4796767e987e7dc5eabc6144c5f1d121d40ad5d9f5d5a910f65cfe7dd45f14035ddef320bb7754d3d9cadc37702d93c8787246a8981827f9bfc8b645d4f78a0b4e0788ca17d195faa94ba09d"}, {0xf8, 0x0, 0x23f0, "e8054a095213ad951db2f21dc8e653617c0e4c6e64526c059f283290a72641e5aa58bfdc596b13eef5ff92268208caa29e435476451b85605e92b9ccec9037a078d39a174b4a619b10f12e49f1c3e1aa98abb8dd4b1027ff5116a5aee67de6353e46b722ede22f9e4ecffde1b632b95680c5f73e454fd6859098159b7086fd16314481c93628534c7831d1c5136f883f6be6db71fdd725fd18784437626c6fe30dfb346d52397fca43275756fa3a4973f83566a158c1fededf7811cf245985e683d6728750df66931f2c8ab594db19cb3d5d32a73386775ff72a131837ac2aa91592"}, {0xb8, 0x10d, 0x7, "e4e0d977698bd4e41840623e4e53ba5d1fec29d9ebec483b0060890ebe8f4db92113615bdc7e8ac3f34d3f9c41fe9a50a4da09f58e28898b2a29261a5b1d6ed200c1512260c0439d47501357717bba0499d405c47450787daf6a07931942ce0fdedb199d11df049b8d4448f9258e4e7d6e0f74024780f5920fd13346c4f903d05fdd40b89d1030f3fe280f74fcee7b5b24966122a8425d3ebb6eda52e45365a59ed30cc81f75b7"}], 0x300}, 0x4000000) 22:17:13 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x4000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:13 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x8cffffff00000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1702.267891] gfs2: not a GFS2 filesystem 22:17:13 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000080)="0af51f023c123f3188a070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r1, &(0x7f0000000080)=[{{&(0x7f0000000800)=@nl=@unspec, 0x80, &(0x7f0000000d00), 0x0, &(0x7f0000000d80)=""/246, 0x18}}], 0xa, 0x2, 0x0) writev(r0, &(0x7f0000000340)=[{&(0x7f0000004440)="59c58f18f5e9c1c1eb06e5797a9178aa4166a4fd9c9512cfb8e1c89c5a9e74427d09a6929b7ca3ba27f96e3416c3eee178200bf61b3a5e536d1e66a718cfc4890d371fa5a87f3521eab3b77f90b8a2f80d53d7a24db4535ee4281acbdab6a34b3471ee62b39af71d0c42fd5c9aef200f15fa54a3bec03276ae34eff75cb066bb3f4b285f6538d6a4ba96daf7069d4f809fa40c465f0839b2c45dce53801fa846d58c8a472fea23e9a4f5e9c2abda09061e1725cccc834348939ea49b886d13e6ccb641ce7efbdb43a49ba80665a23eec1cd523fdae2a28e6eca0264d86d93cc4473eaa252bfe2b82e8ecd507ca7563324d4f145abd583caa12bfa5bbfac4bef5026fd2edc4ddf6ea570718421323074566e8184b1a89ef66467334ed10fa8416bcce7f3feca67d6da8722c0c7f27707249911a125981fe454cb903f8f796e9eea1406e1ea5d8f7753a73be80924e6378235a8dd78f7a856f30314d674535f04fe6edb6340b53679ec96f34038e0542677f096dfbf8fe31905a24cf03fccb04deb182627e932084acb70d035fa39f34ba3a341a92e09f74ba245f52d02a13034a1c79b5f4317f8d5ee4d65ba53d0c979b58e79c6b59f058b468ccf0a80a28519f9f9734c392434837a853e01e83ce27f824cc4eb75c6897183c964733d2b8a0b0e11161a3596f477df017e70944e82676ee562d8734b72cf30f3cd2bf6e2521e442901513636e5c9bc440c77f8a85c68000988198e500e39250421eda2ad5dfe372627d337fca0182efae77b2e0b21fbb916799daaa1924a660a970d6babef3895b9fe35c3b19397382b0b0413feff092896c9315ae7cbf1a8acaf9ab26128ebc3db27282c0513c717515abc8f8bde032b68beb53ca1d23207f910b8fa20248c070259c09779bb95989c958e6c7ebac7dfebd797eb9f173f2cb1eb51c2f672942f15adac31216c15e6edbdfe289cc0c119ef41b03a984dd7287ffa1365ce057cb0c464a4f05500e64f766298a982b376799f33bf384c4baf66b984a3dcee98967434c2bb3f0330c52ae178d4dd021383f54ed57c1ac93210cdbbf6a6729ec2ffb03789e5c7157a1d0e9f9ff7d99772c40fc685de197a7b7f03969dc4fec9e6c92374267ff94c143882df848847d68c1fcb895602c5da8b0ed2215fcfd8b1d7666fa3b8dc4d9d69b0c9235b03a4b1df140d870f9a1b578c34b33286bab05fee4f2025c5958f3a5671722a20d0dce2d57f4a556fe8d0cafb882e4a902bcc37cd39c0035cad7fa478acb92ab9e8ab6127592518b38f58a76e105138dc14f7cb1d94ebd6ddb1e57b067ae65899e486a93e04c9c7f316a3e9885f190bc4224187a1cf2fe552927561123a7e1bb02303c9f48d6d57a42424e37e16989c76925559c09e9e9fc71ce14087172046ff7eedd03a3c49c5edf0c5264ee30b100e8b861d36c55b90ae289403af206e23664a873c18787e39fe4f74cc90c099ddaa20aa6ea16cbd8312bef25dfdf5f441a87601e1496905e85fac4672bd9801e752b1b3c1d18a30d1a39ba9ba525a104091f40e6b19364bd27c2c17c05caab4964f41f5f6c0233d0ee835c0f1214888cfaa8f630cc7ee58b83f53f58d737b759417c37e3ae10ca5722897e570d31a7315b5be36ee23864049a1075f01eeeeb7502825849a99cd03135e7740fc3e963b6c3ce013e6c4362ba51838a9b16cbf1785f35c45af8501eff0f02f2bb7a09fa073c843ae2f8acd27ee9a9f3447a31a338ed4aa533845fb8fc7183bade07906b32e1ad3110021908a6637a2bbf87fa3c90b98c27560646951e7622f12214c35c0c91e371846de40b49d50d8b0e1eac7905846dc189ca8d94ce2eefea485b2d046fc6643a35dd51afbe1324afb3dfd64af88e58564aa77cdadd8a39eaf8747d8897acc2fc3d755d6d9065dbe54dbcb200606f70492d15ad96dd5b8433191dd6b3a548e18e968cadfe9b2dcf1a04c7024ef1694a95949c5eb627f28289009c5f65b0a2c5f9a0a4aac960b84ee72608fa54bd2d59e700e549339f915fea4b8c2a8020263ccd763aea75412ad69dedd30f1c8c216fd4ff235e46be14a97630022dee93856c03f2b2edf574fe9c0ea173fceea40af848b7b595ad0849c1a33bcf45c44fd67701b8a817b14335670e30bf0da3f8f33129e2ea50d7758182d2dc273560c52e01f7bb3653e21550e0608aa70553184eb5fbeba160e36173fc649c31c58e3407b4a960d1a1620e10713d2129c4b6cbd9ecbad73ec63bab30e138b82551dabaef7d3559ee6c1839bd978c4fe6a52f897f6424d0aaca167872ee1c1f3fc29537c517e30ab49d9136c153d1fd2627748d47528778ac58852fc71cf4fae327466978c968a92b2dbd3b21b6eab5da1c7edbdcbe0117b948b8e49972ea8d4ba9ff5ddc6e4099944a065b6253dbef153873e515459c3a786dba63c487e6af015b9c173418a0a07e08eac9b353024e68ba872f10bd4fb1037c4518fd7cf31bd31a2d4900ed662af01a994719beb1c129babbc7d12fc1aa547948e62ba976d11a23c467c6f47096264d0b28f80c1de8a818aebffaf35bf00b5552f217429cdb93a20c8f9d8997f49873decc0a6640deced5fe7b7fade82ebf899ed392cb4f45b194f698780bfdbcf1476d9f265ca1c0b361e1934717d33ca0838b8f5cafb9a01243b1c06cf0e992b5b514eb85fdfd3bcbb8c719a486a0ae97486bc025ab9b2c2b2a973af2828865ca5c17985477d0d4d02e1fd5c1ce141026060b48740cae5f3262b42b9ed8fb767426d81dc07ec0a63f4c0a6fce259c56462a2762df966cf9c6c9ddbcc6a3db29e77609e833df8caeb14f4d0562caac3dff3430dc4c3d549eadcd6a2af40a5df45ccddcfe66e5a2fc1627d75ba3e7ee4c7423ba2ba7030a3eecaadbe1049ea5fb94c9ba73bdc8964ae137b0e5d79bf493f46d0c1fd26f3c201696ac342cfee50ede00c9518e25e40fd881461788e5404d89457b278dada210249224d5f38065904570cdd33aa0fc0f53558ceacaa2eee70dc8bcef21f838c8f6132710953ed20a8f8399db70bd3961a5665c007668dc8af2981787e8ea9a2e0059edcfce4ee67150fa577c3163cdc5f0e2f57126ac59c72c0608487a8d30f525abe80f52f728027c3f40c8df015b950462ec3390c2a8a6418b9e4b0cdc9d0069d484cf86b23050f3d860e9b5b19392213a57240f4e1c88816ca6d10428d96fd5f8b8c6cfcb74d86abd70529336f22fba2ca946e8f622163c14b176715072eea51685b4cae38083967a7e1c7e82f32076608ff127a1d91d694f2d7ffba47798a57d4fe5fe773c729cde36c073d4bda4da9dc5bdf17cb0e98b2318c7cd8241b82a06cb4705ef103067238c94e63f6fcbcae059f504b42bb90a8d57f97db172163317bd53df3a38153518f0b4fb3fe1e0e1a4d32103f12ede5fe275b01e0c98cc03b2f6f9890e5c74fed16421ed29c96804ffd56c7cb67ca5fbeecde94780a97f59e77a6e7c24694a0e99a52ea41c4de357073f2f262634c98607ce9c7799a16ed8b62358247a545e5b55772448091869b930ee29552760c8995f98869551ddbebdb97549a697b4e7e49905fa49d5fcaa9df4ce7a95e3db9ade7605e55e429625916f58471fe46c963c153171f431f7b13baf8553da663ac7aebddc5eb2eb7cb9e9531c569403cac0947337605f875329e7f383b1afaab43ba6cdbb82fdc7726b7245c7bac74e710cb667217fac707e57e002616e2ef43b8454214e3398f07d5b76a6c25e94a9afc083c50115c214fb534ee3fd94eed3ce2d824138c224385ff7768dd9ff20e8ff0cde293303d6031c704e49ca7edfca5be5b97af9f2ce8f39edfa28d4c8ede247c116c9c208894390fcd4e5d144106b0b7612ca88c727dce544f67e17d46ef931c44c1fe33e59b0fa47d435b699c0000547f672dc5f0ee33818c3a600bd773c99b1c2f1dbc9e96216cea0b32a9bf6005ee0edece1808879cb225586042171bde558d91f3ee5e6b9d89a877ea2e909c88aad21db603e4e92316086bf7e0b050ab72d9f0ea7920f457e9ef440782ba4b18b4c2d3a443c8839f72821a0b9527d23831ff8161f4fb9eff62d971b8cb0b1ea64ae2167de92d01f5f236d65b62c52af77d1ffd23ecdb68b10f4bb0597e9ff6dc7180fb045fcba39aca1d19ec8fb0b2a456b0bb801ab97e1dd39943c4aca7cd0d18a30f7f0018517bb47761991cf6eeffac209460ee0313d5b04ce541ed87c189c524f6dc240b9fc5ac3149139b07f4980408e037f840609bdc6e9c9a01bc59cd791a6c1cf024bf17dfdfaca2e40a71d7403195b94ca88d74b3c1798137d73f4e2949f90da234a93e170b61b21a7c05f4a6c7a931b859cd65c222994b62a47a6876b60a8bbb57e8728b051aad6c7635e26e6039900a94766fcea9174e8d43366d2508d38953ce4ed043b57698a1ec258986fe533358e1284e3941def1a4e3558bd6295fefb7d914f14889cf063ab941d80a1c353d9d2c4c8d09ad3f3b891928d77258fdc31f0b93345fa47d75b2cecc92e5b8b4710a4840d639494545078a6bf66ec38c73bfe720a4c507e5cf71219eddd88f252779d72036f9b49d888bfc3a9744fe4587aa7d0af99d1aa90b2b2822cd81f1750838454b54fa9a7122628844e760282c7c6a3bc65003354c2c9c004c5a9b6badac5a5056862cb47c4490e0a02032e7d134d625ac2c54664eb61005fbbb5f85e62986467db90b65687603213cbd55d37035a4362811a53a041682424786ad38a43e6156678cefce6074497c769a61c59dff80e8c7f7fbf9192316010cc17954169027f9ffbbba4ee8205801e2139855cc6b3bd08dda6381b21108c0c1bb19781d3e4e23769ea9c063fd96c731fcba27d24912865f629575a52ffbe9b4abb1734376e403637d13a3bc00300dd78155c96d08498dd7b3585344ea6cd9b29de5f035716f5ee6937e46c0a0ca8fd7d9cfeefd0e548bcd127dd010004db6f3a7b732223253132e1a455d74179b2204945e8d05c4d3dbe00562147700d3152c9b982bb83725d85999f95709f8c4591d550d9aeabdc4abdc1afd8e5d893b7fd05c50c748cf37fa0b5c6939b83c4de18fc0d056621a25260c29fa4488f38df7c930c6461b787604c1f48031d415c2ec1fb0911955a463207e376c9c71447ebb53c6dbf78edaa81e6d7bc9758a410a554f261b7251c8c4c12816b71c01029c5e0698eb319774c50936500d0cdd24c58329386113f3d8962695f1a3b47dd063dcb9a05cf3c7dcdd88e61e1bacb422732246e9b484fc974532d3a7229a3c5dec55876e7fb8fcc5f961dc11053754f9cdc25598b745effd4a74503f1d4d4cfb6a1c67d1f5f51c9a3a9108d6cfbd0b9919768e65f0b4f5313de6578dcec2c326e667b4fa5d12fe100d14a2294eb7597e8b4f1b9b6f149f782e567d1e91df267b2a6336e5e432b26484e4e2c5cf9b16d9857617154aa64ef33c32f3a8771234d36460af11c2556e9a5f707b06c46b66eb7bc2df2968f2c285b43c64d539cc5e70160f46ab2c4eb5aff4b9a69afbe8d102252eeb86bead2c6500444ab1e2183b9a4706109ebbf19be80f427a237c1f920433c91b6c7c6b673baaed2aeb8a11236f770d19d6711552652efdb385b00438b75cea671b75eae348c5a580e20724dfda337fe3c03ddb15148144ee9df61aba946fde791fc43c143896774c3f92b7586dca8f7d7f10c4742e10b11309ff814ae3b2ac091209c84e2f1089f3ae4c64dcf782de123fd9342be934a1637b217ac30324bde91ab3ca1b37a", 0x1000}, {&(0x7f0000005440)="a7c9391c6484ddd018ba485fed704e9fb65528ff0faf24cf6d4d14116e042076095df9b5490891dce576cd8a2066a5d38f5fb39d0057904fd9ec81a32664f85ed1b3b7c4a00a86e77452129e86e0dd65e3c33b522d92364444606fc8a5bd0d4942949621c72057b4c5e077c545f0ba0b3fb9a44797bd6c6f0f51e0bc10e1b7", 0x7f}], 0x2) fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f0000000000)) sendmsg$unix(r2, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@rights={0x18, 0x1, 0x1, [r1]}], 0x18}, 0x0) r3 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x100, 0x80) sendmmsg$nfc_llcp(r3, &(0x7f0000004380)=[{&(0x7f00000000c0)={0x27, 0x1, 0x2, 0x5, 0x400, 0xfff, "41be9dc96aa15e335c8ad8dcf988da1ff59302a4d3e52c6e6f9317b7fcf9b3b96434a21196536c7c1350f0ecf17e63ac8831fb6976446e76e0dbc12f801065", 0x7}, 0x60, &(0x7f0000000600)=[{&(0x7f0000000180)="c0ca9c9ef784ec330eceb30d77e094300d85e91bedbedbac8c2ebbef774a8f9bf4b52e040ed0d6f8987f121b6a0c29c626b69a3fbbf88a6dafa91b5ab857e37b194f34aa40f48383a696b810130b8c90f8b1ed3a1df0af0e70f83903cf2361f7c4a3f3765066afdd6575c903c6ccd62e0c0407171f00df7d9925688e14abd2f8083a0f141f7ca56c53d9d3937eefcce145ce72254c2cd5a685b97d8c35340f6e4ba7512d356f8388c461716fa23e8556b66831e1230c4032ff9e085a9354a1a3cfec6a7d2f596f3ce35ba018606cdcaf81f0f308e762cf7945689520bd7ed4", 0xdf}, {&(0x7f0000000280)="fcb198dc453a309d57a1696922c51c689852ffdab08f222345ad13ae3d5c25993169142e5f3a76dbffd31a2ac852cf92a8bc910ff188955da7561e898cbc72664fbc2a74c78dac1da3bcab1797d32700a0b403e7745d69c3be0d1688a45f772a59ab57eaf8a888d4e2aeb8", 0x6b}, {&(0x7f0000000300)="b5e981e79ac36cebda790a4253cbbaae5750f241642de683c4a0b0ad7ebc30527773ff", 0x23}, {&(0x7f0000000e80)="882a4fc09b370018b40cd59731dcfafc47d7ca10640b3c5cf60c2898504bcf6acd584e00ff459c30c0c9c4f155b8d1cc0adfb7c546aa96a35ba7096f1e71606a392fa6f041e5feb0cdad0a53951e875a7f747e7cc8c65863e9e12f266d6dcd7e7d1c76c25d4949f47203620405f28fe2b2a6791503bc7bca3bfaffc893e7b69ec2b8592ba1a350a2e7aebdda860eb33db72d4e7931f288110867b0acd67327b1f7cadbd50e5c5df207c2dba9b29d5094b4c46dc1cc16ea364088b62520b3f0cd865ee0189ab60c9b0488528bac28e6fe51eba1d7399ee9d8b7256fdc46fd418bea8ec57dda6031ee333eee5288796b86f77bb98d878122e7fbc834406ce00040d973b2809027f70e582408a5770e2e083520aa62dc06442adedbc370d6ecd4856af680e66a1c6320d8105c5d42904052ee73ee0710125028c0b97ab12b73a981da7ad7f1c816cdf89a1f4bfde56ed710489fa570f408b1d5dedab1126bb41f66d7189ae60add722a5cf11b3e3b8cea72ebd0f54a56db3815d5b8d2d42a521f6588375ff7a138f18a3986a150f5c8573a278719ca9b43e2d5f99e16eebcaa1bf470b6cb57d3c54729b5d7531a2a06cd97eeda257ced6fc839a188b2ceb199001f0df92d02e18995be8944f4b3d7b9903607b7fc37ba03202e6120f1eaddac03968d740ee7854d4d2734dcbea1465b2ca1c56169c450f58afa4102d1960f1a885c0e8dd960e4a60aafa36d2e83fc9654c7cd8591553c3c3f8ee27f25a8597af5a3669fe3686ff38ee88955051c1b2ed7cd2ef2cb62952270e1438efadd44dd54ac3dc8edf84964dd0bd617096cf390a08f049f1b889e47d3fd4b11924a5b18ab5f3b986041a7f52166e1b471e3ee66b1663da128fef2473a6837848a6b8a0af7b7ca3ad0f48ff20bf9df99a9288dfb1e29443ffda6a138db4c3242f6bfc256339069cd785aaf9af3af8203f1ac0d44049a68ef33941d2c28300be4fec088f7854ab3649d82c537633a3d048db8c1417cb2c6870f30bf5c54d0b8890c879a8d5852ee60e29ddb0aa507dc1efb77f991eabac4dced40d90d5e558ee48995156d0c236ba1367820aee791bd1cac83345fae3d217c4fa577cedc4b375a934f37ed64db25ae9e2b0c49d84317340bd2d03f79478e07761d0759cc450df9324c195db9c25bf370a6c2c611a31f32e18256af634b27f656757a6c4bd9d30b58764cf3d07903b720acb095552b2253b70a588921e180e5fa3d47eb1fff42a42448cfc3eb1c5dbe88921b5567127993e2ccfcca5ce52bb941e107e01acbb2594bd59b367df9a41c30c5bd6e30766c7e40db2d99677b300f3d6c63616fd28934165d602caadbb202d53e71905785222623394d726a701aa9aff35dfe4d38f310d9b70ae1a704ea257eb169b1e78d575ada0150f1c87fda082a7ee0bde09fa5f30db72114855a719033c0052137132de2ffb39ce204fbfe901d24e7e9e8891a6feb5e1d347fbc374f7f302e0c8d658f2c0d6a08c7246b9222e6582f2d783963081ee87ed4d607bb9deffb6a55800022cc9b78a746fe7f23c4b8c09b4dc152a6f0c8f09cdf0c72d800573a1b851bef46028e550da1ba9dfe940c5ce9ef2437ab48fb11854e2d8780634e6a30d5d4a95548c04076a7911a0e28201db58b36aba1737126a950769aad19b28b45e5ecf1e3bcc53e653bc68299c0a5ce0d906c7b88ffc89bf4d9f9a2139050e56184c85086fb1804c31293e87ddb01c885abf88e09ac92ad44442a35aaeb9e3ee669f72cd29c3866b3290beb43e8cc20e945fe1ad04d199c588382324d5263da18d46d63a397a01afb26afee4aa42451ed2e5242f82ba288ab212cb8609c13e25b4a24258da728ada099e7454346803e8d83dd46ef9bb3a8f8601a13cc75bfc163d53455585e801879688e9be4a8ddc909c9ab0ee5ac62b0e6b4696a205a3dd86f83df7e6e5374fd504a1c2eee27a6cf08f7d15349d951c542717ce04b9dc019a6c2323b6cb61acc51ff96bc8ff78055c3fc1be2a38894da9d2f69ed0d7ecee3e4c62f56dd83f5c8d60d9c9e90038e2df791bec0fc3b32123136b5c939b96d556462bc8fcf3f09212515ba79880ecd97d081840af4ab43e8c8af2ef0a6066e1c1dedbe7222ec798e77a02955eeebcca51f0035a9851e72d49d3022b00874ae898e1abb6a9810294736bffeb2418bbfc63c87a7f798b9f40146a60161f11fe396e144b374691b65f0fb159247610f9071e1a9831736665f328e479dd16ac2f8eaf0751034a0c99d0399c0e0f41bf7f3a07f4374da496516a22dffc3002b1869e3ea41ddd8f0e560fe93eaaf68fb3d7e24c2570cfaee5ab29131cf06547e6e58d5dc965d607f57445a8d67dc0f0232f6ef461efc95448b9f98a12706515a7ef2ebab44fd3daf3e013b209caf8db1c53f6a30a518d646a67391a7e27f749fe83daab3138004c28b903fb4ecd4b35d46165644889a68d7cb508f70529c3bdcd778fe6ca52bda52b5ebb98f59c93d19c72323a8549960e5941223dfee3ad76fa076128a0bf219664b5cd81063b2bc70ad43bb1afb96436a61ab1d212f6212439170214b04d72ef2b0beb813d98f7f3cf2e86942dad3bd21fbc8a934254a3c33ff4d76dad8d555b46fcc125c9a33e1ba37e3e12fee90e082ba65f5871cf32e477ed20b75eca61772e98012c8dced0da4506956113c84d504936e0b20bfa30f050e20d96ee67c99a11607522b18144a9afeace658b9dc4cfc33ff3cbaa77aa984c2f359c57b7354f4c4a3180030c2eaf93847fcb45653e3ea11efe7f08a06cfe7ee9eaeed10248729bba3c3dcc4116e9c45b746a28466cade1450d3b031cc1f511e5fbc1976c4071ef198a18e060f2b325d2d3cfa8888ce62e78f88e9f946d7bbe8ab08e9d8aa76e3db5ce8307b8dcbdafecd6ea349cbee54995d8d0fc52dec75de02a71ed68a65837382d032dba9eb20102941a2cf0fccd93598866741ca3685ab0f0556014cf6a99b8a404a5e7b3928ffa56d7710825b7327436a427f4a3c5568c071fceb5929f0ab029cb485cf34b906450e921ce43ed066eac7b9ca3dde2d88e64b9bc4b1edf169846921b207041e967f0182f1feb3ff0149969ac8ea7f0d93e89d5c68ee7c15993799fd9b9b96a17762739d3955bcba0b66d017c430ee02621b323e912e44c94a1082d2a0f3010d65136105f90a13e2dc4cd493e3188fdcf51a93dcffe4e622236ede3a8d40cf52470da6da150c0892be8939c9955769aa2549d880f8c6370c6423af259886f89dfb52dbae02aef11c576d03cbb0f02cb318a88081244e8e79e5d8127ae3798b328b354730b93e6130d303f323cf1786c2990e96e7cea96281c4ef27e0317ee3fea9ceb75aef61328abcbe692e8435ead99f1230786929e8a6d00054cef53bbbe99923da6c932fc38a9cc923cb179813c6292790136a4ad6ee8e1ffda149497ad015f129266f82d3e9b913b88e6cee3a046c0d59da5847b322cc13a531ceaaa4b6f075188bed4970377b8ebeb5f0c9e2157483d7604451c8a53a1d2fad05d1d53e6cb92c6ec26733d73756304275aff9102d3f81488293ac29ea2f77eda72db38d89dc724db94ce01921602985b537c59145a0d2214e6a01cd35d78a698b8051a1f121fd2ed4dcb049fc4b133a2c686ee73ca93fecd28ad8acc01a49c8dc1f8c726b5f4a04e8ef2da3cab989434603caa992484ebdf4c05d53c87592f932fa49e3efd6091e6f9c0c49104dd92027083acba9b1b8900466440de6a4efe4bc5010e8a70db57944587e81045e0f19fbe2b19aec4041b0f7f8b2370d6dfbff7502b823ef6bca5f2336230c8615863f6b7fcf25e01b482a72652b6e73fa5d160aa5173aa9d985695cb3bbda663755247c0aff0c76627103e4163a1c39174344852582e85a8216f44482222f9002d6f9ebe3fe5d25b855f11fb0589d5ca078e24a7ace8f8f2fc273463593ad7380c940d8273b46762738db3b35617951ba5dc4204bd93df4b93e0c770a240c3306ef4f997983b3bc235f8f5c18a5fb597f1db32d2e75d4fb9daf39f6e66cb4f995ae2ce16bfc828cfe3c4ae9ce115011a8f41784165511b7392264cafd521bdd023e27519ca56e2cc75702e4a6a9706cc07272a720a5351d855fba3ef5839b7aea6f9fd5e8042891288edac7d3d2635a16d8f29287153dcf3371faef5829863a0090cb16fbc452328552980986b8e8fcaef6b7be4e7e78f49875388ca5f0e72ddd29e24bf57fb64dd952ef9244598bdaba054b6038f4983051cf0433a8a1d6e55ce35bdc98ebac10ea96803e1a71b04e8da3204365b4144e4edec474f39912b0142fe4d1857e3b9ce9091bbaf95760c019b297ea7ddd2bbc8eb22624ac6cdd0810704e8e03614dc0cc19825d3fb05f2963b3f4206eb8ef6de99222f690f0dc5189c19363263ea3147ce531cda31056e37082565a95f9865eff4cf596cae832b03b2eaa4f49a89ab28a5a70cecbca88f2676bc9a7a23d96902af52bde94efa5bc80fa9eda1608e1df5d71324516a243b6c3b34cbf625a6f88db2c77c9f4769c1de45a1ff55d31a7851ef165ba4cacf2fbccfac3c660dfb4283ca4c13416cfc835d5cf1ec0f81a272aac28799ed0b2d68c1cc2e5325bde26c40253974711c65ee9e9d3012d11d2e0d97102c6fde5dfaf43e05c585d95bcdb18da4abab76227f8c6d4cd0e9f138b942f9779512a9f620d0c0d2b3a8ae8c02815225366ce76d4be97163e2ea2ea89548d2d92973c5ec8a6f54c54f67311ecbbd0d6c05d05806e4062005d9ed71fccdda8c2dbb2d24f2d4c7dca6c0c0d32b6cdd3d6ef2c67605083d7adb15b7d95dc70ad97db872bf84439ed0e004ef628879c54f096d27bf3d7fe8fe1b705432a56fabaefba524384904924da3428cd50ea037f8e976818b1cb9bd965f094b7bbe4e76ec5261645da45884512fbdf354a6ee8e0a882bb620d6889f439f44b5f6bce0c7b803f8868de873c89a848763e652e37ac8a67666f226c2dc1fcbc97cd37846f4e52dd1b6b19742074c1db6688424fa2144a6cf11f266c1aafd4ac725322e8ef616a7354406f4a23a7bd8c8b5d1e8c802ca4cf05f61a878fea35f0772f099f0d016811e6ab2801af789c619e679683b9a65c32c53fde35ad02d9a7318e5fbefca66657ff777630bdce0520a1048b331a2c87864fa56c61dd61acaf3e918c6e53b6ddf1aa26bfc0119c89459bd85bc098fe5fbdff3398d64d495d5c8e52577547696d73f4112c53016143d5d774fc1ac3e44d12b1e23361e1d3e66d984f0bf3fe8064c0640b2907ae0c5bbb4a2ab14143e7bababce02d0df5c473bc4a28dde521723b1950872d965af160039ced9d025e3671ab1e1d588444bd8447228c47470e951ebdac7d116523f174487cf928a70d4b7bc9a610e2b69204cfe0d1c3b9ead4c005b0273dcb1967e7a99772d233d6112c052ca86b10387ff976db4c847745b62d541e6ed6a9f114acad1a22d20d30631055ff59f77186eb984c9d8fb039765c2ba8222fab1f8d798e5e3205c74b3ad6d7f0210f619f6ff7929b13c0b4901f63b2a6d8b1ef07796deb8ce6392751b483750943c020fa7d5727dbb8e78662b04ec691f7fa5efb3ecb999e53cf9f3f12451e29ca7874806cb502bee1adf740dac385bfffe4000f80deac40f27bcb05d8c6d5709027c45bacde5bbdb738e00621efdac242e5b42567fa03c4c2b273b07a3912090d94435e2b253ca86547c64397bc4ef1c3efa2ada1a81ef2ac1472774bc69c2d86d65d48ac3f88e1090038de10", 0x1000}, {&(0x7f0000000340)}, {&(0x7f0000000400)="556afca400ae161b32a2cb7d42c01335a6540ea1dbf4f7dda13f51916b8e9586f24dc22841ed1ab2b3aff24094ba8d9043d6b2106944e85a577d7fb6ed706a736c91faad74b226d2ffdb8aa79899425618393c4e3ad18527af3a9b414b44617facc217b41e2771de40114b0881accfcb779764a3db031643c65eb6ec86f0eee822", 0x81}, {&(0x7f0000001e80)="897a1f7d091c56abf85737d894a940a441d0e22e5e3cb8ac762942efa53d3bba235fe6382a5b074a0c0fa55061ede18b5b7e830739588fa3c71bb6e6856c4968a1598f93a19f204f98c2767d8a72b15760531409e9f7e3a685fe1fc197608c68127fda44e1077c0960a2a622048f758f8c8afb1f6676cb2b5d9192ff65f7b99b432c33b27a21f8d08c2e723d8e4b2f6f604bd7f40053150696924740cb00466ea577e294dfff75c33c89abed0a360a466f647a61fac14411fd41389ff667c72759e63e110164c9fa8094804c29fe96ca8e4676e0bcd49b9057bfd70d708020e6e6aca4b9fec166a16ef3af72b82cbc8d8f6bace824f73ea026f08279bc8b4411befed62474296e0bebe0e7606e0d424192182a59f46647ffce280256660e379fd646972d693413a9ce868be15e9dcfd7cee41477588e0dad22bdffaccacfd86d7294a5d4bbbdcd99e7873cb163dd94252188dff144ef65b146922172bb560b50ab2ff2531c2f160d71fd73a02d4c634b4abf771a1ea48d3c0944a2b6a3e23bb581075501f82d4b3bbc8456eeab445276527c0c39d369fbba1372e297a4884ff33213be876e3a661f142bd6a66bf03deed4ed3e252c9c4e67862b2c598fb355fcf383d7f2acc15e7298d39f804c35f0a9305a1e1c2217373a8c8f15d5b725a29678a461a8828751de506af47d627e21fbdbdd8a45f85052d22f037aa2bf7a54fd7baa1e5f971737d25ab480c64f6f9cad56a6582ea1f3e05c7b565353f169bbb7f4b8eb2a357f0de098107f1b8fa35c71715c6e476805765fee2f0537a47652eefe3fc35488a3968f59f28976442e73b47188d86c3371a95489d6705e5a59d11d9f4005e90d9a9a5e097e6bb51bfcfb4c208d5e5090d5db8d36b3ed19dd690786ab30f8a27525ee994bae9504a3846e9733050e8f5988d01356726bdb5bf5adf4cfe110add9f3b8937d89f06d0956e0af46461da77f52e0eb1e33ec6d07f8584f6eae31202ca8a6ae092d4e30e90442e187efa23d6878ecbb032ad2057705d034d5630c983d1ae8c369ffcca321e79503e14f9862fc988ee77198abbf7ea8edc773bd726a456e138f5bdbf084d9cac1c362f60b1821dc2835149354772d1796f69395b859926aee60f0fca37c51883449fd6a98a7ffd10f659f701df09baf89421e15156c08cfa6e4529ea2bd636003e25aaa27e74cc644bc7fdc6b4602884031b247ad4d96a27c95347136df6c9d9b6336c99afa4f559969860cd4d1c3529cd293b8bbc885a37ea913c2954cb7ad40d56abfa8503082d311574b5b5fd47cf2e12cd9dac94c2721b89b9224cfb9ef1ace7cafd3549d3ea5ff269efbacc415a68bde399a39d6956052e992d319ba6a44a20fe5c84fc5b9e5aff3ace3f21325b9c4e8ddf09a6bb3b3a8405a187e49ca7c23b0e29ddf0139d5fb364c97712c70dac717a0d6079c62b7a212473f16b0bc96c2b4b2e39f0793d59abb883480382fc7b44639e8b8da7f4ec009b313a0ad1dc0c650b2b1da71c9a57bf005d25ba2f41facee5f131b2f50af5fd094ee7f6ebcab6520a95a0ebc5ba1d5e7cc416238b75e7f8c780abfff83999e7100a3bbb59f3697d70a754e4076fef8eb88c4284927548f1c21f4cf795d3532790627647420c30e2f02ff23cdfb026cd919f939c2099c3e152d1430f4c6112d03e1c19f8e4730636904450d3bf67bab8e0bf17f288a0db90e8298e1ef389cae7d925317a9bf62c6193d8a2a0eb2239705d6abb182c1f0efd307873e75b353305e88b1877681bceccaf76c49223cc60a1bab367474f6be4c05c08f76d3bacd528526b9a1c80d1f210e3448555a7c4ed6d6ffb5460f080c0570e5d20f48ae41dec709b81e847a104ea4e9775030c73b52ebdcb88aa67e51962a5c4aeff4598d0e7bbda9f34238f801fb86c10fb4be3820f87b546d285b841f2292149f7cd0eafdb0d8511a2cf97bc07598912b9b27b9ad31c578d0d24b95ca2c906408b92fd6eef58f0516b07d7152fab4c9f3a088c3d5a397f6c214fe62e223456e08f373df550b7cd75d9ac6ebf6e93d1560f7388391096f27c428ce79e3aa1751dbafb88bb01cc4eb5e1cc3ee4483a87ce83689a123ba526317694591f67fd40510ce8d5c36599b23635fc3975baf7b58b7c048c5ab7bb9e886046862e8c6a4c1b97044f4629d407aef638fc43afbd8152db579b9f3f081d37eb76e99fe5ba96e1febbacf3868aa186fb053ab1bea393597c92d5d358babfccb433d3ff92c9483e304e4707bac045b025522a10278c83c4c28ca54c45a122ed5631cff0fa1d28e5d726c614b6837920429bf1d38d106321b33516aa585e5588949f4aec2fa5d506babeae8c361456625ee9312e67cdd6ad6d25faac7f3c7eaa70acf295fb10dd0f84350e8936a9216657fbf63828b7e532b639448c7214cde0f15f845786ff4fc14e490d7f491ad2adc635f6550ee20659252aeb17638e0ec348671530a657778f6466cbc1a2ae2b6d8372d53c0f87ef8d20bd1fa364f52d5e56cfb02ac88c3ac4d7ed275c98c3d5976ce35cbcced0bb2fcafecf0826d8ebfa3797148d3bd94ba04655128378544987c3d1935b23be5d47cd20e51d50f145b9b31a1437f237277aa4b1d5dbbbe3c33724d002a09f198dea61fcbee8b26e278cff8136ea6c3083f1006f51cdaeb14b4f7e2833e0d44e928e8dac142374a1d7ea20d35c48e1ea3157ac9743031af3e04dc035a4352ab72ad8133e63cd49f1ad00da340293d42c7cd5f2f606e26849cbb2cdf03d025e6731d84b77c70e10fbeff3fc103df86159f1ecffb4d92f99f72670a0990b9ba100020983c9e3e09ba097dfc28f82992e053291fc1299ca6053df69db1f7c34dbf2f6a197e094160b120a4cbd69a0f77066687eb45eb2705b227af6fab58f2ece99e24a38501637f38b3018145471876e33fe762b53a9d0c4758eddb6668b5cc7c397cf18e0675e389e95b01c2cf0fb48741f5a30a2e44aa703277bb5fc8fcf2fa7c2938f210c8d975a6c337dbb0e8f1aeb2514feb132d8bcba1d1dc5ebd4e6a7ed935f489c0e90c5bbe926b657b8199b7b20913a3a9faaae1638d2ef5b951aec8533bdfa727aabbddab09471a43546fe62e55b165a361e8d8fa1d25304443a1067f13f5298424c839b3721f49df1372f774d090f018c8d918a2c328fedf3cb08c47bb512065f217dff7fbb0ffb852b318616ccb832561a04e212e6c8f3bdea6704b29fb7e6cf08f6ef0e5016cdb57755a9027ae69679dabf2c886238b3a1d9bf55992ea808eb248529137c468f0d061e0e6b308335df6f42c629065e0aa98069749d1391066b1d5ed348d734cb9731b43f42fc35d4a219fc540c1932f1690083380130174056594fd4617e3b6617485b5a7c9a80a68d95517ce1d916da77dd6fc60af013bdb969b1a8b454b4da7900cfe39dd9a46b2f76f50f33bd0859b2ebc7f8b2fdb21f47e0abe3dffbfd03838742140fd86fc05e368f8101d5748454c4507c5d5747d542f88ca50ca16399fea06a9468f19eb455e10ddedaa54a287ed575c205dab52335012f79744d05ec26e5a53a2c285c65197a155e3d3ff0b420afd26c6e29fb1bff900bb1f2ed2acb979216d3daa585cec93742c2a1cc5043d003de87814de2bda48ac6af10747276ac1323b13288d37128852bbb99b405521abe062007fefa67266b1feaa5fb95e0a3d7859c0689362ac0db713e4d13e6b1007324aae0daecc9faad3bf690b982d3f8d966eba6b59ed9b0a18bcadb5c33ca94d5e23da4a4eaa6de81209195062d8851e6015e3c3643bd8e7def30766acb302730d457b2a6ca1bb958059abf5fd9f954fb5fd742e390a669fef3c35f85e87cd2b33f04a78f096c4de590fbb48f9073036faf85914c088aae0fb2a9c2d29d3880969dfde3a19d9d552b9ce70590fd02321a409653300544cdd327685c63a8aaf7136ad8e8169ac700d744d5f2bee435fb1f12c7b78484312a8d2fbd8445e16ef5a7fa18033d4dc80b5cc279e4965a418aff8b2b90805f7f3b3614e2e1a0626631a4e7af66549f32a296749b76a9bf9a7d4c341cfcb02150712b5d22c17eff43db0adc482bce700523c7ca7f8e63e19c28661c2725d7715694b9c9b458d97d34ada83ef01a4ebe8a0e45da9f3721db40c0b2d45d7e27daba0621574997e310d708cb5aae61dd3cbedaed512817bb366261db702753e88b6c35a5ac01a3e2514309d82351176a33e6ffb9d355419afbffc52e0dabaf383597019f6272c4cb5a08406325ba75a4f9b1e45fb866fe77ad0649408a2bd7981cbd145a2ad0a40deaafee0a030384055f5d3569c6f75449673c2239276ab157e6e90d905856bb773338fa5b9b602f0f59c729b7323c5ee7efd00f604c5319a1f1a3b9092b9d2f3ebed926f0c180f645b384706aaf893fe78c894bd6ef13c7c2b9a8bcc7f4a1db775dd03a5fb8a246f7dc20f08cdd400fec3a86d5f1eea6fdb18d393c668a6c4bdea7b1aff6fdad75188515d16b68ea38db401957d1697188edcfe70f2a0164534c73f5fed6e2ec4c789f0125260c0d353dc3c4ae9e576137a7f80d8a4c1b9e3bfe6c46d59686610240b2761961ac4ccb36c64a2c60c3ca16b633f4988b74aeb1755580c5b76ba24089df14282230f788f253abee51c161f0c962883fc3903ec1b9b7d4471da84cc291b3c60519e4ea307e074fab4de155e714abb94c293d268d3cb639ef514ddef9cac434de9e8c1cd64bea4698a9d12cbc2789f7c6dc50f50eec107076ad6e3004a74f46cf55f0313e2c30f0e3778714c0fb9a716797c2fbecd892739cb6bfd73a6299ba7ff19df760bfad58ef5d176026cb2906ae103a5195f15b303ed009e1d43b899895fee07ef2962032b13b128e2dd487c04be65e4a8aab3171be3f80dfc61820627d83b5880e02d6e14232f3dfac6dc9102c7248dd7c24719ecf7ad6833fa7bd1bd544bba9f21d9a84acf1cdac487397573fe3260516387b63f25b60de18d530423a631abbc09cc62643aa04d9da2b43e5357f7bd8daa9c95c6748f0333f3d783d7580fba7ea081c29afc7450c354e0de97bb12b88dc81c10117deaef8b01b0bab731f8e8ec1793c8b67fcfced072f51c5c4311150e830443ab9ce6456d1b5e97e478f334f7cabf269b100c935d811645390ea36943f28cc2efaf67b1b1a1048dfeb3e9f17354414b4bcc411712f115b974ad858496e93f8a7b47acd367f708242bde04c894985d16aa07b331393c5df32a1c19c0fadb17f572372bc08c3d168f82afb7f8e3217248d58ad5358928fc0dd3a7225810f6bd31130fad53ad7789eb99d09b258c9b6bb5790ae21c444bce0e9826fa0f778a9df4a7baa9f32b4dd8978b298cd6ed05651c3355bdce9cbd8bc4f6c4bd77df83482b4fd26864142792c790b417cb106ae6e77eaceaa37db373af279812f27a6464ee1c03638474ce7c4175b17fdf6cf92cbed61eb98b5bef41fa426f7ce3004270a0232d3af4d76e64379f805389a433bec329c7b305510443e1941d7be050934703987694d9bd78be7797d75c467123668776cdc4c523fc5d994f928651c53fb8df405fa931b3be3462a35d6f53e9558da915195a7796e0978591f0ed54b7569f648080ebb37cae31c9e98a1f2da2beea262ceba977d046e52c09fede75c66c48ac13418748dbb2c4a40ded8799640acc4c26e585b0bf5f07f3cd9d75b584a24e6ea379a9ff60fce5576e872dea39da8dc90759e28cd173c9dd56f00d3580a11d80002b63ba301ec4b39c311c3d570df25c4f7e0f", 0x1000}, {&(0x7f00000004c0)="b8958eb542ef8e5884d3de2c151d9df98531047352b214540dafbd38dd270bad43ef40a812d043f3b06ce38c2b9b18aef364a0741b38eccca4d4dac37ad8968cacb88f973de03440c98537b8cae7f828871b3aa3d8f980d155e2000cc6572d9d575632aa90ea0e8d34770461bd50c7d3b714cb487b726958086e5e102e7aa4a9db91a6b4727dd6ee983945fb5ec892f4777bfd8525e51f767c3b758d13483593f36bd88cf3621f2f80d9d5939c5b18d5d3e4e0f3ef52ca07b7937954599939f06c395292721d82a3954794d2b8eda7c88432d2d166094de1b8f97656abe33cbef01073884828c551cf0001331a6fcae703", 0xf1}, {&(0x7f00000005c0)="e8f156f3e9f30bd561ece22d2c", 0xd}], 0x9, &(0x7f00000006c0)={0xd0, 0x10e, 0x81, "d9b4dc52652adace8af90dfddec04959696c081d57fe83ca3cb248b569672c0874e344ce19cc7effd6a810e3c2a15bc859a473ea295debfabc34f8f3a743288fff29533d6ca7624d4a1a274731225c489a6cd8afb34d96525ee5c071e563903a26aadfcc07b289fde33b4b0a96beec184008cdfa84472b7bb4daf82b9c990405e808e17b11fa3e16b094b2c100f901b0ccd6d60c9979657578667915b10966d1c0f30a8b4235d2658685b7f7a79a59bf57756e23776645b59182e6f8f2"}, 0xd0}, {&(0x7f0000000880)={0x27, 0x0, 0x1, 0x1, 0xfffffffffffffffe, 0x1, "0928916d88d99a93b5ebe6b078fbebaaaaebb5b0130d4a6a82ae5d9ea0fc35921d3c9fa6d23985e158ef37006164ebf1ad911ce1a8aaefdbdf5e70d968b076", 0x19}, 0x60, &(0x7f0000000a00)=[{&(0x7f0000000900)="a5ca7b4f0e4cf3fd7b3dc09bbf2702ffa0f429100f255b8be71d570f1c469b4308ae904772b7a55381b7bee2f2ae96f0a5cfee06744740f9411f9edc2206ffaaa66b957ea9c28a9ce8699920741a82ccf194a82f97c15905c7336d6e6e9f7f174759afd3ef16719b9295c070124eda72577919e97acbe1fad953f111af7273e547ce497a227761946f17493d35d31fe1f2bafdbb5864ea20920f8a3a6bf2d8ae0d99f14509219c2ab634fffac3093ebb4a0b4992a5bfb7dc4344ba4c9b", 0xbd}, {&(0x7f00000007c0)}, {&(0x7f00000009c0)="bbc68daa3ebb85d860668ef6d51b668a4e8f8705c3c08894f4003abc4cb5153219518e2c572c0b", 0x27}], 0x3, &(0x7f0000000a40)={0xf0, 0x116, 0x7, "545aa1147a7b55e52c4029d2de07226bfc68465f37ffeeadae0e74ca7c8228bbbde47f894ca8a71858f28ae734e671113db813b6b2cfa673d05846b4fc4444747f085d09230ccc7d20e9b3ccccc7bda0a965493df5dba5d03b5cee21ffe5d6cbff802d38b2ecf319597501786ad0f28ab2a93a1d96cc5a9a3c4c404d561618a670c4e5d22c18749b258d7fc14b0cd6137c67b103a45e46c4d1cb073f2fddb2b2873e4fe451efbfd1031d3ec59379457d2a2960090e81966d8d8906c58dde0e27853297af10f40220ef50fccd4a8ca76f84b21a5154c500bf1eac0df2d9c5"}, 0xf0, 0x40}, {&(0x7f0000000b40)={0x27, 0x1, 0x0, 0x0, 0xc484, 0x2, "1a76e6b15372ebde76a9e581f3ab93a8b7373aa272451987624b40104afc6af020f9cab5d9935e8670b5272d14706df88cd4b72a5675f793861cc604adb1e3", 0x27}, 0x60, &(0x7f0000004200)=[{&(0x7f0000000bc0)="f1d59061b008f9feeb2beef9526343548767f6f929c0e37ac4637606d83e2f4bd8d3473c41c8f7d9eff2ba4d9e12888f2b7e71d0014a39dd689da2eadd87bf0dbc6c272882c7c5dbae6541f47b8635924cd0559c058e25ab5df06b3d6085e9f1684f9af0d76f586c728cc297c56d5d55d34a445e97ce77ad01aeb5e638d9b5a450a9b91af208c25fcf74776969e648156da148d8a32b01c638e606ecf687145126c1cd827c0246efb51ae637578eb796d309d86cc46917fe33f4fce8c0e21746d80251b8c47ade7f256d9d7d35711c689c5d37f04ef55381e0e70521414229d8eb4f058243518688c08af4fae9", 0xed}, {&(0x7f0000000cc0)="2df1d4f902ec8d0e74770c8b29acd8aaf35bdabcc3af18339303287719b0e345cc452f32752b834ee3186c17cb306a65bf84d03d5861c0d1277271ea", 0x3c}, {&(0x7f0000002e80)="580796b7c6c68e709ff247e54535d2f9f9a169378486b319e05038f5e89fd9cb03813b748531a5d49259cf4ff4c0474df333f6369ed9fa69cb7c994d5a5e5f6abfbd67cfc7298a5c4b86cb01c40f2f3e4fdf86f47e7c2e9bd1473dfaf5338fefcd4bc06d9fed1f2137faf402f72bb4f21f29e908fadb4889478b0ab10e2b2565c703adff1c66cef205c0b93724fdea08fc13fe323976d2ebad6bc07d02ae4ec1256d5e34e968d46fe09f15bd994b7ffdc3d720105141a2ba5340fe9413131a0756", 0xc1}, {&(0x7f0000002f80)="cb935ee7bf7b3de5c7581abde7828a2b04a50e46d3fdc246a9994ee8b04677205ad73996c98605ee07eec295643877d9d8e9ad6626c12831f37a17717bb0bceec15e522b75aabad1f85b867cef6c7804b0539a459bf5673f78cc5199fda6524dc2d0c1474176fb09b09440c7bcd9129d258d2ba4bfbd47c9a158049cd55b2aef5f5fbd752d2ef29f25988eab439304a4108f20644b3e41199fd697be6acd5056f5c9b60b036fea28d77cf39cab3972e8ef67b2fbcf9c3be97d7e61473eef7f850d8801f3e737f64812941517cd169d9ed78bbf3a64918351fc925a40db47585dc907ed80ec5b21a7b6dc63f211ce277927f22a333e55177e277f93956a6520f8b37d4269f33a47ea8a9a276b2e1704d8ffced94e9dd961753c550fb190f15bf7ef6ebc0c7ac7faab078bb094c1b29730e5d5b6b9bb36248324780a2a32c2706827cd3c2e460dc74a7235a3ef5ccbb53e3113e4daec009fb5bacc5ac2aae04171079ce0a9b91202f26825a4fc8d59800f1071e8f5db449f7222607785930209441250117987d8295f94d2c2695c592b6747c01f8e9ca0a0dd707a5ae6b2da4bca6b9e00c0569324864e72cf905fd304d5dca9e2975b3b64d2c7b048f61ee7aef81a953b44549feb30aac5cb547a35251d5f08f2cd70808550a672ffd4d434e565c762e70bc1309347612bd0aa1f613bd7d9f7a3bfc8295617db45cb313dd23cc6664713612e32570faadc72b2bf546d1ad4fc0689f4feec5516afffee6fdb17203fcec0df0e57118673275d0cc58e23946dc2596a783a45fd59564cd6021fe78199b9449758d0f4becfa376ce0253d2c2aaca88906f44a2da5e8d3df926b24d81d190faa3552ae5660dd58a4245350b461715e3b4a77c59ab8bb70d5542047adbe74a08b27be133a661e5f6dbbd0bdce12dbfb6373ab0091ddaab433e191848edc59aec953957719838f6f749532bdefb1e05e49bb5bed29d52a00ccd37b220c7a69ef0230e57441467077704d03184d3854539fb029c688c88ae62a0b0a424857d1c7d1ffb621faae9341e4268d8d9f6f4e8c6334a0249321df8ea3a7870b831a09003a62fb3512e94cee2766bb0ba2b2e1843e3fe6a1cd58d0b23b1a23ed97ba3d5f0eec1ea46feea2bc7cd050d79eeacfe09247192a80d18ce6739531deced9c5b4346c699e2fcd9bd485ea429980f74c4ed82ec704f1b3e6339e034234c863fed337ccbb62e2c7486f96b112a8b4d4fabde987db7a022bc1d861a33a02cfbb5d4215d7ba22761363c4cce07da355fb09d04c3e9a065571f6c0f289e2e7304ae6aeefc4501fb7c537d9ba009cf577900aa74d996d80c2c6593b8a12a959ce597ffaf9eaeb7b13bc2f79d9926b8c131388f93cc68adca6775de8c0b07d975962397bfc1d42cfcfc5f4b17befadb0c6c459cab1abf9c3f8f25431bd01db3a34495f4a81dc66e8898a5ed894a0e7d4695db82275fe1938619dedcc5015d19a8d5c16a5d9882ea9ac69b59609ee6c75c398495a2606e473aec71e9009b02eb724150940aca5404d90939e978879a8ff4c5e53f1b0b6f1cb0bd41a5ee8630e1f0ff5787261cb5447ff9f7b015f835a13e20824677277ab70c44dc74756847284aca1b0f8aedef8e3d14491a2a4ca957359abd0e3e9998c1a081b783124feeef5bcf19f5345c94dd5e34fb953a127c70f01ece37fb5d41e7db59099077c1525750280afb4eca037b3f1a02efd5fdd635dbb4fb7bb3561a08633df3cf4cdf9ea093a87c40410fad9b532b4c6bba4a16e3baa356dacffa72de49d6a8a28931d642c9d2073132e472313577861d8c6efbfcaec14a79905edc990bdb38b1bac1fc2f44ec33cba635b626a8ed2156e19532e1ec2e1bfb665f35ea772274fdfa10420b4cd95602b59ec38ef123218f2c6874dbe1672a17c754cc9e37f7022424f0f753c19456e8e64abfc14a448c241b5937eb0c1e189a6b2486d1190d051b61b7370f1de1f572343811c0b6f670a4427a76c016f7c92434fc7f989c56e2b1537d699545d2f6005404337abd793e00e1b77887ffd093077821cde3f99c9734766f35c8f62f0b02b3c613701450df03fc88ebdda5a0d4e993cb82a49efc38890a099e033090881dd92ff84269997a3f9e54bad4ff444580042ab012f373975c9458788ae7690e44d714fb6d5a9c54444393012dbcc97d7b0ac8bd7e5e9a0b3ebfb70498e246c0f9173e168ed4cdd2d54be079bd607d7bc7970ee2808e1ecbae61e86ea77810c6dabd3a8c31e7d66d8cbbf4ec4f789276011c753a031e17663d60491b1720775cd3358ec25436dce48b6e326e3de89c167d47c7de45db292151267972dfc0ce897533ed0e2198b56665b9487f9348a17798d3a27f4cad27df703f4465e902678bd3ef890058a1d5405a38ee0d5d5b2a12120cc421e438ff1f2c87119869865657b9232d654dddf14dad2dab1073e9797682292d7d1fb5f1c5546b43b136a8c1b05ed6835ac0b8e71662d5b461d49eee9fc7b671f098c3211d8c8e8d4416a3193a7add98080e46ee08d26e11c869a8b6a009a118fcd7c6642dcb0595eb5256c6c4cb460e44fd99608ae03c96ecdf4dddc17450324679cbc79d1fb5e9810c66dcbebcd745aa36abdb8a86f878cc294bcfea95d42f18d5089078f7be9236b5227fc3a9e68ea7707ba435f3ab5b46c9d86af1ec311127ce306f8e9e4c6a61b22a1c68bdb3fdee8732fc8002e7585b5f0edbc9efd568d885440db26075fc53cc6d9ea32c369631716fcfb60cd8b32047502c7f5327bb273850a3f9644b3041cef2b112f85ccb866c28c4243a86befca5889ff1c2ddaaff7f5ae20caf6564ba2e54dfebaabb3bee3316259507cfe204c82d71e6e45b561bf6169b9869e03e49a6a795eef4cbeaecad120121fe44071443e63720b29baa7c01abde227e41a3dabf99b3b853cfb5881128a6672954f07390f22ab05897c8b3e3f9d1ea94eadb991d70d5fa9ba34975b01345073b746fbe8151ac5dc2e787579da943371ede7102b3925913c1a9d09c73725cd4bb8bbfc0f37e9fface72a30d050a86e3f4aab0f428109964092b489ffb9b0245d97fc628c22fa5e400cc967e7da5feabe2ea5500d36fd4b68629619abf5bb2996e54614ccc5ee4a0c0a2719a4f89d60c1655f3cb40bfacffb4e1ea105e14342f6897ba6e296b092f5ac03b10629649164ab3f99ebd73111424b0eccb9834c148c6f8e4f802d0cc77bf4d3b879b5bf695d54c35cb062fb845d56d5bafbccc56f5d157ed9ca5d1b9a7fbb9edce25ac312ea810dd709b9a3df043e000f85af3f98b50295217c3380f36e1814dd53d03eefbd36d05271c52a38986dcf1886bca0f34bf484cb0380c0f9cb10c93e138d131d296c8b885619a8b263a5bef969e8bb216a630a7dbab693362b5daa6a863d79f27d951771217b9436a41ddb7a0a7669567208a978f4106d20db43b72c26bc33822fac300d28f9fed61bc4576cc2a582f84a45ab67f4ca25a698bb64237a24fd4a958008b176e4b228d864f49e115f3becab8729bbda4abb09931c608b840cda3d37cd3f96c9846d3c6e258afc2425f164cfea30e58ac993d00ea8c88710fa5e721bdc24cb165a174f9ad567eadf76a11026d896c7d1c33af0c6c909594ff60c6bb410199bc8e57e4b204c6405af7ead06cb4660d82f83a8b00ceede080523cffa8f0b4e3816ca224baf11c6f81eb6399f5cbb571cd548d3887e5ddf7e89f06637814fd92f357cdfa04689cf941f43af330179eddfc6b98bb3dc2e5d7f1427cae3057490a66745e2187326a63b8d00a3fc97ccac5080442699b020a909a9978502a51fb24b50017006db1fdb022d6b1cb74966a8182243bfcb048449c14766d8f4e62155d6a11a5b61c135c53b5a9fe23903517c17e950d46f1ff295c4feb9bd7b3756867c4cd3e0fb9c47966045343127d5342fcbb9c3d2ad39279d62c68400af93654a3e2c88150c42a4b2648cdc13e55761f0e180f4a41349b1ef0ce37cd7728576154ac3cc93363ed56a1f3a834902e52fb6fc22797863e733fd7a2f041001b20ae05cbf60a4fafb1bab978b41484c6a1d5ade651381ae3072da40bdce1f86e42008178fd0dd20df5418cb4b4f6fc35d0029a38c41174f6bd566a1eed26689c40f40f7996a989fe1ec2dd32e43c08fe59aa61ce9e849503087f3fa1bbbf06133681f1e15aa7cbf077f393fc65a9ad10739eac5cc10fb4b27944dfe9f40783613d4fefe31caf62360b38da3aa02883367f09f108d344086bf6ba04b78d4926fde1ac29d838d87887ceb6ca03b58102f73d0cf8a8ca9f4cc4f5363cd2c88c650c4054158b5b899fe6180945008598c5ae53edd3f08522eadb7a6d83c997a16b975602367d6331d7c783e4ff05c2f6982f9bf31ef958ec62642af60fe1c04b070c024c680808fb5e699622021a01078dffbe2f07b164340b393c3a2cc81d9b364288ed861388c531c73986da9b76eee466f8ae7d9dacac193f9e8bd58c157ab13e3669bf288fa8c378bdfdb06208be931d034e7708b421aa57ecfe42306ee4e4f8b33d2bcd71c23e872078012a0454b5d1c9a84f456f922fb0ce6fdb3203c822c20e05910329bc131d4e7285d423e7379aff1b4b5b7cd7ed241be3291db74e58db7f89706567f5cb3bd55972d5c1cd12a2c7a7b42e1aa2747a915f51647c06ab54f262c2f8c0cb0cfdc2a65912839301fc77c2d639c7573ae82ab51dbc6e15e727c4b157e4953c3ffe38ce232dc7bb32a0ae1781cc8ba923d7f1e033eba099a90d9702b7eb3767a627de91fb6325d3c85a4ffe08044633cff0e26d4f6a5b0b00c4536212cf32b5f935856382fa8a5cf1ac629705955dcafacce52a541169ed173cc74c5bba66df1007963f7e7dc0a5a9043aa62ce7c016e637b8949fa1a309dab3cb08196e1203d15b12a676f744f3aa86ce60247c058ba646b4c484de0cfdc3f7d14a204c53429f25f25a24902900fdf2c4a83e55159eb2d173b99073fb8c83788f0e94e20405d60be7f9150d59bf4db285e0580fe9fcf8d4bb15fa2e94c7e04924b9890ed6e693ec6e245cb60d29171ef29fbe8407747d8541a18f4d1906f43e4c66a5f3e82a8e452005f0bde5f24b6631b5b92b299ea735b93c85b076eeb8144dd8f0baa40331f28ebbe4e96ca390e71a8fab818a832c9c5d1a63c3ef8be009af648a638ee519e8fa286ed40320b954b2265297f21d9174a3092d199cf5f348af981568c734927db1e52f1608011cb22fe645b3a7c8443bfea5213fc9c7b1ab50a2af35e21e807d59baaea1a8310898e2d2b97ea31d3d0e953f6e94937a3633735473ac423752e0cc8f5ffaccf163bba64fe8cdf96c813db0c7e7390adb3e345b84d1cdfed91770ce241b98328ea987c606164803ae5dc309292984f13eb700f0b1aec9d12884194dbc40fe834998aaf173fff8a10697615b4a575f7e2fec252484a2e8411b92ccf8c776b33550a1f45a98c121cbd54eaa294923a70c3dcecbf0a11b2021f5d97d8f2b12467e899180bb01070a5d197ec351df1f60f018f78349dc876b4c9680ee42b72de656f18857cb859d51bbc8cd449d18e5dde9eb477d05090be8d3311cc942c636f5d4ce96a2603165a012eb0c835ee5d0d0afb10eb4b4e7d17d1b4df023ccf9084612922201aa59a7f568b20f63eaa82509aca9f65bfaf5a2ec349c53c272173af9f1842798cb78ead0763c04380a21a1c8e7e32d2b0801094eac0974187d2f44a7deb4e079db886b91e4e510cf046ec5bfa10c41758fe074294cd50a", 0x1000}, {&(0x7f0000000d00)="216d789bc48661152db354786e38ddd19a4cfc47416af412c0523a402c89bc7fda815f7c22b0cd62d9b887f3ec0585893b713fb9c83003ee7ac627a1e135a33e567c6659f054ac48b1051d1aca9492895aa70e5fd3b5394410def1f005ede8ad952d8a0737e92207618fe0ca1cc290d20446ed4b30d4bd7178867b490dee4a8d", 0x80}, {&(0x7f0000003f80)="34517932bf3534867b66d506c877ade38ce2e37b50eb0aa443dd9a3f42cf3d73409828445f695c0047e94d3d30bdf8d2f39cd16534bc35da829a0a8b597d282966fda8814d8c940ac510f6cb9f31d6eee5cdd631e0e1b20508bab51e3938a9c904965c114eb5b017f14572be9f6f0e6f905f311b8abd4eb064626989b3106ef1a9a42448485f184689e3a0b0d814b4e7aecf37dad4c16feaa7583bc73dcb673e5f03e7b9dcdfb9bfbc7edd50a3b8e55c9eb17e349f30d8919e64bb2aa1226dffe9408f3719377e758465ea5fccc348", 0xcf}, {&(0x7f0000004080)="e1055a11832da1331751d388ddf1a709c429393cb2e5885261373f0d145c762d5c6ec5f0a2ab7297158906853a978f3f8a6d7f93435ccaf436376d35e2089eff421b4ee0562a60f9f601190ff536740d9ee5835b482322072e79", 0x5a}, {&(0x7f0000004100)="566ac3e105cccbb6f380362c046b1613ea5a4a6857038677fda8c738227136661371e403b28c3560c6268e53bc029406a585882d079780f39d118c189bee0ae85ad8b94a44e2ccd1fe0714116cc6e582a19291098ac27f2600c0c74d12aebcbc17e7059f19ea3593b4994c55b7ead206390e479ab0c5a538aceedf625d6905b34b6b8a0ce9c32b8cc333d4fc0d954b97993c188c06a03014bda16d682af061c379415fcf70ac4384537ff5cf6a803a3be47fa4bbf6320d66fb9cda10e8eb2084", 0xc0}, {&(0x7f00000041c0)="fdd7e98b77f211120fe111c16d917f27fa", 0x11}], 0x9, &(0x7f00000042c0)={0x88, 0x101, 0x0, "c4f35fbf4279e746bae53dff98758ee99c3cf9f2ac8bcc53fd71f4f48c805bc01d54092a46e2f6614c39290fefdc0f8c2dc88d54e5e9665bac801043c6fe09b1045e1a2e08d9cf8a01c10b9611c6f83b069b65ea17c2e7c1bcdc2cfc951b33af77928868037df3a124377babcb5b6b2c7d28f301fdaaad"}, 0x88, 0x44845}], 0x3, 0x44) 22:17:13 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='hfsplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)) 22:17:13 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:17:13 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) ppoll(&(0x7f0000000000)=[{r0, 0x20}, {r0, 0x3}, {r0, 0x1402}, {r0}, {r0, 0x2002}], 0x5, &(0x7f0000000100)={r1, r2+30000000}, &(0x7f0000000140)={0x5}, 0x8) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000180)=ANY=[@ANYBLOB="0000000000000000372200000669bdad900466fa39dc2cd1084f883149908a67792fdd9fef056110aad4c5d20000000000000000000000000000"]) 22:17:13 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x5000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:13 executing program 0: setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000180)={0x0, {{0xa, 0x0, 0x0, @ipv4={[], [], @dev}}}, {{0xa, 0x0, 0x0, @dev}}}, 0xfffffffffffffcd3) r0 = socket$inet6(0xa, 0x1, 0x0) getsockopt$inet6_buf(r0, 0x29, 0xff, &(0x7f00000002c0)=""/45, &(0x7f0000000140)=0xffffffffffffff76) mlockall(0x1) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x3, @rand_addr="6b9b5859d3520122158b772a0b13302f", 0x2}, @in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x4c) getsockopt$inet6_buf(r0, 0x29, 0xd7, &(0x7f0000000080)=""/3, &(0x7f00000000c0)=0x3) [ 1702.539913] hfsplus: unable to find HFS+ superblock 22:17:13 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xf4ffffff00000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:13 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x6000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1702.607894] gfs2: not a GFS2 filesystem 22:17:13 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='hfsplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)) [ 1702.713347] gfs2: not a GFS2 filesystem 22:17:13 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1702.816682] hfsplus: unable to find HFS+ superblock 22:17:13 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xf5ffffff00000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:13 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x7000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:13 executing program 2 (fault-call:0 fault-nth:0): syz_mount_image$hfsplus(&(0x7f00000001c0)='hfsplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) [ 1703.058455] handle_userfault: 5 callbacks suppressed [ 1703.058462] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1703.077778] FAULT_INJECTION: forcing a failure. [ 1703.077778] name failslab, interval 1, probability 0, space 0, times 0 [ 1703.084352] gfs2: not a GFS2 filesystem [ 1703.112735] CPU: 0 PID: 1183 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1703.119992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1703.130641] Call Trace: [ 1703.133315] dump_stack+0x172/0x1f0 [ 1703.137646] handle_userfault.cold+0x41/0x5d [ 1703.142143] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1703.146787] ? __handle_mm_fault+0x36b7/0x3f20 [ 1703.151784] ? find_held_lock+0x35/0x130 [ 1703.155892] ? __handle_mm_fault+0x36b7/0x3f20 [ 1703.160523] ? kasan_check_read+0x11/0x20 [ 1703.164745] ? lock_downgrade+0x810/0x810 [ 1703.168969] ? kasan_check_read+0x11/0x20 [ 1703.173152] ? do_raw_spin_unlock+0x57/0x270 [ 1703.177613] __handle_mm_fault+0x36c8/0x3f20 [ 1703.182058] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1703.186976] ? find_held_lock+0x35/0x130 [ 1703.191076] ? handle_mm_fault+0x322/0xb30 [ 1703.195357] ? kasan_check_read+0x11/0x20 [ 1703.199573] handle_mm_fault+0x43f/0xb30 [ 1703.204294] __do_page_fault+0x5da/0xd60 [ 1703.208410] do_page_fault+0x71/0x581 [ 1703.212268] ? page_fault+0x8/0x30 [ 1703.215866] page_fault+0x1e/0x30 [ 1703.219893] RIP: 0033:0x451880 [ 1703.223136] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1703.242419] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1703.248418] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1703.255875] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1703.263149] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1703.270422] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1703.277695] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1703.292818] CPU: 1 PID: 1192 Comm: syz-executor.2 Not tainted 5.0.0-rc6 #67 [ 1703.299963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1703.299969] Call Trace: [ 1703.299995] dump_stack+0x172/0x1f0 [ 1703.300015] should_fail.cold+0xa/0x1b [ 1703.319492] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 1703.324620] ? lock_downgrade+0x810/0x810 [ 1703.324639] ? ___might_sleep+0x163/0x280 [ 1703.324659] __should_failslab+0x121/0x190 [ 1703.324678] should_failslab+0x9/0x14 [ 1703.340970] __kmalloc+0x2dc/0x740 [ 1703.340989] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1703.341004] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1703.350081] ? strnlen_user+0x1f0/0x280 [ 1703.350101] ? __x64_sys_memfd_create+0x13c/0x470 [ 1703.350120] __x64_sys_memfd_create+0x13c/0x470 [ 1703.369370] ? memfd_fcntl+0x1550/0x1550 [ 1703.373545] ? do_syscall_64+0x26/0x610 [ 1703.377540] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1703.382229] ? trace_hardirqs_on+0x67/0x230 [ 1703.386580] do_syscall_64+0x103/0x610 [ 1703.390482] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1703.396107] RIP: 0033:0x457e39 22:17:14 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xf6ffffff00000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1703.399304] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1703.418384] RSP: 002b:00007f95b18bea88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1703.426107] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457e39 [ 1703.433395] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bce47 [ 1703.440755] RBP: 000000000073bf00 R08: 0000000000000000 R09: 00000000fbad8001 [ 1703.448034] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f95b18bf6d4 [ 1703.455509] R13: 00000000004c66b2 R14: 00000000004dbb60 R15: 0000000000000003 22:17:14 executing program 4: mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, &(0x7f0000000080), 0xfffffffffffffbff, 0x5) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$nfc_llcp(r1, &(0x7f0000000280)={0x27, 0x1, 0x0, 0x5, 0x3, 0x7d4, "80a2de2c6104c0ec97d383d7f43bb1770c31912e0aad41f20fcf12ce5556385cf8f67231c47984504179f18c2164f917d3fdd73409f7f0ce6a8b086b87dc52", 0x3c}, 0x60) r2 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/null\x00', 0x80, 0x0) ioctl$VIDIOC_G_FREQUENCY(r2, 0xc02c5638, &(0x7f0000000100)={0xffffffffffff2545, 0x1, 0xb28}) ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, &(0x7f0000000d40)={0x0, 0x0, 0x8000000000008}) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000140)='scalable\x00', 0x620db41fc950beeb) bind$inet(r0, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0xdc00}], 0x1, &(0x7f0000000200)=""/20, 0x23a}, 0x100) write$binfmt_elf64(r0, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) [ 1703.515405] gfs2: not a GFS2 filesystem 22:17:14 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1703.638515] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1703.643093] CPU: 1 PID: 1189 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1703.650201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1703.659563] Call Trace: [ 1703.662166] dump_stack+0x172/0x1f0 [ 1703.665809] handle_userfault.cold+0x41/0x5d [ 1703.670270] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1703.674868] ? __handle_mm_fault+0x36b7/0x3f20 [ 1703.679466] ? find_held_lock+0x35/0x130 [ 1703.683558] ? __handle_mm_fault+0x36b7/0x3f20 [ 1703.688167] ? kasan_check_read+0x11/0x20 [ 1703.692515] ? lock_downgrade+0x810/0x810 [ 1703.696686] ? kasan_check_read+0x11/0x20 [ 1703.700842] ? do_raw_spin_unlock+0x57/0x270 [ 1703.705283] __handle_mm_fault+0x36c8/0x3f20 [ 1703.709709] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1703.714563] ? find_held_lock+0x35/0x130 [ 1703.718648] ? handle_mm_fault+0x322/0xb30 [ 1703.722906] ? kasan_check_read+0x11/0x20 [ 1703.727074] handle_mm_fault+0x43f/0xb30 [ 1703.731151] __do_page_fault+0x5da/0xd60 [ 1703.735230] do_page_fault+0x71/0x581 [ 1703.739043] ? page_fault+0x8/0x30 [ 1703.742615] page_fault+0x1e/0x30 [ 1703.746074] RIP: 0033:0x451880 [ 1703.749282] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1703.768190] RSP: 002b:00007f04692b57a8 EFLAGS: 00010202 [ 1703.773560] RAX: 00007f04692b5850 RBX: 0000000000000003 RCX: 000000000000000e [ 1703.780923] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692b5850 [ 1703.788197] RBP: 000000000073bfa0 R08: 00000000000003ff R09: 0000000000000000 [ 1703.795470] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692b66d4 [ 1703.802742] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:17:14 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xfbffffff00000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1703.853408] gfs2: not a GFS2 filesystem 22:17:14 executing program 0: socket$rxrpc(0x21, 0x2, 0xa) syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) clone(0x802122001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) timer_create(0x2, &(0x7f0000000080)={0x0, 0x2, 0x2, @thr={&(0x7f00000001c0)="7086b717f4e96a43f3012f782892ab5e29cfab89752b427c6207da8ea1ae8894653b86b31891230dfdee08ef2eb2662d4750d8819b5321b777bee3cf59231f9f9a576be7f2c382108f3338dd65e377fe03f59b5dfa1e50362832bbcd0501161f0de87a32c5fdcd7b55bfb61200dd2e3bfb8875bc66cc8515a6fdf532b0aca38f3d569cc08083c62c", &(0x7f0000000280)="e991787b240f91a5ab148e8af342aeacac00d99f591d9ea5cb60ab64ea0bff2489dd1dbe094e7e9268be5b998848a3f57ff062cf768cb89b29196313388839600861674ddfb3a108c05ab9"}}, &(0x7f0000000300)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video35\x00', 0x2, 0x0) getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, &(0x7f0000000100)={'icmp6\x00'}, &(0x7f0000000180)=0x1e) pipe(&(0x7f0000000880)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r4 = socket$inet6(0xa, 0x100000002, 0x0) connect$inet6(r4, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x6}, 0x1c) openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000340)='/dev/video36\x00', 0x2, 0x0) sendto$inet6(r4, 0x0, 0x0, 0x410806e, 0x0, 0x0) sendto$inet6(r4, 0x0, 0x133, 0x0, 0x0, 0x24c) write(r2, &(0x7f0000000340), 0x10000014c) pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000}, 0x0, &(0x7f0000000140)={0x1b9}, 0x0, 0x0) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) 22:17:14 executing program 2 (fault-call:0 fault-nth:1): syz_mount_image$hfsplus(&(0x7f00000001c0)='hfsplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) 22:17:14 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x9000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1703.953495] FAULT_INJECTION: forcing a failure. [ 1703.953495] name failslab, interval 1, probability 0, space 0, times 0 [ 1704.000136] CPU: 1 PID: 1223 Comm: syz-executor.2 Not tainted 5.0.0-rc6 #67 [ 1704.007289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1704.007296] Call Trace: [ 1704.007322] dump_stack+0x172/0x1f0 [ 1704.007342] should_fail.cold+0xa/0x1b [ 1704.026830] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 1704.031958] ? lock_downgrade+0x810/0x810 [ 1704.036128] ? ___might_sleep+0x163/0x280 [ 1704.040297] __should_failslab+0x121/0x190 [ 1704.044552] should_failslab+0x9/0x14 [ 1704.048367] kmem_cache_alloc+0x2be/0x710 [ 1704.052538] ? __alloc_fd+0x430/0x530 [ 1704.056362] ? shmem_destroy_callback+0xc0/0xc0 [ 1704.061049] shmem_alloc_inode+0x1c/0x50 [ 1704.061065] alloc_inode+0x66/0x190 [ 1704.061080] new_inode_pseudo+0x19/0xf0 [ 1704.072745] new_inode+0x1f/0x40 [ 1704.076125] shmem_get_inode+0x84/0x780 [ 1704.080122] __shmem_file_setup.part.0+0x7e/0x2b0 [ 1704.084975] shmem_file_setup+0x66/0x90 [ 1704.088981] __x64_sys_memfd_create+0x2a2/0x470 [ 1704.093667] ? memfd_fcntl+0x1550/0x1550 [ 1704.097733] ? do_syscall_64+0x26/0x610 [ 1704.101712] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1704.106301] ? trace_hardirqs_on+0x67/0x230 [ 1704.110640] do_syscall_64+0x103/0x610 [ 1704.114545] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1704.119781] RIP: 0033:0x457e39 [ 1704.121135] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1704.122978] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1704.122988] RSP: 002b:00007f95b18bea88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1704.123002] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457e39 [ 1704.123015] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bce47 [ 1704.123026] RBP: 000000000073bf00 R08: 0000000000000000 R09: 00000000fbad8001 [ 1704.175922] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f95b18bf6d4 [ 1704.183197] R13: 00000000004c66b2 R14: 00000000004dbb60 R15: 0000000000000003 [ 1704.190514] CPU: 0 PID: 1228 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1704.197643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1704.207010] Call Trace: [ 1704.209617] dump_stack+0x172/0x1f0 [ 1704.213262] handle_userfault.cold+0x41/0x5d [ 1704.217693] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1704.222290] ? __handle_mm_fault+0x36b7/0x3f20 [ 1704.226883] ? find_held_lock+0x35/0x130 [ 1704.230953] ? __handle_mm_fault+0x36b7/0x3f20 [ 1704.235547] ? kasan_check_read+0x11/0x20 [ 1704.239705] ? lock_downgrade+0x810/0x810 [ 1704.243873] ? kasan_check_read+0x11/0x20 22:17:15 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1704.248042] ? do_raw_spin_unlock+0x57/0x270 [ 1704.252465] __handle_mm_fault+0x36c8/0x3f20 [ 1704.256906] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1704.261766] ? find_held_lock+0x35/0x130 [ 1704.265849] ? handle_mm_fault+0x322/0xb30 [ 1704.270109] ? kasan_check_read+0x11/0x20 [ 1704.274270] handle_mm_fault+0x43f/0xb30 [ 1704.278335] __do_page_fault+0x5da/0xd60 [ 1704.282395] do_page_fault+0x71/0x581 [ 1704.286304] ? page_fault+0x8/0x30 [ 1704.289841] page_fault+0x1e/0x30 [ 1704.293296] RIP: 0033:0x451880 [ 1704.296489] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1704.315506] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1704.320870] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1704.328148] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1704.335419] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1704.342690] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 22:17:15 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="e821d0023c123f3188a070") r1 = socket$inet(0x10, 0x2, 0x6) sendmsg(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000240)="24000000160007041dfffd946f6105000a0000001f00000000000800080006000400ff7e280000001100ffffba16a0aa1c0900000000000012000000000000eff24d8238cfa47e23f7efbf54", 0x4c}], 0x1}, 0x0) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/net/pfkey\x00', 0x343800, 0x0) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/pfkey\x00', 0x84000, 0x0) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000140)='TIPCv2\x00') sendmsg$TIPC_NL_MON_SET(r2, &(0x7f00000001c0)={&(0x7f0000000100), 0xc, &(0x7f0000000180)={&(0x7f00000002c0)={0x138, r3, 0xc, 0x70bd2c, 0x25dfdbfd, {}, [@TIPC_NLA_MEDIA={0x68, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x4c, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xbb}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffffffffffff98}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x10001}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_MEDIA={0x48, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_TOL={0x8}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}, @TIPC_NLA_NODE={0x10, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xfffffffffffffffe}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_SOCK={0x14, 0x2, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7fffffff}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xffffffff}]}, @TIPC_NLA_MEDIA={0x44, 0x5, [@TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}]}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffffffffffffd}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000001}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffffff}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}, @TIPC_NLA_NODE={0xc, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x3}]}]}, 0x138}, 0x1, 0x0, 0x0, 0x2000c011}, 0x4800) [ 1704.350089] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:17:15 executing program 2 (fault-call:0 fault-nth:2): syz_mount_image$hfsplus(&(0x7f00000001c0)='hfsplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) 22:17:15 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xfcfdffff00000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1704.445828] gfs2: not a GFS2 filesystem 22:17:15 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x20000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:15 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x15) sendmsg$nl_route(r0, &(0x7f000001bfc8)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newlink={0x28, 0x11, 0x801, 0x0, 0x0, {}, [@IFLA_GROUP={0x8, 0x1b, 0x2}]}, 0x28}}, 0x0) prctl$PR_GET_THP_DISABLE(0x2a) [ 1704.471264] FAULT_INJECTION: forcing a failure. [ 1704.471264] name failslab, interval 1, probability 0, space 0, times 0 [ 1704.506893] gfs2: not a GFS2 filesystem [ 1704.515968] CPU: 0 PID: 1242 Comm: syz-executor.2 Not tainted 5.0.0-rc6 #67 [ 1704.523138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1704.532495] Call Trace: [ 1704.535091] dump_stack+0x172/0x1f0 [ 1704.535113] should_fail.cold+0xa/0x1b [ 1704.535131] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 1704.535150] ? percpu_ref_put_many+0x94/0x190 [ 1704.552243] ? ___might_sleep+0x163/0x280 [ 1704.556412] __should_failslab+0x121/0x190 [ 1704.560659] should_failslab+0x9/0x14 [ 1704.564503] kmem_cache_alloc+0x2be/0x710 [ 1704.568657] ? map_id_range_down+0x1ee/0x370 [ 1704.573104] ? __put_user_ns+0x70/0x70 [ 1704.577001] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 1704.582560] selinux_inode_alloc_security+0xb6/0x2a0 [ 1704.587764] security_inode_alloc+0x90/0xe0 [ 1704.592099] inode_init_always+0x56e/0xb40 [ 1704.596342] alloc_inode+0x83/0x190 [ 1704.599973] new_inode_pseudo+0x19/0xf0 [ 1704.603948] new_inode+0x1f/0x40 [ 1704.603965] shmem_get_inode+0x84/0x780 [ 1704.603986] __shmem_file_setup.part.0+0x7e/0x2b0 [ 1704.604007] shmem_file_setup+0x66/0x90 [ 1704.604025] __x64_sys_memfd_create+0x2a2/0x470 [ 1704.604041] ? memfd_fcntl+0x1550/0x1550 [ 1704.624823] ? do_syscall_64+0x26/0x610 [ 1704.624842] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1704.624859] ? trace_hardirqs_on+0x67/0x230 [ 1704.624876] do_syscall_64+0x103/0x610 [ 1704.624895] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1704.651470] RIP: 0033:0x457e39 [ 1704.654652] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1704.673542] RSP: 002b:00007f95b18bea88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1704.681240] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457e39 [ 1704.688506] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bce47 [ 1704.695790] RBP: 000000000073bf00 R08: 0000000000000000 R09: 00000000fbad8001 [ 1704.703078] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f95b18bf6d4 [ 1704.710366] R13: 00000000004c66b2 R14: 00000000004dbb60 R15: 0000000000000003 22:17:15 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1704.781338] audit: type=1400 audit(1549923435.682:112): avc: denied { write } for pid=1250 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 22:17:15 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xfdfdffff00000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:15 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$pppoe(0x18, 0x1, 0x0) r2 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r2, &(0x7f0000000140)={0x18, 0x0, {0x100003, @local, 'ip6_vti0\x00'}}, 0x1e) connect$pppoe(r1, &(0x7f0000000080)={0x18, 0x0, {0x100000000003, @local, 'erspan0\x00'}}, 0x1e) [ 1704.914945] gfs2: not a GFS2 filesystem [ 1704.990640] gfs2: not a GFS2 filesystem 22:17:15 executing program 0: mkdir(&(0x7f0000578000)='./file0\x00', 0x0) lsetxattr(&(0x7f0000712ff8)='./file0\x00', &(0x7f0000000080)=@known='system.posix_acl_default\x00', &(0x7f000054afec)='\x02\x00\x00\x00\x01\x00\x00\x00\x00\x00\xf4\xff\x01\x00', 0xffffffffffffff7f, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x40, 0x0) 22:17:15 executing program 4: syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020301000200027400f8", 0x16}], 0x0, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") ftruncate(r0, 0x0) [ 1705.018522] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1705.043142] CPU: 1 PID: 1260 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1705.050473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1705.059836] Call Trace: [ 1705.062449] dump_stack+0x172/0x1f0 [ 1705.066091] handle_userfault.cold+0x41/0x5d [ 1705.070540] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1705.075133] ? __handle_mm_fault+0x36b7/0x3f20 [ 1705.079724] ? find_held_lock+0x35/0x130 [ 1705.083794] ? __handle_mm_fault+0x36b7/0x3f20 [ 1705.088386] ? kasan_check_read+0x11/0x20 [ 1705.092556] ? lock_downgrade+0x810/0x810 [ 1705.096716] ? kasan_check_read+0x11/0x20 [ 1705.100886] ? do_raw_spin_unlock+0x57/0x270 [ 1705.105321] __handle_mm_fault+0x36c8/0x3f20 [ 1705.109744] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1705.114590] ? find_held_lock+0x35/0x130 [ 1705.118672] ? handle_mm_fault+0x322/0xb30 [ 1705.122948] ? kasan_check_read+0x11/0x20 [ 1705.127193] handle_mm_fault+0x43f/0xb30 [ 1705.131281] __do_page_fault+0x5da/0xd60 [ 1705.135359] do_page_fault+0x71/0x581 [ 1705.139187] ? page_fault+0x8/0x30 [ 1705.142731] page_fault+0x1e/0x30 [ 1705.146186] RIP: 0033:0x451880 [ 1705.149389] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1705.168303] RSP: 002b:00007f04692b57a8 EFLAGS: 00010202 [ 1705.173665] RAX: 00007f04692b5850 RBX: 0000000000000003 RCX: 000000000000000e [ 1705.180949] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692b5850 22:17:15 executing program 2 (fault-call:0 fault-nth:3): syz_mount_image$hfsplus(&(0x7f00000001c0)='hfsplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) [ 1705.188232] RBP: 000000000073bfa0 R08: 00000000000003ff R09: 0000000000000000 [ 1705.195502] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692b66d4 [ 1705.202772] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1705.234037] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1705.240196] CPU: 1 PID: 1257 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1705.247341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1705.247348] Call Trace: [ 1705.247372] dump_stack+0x172/0x1f0 [ 1705.247404] handle_userfault.cold+0x41/0x5d [ 1705.247428] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1705.247444] ? __handle_mm_fault+0x36b7/0x3f20 [ 1705.247458] ? find_held_lock+0x35/0x130 [ 1705.247474] ? __handle_mm_fault+0x36b7/0x3f20 [ 1705.247493] ? kasan_check_read+0x11/0x20 [ 1705.277149] ? lock_downgrade+0x810/0x810 [ 1705.277171] ? kasan_check_read+0x11/0x20 [ 1705.277184] ? do_raw_spin_unlock+0x57/0x270 [ 1705.277202] __handle_mm_fault+0x36c8/0x3f20 [ 1705.286036] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1705.286051] ? find_held_lock+0x35/0x130 [ 1705.286067] ? handle_mm_fault+0x322/0xb30 [ 1705.294358] ? kasan_check_read+0x11/0x20 [ 1705.294388] handle_mm_fault+0x43f/0xb30 [ 1705.302947] __do_page_fault+0x5da/0xd60 [ 1705.302971] do_page_fault+0x71/0x581 [ 1705.320502] ? page_fault+0x8/0x30 [ 1705.320518] page_fault+0x1e/0x30 [ 1705.320530] RIP: 0033:0x451880 [ 1705.320545] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1705.320553] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1705.332807] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e 22:17:16 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = fcntl$dupfd(r0, 0x406, r0) fchmodat(r1, &(0x7f0000000080)='./file0\x00', 0x13) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=ANY=[@ANYBLOB="660100746572000000000000000000000000000000000000000000000000000000d0030000600200000000000060020000600200006002000038030000380300003803000038030000380300000400000013447b728e4c54"], 0x1) 22:17:16 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:17:16 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xff0f000000000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:16 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x40000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1705.332816] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1705.332825] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1705.332834] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1705.332842] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1705.481693] FAULT_INJECTION: forcing a failure. [ 1705.481693] name failslab, interval 1, probability 0, space 0, times 0 [ 1705.507228] CPU: 0 PID: 1285 Comm: syz-executor.2 Not tainted 5.0.0-rc6 #67 [ 1705.514386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1705.514397] Call Trace: [ 1705.526354] dump_stack+0x172/0x1f0 [ 1705.526385] should_fail.cold+0xa/0x1b [ 1705.526406] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 1705.533898] ? lock_downgrade+0x810/0x810 [ 1705.533917] ? ___might_sleep+0x163/0x280 [ 1705.533939] __should_failslab+0x121/0x190 [ 1705.533958] should_failslab+0x9/0x14 [ 1705.543186] kmem_cache_alloc+0x2be/0x710 [ 1705.543201] ? current_time+0x6b/0x140 [ 1705.543215] ? ktime_get_coarse_real_ts64+0xf0/0x2b0 [ 1705.543229] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1705.543245] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1705.551631] ? timespec64_trunc+0xf0/0x180 [ 1705.551650] __d_alloc+0x2e/0x8c0 [ 1705.551669] d_alloc_pseudo+0x1e/0x30 [ 1705.551686] alloc_file_pseudo+0xe2/0x280 [ 1705.563495] ? alloc_file+0x4d0/0x4d0 [ 1705.578808] ? lockdep_annotate_inode_mutex_key+0x5b/0x70 [ 1705.578828] ? kasan_check_write+0x14/0x20 [ 1705.578848] __shmem_file_setup.part.0+0x108/0x2b0 [ 1705.578867] shmem_file_setup+0x66/0x90 [ 1705.578883] __x64_sys_memfd_create+0x2a2/0x470 [ 1705.578898] ? memfd_fcntl+0x1550/0x1550 [ 1705.578912] ? do_syscall_64+0x26/0x610 [ 1705.578926] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1705.578944] ? trace_hardirqs_on+0x67/0x230 [ 1705.596478] FAT-fs (loop4): bogus sectors per cluster 3 [ 1705.599151] do_syscall_64+0x103/0x610 [ 1705.599172] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1705.599183] RIP: 0033:0x457e39 [ 1705.599196] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:17:16 executing program 2 (fault-call:0 fault-nth:4): syz_mount_image$hfsplus(&(0x7f00000001c0)='hfsplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) [ 1705.599203] RSP: 002b:00007f95b18bea88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1705.599221] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457e39 [ 1705.608977] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bce47 [ 1705.613981] FAT-fs (loop4): Can't find a valid FAT filesystem [ 1705.617859] RBP: 000000000073bf00 R08: 0000000000000000 R09: 00000000fbad8001 [ 1705.617868] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f95b18bf6d4 [ 1705.617876] R13: 00000000004c66b2 R14: 00000000004dbb60 R15: 0000000000000003 [ 1705.633443] gfs2: not a GFS2 filesystem [ 1705.699078] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1705.710271] CPU: 0 PID: 1296 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1705.742719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1705.752687] Call Trace: [ 1705.755291] dump_stack+0x172/0x1f0 [ 1705.758931] handle_userfault.cold+0x41/0x5d [ 1705.763373] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1705.767961] ? __handle_mm_fault+0x36b7/0x3f20 [ 1705.772545] ? find_held_lock+0x35/0x130 [ 1705.776616] ? __handle_mm_fault+0x36b7/0x3f20 [ 1705.781210] ? kasan_check_read+0x11/0x20 [ 1705.785382] ? lock_downgrade+0x810/0x810 [ 1705.789551] ? kasan_check_read+0x11/0x20 [ 1705.793798] ? do_raw_spin_unlock+0x57/0x270 [ 1705.798215] __handle_mm_fault+0x36c8/0x3f20 [ 1705.802640] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1705.807490] ? find_held_lock+0x35/0x130 [ 1705.811559] ? handle_mm_fault+0x322/0xb30 [ 1705.815816] ? kasan_check_read+0x11/0x20 [ 1705.819976] handle_mm_fault+0x43f/0xb30 [ 1705.824052] __do_page_fault+0x5da/0xd60 [ 1705.828136] do_page_fault+0x71/0x581 22:17:16 executing program 0: clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x38) ptrace$cont(0x18, r0, 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x20000000, 0xa7}) creat(&(0x7f0000000140)='./file0\x00', 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) creat(&(0x7f0000000180)='./file0\x00', 0x0) ptrace$getenv(0x4201, r0, 0x3, &(0x7f0000000040)) [ 1705.831947] ? page_fault+0x8/0x30 [ 1705.835494] page_fault+0x1e/0x30 [ 1705.838953] RIP: 0033:0x451880 [ 1705.842266] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1705.861177] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1705.866545] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1705.873818] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 22:17:16 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x48000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1705.881092] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1705.888378] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1705.895674] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1705.994072] FAULT_INJECTION: forcing a failure. [ 1705.994072] name failslab, interval 1, probability 0, space 0, times 0 [ 1706.012605] CPU: 0 PID: 1305 Comm: syz-executor.2 Not tainted 5.0.0-rc6 #67 [ 1706.019747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1706.029126] Call Trace: [ 1706.029152] dump_stack+0x172/0x1f0 [ 1706.029173] should_fail.cold+0xa/0x1b [ 1706.029191] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 1706.029205] ? lock_downgrade+0x810/0x810 [ 1706.029221] ? ___might_sleep+0x163/0x280 [ 1706.029247] __should_failslab+0x121/0x190 [ 1706.058736] should_failslab+0x9/0x14 [ 1706.058764] kmem_cache_alloc+0x2be/0x710 [ 1706.058779] ? current_time+0x6b/0x140 [ 1706.058799] ? ktime_get_coarse_real_ts64+0xf0/0x2b0 [ 1706.058820] ? lockdep_hardirqs_on+0x415/0x5d0 22:17:17 executing program 0: getresuid(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)=0x0) setresuid(0x0, r0, 0xffffffffffffffff) socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snapshot\x00', 0x2, 0x0) ioctl$DRM_IOCTL_ADD_CTX(r1, 0xc0086420, &(0x7f00000002c0)) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f00000001c0)=""/208) ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000140)={0x8, &(0x7f0000000100)=[{}, {}, {}, {}, {0x0}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_NEW_CTX(r1, 0x40086425, &(0x7f0000000300)={r3, 0x3}) ioctl$DRM_IOCTL_LOCK(r1, 0x4008642a, &(0x7f0000000180)={r2, 0x14}) [ 1706.058834] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1706.058846] ? timespec64_trunc+0xf0/0x180 [ 1706.058861] __d_alloc+0x2e/0x8c0 [ 1706.058879] d_alloc_pseudo+0x1e/0x30 [ 1706.068113] alloc_file_pseudo+0xe2/0x280 [ 1706.068129] ? alloc_file+0x4d0/0x4d0 [ 1706.068149] ? lockdep_annotate_inode_mutex_key+0x5b/0x70 [ 1706.068169] ? kasan_check_write+0x14/0x20 [ 1706.068191] __shmem_file_setup.part.0+0x108/0x2b0 [ 1706.068207] shmem_file_setup+0x66/0x90 [ 1706.068232] __x64_sys_memfd_create+0x2a2/0x470 [ 1706.139569] ? memfd_fcntl+0x1550/0x1550 [ 1706.143654] ? do_syscall_64+0x26/0x610 [ 1706.147652] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1706.147671] ? trace_hardirqs_on+0x67/0x230 [ 1706.147686] do_syscall_64+0x103/0x610 [ 1706.147708] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1706.147722] RIP: 0033:0x457e39 [ 1706.147738] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:17:17 executing program 0: r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/userio\x00', 0x4000, 0x0) fremovexattr(r0, &(0x7f0000000240)=@known='system.posix_acl_access\x00') perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket(0x40000000015, 0x5, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0x5) setfsuid(r2) setfsuid(r2) r3 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001240)="2e0000002900815fe45ae087185082cf0424b0eba06ec4000023000000100800000000000000000051894dd65b2f", 0x2e}], 0x1}, 0x0) r4 = creat(&(0x7f00000000c0)='./file0\x00', 0x40) ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000140)=0x100001) setfsuid(r2) [ 1706.147744] RSP: 002b:00007f95b18bea88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1706.147757] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457e39 [ 1706.147764] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bce47 [ 1706.147770] RBP: 000000000073bf00 R08: 0000000000000000 R09: 00000000fbad8001 [ 1706.147777] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f95b18bf6d4 [ 1706.147788] R13: 00000000004c66b2 R14: 00000000004dbb60 R15: 0000000000000003 [ 1706.243855] FAT-fs (loop4): bogus sectors per cluster 3 [ 1706.254715] FAT-fs (loop4): Can't find a valid FAT filesystem [ 1706.298090] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1706.308520] CPU: 0 PID: 1309 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1706.315673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1706.325037] Call Trace: [ 1706.329838] dump_stack+0x172/0x1f0 [ 1706.333484] handle_userfault.cold+0x41/0x5d [ 1706.337913] ? debug_smp_processor_id+0x1c/0x20 [ 1706.342604] ? perf_trace_lock_acquire+0xf5/0x580 [ 1706.347463] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1706.352061] ? __handle_mm_fault+0x36b7/0x3f20 [ 1706.356661] ? find_held_lock+0x35/0x130 [ 1706.360739] ? __handle_mm_fault+0x36b7/0x3f20 [ 1706.365419] ? kasan_check_read+0x11/0x20 [ 1706.369592] ? lock_downgrade+0x810/0x810 [ 1706.373775] ? kasan_check_read+0x11/0x20 [ 1706.377940] ? do_raw_spin_unlock+0x57/0x270 [ 1706.382366] __handle_mm_fault+0x36c8/0x3f20 [ 1706.386819] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1706.391757] ? find_held_lock+0x35/0x130 [ 1706.395836] ? handle_mm_fault+0x322/0xb30 [ 1706.400103] ? kasan_check_read+0x11/0x20 [ 1706.404265] handle_mm_fault+0x43f/0xb30 [ 1706.408359] __do_page_fault+0x5da/0xd60 [ 1706.412456] do_page_fault+0x71/0x581 [ 1706.416269] ? page_fault+0x8/0x30 [ 1706.419828] page_fault+0x1e/0x30 [ 1706.423291] RIP: 0033:0x451880 [ 1706.426501] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d 22:17:17 executing program 2 (fault-call:0 fault-nth:5): syz_mount_image$hfsplus(&(0x7f00000001c0)='hfsplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) [ 1706.445496] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1706.450867] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1706.458231] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1706.465530] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1706.472807] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1706.480083] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1706.510781] gfs2: not a GFS2 filesystem [ 1706.521033] FAULT_INJECTION: forcing a failure. [ 1706.521033] name failslab, interval 1, probability 0, space 0, times 0 [ 1706.539880] CPU: 0 PID: 1322 Comm: syz-executor.2 Not tainted 5.0.0-rc6 #67 [ 1706.547641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1706.557032] Call Trace: [ 1706.559825] dump_stack+0x172/0x1f0 [ 1706.559855] should_fail.cold+0xa/0x1b [ 1706.559878] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 1706.559900] ? lock_downgrade+0x810/0x810 [ 1706.559925] ? ___might_sleep+0x163/0x280 [ 1706.559957] __should_failslab+0x121/0x190 [ 1706.559981] should_failslab+0x9/0x14 [ 1706.560002] kmem_cache_alloc+0x2be/0x710 [ 1706.594576] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 1706.600243] ? __alloc_file+0x27/0x300 [ 1706.604170] ? rcu_read_lock_sched_held+0x110/0x130 [ 1706.609241] selinux_file_alloc_security+0xb4/0x190 [ 1706.614485] security_file_alloc+0x69/0xb0 [ 1706.618798] __alloc_file+0xac/0x300 [ 1706.622551] alloc_empty_file+0x72/0x170 [ 1706.626756] alloc_file+0x5e/0x4d0 [ 1706.630328] alloc_file_pseudo+0x189/0x280 [ 1706.634580] ? alloc_file+0x4d0/0x4d0 [ 1706.638397] ? lockdep_annotate_inode_mutex_key+0x5b/0x70 [ 1706.643945] ? kasan_check_write+0x14/0x20 [ 1706.648196] __shmem_file_setup.part.0+0x108/0x2b0 [ 1706.653148] shmem_file_setup+0x66/0x90 [ 1706.657216] __x64_sys_memfd_create+0x2a2/0x470 [ 1706.661904] ? memfd_fcntl+0x1550/0x1550 [ 1706.665976] ? do_syscall_64+0x26/0x610 [ 1706.669955] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1706.674546] ? trace_hardirqs_on+0x67/0x230 [ 1706.678881] do_syscall_64+0x103/0x610 [ 1706.682780] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1706.687970] RIP: 0033:0x457e39 [ 1706.691163] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:17:17 executing program 4: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = socket$kcm(0xa, 0x2, 0x11) setsockopt$sock_attach_bpf(r0, 0x88, 0x67, &(0x7f0000000040)=r0, 0x4) sendmsg$kcm(r0, &(0x7f0000000480)={&(0x7f0000000080)=@in6={0xa, 0x4e88, 0x0, @mcast2={0xff, 0x2, [0xe82b, 0x0, 0x0, 0x3f000000, 0x0, 0x55efff7f]}, 0xd}, 0x80, &(0x7f0000000340), 0x2b, &(0x7f0000000180)}, 0x0) 22:17:17 executing program 0: r0 = open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'vet\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbdh\x00', 0x43732e5398416f1a}) r3 = socket$nl_route(0x10, 0x3, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3b5f, 0x80000000}, 0x0, 0x0, 0xb5ec, 0x0, 0xfffffffffffffffc, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = shmget$private(0x0, 0x2000, 0xfffffffffffffffe, &(0x7f0000ffb000/0x2000)=nil) shmctl$IPC_STAT(r4, 0x2, &(0x7f0000000080)=""/19) r5 = socket$inet(0x2, 0x3, 0x2) r6 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x20100, 0x0) r7 = socket$alg(0x26, 0x5, 0x0) bind$alg(r7, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000001f3a)="ad56b6c5820faeb995298992ea54c7beef9f5d56534c90c2", 0x18) r8 = accept$alg(r7, 0x0, 0x0) io_setup(0x1000000000a, &(0x7f0000000380)=0x0) io_submit(r9, 0x1, &(0x7f0000bd9fe0)=[&(0x7f0000617fc0)={0x0, 0x0, 0x0, 0x0, 0x0, r8, &(0x7f000007d000)="b3", 0x1}]) getsockname(r6, &(0x7f0000000140)=@ipx, &(0x7f00000001c0)=0x80) setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000100)=0x1, 0x8) setsockopt$inet_int(r5, 0x0, 0xca, &(0x7f0000000000)=0x10001, 0x10) r10 = dup2(r3, r3) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r5, 0x84, 0x1c, &(0x7f00000002c0), &(0x7f0000000280)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x3e7, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BLKGETSIZE64(0xffffffffffffffff, 0x80081272, &(0x7f0000000240)) ioctl$ASHMEM_GET_SIZE(r10, 0x7704, 0x0) r11 = syz_open_procfs(0x0, &(0x7f00000001c0)='clear_refs\x00') openat$vnet(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vhost-net\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_GET_EVENT(r6, &(0x7f0000000200)={0xc, 0x166, 0xfa00, {&(0x7f00000004c0)}}, 0x10) pwritev(r11, &(0x7f0000000340)=[{&(0x7f0000000080)='4', 0x1}], 0x1, 0x0) accept4$unix(r11, &(0x7f0000000000), &(0x7f00000000c0)=0x6e, 0x800) 22:17:17 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xffffff7f00000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1706.710091] RSP: 002b:00007f95b18bea88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1706.717803] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457e39 [ 1706.725073] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bce47 [ 1706.732355] RBP: 000000000073bf00 R08: 0000000000000000 R09: 00000000fbad8001 [ 1706.739640] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f95b18bf6d4 [ 1706.746914] R13: 00000000004c66b2 R14: 00000000004dbb60 R15: 0000000000000003 22:17:17 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:17:17 executing program 2 (fault-call:0 fault-nth:6): syz_mount_image$hfsplus(&(0x7f00000001c0)='hfsplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) 22:17:17 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x4c000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1706.891675] FAULT_INJECTION: forcing a failure. [ 1706.891675] name failslab, interval 1, probability 0, space 0, times 0 [ 1706.912417] CPU: 0 PID: 1336 Comm: syz-executor.2 Not tainted 5.0.0-rc6 #67 [ 1706.919567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1706.919576] Call Trace: [ 1706.931547] dump_stack+0x172/0x1f0 [ 1706.935202] should_fail.cold+0xa/0x1b [ 1706.935221] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 1706.935235] ? lock_downgrade+0x810/0x810 [ 1706.935262] ? ___might_sleep+0x163/0x280 [ 1706.944822] __should_failslab+0x121/0x190 [ 1706.944842] should_failslab+0x9/0x14 [ 1706.944856] kmem_cache_alloc+0x2be/0x710 [ 1706.944868] ? notify_change+0x6d5/0xfb0 [ 1706.944883] ? do_sys_ftruncate+0x41e/0x550 [ 1706.953168] getname_flags+0xd6/0x5b0 [ 1706.953189] getname+0x1a/0x20 [ 1706.953203] do_sys_open+0x2c9/0x5d0 [ 1706.953220] ? filp_open+0x80/0x80 [ 1706.953239] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1706.992725] ? do_syscall_64+0x26/0x610 [ 1706.996720] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1707.002099] ? do_syscall_64+0x26/0x610 [ 1707.006086] __x64_sys_open+0x7e/0xc0 [ 1707.006105] do_syscall_64+0x103/0x610 [ 1707.006124] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1707.006138] RIP: 0033:0x411f21 [ 1707.022318] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 2a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 73 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 22:17:18 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) openat$mixer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mixer\x00', 0x400, 0x0) sendmsg$key(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000080)=ANY=[@ANYBLOB="1203000313000000000000000000000005000600000000000a0000000000000000000000000000000000ffff00000000000000000000000005000900880000000a00000000000000000000000000000000000000000000000000000000000200010000000000000000fd0000000005000500000000000a00000000000000ff02000000000000000000000000000100000000000000000000"], 0x98}}, 0x0) r1 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/mls\x00', 0x0, 0x0) ioctl$IMGETCOUNT(r1, 0x80044943, &(0x7f0000000040)) [ 1707.041228] RSP: 002b:00007f95b18bea80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 1707.048966] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000411f21 [ 1707.056266] RDX: 00007f95b18beafa RSI: 0000000000000002 RDI: 00007f95b18beaf0 [ 1707.063893] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1707.071440] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 1707.078724] R13: 0000000000000000 R14: 00000000004dbb60 R15: 0000000000000003 [ 1707.103214] gfs2: not a GFS2 filesystem 22:17:18 executing program 2 (fault-call:0 fault-nth:7): syz_mount_image$hfsplus(&(0x7f00000001c0)='hfsplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) [ 1707.211679] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1707.225532] CPU: 0 PID: 1347 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1707.232695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1707.242062] Call Trace: [ 1707.244771] dump_stack+0x172/0x1f0 [ 1707.244793] handle_userfault.cold+0x41/0x5d [ 1707.253278] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1707.257879] ? __handle_mm_fault+0x36b7/0x3f20 [ 1707.257903] ? find_held_lock+0x35/0x130 [ 1707.257920] ? __handle_mm_fault+0x36b7/0x3f20 [ 1707.257939] ? kasan_check_read+0x11/0x20 [ 1707.257958] ? lock_downgrade+0x810/0x810 [ 1707.257983] ? kasan_check_read+0x11/0x20 [ 1707.262643] gfs2: not a GFS2 filesystem [ 1707.266653] ? do_raw_spin_unlock+0x57/0x270 [ 1707.266672] __handle_mm_fault+0x36c8/0x3f20 [ 1707.266691] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1707.275402] ? find_held_lock+0x35/0x130 [ 1707.283671] ? handle_mm_fault+0x322/0xb30 [ 1707.283702] ? kasan_check_read+0x11/0x20 [ 1707.313815] handle_mm_fault+0x43f/0xb30 [ 1707.317891] __do_page_fault+0x5da/0xd60 [ 1707.321997] do_page_fault+0x71/0x581 [ 1707.325813] ? page_fault+0x8/0x30 [ 1707.329361] page_fault+0x1e/0x30 [ 1707.332820] RIP: 0033:0x451880 [ 1707.336025] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1707.355467] RSP: 002b:00007f04692b57a8 EFLAGS: 00010202 22:17:18 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f063c123f3188a070") r1 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f00000003c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="9c0000008f6e8166e6e9aaaf21a385290238197de40c0df3062d6b55c2aecae84ad20d741f411c9060ac4aaa21f30877f9acb899d59e58a608a856650d4c620defc8ebe2ce0fc34ff2d25d2e44722346714664b5182afcbcd6854d726facf0935b7ccc5731436f399a6c99586db8d8b8fb3b6975da28f5ae6b84e3820226efa5c2116260f305738cf2f8cee5e3bda46704"], &(0x7f0000000480)=0xa4) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f00000000c0)={r2, 0xffffffffffffff28, "4c329fea9bdd11faa56286916c20ad70713c2516a888362eeca40928af35457cf7c7e0582a334529e3682509ab0ac586c588f88beb1c5227dc41ab3e80ba9b1900a9a35c5e5eb0349465404a2c5c699195ee764e316884c8406ef5367752900a171f"}, &(0x7f00000004c0)=0x1f) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f00000002c0)={r3, @in={{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x14}}}, 0x401, 0x1, 0x0, 0x6ff, 0x3}, &(0x7f0000000380)=0x98) write$P9_RXATTRCREATE(r1, &(0x7f0000000040)={0x7, 0x21, 0x2}, 0x7) ioctl$DRM_IOCTL_FREE_BUFS(r1, 0x4010641a, &(0x7f0000000500)={0x3, &(0x7f0000000280)=[0x7, 0x3b, 0x8]}) name_to_handle_at(r1, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x64, 0x4, "51861760fcf241d9810ecaeaea98396b3a3644cd888899959632263981c7aa5bf2ac047931e2443c05e09b87af231cf310db07fe0307b75bfa7d31f8596ad9eb14172a87994e2e96fccb81843feac55ba5417080fcc94eb6cabbb0d0"}, &(0x7f0000000240), 0x1400) syz_emit_ethernet(0x5, &(0x7f0000000a00)=ANY=[@ANYPTR64, @ANYRES32=r0, @ANYRESDEC=r1, @ANYRESOCT=r2, @ANYRES16=r4], 0x0) ioctl$LOOP_SET_CAPACITY(r1, 0x4c07) setsockopt$inet_mtu(r1, 0x0, 0xa, &(0x7f0000000080)=0x5, 0x4) [ 1707.360843] RAX: 00007f04692b5850 RBX: 0000000000000003 RCX: 000000000000000e [ 1707.368113] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692b5850 [ 1707.375385] RBP: 000000000073bfa0 R08: 00000000000003ff R09: 0000000000000000 [ 1707.382657] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692b66d4 [ 1707.389933] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1707.404336] FAULT_INJECTION: forcing a failure. 22:17:18 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xffffffff00000000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1707.404336] name failslab, interval 1, probability 0, space 0, times 0 [ 1707.472526] CPU: 0 PID: 1351 Comm: syz-executor.2 Not tainted 5.0.0-rc6 #67 [ 1707.479677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1707.479683] Call Trace: [ 1707.479708] dump_stack+0x172/0x1f0 [ 1707.479729] should_fail.cold+0xa/0x1b [ 1707.479747] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 1707.479762] ? lock_downgrade+0x810/0x810 [ 1707.479779] ? ___might_sleep+0x163/0x280 [ 1707.479800] __should_failslab+0x121/0x190 [ 1707.479816] should_failslab+0x9/0x14 [ 1707.479831] kmem_cache_alloc+0x2be/0x710 [ 1707.524996] ? notify_change+0x6d5/0xfb0 [ 1707.525012] ? do_sys_ftruncate+0x41e/0x550 [ 1707.525033] getname_flags+0xd6/0x5b0 [ 1707.525051] getname+0x1a/0x20 [ 1707.540430] do_sys_open+0x2c9/0x5d0 [ 1707.544153] ? filp_open+0x80/0x80 [ 1707.547702] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1707.552467] ? do_syscall_64+0x26/0x610 [ 1707.556449] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1707.561823] ? do_syscall_64+0x26/0x610 [ 1707.565807] __x64_sys_open+0x7e/0xc0 [ 1707.569616] do_syscall_64+0x103/0x610 [ 1707.573512] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1707.578722] RIP: 0033:0x411f21 [ 1707.581922] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 2a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 73 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 1707.601126] RSP: 002b:00007f95b18bea80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 1707.608935] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000411f21 22:17:18 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1707.616473] RDX: 00007f95b18beafa RSI: 0000000000000002 RDI: 00007f95b18beaf0 [ 1707.623749] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1707.631028] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 1707.638306] R13: 0000000000000000 R14: 00000000004dbb60 R15: 0000000000000003 22:17:18 executing program 2 (fault-call:0 fault-nth:8): syz_mount_image$hfsplus(&(0x7f00000001c0)='hfsplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) 22:17:18 executing program 4: r0 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000003800)={'vcan0\x00'}) sendmsg$can_bcm(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x1, 0x0, 0x0, {}, {}, {0x0, 0x0, 0x0, 0xffffffffffffff4d}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "85cd0fca3406c790"}}, 0x48}}, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x8000, 0x0) accept4$nfc_llcp(r1, &(0x7f0000000040), &(0x7f00000000c0)=0x60, 0x80800) sendmsg$can_bcm(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="01000000100000000400000000000000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="000000800100000000000000000000009b5117f117e9a7f4"], 0x48}}, 0x0) fsync(r1) [ 1707.719906] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1707.724645] CPU: 0 PID: 1341 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1707.731750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1707.731757] Call Trace: [ 1707.731785] dump_stack+0x172/0x1f0 [ 1707.731806] handle_userfault.cold+0x41/0x5d [ 1707.751800] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1707.756380] ? __handle_mm_fault+0x36b7/0x3f20 [ 1707.760953] ? find_held_lock+0x35/0x130 [ 1707.765008] ? __handle_mm_fault+0x36b7/0x3f20 [ 1707.769584] ? kasan_check_read+0x11/0x20 [ 1707.773725] ? lock_downgrade+0x810/0x810 [ 1707.778126] ? kasan_check_read+0x11/0x20 [ 1707.782280] ? do_raw_spin_unlock+0x57/0x270 [ 1707.786683] __handle_mm_fault+0x36c8/0x3f20 [ 1707.791098] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1707.795932] ? find_held_lock+0x35/0x130 [ 1707.799994] ? handle_mm_fault+0x322/0xb30 [ 1707.804238] ? kasan_check_read+0x11/0x20 [ 1707.808382] handle_mm_fault+0x43f/0xb30 [ 1707.812465] __do_page_fault+0x5da/0xd60 [ 1707.816527] do_page_fault+0x71/0x581 [ 1707.820326] ? page_fault+0x8/0x30 [ 1707.823859] page_fault+0x1e/0x30 [ 1707.827309] RIP: 0033:0x451880 [ 1707.830494] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1707.849494] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1707.854847] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1707.862105] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1707.869363] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1707.876631] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1707.883896] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1707.914905] gfs2: not a GFS2 filesystem [ 1707.927149] FAULT_INJECTION: forcing a failure. [ 1707.927149] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1707.939019] CPU: 1 PID: 1369 Comm: syz-executor.2 Not tainted 5.0.0-rc6 #67 [ 1707.946132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1707.955510] Call Trace: [ 1707.958120] dump_stack+0x172/0x1f0 [ 1707.961774] should_fail.cold+0xa/0x1b [ 1707.965677] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 1707.971146] ? mark_held_locks+0x100/0x100 [ 1707.975408] should_fail_alloc_page+0x50/0x60 [ 1707.979913] __alloc_pages_nodemask+0x1a1/0x710 [ 1707.984702] ? __alloc_pages_slowpath+0x2900/0x2900 [ 1707.989730] ? find_held_lock+0x35/0x130 [ 1707.993819] cache_grow_begin+0x9c/0x8c0 [ 1707.997974] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1708.003522] ? check_preemption_disabled+0x48/0x290 [ 1708.008663] kmem_cache_alloc+0x645/0x710 [ 1708.012825] ? notify_change+0x6d5/0xfb0 [ 1708.017154] ? do_sys_ftruncate+0x41e/0x550 [ 1708.021502] getname_flags+0xd6/0x5b0 [ 1708.025313] getname+0x1a/0x20 [ 1708.028515] do_sys_open+0x2c9/0x5d0 [ 1708.032238] ? filp_open+0x80/0x80 [ 1708.035791] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1708.040554] ? do_syscall_64+0x26/0x610 [ 1708.044555] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1708.049936] ? do_syscall_64+0x26/0x610 [ 1708.053933] __x64_sys_open+0x7e/0xc0 [ 1708.057761] do_syscall_64+0x103/0x610 [ 1708.061660] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1708.066897] RIP: 0033:0x411f21 [ 1708.071958] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 2a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 73 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 1708.091045] RSP: 002b:00007f95b18bea80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 1708.098762] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000411f21 [ 1708.106038] RDX: 00007f95b18beafa RSI: 0000000000000002 RDI: 00007f95b18beaf0 [ 1708.113318] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1708.120593] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 1708.127871] R13: 0000000000000000 R14: 00000000004dbb60 R15: 0000000000000003 22:17:19 executing program 0: r0 = open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'vet\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbdh\x00', 0x43732e5398416f1a}) r3 = socket$nl_route(0x10, 0x3, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3b5f, 0x80000000}, 0x0, 0x0, 0xb5ec, 0x0, 0xfffffffffffffffc, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = shmget$private(0x0, 0x2000, 0xfffffffffffffffe, &(0x7f0000ffb000/0x2000)=nil) shmctl$IPC_STAT(r4, 0x2, &(0x7f0000000080)=""/19) r5 = socket$inet(0x2, 0x3, 0x2) r6 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x20100, 0x0) r7 = socket$alg(0x26, 0x5, 0x0) bind$alg(r7, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000001f3a)="ad56b6c5820faeb995298992ea54c7beef9f5d56534c90c2", 0x18) r8 = accept$alg(r7, 0x0, 0x0) io_setup(0x1000000000a, &(0x7f0000000380)=0x0) io_submit(r9, 0x1, &(0x7f0000bd9fe0)=[&(0x7f0000617fc0)={0x0, 0x0, 0x0, 0x0, 0x0, r8, &(0x7f000007d000)="b3", 0x1}]) getsockname(r6, &(0x7f0000000140)=@ipx, &(0x7f00000001c0)=0x80) setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000100)=0x1, 0x8) setsockopt$inet_int(r5, 0x0, 0xca, &(0x7f0000000000)=0x10001, 0x10) r10 = dup2(r3, r3) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r5, 0x84, 0x1c, &(0x7f00000002c0), &(0x7f0000000280)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x3e7, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BLKGETSIZE64(0xffffffffffffffff, 0x80081272, &(0x7f0000000240)) ioctl$ASHMEM_GET_SIZE(r10, 0x7704, 0x0) r11 = syz_open_procfs(0x0, &(0x7f00000001c0)='clear_refs\x00') openat$vnet(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vhost-net\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_GET_EVENT(r6, &(0x7f0000000200)={0xc, 0x166, 0xfa00, {&(0x7f00000004c0)}}, 0x10) pwritev(r11, &(0x7f0000000340)=[{&(0x7f0000000080)='4', 0x1}], 0x1, 0x0) accept4$unix(r11, &(0x7f0000000000), &(0x7f00000000c0)=0x6e, 0x800) 22:17:19 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x60000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:19 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xffffffffa0008000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1708.236885] hfsplus: creator requires a 4 character value [ 1708.243851] gfs2: not a GFS2 filesystem [ 1708.256986] hfsplus: unable to parse mount options 22:17:19 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1708.345249] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1708.359331] CPU: 1 PID: 1380 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1708.366492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1708.375971] Call Trace: [ 1708.378624] dump_stack+0x172/0x1f0 [ 1708.382470] handle_userfault.cold+0x41/0x5d [ 1708.386957] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1708.391592] ? __handle_mm_fault+0x36b7/0x3f20 [ 1708.396215] ? find_held_lock+0x35/0x130 [ 1708.400339] ? __handle_mm_fault+0x36b7/0x3f20 [ 1708.404991] ? kasan_check_read+0x11/0x20 [ 1708.409183] ? lock_downgrade+0x810/0x810 [ 1708.413366] ? kasan_check_read+0x11/0x20 [ 1708.417658] ? do_raw_spin_unlock+0x57/0x270 [ 1708.422152] __handle_mm_fault+0x36c8/0x3f20 [ 1708.426713] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1708.431574] ? find_held_lock+0x35/0x130 [ 1708.435672] ? handle_mm_fault+0x322/0xb30 [ 1708.439950] ? kasan_check_read+0x11/0x20 [ 1708.444112] handle_mm_fault+0x43f/0xb30 [ 1708.448230] __do_page_fault+0x5da/0xd60 [ 1708.452319] do_page_fault+0x71/0x581 [ 1708.456141] ? page_fault+0x8/0x30 [ 1708.459693] page_fault+0x1e/0x30 [ 1708.463157] RIP: 0033:0x451880 [ 1708.466354] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1708.485265] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1708.490640] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1708.497926] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1708.505232] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1708.514168] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1708.521447] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:17:19 executing program 2 (fault-call:0 fault-nth:9): syz_mount_image$hfsplus(&(0x7f00000001c0)='hfsplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) 22:17:19 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xffffffffa0028000, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1708.612899] gfs2: not a GFS2 filesystem [ 1708.645732] FAULT_INJECTION: forcing a failure. [ 1708.645732] name failslab, interval 1, probability 0, space 0, times 0 [ 1708.666847] gfs2: not a GFS2 filesystem [ 1708.697960] CPU: 0 PID: 1392 Comm: syz-executor.2 Not tainted 5.0.0-rc6 #67 [ 1708.705137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1708.714579] Call Trace: [ 1708.714609] dump_stack+0x172/0x1f0 [ 1708.714630] should_fail.cold+0xa/0x1b [ 1708.724738] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 1708.729871] ? lock_downgrade+0x810/0x810 [ 1708.729892] ? ___might_sleep+0x163/0x280 [ 1708.729911] __should_failslab+0x121/0x190 [ 1708.729930] should_failslab+0x9/0x14 [ 1708.729944] kmem_cache_alloc+0x2be/0x710 [ 1708.729959] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 1708.729974] ? __alloc_file+0x27/0x300 [ 1708.729988] ? rcu_read_lock_sched_held+0x110/0x130 [ 1708.730006] selinux_file_alloc_security+0xb4/0x190 [ 1708.730024] security_file_alloc+0x69/0xb0 [ 1708.750501] __alloc_file+0xac/0x300 [ 1708.750520] alloc_empty_file+0x72/0x170 [ 1708.750540] path_openat+0xef/0x4690 [ 1708.750558] ? __lock_acquire+0x53b/0x4700 [ 1708.750571] ? getname+0x1a/0x20 [ 1708.750581] ? do_sys_open+0x2c9/0x5d0 [ 1708.750593] ? __x64_sys_open+0x7e/0xc0 [ 1708.750606] ? do_syscall_64+0x103/0x610 [ 1708.750622] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1708.750649] ? path_lookupat.isra.0+0x8d0/0x8d0 [ 1708.767557] ? __lock_is_held+0xb6/0x140 [ 1708.767583] ? __alloc_fd+0x430/0x530 [ 1708.767602] do_filp_open+0x1a1/0x280 [ 1708.767619] ? may_open_dev+0x100/0x100 [ 1708.767636] ? lock_downgrade+0x810/0x810 [ 1708.767655] ? kasan_check_read+0x11/0x20 [ 1708.767669] ? do_raw_spin_unlock+0x57/0x270 [ 1708.767684] ? _raw_spin_unlock+0x2d/0x50 [ 1708.851816] ? __alloc_fd+0x430/0x530 [ 1708.855634] do_sys_open+0x3fe/0x5d0 [ 1708.859359] ? filp_open+0x80/0x80 [ 1708.862910] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1708.867761] ? do_syscall_64+0x26/0x610 [ 1708.871745] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1708.877130] ? do_syscall_64+0x26/0x610 [ 1708.881134] __x64_sys_open+0x7e/0xc0 [ 1708.884945] do_syscall_64+0x103/0x610 [ 1708.889024] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1708.894222] RIP: 0033:0x411f21 [ 1708.897425] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 2a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 73 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 1708.916510] RSP: 002b:00007f95b18bea80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 1708.924228] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000411f21 [ 1708.931500] RDX: 00007f95b18beafa RSI: 0000000000000002 RDI: 00007f95b18beaf0 [ 1708.939156] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a 22:17:19 executing program 0: r0 = open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'vet\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbdh\x00', 0x43732e5398416f1a}) r3 = socket$nl_route(0x10, 0x3, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3b5f, 0x80000000}, 0x0, 0x0, 0xb5ec, 0x0, 0xfffffffffffffffc, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = shmget$private(0x0, 0x2000, 0xfffffffffffffffe, &(0x7f0000ffb000/0x2000)=nil) shmctl$IPC_STAT(r4, 0x2, &(0x7f0000000080)=""/19) r5 = socket$inet(0x2, 0x3, 0x2) r6 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x20100, 0x0) r7 = socket$alg(0x26, 0x5, 0x0) bind$alg(r7, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000001f3a)="ad56b6c5820faeb995298992ea54c7beef9f5d56534c90c2", 0x18) r8 = accept$alg(r7, 0x0, 0x0) io_setup(0x1000000000a, &(0x7f0000000380)=0x0) io_submit(r9, 0x1, &(0x7f0000bd9fe0)=[&(0x7f0000617fc0)={0x0, 0x0, 0x0, 0x0, 0x0, r8, &(0x7f000007d000)="b3", 0x1}]) getsockname(r6, &(0x7f0000000140)=@ipx, &(0x7f00000001c0)=0x80) setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000100)=0x1, 0x8) setsockopt$inet_int(r5, 0x0, 0xca, &(0x7f0000000000)=0x10001, 0x10) r10 = dup2(r3, r3) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r5, 0x84, 0x1c, &(0x7f00000002c0), &(0x7f0000000280)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x3e7, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BLKGETSIZE64(0xffffffffffffffff, 0x80081272, &(0x7f0000000240)) ioctl$ASHMEM_GET_SIZE(r10, 0x7704, 0x0) r11 = syz_open_procfs(0x0, &(0x7f00000001c0)='clear_refs\x00') openat$vnet(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vhost-net\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_GET_EVENT(r6, &(0x7f0000000200)={0xc, 0x166, 0xfa00, {&(0x7f00000004c0)}}, 0x10) pwritev(r11, &(0x7f0000000340)=[{&(0x7f0000000080)='4', 0x1}], 0x1, 0x0) accept4$unix(r11, &(0x7f0000000000), &(0x7f00000000c0)=0x6e, 0x800) [ 1708.947905] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 1708.955244] R13: 0000000000000000 R14: 00000000004dbb60 R15: 0000000000000003 22:17:19 executing program 2 (fault-call:0 fault-nth:10): syz_mount_image$hfsplus(&(0x7f00000001c0)='hfsplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) [ 1709.068708] FAULT_INJECTION: forcing a failure. [ 1709.068708] name failslab, interval 1, probability 0, space 0, times 0 [ 1709.087586] CPU: 0 PID: 1406 Comm: syz-executor.2 Not tainted 5.0.0-rc6 #67 [ 1709.094737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1709.094743] Call Trace: [ 1709.094766] dump_stack+0x172/0x1f0 [ 1709.094789] should_fail.cold+0xa/0x1b [ 1709.114375] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 1709.119484] ? lock_downgrade+0x810/0x810 [ 1709.123647] ? ___might_sleep+0x163/0x280 [ 1709.127811] __should_failslab+0x121/0x190 [ 1709.132054] ? loop_info64_to_compat+0x6d0/0x6d0 [ 1709.136831] should_failslab+0x9/0x14 [ 1709.140726] kmem_cache_alloc_trace+0x2d1/0x760 [ 1709.145401] ? lockdep_init_map+0x10c/0x5b0 [ 1709.149738] ? loop_info64_to_compat+0x6d0/0x6d0 [ 1709.154501] __kthread_create_on_node+0xf2/0x460 [ 1709.159261] ? lock_acquire+0x16f/0x3f0 [ 1709.163246] ? kthread_parkme+0xb0/0xb0 [ 1709.167248] ? mutex_trylock+0x1e0/0x1e0 [ 1709.171323] ? loop_info64_to_compat+0x6d0/0x6d0 [ 1709.176104] kthread_create_on_node+0xbb/0xf0 [ 1709.180704] ? __kthread_create_on_node+0x460/0x460 [ 1709.185734] ? lockdep_init_map+0x10c/0x5b0 [ 1709.190062] ? lockdep_init_map+0x10c/0x5b0 [ 1709.194415] lo_ioctl+0xafb/0x20d0 [ 1709.197978] ? lo_rw_aio+0x1530/0x1530 [ 1709.201873] blkdev_ioctl+0xee8/0x1c40 [ 1709.205767] ? blkpg_ioctl+0xa90/0xa90 [ 1709.209661] ? find_held_lock+0x35/0x130 [ 1709.213733] ? debug_check_no_obj_freed+0x200/0x464 [ 1709.218763] ? __fget+0x340/0x540 [ 1709.222226] ? ___might_sleep+0x163/0x280 [ 1709.226386] block_ioctl+0xee/0x130 [ 1709.230019] ? blkdev_fallocate+0x410/0x410 [ 1709.234362] do_vfs_ioctl+0xd6e/0x1390 [ 1709.238257] ? selinux_file_ioctl+0x46f/0x5e0 [ 1709.242754] ? selinux_file_ioctl+0x125/0x5e0 [ 1709.247255] ? ioctl_preallocate+0x210/0x210 [ 1709.251681] ? selinux_file_mprotect+0x620/0x620 [ 1709.256451] ? iterate_fd+0x360/0x360 [ 1709.256466] ? do_sys_open+0x31d/0x5d0 [ 1709.256490] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1709.269703] ? security_file_ioctl+0x93/0xc0 [ 1709.274136] ksys_ioctl+0xab/0xd0 [ 1709.277611] __x64_sys_ioctl+0x73/0xb0 [ 1709.281515] do_syscall_64+0x103/0x610 [ 1709.285622] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1709.290824] RIP: 0033:0x457ca7 [ 1709.294029] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:17:20 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:17:20 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xffffffffffff0700, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1709.312961] RSP: 002b:00007f95b18bea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1709.320686] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457ca7 [ 1709.327966] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1709.335250] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1709.342528] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 1709.349808] R13: 0000000000000000 R14: 00000000004dbb60 R15: 0000000000000003 22:17:20 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x68000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1709.562318] gfs2: not a GFS2 filesystem [ 1709.623166] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1709.632575] CPU: 0 PID: 1415 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1709.639714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1709.649170] Call Trace: [ 1709.651799] dump_stack+0x172/0x1f0 [ 1709.655530] handle_userfault.cold+0x41/0x5d [ 1709.659965] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1709.664562] ? __handle_mm_fault+0x36b7/0x3f20 [ 1709.669160] ? find_held_lock+0x35/0x130 [ 1709.673239] ? __handle_mm_fault+0x36b7/0x3f20 [ 1709.677833] ? kasan_check_read+0x11/0x20 [ 1709.682002] ? lock_downgrade+0x810/0x810 [ 1709.686240] ? kasan_check_read+0x11/0x20 [ 1709.690398] ? do_raw_spin_unlock+0x57/0x270 [ 1709.694822] __handle_mm_fault+0x36c8/0x3f20 [ 1709.699245] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1709.704101] ? find_held_lock+0x35/0x130 [ 1709.708191] ? handle_mm_fault+0x322/0xb30 [ 1709.712452] ? kasan_check_read+0x11/0x20 [ 1709.716616] handle_mm_fault+0x43f/0xb30 [ 1709.720700] __do_page_fault+0x5da/0xd60 [ 1709.724781] do_page_fault+0x71/0x581 [ 1709.728620] ? page_fault+0x8/0x30 [ 1709.732169] page_fault+0x1e/0x30 [ 1709.735625] RIP: 0033:0x451880 [ 1709.738820] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1709.757848] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1709.763213] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1709.770510] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1709.777782] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1709.785063] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1709.792337] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1709.819454] gfs2: not a GFS2 filesystem 22:17:21 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$bt_sco_SCO_CONNINFO(r0, 0x11, 0x2, 0x0, &(0x7f00000000c0)) 22:17:21 executing program 2 (fault-call:0 fault-nth:11): syz_mount_image$hfsplus(&(0x7f00000001c0)='hfsplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) 22:17:21 executing program 0: r0 = open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'vet\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbdh\x00', 0x43732e5398416f1a}) r3 = socket$nl_route(0x10, 0x3, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3b5f, 0x80000000}, 0x0, 0x0, 0xb5ec, 0x0, 0xfffffffffffffffc, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = shmget$private(0x0, 0x2000, 0xfffffffffffffffe, &(0x7f0000ffb000/0x2000)=nil) shmctl$IPC_STAT(r4, 0x2, &(0x7f0000000080)=""/19) r5 = socket$inet(0x2, 0x3, 0x2) r6 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x20100, 0x0) r7 = socket$alg(0x26, 0x5, 0x0) bind$alg(r7, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000001f3a)="ad56b6c5820faeb995298992ea54c7beef9f5d56534c90c2", 0x18) r8 = accept$alg(r7, 0x0, 0x0) io_setup(0x1000000000a, &(0x7f0000000380)=0x0) io_submit(r9, 0x1, &(0x7f0000bd9fe0)=[&(0x7f0000617fc0)={0x0, 0x0, 0x0, 0x0, 0x0, r8, &(0x7f000007d000)="b3", 0x1}]) getsockname(r6, &(0x7f0000000140)=@ipx, &(0x7f00000001c0)=0x80) setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000100)=0x1, 0x8) setsockopt$inet_int(r5, 0x0, 0xca, &(0x7f0000000000)=0x10001, 0x10) r10 = dup2(r3, r3) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r5, 0x84, 0x1c, &(0x7f00000002c0), &(0x7f0000000280)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x3e7, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BLKGETSIZE64(0xffffffffffffffff, 0x80081272, &(0x7f0000000240)) ioctl$ASHMEM_GET_SIZE(r10, 0x7704, 0x0) r11 = syz_open_procfs(0x0, &(0x7f00000001c0)='clear_refs\x00') openat$vnet(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vhost-net\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_GET_EVENT(r6, &(0x7f0000000200)={0xc, 0x166, 0xfa00, {&(0x7f00000004c0)}}, 0x10) pwritev(r11, &(0x7f0000000340)=[{&(0x7f0000000080)='4', 0x1}], 0x1, 0x0) accept4$unix(r11, &(0x7f0000000000), &(0x7f00000000c0)=0x6e, 0x800) 22:17:21 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xffffffffffffff7f, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:21 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x6c000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:21 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1710.512193] FAULT_INJECTION: forcing a failure. [ 1710.512193] name failslab, interval 1, probability 0, space 0, times 0 [ 1710.539595] CPU: 0 PID: 1431 Comm: syz-executor.2 Not tainted 5.0.0-rc6 #67 [ 1710.546749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1710.556108] Call Trace: [ 1710.558718] dump_stack+0x172/0x1f0 [ 1710.562362] should_fail.cold+0xa/0x1b [ 1710.566267] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 1710.571387] ? lock_downgrade+0x810/0x810 [ 1710.575551] ? ___might_sleep+0x163/0x280 [ 1710.579726] __should_failslab+0x121/0x190 [ 1710.583991] should_failslab+0x9/0x14 [ 1710.587798] kmem_cache_alloc+0x2be/0x710 [ 1710.591988] ? __schedule+0x1387/0x1cc0 [ 1710.596003] __kernfs_new_node+0xef/0x690 [ 1710.600160] ? _raw_spin_unlock_irq+0x28/0x90 [ 1710.604670] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 1710.609442] ? __lock_acquire+0x53b/0x4700 [ 1710.613684] ? _raw_spin_unlock_irq+0x5e/0x90 [ 1710.618189] ? __schedule+0x1387/0x1cc0 [ 1710.622173] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1710.626970] kernfs_new_node+0x99/0x130 [ 1710.631002] kernfs_create_dir_ns+0x52/0x160 [ 1710.635436] internal_create_group+0x7f8/0xc40 [ 1710.640137] ? bd_set_size+0x89/0xb0 [ 1710.643876] ? remove_files.isra.0+0x190/0x190 [ 1710.648484] sysfs_create_group+0x20/0x30 [ 1710.652642] lo_ioctl+0xf8f/0x20d0 [ 1710.656203] ? lo_rw_aio+0x1530/0x1530 [ 1710.660197] blkdev_ioctl+0xee8/0x1c40 [ 1710.664708] ? blkpg_ioctl+0xa90/0xa90 [ 1710.668608] ? find_held_lock+0x35/0x130 [ 1710.672684] ? debug_check_no_obj_freed+0x200/0x464 [ 1710.677724] ? __fget+0x340/0x540 [ 1710.681191] ? ___might_sleep+0x163/0x280 [ 1710.685352] block_ioctl+0xee/0x130 [ 1710.688993] ? blkdev_fallocate+0x410/0x410 [ 1710.693330] do_vfs_ioctl+0xd6e/0x1390 [ 1710.697232] ? selinux_file_ioctl+0x46f/0x5e0 [ 1710.701747] ? selinux_file_ioctl+0x125/0x5e0 [ 1710.706258] ? ioctl_preallocate+0x210/0x210 [ 1710.710682] ? selinux_file_mprotect+0x620/0x620 [ 1710.715457] ? iterate_fd+0x360/0x360 [ 1710.719272] ? do_sys_open+0x31d/0x5d0 [ 1710.723179] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1710.728731] ? security_file_ioctl+0x93/0xc0 [ 1710.733160] ksys_ioctl+0xab/0xd0 [ 1710.736632] __x64_sys_ioctl+0x73/0xb0 [ 1710.740534] do_syscall_64+0x103/0x610 [ 1710.744439] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1710.749636] RIP: 0033:0x457ca7 [ 1710.752837] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1710.771756] RSP: 002b:00007f95b18bea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1710.780946] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457ca7 [ 1710.788236] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1710.795622] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 1710.802941] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 1710.810572] R13: 0000000000000000 R14: 00000000004dbb60 R15: 0000000000000003 [ 1710.820411] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1710.825787] CPU: 1 PID: 1428 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1710.832912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1710.842274] Call Trace: [ 1710.842302] dump_stack+0x172/0x1f0 [ 1710.842328] handle_userfault.cold+0x41/0x5d [ 1710.842353] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1710.848566] ? __handle_mm_fault+0x36b7/0x3f20 [ 1710.848585] ? find_held_lock+0x35/0x130 [ 1710.848602] ? __handle_mm_fault+0x36b7/0x3f20 [ 1710.848618] ? kasan_check_read+0x11/0x20 [ 1710.848634] ? lock_downgrade+0x810/0x810 [ 1710.848651] ? kasan_check_read+0x11/0x20 [ 1710.883328] ? do_raw_spin_unlock+0x57/0x270 [ 1710.887742] __handle_mm_fault+0x36c8/0x3f20 [ 1710.892147] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1710.896981] ? find_held_lock+0x35/0x130 [ 1710.901041] ? handle_mm_fault+0x322/0xb30 [ 1710.905392] ? kasan_check_read+0x11/0x20 [ 1710.909532] handle_mm_fault+0x43f/0xb30 [ 1710.913603] __do_page_fault+0x5da/0xd60 [ 1710.917685] do_page_fault+0x71/0x581 [ 1710.921494] ? page_fault+0x8/0x30 [ 1710.925044] page_fault+0x1e/0x30 [ 1710.928590] RIP: 0033:0x451880 [ 1710.931790] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1710.950702] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1710.956080] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e 22:17:21 executing program 4: syz_emit_ethernet(0x7e, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff0800450000700000000000019078ac2314bbac1414110304907800000000450000000000000000110000ac2314aaac1414aa084000000000000040000000e000000200000000e000000100000000000000007f00000100000000ffffffff00000000e000000100000000ac141400000000004d07f47003647f615b5df04b8971d6f1946bcfeeb70308774799437c124e62da5800accd928c6e3055f52f0551ab9f841fa179e9bd2b36b3fdc87f114fa0b16468f70dca1bfaf846852a8da205d9f9eecb2b4770128a4ffc15bddcd7f024fd45e8be468be2850ade4ba040425bba5dde5fa00a22557e32ec3b63cf2fccefa6a04cb88a4024afc23a7ab60ad89177b053db69"], 0x0) [ 1710.963353] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1710.970628] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1710.977901] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1710.985273] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1711.009415] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1711.014680] CPU: 1 PID: 1444 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1711.021801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1711.031168] Call Trace: [ 1711.033785] dump_stack+0x172/0x1f0 [ 1711.037444] handle_userfault.cold+0x41/0x5d [ 1711.041878] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1711.046570] ? __handle_mm_fault+0x36b7/0x3f20 [ 1711.051166] ? find_held_lock+0x35/0x130 [ 1711.055239] ? __handle_mm_fault+0x36b7/0x3f20 [ 1711.059841] ? kasan_check_read+0x11/0x20 [ 1711.064088] ? lock_downgrade+0x810/0x810 [ 1711.068271] ? kasan_check_read+0x11/0x20 [ 1711.073042] ? do_raw_spin_unlock+0x57/0x270 [ 1711.077477] __handle_mm_fault+0x36c8/0x3f20 [ 1711.081903] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1711.087040] ? find_held_lock+0x35/0x130 [ 1711.091113] ? handle_mm_fault+0x322/0xb30 [ 1711.095380] ? kasan_check_read+0x11/0x20 [ 1711.099550] handle_mm_fault+0x43f/0xb30 [ 1711.103630] __do_page_fault+0x5da/0xd60 [ 1711.107726] do_page_fault+0x71/0x581 [ 1711.111534] ? page_fault+0x8/0x30 [ 1711.115083] page_fault+0x1e/0x30 [ 1711.118541] RIP: 0033:0x451880 [ 1711.121736] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1711.140734] RSP: 002b:00007f04692b57a8 EFLAGS: 00010202 [ 1711.146113] RAX: 00007f04692b5850 RBX: 0000000000000003 RCX: 000000000000000e [ 1711.153479] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692b5850 22:17:22 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x74000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1711.160754] RBP: 000000000073bfa0 R08: 00000000000003ff R09: 0000000000000000 [ 1711.168034] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692b66d4 [ 1711.175400] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1711.194852] hfsplus: creator requires a 4 character value [ 1711.204676] gfs2: not a GFS2 filesystem [ 1711.223940] hfsplus: unable to parse mount options 22:17:22 executing program 4: r0 = syz_open_dev$sndseq(&(0x7f0000000180)='/dev/snd/seq\x00', 0x0, 0x0) read(r0, &(0x7f0000000040)=""/28, 0xfe91) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bf}) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0x40a85323, &(0x7f0000000100)) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc0bc5351, &(0x7f0000000300)) r1 = syz_open_dev$sndpcmp(&(0x7f0000000200)='/dev/snd/pcmC#D#p\x00', 0x1, 0x100) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffff9c, 0x84, 0x6, &(0x7f0000000400)={0x0, @in6={{0xa, 0x4e22, 0x7, @mcast1}}}, &(0x7f0000000280)=0x84) getsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f00000004c0)=@assoc_id=r2, &(0x7f0000000500)=0x4) r3 = gettid() timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f00000001c0)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{}, {0x0, 0x1c9c380}}, 0x0) tkill(r3, 0x1000000000013) [ 1711.322005] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1711.336604] CPU: 1 PID: 1452 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1711.343768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1711.353131] Call Trace: [ 1711.355738] dump_stack+0x172/0x1f0 [ 1711.359380] handle_userfault.cold+0x41/0x5d [ 1711.363813] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1711.368411] ? __handle_mm_fault+0x36b7/0x3f20 [ 1711.373009] ? find_held_lock+0x35/0x130 [ 1711.377076] ? __handle_mm_fault+0x36b7/0x3f20 [ 1711.381681] ? kasan_check_read+0x11/0x20 [ 1711.385838] ? lock_downgrade+0x810/0x810 [ 1711.389995] ? kasan_check_read+0x11/0x20 [ 1711.394146] ? do_raw_spin_unlock+0x57/0x270 [ 1711.398563] __handle_mm_fault+0x36c8/0x3f20 [ 1711.403009] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1711.407857] ? find_held_lock+0x35/0x130 [ 1711.411933] ? handle_mm_fault+0x322/0xb30 [ 1711.416186] ? kasan_check_read+0x11/0x20 [ 1711.420342] handle_mm_fault+0x43f/0xb30 [ 1711.424420] __do_page_fault+0x5da/0xd60 [ 1711.428498] do_page_fault+0x71/0x581 [ 1711.432304] ? page_fault+0x8/0x30 [ 1711.435851] page_fault+0x1e/0x30 [ 1711.439314] RIP: 0033:0x451880 [ 1711.442510] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1711.461423] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 22:17:22 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x17, 0x0, 0x40002, 0x8}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x15, &(0x7f00000000c0)={r0, 0x0, 0x0}, 0x18) [ 1711.466797] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1711.474070] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1711.481340] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1711.488612] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1711.495891] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:17:22 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x7a000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:22 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='hfsplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) 22:17:22 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000003000)={[{@fat=@errors_continue='errors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:22 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:17:22 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x17, 0x0, 0x40002, 0x8}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x15, &(0x7f00000000c0)={r0, 0x0, 0x0}, 0x18) [ 1711.635087] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1711.652072] CPU: 1 PID: 1462 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1711.659319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1711.668682] Call Trace: [ 1711.671288] dump_stack+0x172/0x1f0 [ 1711.674931] handle_userfault.cold+0x41/0x5d [ 1711.679364] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1711.684061] ? __handle_mm_fault+0x36b7/0x3f20 [ 1711.688652] ? find_held_lock+0x35/0x130 [ 1711.692730] ? __handle_mm_fault+0x36b7/0x3f20 [ 1711.697327] ? kasan_check_read+0x11/0x20 [ 1711.701489] ? lock_downgrade+0x810/0x810 [ 1711.705650] ? kasan_check_read+0x11/0x20 [ 1711.709808] ? do_raw_spin_unlock+0x57/0x270 [ 1711.714230] __handle_mm_fault+0x36c8/0x3f20 [ 1711.718657] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1711.723505] ? find_held_lock+0x35/0x130 [ 1711.727571] ? handle_mm_fault+0x322/0xb30 [ 1711.731823] ? kasan_check_read+0x11/0x20 [ 1711.735998] handle_mm_fault+0x43f/0xb30 [ 1711.740072] __do_page_fault+0x5da/0xd60 [ 1711.744150] do_page_fault+0x71/0x581 [ 1711.747958] ? page_fault+0x8/0x30 [ 1711.751502] page_fault+0x1e/0x30 [ 1711.755043] RIP: 0033:0x451880 [ 1711.758245] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1711.777155] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1711.782609] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1711.789886] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1711.797160] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1711.804432] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1711.811704] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1711.824615] hfsplus: creator requires a 4 character value [ 1711.853133] hfsplus: unable to parse mount options 22:17:22 executing program 0: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x4, &(0x7f0000000180), 0x4) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r2, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c) geteuid() mount$fuseblk(0x0, 0x0, &(0x7f00000000c0)='fuseblk\x00', 0x20, &(0x7f0000000240)=ANY=[@ANYBLOB="7f19862c1ad34ca5f45fb5a7a964d712776191a6ef704a84835852a4f9913e758749377adaec440000c0ffffffffffffff0000000062ff269afba86b0faf4c3ed9248f4c822c0dd3d60e67f6454b04c2db01c769f2f6a047eebce0d64b7b2351c55bb8d6295eaaef055799e949c4efdd090795ec0044d651427d2d138dbb1d1912ffef71afa1983e519d057fa83d404141647d4ca0fa34dcb5aa9e3b91e2625e10296144b538e54ebc528be52f4158421ee1b3720c6d7fec2d50962dc2c8b07a05210e1b1d2a8d4a7c07e838cf92ea905141d977267ad6b0bc974ce1264d82dd7b655e40bf02b676d5299de9"]) getpeername$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) getsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, 0x0, 0x0) madvise(&(0x7f0000003000/0x4000)=nil, 0x4000, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) write$cgroup_type(0xffffffffffffffff, 0x0, 0x373) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) r3 = getpgrp(0x0) ioctl$sock_SIOCSPGRP(r2, 0x8902, &(0x7f0000000200)=r3) write$P9_RREMOVE(0xffffffffffffffff, 0x0, 0x0) bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e21, 0x0, @rand_addr="2d0be1aa0334b10da0ec57702dbec84b", 0x8000}, 0x1c) ioctl$sock_TIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0) sendto$inet6(r2, 0x0, 0x0, 0x20000001, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) splice(r2, 0x0, r1, 0x0, 0x1000000000000003, 0x0) inotify_init1(0x800) write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f0000000100)=0x3, 0x4) ioctl$GIO_UNISCRNMAP(0xffffffffffffffff, 0x4b69, 0x0) sendto$packet(r2, &(0x7f0000000340), 0xfffffffffffffd4d, 0x57, 0x0, 0x0) [ 1711.910602] gfs2: not a GFS2 filesystem [ 1711.939067] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1711.945791] CPU: 1 PID: 1462 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1711.953046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1711.962701] Call Trace: [ 1711.962765] dump_stack+0x172/0x1f0 [ 1711.962796] handle_userfault.cold+0x41/0x5d [ 1711.962827] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1711.962855] ? __handle_mm_fault+0x36b7/0x3f20 [ 1711.962878] ? find_held_lock+0x35/0x130 [ 1711.962893] ? __handle_mm_fault+0x36b7/0x3f20 [ 1711.962911] ? kasan_check_read+0x11/0x20 [ 1711.962930] ? lock_downgrade+0x810/0x810 [ 1711.991412] ? kasan_check_read+0x11/0x20 [ 1711.999689] ? do_raw_spin_unlock+0x57/0x270 [ 1711.999706] __handle_mm_fault+0x36c8/0x3f20 [ 1711.999725] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1711.999739] ? find_held_lock+0x35/0x130 [ 1712.021578] ? handle_mm_fault+0x322/0xb30 [ 1712.025854] ? kasan_check_read+0x11/0x20 [ 1712.030022] handle_mm_fault+0x43f/0xb30 [ 1712.034095] __do_page_fault+0x5da/0xd60 [ 1712.038172] do_page_fault+0x71/0x581 [ 1712.041979] ? page_fault+0x8/0x30 [ 1712.045521] page_fault+0x1e/0x30 [ 1712.048978] RIP: 0033:0x451880 [ 1712.052176] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1712.071082] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1712.076627] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e 22:17:23 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0xa0008000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1712.084081] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1712.091527] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1712.098796] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1712.106075] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:17:23 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003000)={[{@fat=@errors_continue='\nrrors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1712.190742] gfs2: not a GFS2 filesystem [ 1712.245141] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1712.252402] CPU: 1 PID: 1488 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1712.259556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1712.269116] Call Trace: [ 1712.271722] dump_stack+0x172/0x1f0 [ 1712.275388] handle_userfault.cold+0x41/0x5d [ 1712.279841] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1712.284449] ? __handle_mm_fault+0x36b7/0x3f20 [ 1712.289059] ? find_held_lock+0x35/0x130 22:17:23 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1712.293205] ? __handle_mm_fault+0x36b7/0x3f20 [ 1712.297821] ? kasan_check_read+0x11/0x20 [ 1712.301978] ? lock_downgrade+0x810/0x810 [ 1712.302001] ? kasan_check_read+0x11/0x20 [ 1712.302017] ? do_raw_spin_unlock+0x57/0x270 [ 1712.302037] __handle_mm_fault+0x36c8/0x3f20 [ 1712.310451] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1712.310465] ? find_held_lock+0x35/0x130 [ 1712.310479] ? handle_mm_fault+0x322/0xb30 [ 1712.310508] ? kasan_check_read+0x11/0x20 [ 1712.310528] handle_mm_fault+0x43f/0xb30 [ 1712.310550] __do_page_fault+0x5da/0xd60 [ 1712.310573] do_page_fault+0x71/0x581 [ 1712.348624] ? page_fault+0x8/0x30 [ 1712.352175] page_fault+0x1e/0x30 [ 1712.355634] RIP: 0033:0x451880 [ 1712.358847] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1712.377756] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1712.383125] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e 22:17:23 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='\nfsplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) [ 1712.390400] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1712.397674] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1712.404950] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1712.412229] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1712.442730] gfs2: not a GFS2 filesystem 22:17:23 executing program 4: r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) setsockopt$llc_int(r0, 0x10c, 0x2, &(0x7f0000000040)=0x3c00, 0x4) r1 = open(&(0x7f0000000000)='./file0\x00', 0x40000, 0x88) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000080)={0x0, 0xa8c, 0x0, 0xfffffffffffffffd, 0x0, 0x1, 0x9, 0x3, {0x0, @in={{0x2, 0x4e21, @empty}}, 0x3, 0xd95b, 0x8, 0x3d, 0xffffffffffffffff}}, &(0x7f0000000140)=0xb0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000000180)=@assoc_value={r2, 0x100000001}, &(0x7f00000001c0)=0x8) [ 1712.490134] FAT-fs (loop5): Unrecognized mount option " [ 1712.490134] rrors=continue" or missing value [ 1712.522360] gfs2: not a GFS2 filesystem 22:17:23 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:17:23 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0xa0028000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1712.744817] FAT-fs (loop5): Unrecognized mount option " [ 1712.744817] rrors=continue" or missing value [ 1712.764250] gfs2: not a GFS2 filesystem 22:17:23 executing program 4: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0x2, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x80100, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl(0xffffffffffffffff, 0x3, 0x0) r3 = dup2(0xffffffffffffffff, 0xffffffffffffffff) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000180)="0f00db670f01df66b8000000000f23d80f21f86635400000f00f23f80f09b800008ee00f009a00000f212b0f01c30f21b00f1af9", 0x34}], 0x1, 0x10, 0x0, 0x0) setsockopt$bt_BT_DEFER_SETUP(r3, 0x112, 0x7, &(0x7f00000000c0)=0x1, 0x4) syz_genetlink_get_family_id$team(0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfbffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r4, 0x4048ae9b, &(0x7f0000000540)={0xd0003, 0x0, [0x0, 0x0, 0x0, 0x2]}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl(0xffffffffffffffff, 0x1000008912, 0x0) r5 = perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r5, 0x0) uselib(&(0x7f0000000440)='./file1\x00') getsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000900)={{{@in=@dev, @in6=@ipv4={[], [], @initdev}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in6=@mcast2}}, &(0x7f0000000500)=0xe8) fstat(r0, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$hfsplus(&(0x7f0000000340)='hfsplus\x00', &(0x7f0000000380)='./file1\x00', 0x3, 0x6, &(0x7f0000000840)=[{&(0x7f00000005c0)="5d0d989f5796c97145e51691642c2457e90dfb6decc679f11e87060913d017af65770106159758b4fa064ebac8065be1d7918613c9bd44586ca0ef8ba03cd3a200e0e2518524e0d38a980c42ca740d81bac4b2439eebb3bfe660428b112424cf92d4150aee6db2f1fb2645c8733546000ecfbab27bc2fcb7563dbd5fe1c6343643bbed019f5f6cded8cc5d59e8a2510cbd89416d87c199b9ceda70bf74b0cffbbc24cf600506ba189f3f19a14925e044ca0783385726cbd6841df980809ec5d1b44a8b82a717624890bbe7d91d2414d44c39da75", 0xd4, 0x4000000000000000}, {&(0x7f00000003c0)="829016d141dc84face48b9a5a484f3d89758a79f740856a706026054ddf47da6ab5bb50b67f5c7d87fcbdc4830fb2fa7e4402dfc4fa2600e100b886229e0c7", 0x3f, 0x208}, {&(0x7f00000006c0)="e64e8d57b5b3553751de61bf324c4b557c7a179d5a796ac3d9e55ca10dc104ca82fa43f5649a2a9fce4750f4dbd521f591676ffc66c7b9f540014f94c9a9c9fe5f27a39d456e0384709cf76a882059ee55ca5612b719d692b9990fdf613efd766d60164fd79219109f635ecda56d0968636b73b5735a810ec0fd2075c54c2ac8020080bcf82f2a79892dc30e7cfa365fda28c7898ba4f23e7f80b9f77e43c158c32b6307e321903991e2ff731c17cf86541bba4f4587ff04710dc26b93d6e5aa93fc9e483980ceed37c118ad51f250", 0xcf, 0x1}, {&(0x7f0000000400)="c14bb781224a49c241764d9378a13f9f70e37be7ff22bdeead07eaebcaef2599f762279c16918fa028538d2a977b0a1180cd9f", 0x33, 0x9}, {&(0x7f0000000480)="4c971bcafad1a8f213c5ea5610f3037f754459e589b8cd2b5f3d76a318312ef0c829849cabb46f88ad66e7a88ba44766daa8f9d4298b1fa2023b6f3c5b439be7866530b66e5c1e69fb72a30c02e1d454f4a3851e1812fb", 0x57, 0xff}, {&(0x7f00000007c0)="175decb68baa3419f081b5e4f2854094016fad3d2980db3cd27341bf60780b1129458b91e11dfebc4e9e37b27c2fec328620f13abed2a5000d3a3334ba7afa1895818b45cd1857d4f57ee49ed289f5a753b174a2f19793bc8db27a4a2d2c8fb48504bb13f8087b8b12", 0x69, 0x3}], 0x20000, &(0x7f0000000a80)=ANY=[@ANYBLOB='umask=00000000000000000000001,fsmagic=0x0000000000000001,dont_appraise,subj_role=,context=system_u,smackfsfloor=em1!+,euid>', @ANYRESDEC=r6, @ANYBLOB="2c7375626a5f747970651d707070302b2d2c646f6e745f686173682c6f626a5f757365723d7472757374656475a3919c7b6f7369785f61636c5f616363657373706f7369785f61636c5f6163636573736e6f6465766d643573756d2c657569643e", @ANYRESDEC=r7, @ANYBLOB=',\x00']) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LIST(r3, 0xc0505510, &(0x7f00000002c0)={0x10000, 0x2, 0x101, 0xfff, &(0x7f0000000240)=[{}, {}]}) lstat(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f0000000140), 0x0, &(0x7f00000001c0)=0x0) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vhost-vsock\x00', 0x2, 0x0) fchown(r0, r8, r9) r10 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/load\x00', 0x2, 0x0) lseek(r10, 0x0, 0x3) 22:17:23 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='%fsplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) 22:17:23 executing program 0: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x4, &(0x7f0000000180), 0x4) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r2, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c) geteuid() mount$fuseblk(0x0, 0x0, &(0x7f00000000c0)='fuseblk\x00', 0x20, &(0x7f0000000240)=ANY=[@ANYBLOB="7f19862c1ad34ca5f45fb5a7a964d712776191a6ef704a84835852a4f9913e758749377adaec440000c0ffffffffffffff0000000062ff269afba86b0faf4c3ed9248f4c822c0dd3d60e67f6454b04c2db01c769f2f6a047eebce0d64b7b2351c55bb8d6295eaaef055799e949c4efdd090795ec0044d651427d2d138dbb1d1912ffef71afa1983e519d057fa83d404141647d4ca0fa34dcb5aa9e3b91e2625e10296144b538e54ebc528be52f4158421ee1b3720c6d7fec2d50962dc2c8b07a05210e1b1d2a8d4a7c07e838cf92ea905141d977267ad6b0bc974ce1264d82dd7b655e40bf02b676d5299de9"]) getpeername$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) getsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, 0x0, 0x0) madvise(&(0x7f0000003000/0x4000)=nil, 0x4000, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) write$cgroup_type(0xffffffffffffffff, 0x0, 0x373) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) r3 = getpgrp(0x0) ioctl$sock_SIOCSPGRP(r2, 0x8902, &(0x7f0000000200)=r3) write$P9_RREMOVE(0xffffffffffffffff, 0x0, 0x0) bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e21, 0x0, @rand_addr="2d0be1aa0334b10da0ec57702dbec84b", 0x8000}, 0x1c) ioctl$sock_TIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0) sendto$inet6(r2, 0x0, 0x0, 0x20000001, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) splice(r2, 0x0, r1, 0x0, 0x1000000000000003, 0x0) inotify_init1(0x800) write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f0000000100)=0x3, 0x4) ioctl$GIO_UNISCRNMAP(0xffffffffffffffff, 0x4b69, 0x0) sendto$packet(r2, &(0x7f0000000340), 0xfffffffffffffd4d, 0x57, 0x0, 0x0) [ 1712.896223] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1712.914667] CPU: 0 PID: 1523 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1712.921840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1712.931194] Call Trace: [ 1712.931220] dump_stack+0x172/0x1f0 [ 1712.931243] handle_userfault.cold+0x41/0x5d [ 1712.931269] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1712.931285] ? __handle_mm_fault+0x36b7/0x3f20 [ 1712.931300] ? find_held_lock+0x35/0x130 [ 1712.931318] ? __handle_mm_fault+0x36b7/0x3f20 [ 1712.931336] ? kasan_check_read+0x11/0x20 [ 1712.937551] ? lock_downgrade+0x810/0x810 [ 1712.937575] ? kasan_check_read+0x11/0x20 [ 1712.937591] ? do_raw_spin_unlock+0x57/0x270 [ 1712.937609] __handle_mm_fault+0x36c8/0x3f20 [ 1712.937629] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1712.986731] ? find_held_lock+0x35/0x130 [ 1712.990815] ? handle_mm_fault+0x322/0xb30 [ 1712.995074] ? kasan_check_read+0x11/0x20 [ 1712.999237] handle_mm_fault+0x43f/0xb30 [ 1713.003321] __do_page_fault+0x5da/0xd60 [ 1713.007398] do_page_fault+0x71/0x581 [ 1713.011203] ? page_fault+0x8/0x30 [ 1713.014762] page_fault+0x1e/0x30 [ 1713.018226] RIP: 0033:0x451880 [ 1713.021433] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1713.040338] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 22:17:23 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003000)={[{@fat=@errors_continue='\"rrors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:24 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x8000a0ffffffff, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1713.040350] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1713.040359] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1713.040367] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1713.040378] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1713.053064] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:17:24 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1713.287759] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1713.292328] CPU: 0 PID: 1540 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1713.299518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1713.299524] Call Trace: [ 1713.299549] dump_stack+0x172/0x1f0 [ 1713.299570] handle_userfault.cold+0x41/0x5d [ 1713.299596] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1713.299612] ? __handle_mm_fault+0x36b7/0x3f20 [ 1713.299626] ? find_held_lock+0x35/0x130 [ 1713.299640] ? __handle_mm_fault+0x36b7/0x3f20 [ 1713.299656] ? kasan_check_read+0x11/0x20 [ 1713.341786] ? lock_downgrade+0x810/0x810 [ 1713.345958] ? kasan_check_read+0x11/0x20 [ 1713.350123] ? do_raw_spin_unlock+0x57/0x270 [ 1713.354642] __handle_mm_fault+0x36c8/0x3f20 [ 1713.359075] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1713.363953] ? find_held_lock+0x35/0x130 [ 1713.368031] ? handle_mm_fault+0x322/0xb30 [ 1713.372302] ? kasan_check_read+0x11/0x20 [ 1713.376468] handle_mm_fault+0x43f/0xb30 [ 1713.380541] __do_page_fault+0x5da/0xd60 [ 1713.384620] do_page_fault+0x71/0x581 [ 1713.388425] ? page_fault+0x8/0x30 [ 1713.391967] page_fault+0x1e/0x30 [ 1713.395420] RIP: 0033:0x451880 [ 1713.398621] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1713.417528] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1713.422895] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1713.430163] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1713.437430] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1713.444876] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1713.452147] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1713.489031] FAT-fs (loop5): Unrecognized mount option ""rrors=continue" or missing value 22:17:24 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='h\nsplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) [ 1713.620691] FAT-fs (loop5): Unrecognized mount option ""rrors=continue" or missing value 22:17:24 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x8002a0ffffffff, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1713.679196] gfs2: not a GFS2 filesystem 22:17:24 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f00000000c0)=ANY=[@ANYBLOB="61c336c46d578ded80dab1ce8f03fd2e975cc413f36e281f8e5d5c3a19797ccb47955d7c3d32b15ffd88565d1ede695b727f6d5a8db6df484bd83c9fb17116b5cef0d407dfaa06f5427ad888ad66c916f329e59b80bf"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) ioctl$sock_TIOCOUTQ(r3, 0x5411, &(0x7f0000000040)) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40087602, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r4 = openat$selinux_member(0xffffffffffffff9c, &(0x7f0000000280)='/selinux/member\x00', 0x2, 0x0) fchdir(r4) 22:17:24 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003000)={[{@fat=@errors_continue='%rrors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:24 executing program 4: r0 = socket(0x10, 0x802, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000280)={@in6={{0xa, 0x0, 0x0, @mcast1}}, 0x0, 0x1, 0x0, "29fe6ed324f4103a3459bfde448acd70d959eb392ce25b8ae1bdcfdcb28a921f638be95af1b3b5da18a43b2ac8edac3d81167ef1a7cd5b94f88f2822111c825b9f22995c2230eb1be56ba958042b5105"}, 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000700)={@in={{0x2, 0x4e23, @broadcast}}, 0x0, 0x7fffffbc, 0x0, "ab4ccd733060eb2f4efecaa0f47060df2a88683712b2dfe6b931a8ef2703a99106fb5a04d25e99492f6833352cf2cb37279afcd8b09d4bb972e4ed2eaafaf599c73dfe0160fcc28cfc48d29300"}, 0xd8) socketpair(0x6, 0x80003, 0x0, 0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffb000/0x4000)=nil) shmat(0x0, &(0x7f0000ffb000/0x1000)=nil, 0x0) shmdt(0x0) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f00000008c0)={0x1, &(0x7f0000acbff8)=[{0x6, 0x0, 0x0, 0x3}]}, 0x10) timer_settime(0x0, 0x0, 0x0, 0x0) getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e22}, 0x1c) sendto$inet6(r1, 0x0, 0x0, 0x200408d4, &(0x7f0000000380)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) bind(0xffffffffffffffff, 0x0, 0xfffffffffffffcb5) syz_genetlink_get_family_id$ipvs(0x0) request_key(0x0, 0x0, 0x0, 0xfffffffffffffffb) request_key(0x0, 0x0, 0x0, 0xfffffffffffffffb) write$P9_RFLUSH(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0) sendmsg$IPVS_CMD_GET_DAEMON(0xffffffffffffffff, 0x0, 0x0) accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, 0x0) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) sendto$inet6(r1, &(0x7f00000003c0)="17", 0x1, 0x8081, 0x0, 0x0) poll(&(0x7f0000000000)=[{r1, 0x1}], 0x1, 0x200) close(r1) [ 1713.870253] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1713.882795] CPU: 1 PID: 1577 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1713.889949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1713.899762] Call Trace: [ 1713.899791] dump_stack+0x172/0x1f0 [ 1713.899813] handle_userfault.cold+0x41/0x5d [ 1713.899837] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1713.899855] ? __handle_mm_fault+0x36b7/0x3f20 [ 1713.919641] ? find_held_lock+0x35/0x130 [ 1713.923737] ? __handle_mm_fault+0x36b7/0x3f20 [ 1713.928350] ? kasan_check_read+0x11/0x20 [ 1713.932791] ? lock_downgrade+0x810/0x810 [ 1713.936966] ? kasan_check_read+0x11/0x20 [ 1713.936984] ? do_raw_spin_unlock+0x57/0x270 [ 1713.937003] __handle_mm_fault+0x36c8/0x3f20 [ 1713.945695] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1713.945711] ? find_held_lock+0x35/0x130 [ 1713.945726] ? handle_mm_fault+0x322/0xb30 [ 1713.945762] ? kasan_check_read+0x11/0x20 [ 1713.954993] handle_mm_fault+0x43f/0xb30 [ 1713.955015] __do_page_fault+0x5da/0xd60 [ 1713.963303] do_page_fault+0x71/0x581 [ 1713.963319] ? page_fault+0x8/0x30 [ 1713.968811] FAT-fs (loop5): Unrecognized mount option "%rrors=continue" or missing value [ 1713.971518] page_fault+0x1e/0x30 [ 1713.971531] RIP: 0033:0x451880 [ 1713.971545] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1713.971556] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1713.991228] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1713.991239] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1713.991248] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1713.991257] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1713.991266] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:17:25 executing program 0: bind$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000001c0)='./file0\x00', 0x800000000e008, 0x2cc, &(0x7f0000000100)=[{&(0x7f0000000200)="eb3c90daf966732e666174000204010002000270fff813ce0214972ec5169b756f8125d21280189f073a9e33804a7463f7bfe6912ac6d44c8af941c29f8f440ed28a9182b2aa0f033bdb3b52d54231e14b82f972fbb3c019e77edf7de67dc25afb83b15b0526bca364", 0x69, 0x3}], 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') r0 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x1) ioctl$KDGETMODE(r0, 0x4b3b, &(0x7f0000000000)) write$UHID_INPUT(r0, &(0x7f0000001440)={0x8, "c0c814a55b6300d28afc61ac7dd1ffb869b761e8e53ee36e4be89e9fea175523e4468dec44bf8b5473c7a5062b4ede67dcb24cb9484ccfff2b3a70befc56e8ab2eee3483f5bf78c16beac035b700eb84e2216f268d02b717d2046c273814475b412437f7dc08a13a55d3c02132999dfd9fe80b750eff4d7c1da975b3835602728ae09e72527fcee19377e29c6c19e1ccce0f75e0e54001e3e83e473fa3d37eca8be1b3de565571e0e84f310c11fa8616068113b038aaa5c69967699fc2aa41c6f26fc22cf68e3577242c9b4ca20fab9de5885e0648fbd7af089b05f38f152d2f8144461608733c567b6dc5d2a07022c3764565c85abcfd99dd7a85e58939278235d50e8b321be7dbaa5141e097c28364fad2f713d666ca94f4e429687fcabb72aceeaf8abe5b506d98dc393b6e97492d785ead0ca2953f92c4d2b2c9f616e3d98b36be55a923fc5892413f7a3b615cec89b52e0ecdcee0aa5af72bcbb91b4bade7435dd8b529feaf13f8b48fcaca5952235d2e909f8831d8ca05a0daa3f6c581f388e0c1879b41fe63ef3d122bd0c5acd4fb07b96797918791075ae7383bb1bbdea574b31301ff37ecc45671ee2e7fc55bf6244025d1fd82dca56a42a23aa826a0b1e102bd87893ddc05649304eb1866c796e46e0d57f552bd572891ef892918bb2e7f2c6bcf68f388ea0c50f48c06de1b46b1434cdf25ca1288ebabe2a33d1c6effb77f91ef75471e93952caeda8ac2b2677e46d62b8366922d093832bccb949e177b4417864812d22972d81d89158288b5318d017329d4e8f66273abf74c434f318ebf32c7629342a85336387231b1e579d57cff0b125bef9dddf0fc33f71cb59d5a8972cda06ba6bba4a89cb8d3b465492c431698984998b2979ea61fed3d99b049724f2bdda5a0700ccb28825da1343f41290e569a6d38d4ae3968147cf39b097efd78e058fc71523c12e724bf93dc4ecc02b5cb18d13b59ec8f85368ac1ea93ed0149c60c53569dc69cdb3f37470eab26ef010b03a7e651b9e8e9065da347660836eddb3988c9a0f394aad055f727310f646d6cb35131d02aaf24735792bfce250798bebf0d1a4495fca568b9449e81afef2937b50faf873257d7efa07d31759474d50ca2a7922e79ab47dd59b11dfd1ec43fef3551aed81d01ee4ab997c6cecc39013dcaa442aec803e4cebbc288b4f9e87b30613f0ec88ddc6f60f56787f4040897e6e6bdac317d74b27f97f2efadb031f03c61954fd0232373582b7fa315d3eb9f67053126d2ed0636f04d669c47bdeb078fbda177533902e20b5ce9d8f395ea4c0aaf2cae774fe99bc40105a9ca184bcb598ab2f49c1df62d32d1a6d73a26812cb47a2ccaf0e9b759df89ad1e18238d897b9fd658f6786a92a0c12bd0ee6dad8a430a67962363e5b9afb3329e4f1f6fcd7e63cb8f24872bcf5b8c349d9ce423666ca39f16884219dea338b388e40f4ad996419cb3858637364d8e5af67f846d77b2749115131a3642ef56681315e4a2cbca5e60febabf693570f515e09c2a8994a8e2be3cba28118ef429d4de781118182607dd2c2d5aaba621ea29c140338bd8f1787fd2a3f43bb7fa22a8ce053adb331a4c78eab569af317e14360a6bf1c8b7394f34bfc1a941ac88dab334d5a2d45fc83bee28884698fd82339c972a06efb369220049ca89727513bd4262ad6f94f55f659ec98b684b1d92e1b6a303548a196cc5316e9845baaf01e737ef047d3d1ac4fe13de618e8fd6471c225e688b73b866213f4765c1a1ecf041f66a11177b0425b0423c455dccfa35a34f3b1c4c9850267bd41dcc366f4f8fef6982699e9aee7f3edff90217c84f6865234676e65911e5e99739792161766e959d061d6e86797b595ae3cffc043da0929dce1b4bd27e04532800f14f69398a681d46f00197f547fa138e676a4c84e586e9a2037faad7d7342221c229ff13606688ab70305dc28d01270604fbcb2b5777541e637a10e7d6c2dfa76461b18c8b303234282f31b7ed8afd0cdcc3978c6520a182000ea312296c7d9df08c2a67b944bc519113822014a831c8d6a7f8d26a7a443666b6077bdc1c11cf47001bcbb484d163543445c77a02140191bbb813da818b4dc3ef1ca420f624e5cb67c48024aeb8691b549202750899938067a3ad49da19e9fffc6486b3525fba8b2ff991fb3b4c1a536818f2dad96f713ac264a22136c6a3a9eacb4f69ab08cfe2b971a7d916833c6a0370d4b0bc428db2e4b4013899668b73caf9c983e2f07e46b4b5b4f0d231edee8b1951e1d0e34c881d1fc5c6be05b92b13680398e7109bd18048f0bd980fceb24e59411873e7a8a7f95f4da2ba5c082fdda710361e163a213a3dbb82c08a69020545da4636c09a67cd962182a011cf5eb1c3d999abc7b834ee518bb53afe19941927ca190699abf79c334c52e206fc851deb7398947ad5bd125ef3f51349497142e921c85506c739f6319ae0eb8e3c551ceb7e16afc2d6aad36841ed8eb560ef984ee5e00f1ead2c646546b3c145e3700b07fc257551641cf3dcb76a8b3cc75994f2c3eb521cea22d64c8b72b2de506fde8185b70b4707b7f571668a5925ca21e605904d7c896a5d7290b9c4fc75ecc7ddbbd7f6f003a74f53d1a5432e0377a3efce1e7ac61e36dc13aeea57400d4d3986db3fccb6edaf83f86daeb42f416f58c502e74178e013b399d0b155e0df86b40b5f3f2ab0ad61c90870cee340c07977b55622699101e5372677dd4e208fa6b5d4834a2d6f37b2ead107218aa0e702d1f6a60bd4ad3a2e22807237129fdc02993ef1fffe3c285bd4f7b093b2da8d772ce2df7874bf9b7fd0893eb66a4931acc38129bfe4a8fc6b28ea83bcca1220b66c86d4d90914bb9e9a425fce618f11b66f93aa78515eac0f3956cb1e8b6f12d7f6f22c1ca5563e280b15c64732aec2a37d6010cee0fd2263ea3ea2011043153284b4a5fc87cc0dd8c36f084ce715a6e9ba3e8b2586726255d122f2b5677d6590405ae031df8f83840ef3011a7f5d18037407758270d980aa65d5a4aa26a35a61b65178b6183b282771e89a8fe47bd3ea5a23146b924a47c3cc2540a9c8d91d4a8924e010fb6d3e60457e0aa86749cc3444707fda055a0f489aecda68af7f0d7d31cf25641a10bcc0d00996cddf9059121639fa3ff2e5490bae6b702fcf226d8e50f27f0973e5e4cf543445524d0fe3bd55d3f215978bfabcba0d44c076f5b333b2095c70f6a5426338bf0c065ddce27f6730606d84d1ccef8cebcd15085fa8a5d0975dc47eeb09a4ab6da21d01916c97f4e266c4b01f2bfb3b6a08bb5a7cf834e56782d824e7c55b591cd883ed9e806a4f7033bbab49a2b8ab2cb0f6da9d76968208236b35a51f8eba3769a676ad60d69c475706a630f3a078ebaa6ba5bc25719867cb61d48cc3a381b261165c04f3c93f37d72fc15f43df1de34e24e80a46f5d15fb362e71cb4a5365dde04a53dc5e42745fbd601ff148db416244dd76ac16f24138ef9a02491eb5b48d731a8bdcd46040d0ff11a07c040b83db84bfd21ffb1d818203cb7d3f8fca47f1dc510afa8219ab031aaba2147aed7c50228930e895a72abf55ca6997131e231ea92e0059b680735548adf2d572c3540e096a644deb3750e3b341bbeffee70ff22e0b4e56142e4c1965c01a646dd9b5b0055f88f08987ad45adb844b9ffc84792073048c28bcb60f2666802052ee45dcd9a2950d55ecf0234a3dcf67e83cfa0bfb1285eb54e6292d8075c9e1b459e48556f416898557c9c864fc5de459feb53e33dd1a6860a2d1a836ab5ff6efaee123b3715a7137787ee4345efbce38074e262f363a8ff400345c8539d44a7286c7291246810bce063f0877db6585842380b530a4aaef6e36779a95fed220cef6c1fff2fdd5031f83987dc3282d432f322852cc9dc6d00c59d5ed83b386ff97c521e528e59f2df932467ac02d17f8818c2de26d69725f42cecaf186fab7b6e10b1ebd9a9a12ed83cd382d9a6f9a9bed2736cb0ec0260057f5ec704d2e1a64caad59e02ff2022174b23564cb0942e6769b12e0ae4d65dc4c5e6b6ceaf2667e085909c93a9768b7bfdac612801c0bc3848bad51e2367f788cbd1c5091ce0e9c567528c72003712e91247d87f1ff60d3865fc687a35886822079392f8d151b89e09469bef98e59139c460a53805a93245148cbb9a6a010dadc87e9b1a0e0a89e87e433ff1c0ad4b125760858c8badff4d82cbd31cf88f3e2e16a4e960e1e0b5825fc0f2b21d660cf60069d43fb6a8a96c44fa922164f02c9cd5ebb6fad848871224d157777b5a70dc6deb988506bd03aa4ce2200e9ce23641221784250c22d2c8635a3512f45d433cf66e158eb261f48a23d54f5ef4358df3487da471eb5775bdba565ee170be126b2300d0dad050212606f2d77a63fa2ab430e62670e852b89944e611509415bee36bf0961c8918bd8b0eb8af45b1a9d0420c7101a9c5f4a63efb9cc8de7897b5e2b02cb5885ad8d0d8ac7754ba8d4e9d37175e614e3f3a6a7b122bbc6dd9ce78f1b9a4e940a1160bb85650d8932fe1a82d0525630ba017be5129625a45c3cae66c7cdaa33ee704791db81ef2e11a2f528974fa388cd929c934dbdb21425e6117839ab33b2926b036457db3a43083c3ec17231aed4ee5b607a45a5735c9470c03a424b43efcea953c078717344aeb1449c0dfa3a3ec224b542c16cf735466bdaf26b522aef1db547b14f07ebd4f5da34426a46007757be47ed3f643c47f2c4467762cd049d6f4cf8a78d04f8318bdedcee80871e91c0330499d88254555c456d9bde8a892394267eac15c230cf7e7ba19ebc01b1905c80476de3cea8258f6d0820d159f4aa8a37fb378b2685da4e0e89d253187219869f1157bbe4a8a43eabf65e86a6d9b21e25d91c43c3036914427833ed87073886719069148e2e47219bb5da5d9664d64dc5c4ff71c0e808dadbb53a23e41e3c02fd0c9e0704490f3283d1864d15d795882e6522f31445556cab6832f273dac0c7aef4e3f8c09a34d1624fdb087d852f2e827fb2c3105f1afda54b9dc12cfde3cf7747daa5ac70904e82636a13155303f9a1198d6e7f9dc7be394ebc5db9e8380e290e6cae5f320caa56aa94490789fce2e2540b3de8865396f58e14d61d3cb122f7bd1af5a27c6fe733eba3cc39106efc906ea967fb833e2480aa80bd56ccd9e5c25304e2b8135f1453af70059e599cb67bc8eaaa38c39768e74d3da8aba0135f0192d7ddf0149ce62f353b0360251f1f88b272c6e85b4ee4e0563a6de80de83749af6e6aa4d80cab7031aff3f7e8d0c9114940549f828a62be9fd6a16db001369728b4b93d4ecf91563ae03def3ca4e9900a97657c4ff1e41c5742fb3329ba882ed61645aedb22f2543b83cd4007e5d228697a48064acc32ece41f2d5ead3f31a9689249e8b4bb57ac0b136b6c60ec531708235b94db823344aafbb9b79e21959635664b2193c3add0b28767906b7ba4118e6548e9a23b49e9181dc6f7dc7857425c9ab1b1451bc4572fd060190d0b5a76b8368b68e72a212bd0f89d0778d293b1d32f155f30c9aafe7215d2e746ea8f2c73a30bcd8c093a489519b60616b15afe69074ee77fb65caf5faf0aad49106057a91fdcd622a07ac21eb5c221f2e65323228af41b3eb894517c34c4f60ba20fb6f6c4309a7357884c0eeeb0a4874550107f2d0ffdc412f86bdf712f96183b3932cfb4da3f179cde1a288df9af09c243fae8c67b0d208d9cdb7adde8d5e548e0624b19da4818ef656b88280a", 0x1000}, 0xfffffc41) fadvise64(r0, 0x0, 0x0, 0x4) 22:17:25 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x100000000000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1714.149266] FAT-fs (loop5): Unrecognized mount option "%rrors=continue" or missing value [ 1714.167871] gfs2: not a GFS2 filesystem 22:17:25 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003000)={[{@fat=@errors_continue=',rrors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:25 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:17:25 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='h%splus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) [ 1714.386468] FAT-fs (loop5): Unrecognized mount option "rrors=continue" or missing value [ 1714.428408] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1714.433414] CPU: 1 PID: 1610 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1714.440547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1714.449910] Call Trace: [ 1714.452525] dump_stack+0x172/0x1f0 [ 1714.456183] handle_userfault.cold+0x41/0x5d [ 1714.460640] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1714.465241] ? __handle_mm_fault+0x36b7/0x3f20 [ 1714.469853] ? find_held_lock+0x35/0x130 [ 1714.473945] ? __handle_mm_fault+0x36b7/0x3f20 [ 1714.478654] ? kasan_check_read+0x11/0x20 [ 1714.482830] ? lock_downgrade+0x810/0x810 [ 1714.487008] ? kasan_check_read+0x11/0x20 [ 1714.491183] ? do_raw_spin_unlock+0x57/0x270 [ 1714.495619] __handle_mm_fault+0x36c8/0x3f20 [ 1714.500067] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1714.504932] ? find_held_lock+0x35/0x130 [ 1714.509011] ? handle_mm_fault+0x322/0xb30 [ 1714.513285] ? kasan_check_read+0x11/0x20 [ 1714.517458] handle_mm_fault+0x43f/0xb30 [ 1714.521680] __do_page_fault+0x5da/0xd60 [ 1714.525772] do_page_fault+0x71/0x581 [ 1714.529591] ? page_fault+0x8/0x30 [ 1714.533334] page_fault+0x1e/0x30 [ 1714.536793] RIP: 0033:0x451880 [ 1714.540006] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1714.558950] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1714.564326] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1714.571699] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1714.579001] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1714.586308] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1714.593596] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1714.615917] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1714.631973] CPU: 1 PID: 1616 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1714.639149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1714.648691] Call Trace: [ 1714.651302] dump_stack+0x172/0x1f0 [ 1714.654961] handle_userfault.cold+0x41/0x5d [ 1714.659407] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1714.664016] ? __handle_mm_fault+0x36b7/0x3f20 [ 1714.668638] ? find_held_lock+0x35/0x130 [ 1714.672723] ? __handle_mm_fault+0x36b7/0x3f20 [ 1714.677421] ? kasan_check_read+0x11/0x20 [ 1714.681627] ? lock_downgrade+0x810/0x810 [ 1714.685811] ? kasan_check_read+0x11/0x20 [ 1714.689981] ? do_raw_spin_unlock+0x57/0x270 [ 1714.694505] __handle_mm_fault+0x36c8/0x3f20 [ 1714.698942] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1714.704067] ? find_held_lock+0x35/0x130 [ 1714.708170] ? handle_mm_fault+0x322/0xb30 [ 1714.712442] ? kasan_check_read+0x11/0x20 [ 1714.717145] handle_mm_fault+0x43f/0xb30 [ 1714.721235] __do_page_fault+0x5da/0xd60 [ 1714.725324] do_page_fault+0x71/0x581 [ 1714.729231] ? page_fault+0x8/0x30 [ 1714.732793] page_fault+0x1e/0x30 [ 1714.736255] RIP: 0033:0x451880 [ 1714.739644] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1714.758559] RSP: 002b:00007f04692b57a8 EFLAGS: 00010202 [ 1714.764557] RAX: 00007f04692b5850 RBX: 0000000000000003 RCX: 000000000000000e [ 1714.771877] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692b5850 22:17:25 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003000)={[{@fat=@errors_continue='e\nrors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1714.781071] RBP: 000000000073bfa0 R08: 00000000000003ff R09: 0000000000000000 [ 1714.788396] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692b66d4 [ 1714.795712] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1714.814102] gfs2: not a GFS2 filesystem [ 1714.867127] gfs2: not a GFS2 filesystem 22:17:25 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000240)={'syz'}, &(0x7f0000000280)="585ccbe4ed83b836c1a6474914dc55e7220600000000b66147b3c7218a9169a85ea0bdc9e1587a050000000000000042e33089754c8107c3cd3923dd4a71c2ff06007b6b4816122d2550829eaa9435c99926022b8753a188748c569f435fb3bae96efb74b50ec93c2db8eae3198a29e5c0cfc60000ce0637ce0000b4ec24c53d3d661ff5ff70e48884ca000018cea71fcfacf40d32e4b58a8d2725561f6110fd7b06f90b5274cc5c1e298a16324fe27da2a9d5ba9ff3d009d308bd73f477253950ecdbafdca51fc317bfb1b48b3fb604d6a2c1a5a0cfc74c26d56cdec7ea3f3d93b5b9310cc61d41a26020f3e0edcd43d54b4bcc7d8924db1ccdcf83796584b4ae37464042c7e196ed81d737af4b40b5c117aa5083a07a0fd3d5c845979e70df6a", 0x121, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f00000005c0)={'syz'}, &(0x7f0000000100)='\x00', 0x1, 0xfffffffffffffffd) r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-control\x00', 0x141000, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r2, 0xc4c85512, &(0x7f0000000700)={{0x7, 0x0, 0x0, 0x2aa8000, 'syz0\x00', 0x8}, 0x1, [0x4, 0xfffffffffffffff7, 0x0, 0x1f, 0x4, 0xfead, 0x3, 0xffff, 0x8000, 0x20, 0x10001, 0x6, 0x3, 0x7, 0x5, 0x3ff, 0x400, 0x3, 0x5, 0x7, 0xffff, 0x8, 0x9, 0x5, 0x4, 0x0, 0xfffffffffffffffb, 0x11d, 0x9, 0xff, 0x4, 0x3, 0x1a26aa74, 0x8, 0x0, 0x2, 0x5, 0x6, 0x800, 0x6, 0x79b, 0x7, 0x8001, 0x100000001, 0x7, 0x100000001, 0x9c88, 0x4, 0xab23, 0x80, 0x3800000000000, 0x9, 0xffffffffffffffff, 0x3, 0x101, 0xc00000, 0x40, 0x3, 0x1, 0x3, 0x1, 0x7, 0x4, 0x4, 0x10001, 0x400, 0x4, 0x800, 0x5, 0x2, 0x7f, 0x4, 0x80000001, 0x10000, 0x81, 0x99b, 0x3fc0000000000000, 0x400000000, 0xf5, 0x8, 0x1, 0x79c, 0x3ff, 0x3, 0x5, 0xe000000000000000, 0x2, 0x0, 0x6, 0x1, 0x80000001, 0x7fffffff, 0x9, 0xd698, 0x401, 0x3, 0x9, 0xffffffff, 0x2, 0x8, 0x4, 0x8000, 0x100, 0x100000002000, 0x9, 0x1, 0x2, 0x10000, 0x0, 0x5, 0x1, 0x80000001, 0x7, 0x1f, 0xfffffffffffff679, 0x8, 0x0, 0x7ff, 0x2, 0xff, 0x6e6d, 0x2, 0x4, 0xfff, 0x7fffffff, 0x2, 0x2c, 0x1775], {0x0, 0x989680}}) keyctl$dh_compute(0x17, &(0x7f0000000540)={r1, r0, r1}, &(0x7f0000000600)=""/243, 0xf3, &(0x7f0000000040)={&(0x7f0000000580)={'poly1305-simd\x00\x00\x02\x00'}, &(0x7f0000000180)}) r3 = socket$inet(0x2, 0x0, 0x0) setsockopt$IP_VS_SO_SET_STARTDAEMON(r3, 0x0, 0x48b, &(0x7f0000000000)={0x1, 'nr0\x00'}, 0x18) 22:17:25 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x200000000000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:25 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='h.splus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) 22:17:25 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1714.979388] FAT-fs (loop5): Unrecognized mount option "e [ 1714.979388] rors=continue" or missing value [ 1715.093392] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1715.112679] CPU: 0 PID: 1635 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1715.119839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1715.119845] Call Trace: [ 1715.119870] dump_stack+0x172/0x1f0 [ 1715.119893] handle_userfault.cold+0x41/0x5d [ 1715.119917] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1715.144509] ? __handle_mm_fault+0x36b7/0x3f20 [ 1715.149113] ? find_held_lock+0x35/0x130 [ 1715.153218] ? __handle_mm_fault+0x36b7/0x3f20 [ 1715.157841] ? kasan_check_read+0x11/0x20 [ 1715.157867] ? lock_downgrade+0x810/0x810 [ 1715.157885] ? kasan_check_read+0x11/0x20 [ 1715.157902] ? do_raw_spin_unlock+0x57/0x270 [ 1715.157923] __handle_mm_fault+0x36c8/0x3f20 [ 1715.157941] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1715.157953] ? find_held_lock+0x35/0x130 [ 1715.157965] ? handle_mm_fault+0x322/0xb30 [ 1715.157988] ? kasan_check_read+0x11/0x20 [ 1715.158003] handle_mm_fault+0x43f/0xb30 [ 1715.158030] __do_page_fault+0x5da/0xd60 [ 1715.158052] do_page_fault+0x71/0x581 [ 1715.208766] ? page_fault+0x8/0x30 [ 1715.212372] page_fault+0x1e/0x30 [ 1715.215859] RIP: 0033:0x451880 [ 1715.219629] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d 22:17:26 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000006c0)="0af51f023c123f3188a070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x5a6b010000000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="20000000220001000000000005000b002f0000000000000000000000", @ANYRES32], 0x20}}, 0x0) [ 1715.239220] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1715.244688] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1715.251976] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1715.259263] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1715.266640] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1715.273923] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1715.326737] FAT-fs (loop5): Unrecognized mount option "e [ 1715.326737] rors=continue" or missing value [ 1715.327138] gfs2: not a GFS2 filesystem 22:17:26 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003000)={[{@fat=@errors_continue='e\"rors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1715.493674] gfs2: not a GFS2 filesystem [ 1715.550375] FAT-fs (loop5): Unrecognized mount option "e"rors=continue" or missing value 22:17:26 executing program 0: openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cachefiles\x00', 0x2, 0x0) syz_open_dev$cec(&(0x7f0000000080)='/dev/cec#\x00', 0x0, 0x2) r0 = syz_open_dev$dmmidi(&(0x7f0000000100)='/dev/dmmidi#\x00', 0x50c0, 0x10000) openat$cgroup_ro(r0, &(0x7f00000000c0)='pids.current\x00', 0x2761, 0x0) 22:17:26 executing program 4: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x1, 0x0) write$tun(r0, &(0x7f0000000080)={@void, @val={0x80ffffff, 0x9}, @x25}, 0xd) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x800, 0x0) 22:17:26 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:17:26 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='h/splus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) 22:17:26 executing program 4: open$dir(&(0x7f0000000000)='./file0\x00', 0x50080, 0x10) perf_event_open(&(0x7f0000000600)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f00000012c0)='proc\x00', 0x0, 0x0) r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x210000, 0x0) r1 = eventfd2(0x0, 0x80001) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000100)={0x3, r1}) r2 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) getdents64(r2, &(0x7f00000002c0)=""/4096, 0x1000) [ 1715.697508] FAT-fs (loop5): Unrecognized mount option "e"rors=continue" or missing value [ 1715.716347] gfs2: not a GFS2 filesystem 22:17:26 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003000)={[{@fat=@errors_continue='e%rors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:26 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x300000000000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:26 executing program 4: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() ioprio_set$pid(0x2, r0, 0x4) r1 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x2) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="390040efc27082abda0000000000000400000040090b010000000800aca8316a7771f4f858a85aa0c8182699928ae0361049e9000000000000"], 0x39) ptrace$cont(0x18, r1, 0x0, 0x0) r2 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x100000001, 0x1) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000040), &(0x7f0000000080)=0x4) ptrace$setregs(0xd, r1, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r1, 0x0, 0x0) 22:17:26 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x74, 0x4) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendto(r0, &(0x7f0000000300)="0f", 0x1, 0x0, 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000080)=0xda9, 0x4) [ 1715.998075] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1716.002887] CPU: 0 PID: 1692 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1716.010005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1716.019637] Call Trace: [ 1716.022542] dump_stack+0x172/0x1f0 [ 1716.026201] handle_userfault.cold+0x41/0x5d [ 1716.030656] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1716.035278] ? __handle_mm_fault+0x36b7/0x3f20 [ 1716.039978] ? find_held_lock+0x35/0x130 [ 1716.044067] ? __handle_mm_fault+0x36b7/0x3f20 [ 1716.049018] ? kasan_check_read+0x11/0x20 [ 1716.053595] ? lock_downgrade+0x810/0x810 [ 1716.058030] ? kasan_check_read+0x11/0x20 [ 1716.062290] ? do_raw_spin_unlock+0x57/0x270 [ 1716.066965] __handle_mm_fault+0x36c8/0x3f20 [ 1716.071621] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1716.076590] ? find_held_lock+0x35/0x130 [ 1716.080857] ? handle_mm_fault+0x322/0xb30 [ 1716.085438] ? kasan_check_read+0x11/0x20 [ 1716.089755] handle_mm_fault+0x43f/0xb30 [ 1716.094160] __do_page_fault+0x5da/0xd60 [ 1716.098953] do_page_fault+0x71/0x581 [ 1716.102781] ? page_fault+0x8/0x30 [ 1716.106440] page_fault+0x1e/0x30 [ 1716.110089] RIP: 0033:0x451880 [ 1716.113300] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1716.132569] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1716.138030] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e 22:17:27 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:17:27 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='hf\nplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) [ 1716.145666] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1716.152959] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1716.160480] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1716.167790] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:17:27 executing program 0: r0 = socket$inet(0x2, 0x1000000080001, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10) sendmsg(r0, &(0x7f000001afc8)={&(0x7f0000006000)=@in={0x2, 0x4e20, @loopback}, 0x80, &(0x7f0000007f80)=[{&(0x7f00000001c0)='*', 0x1}], 0x1}, 0x0) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x10, &(0x7f0000000280)={0x0, 0x2}, 0x8) r1 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x101440, 0x0) ioctl$KVM_GET_NR_MMU_PAGES(r1, 0xae45, 0x7ff) 22:17:27 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x400000000000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1716.241653] FAT-fs (loop5): Unrecognized mount option "e%rors=continue" or missing value [ 1716.272473] gfs2: not a GFS2 filesystem [ 1716.353967] sctp: [Deprecated]: syz-executor.0 (pid 1718) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1716.353967] Use struct sctp_sack_info instead 22:17:27 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003000)={[{@fat=@errors_continue='e,rors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1716.408866] sctp: [Deprecated]: syz-executor.0 (pid 1718) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1716.408866] Use struct sctp_sack_info instead [ 1716.449405] gfs2: not a GFS2 filesystem 22:17:27 executing program 0: socketpair(0x15, 0x4, 0x7, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000000680)={{{@in=@remote, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in=@initdev}}, &(0x7f0000000780)=0xe8) bind$packet(r0, &(0x7f00000007c0)={0x11, 0x18, r2, 0x1, 0x1, 0x6, @remote}, 0x14) ioctl$FICLONE(r1, 0x40049409, r1) r3 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000800)='/dev/vfio/vfio\x00', 0x800, 0x0) write$FUSE_IOCTL(r3, &(0x7f0000000840)={0x20, 0x0, 0x5, {0x2, 0x4, 0x5, 0xffff}}, 0x20) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000880)={0x0, @in={{0x2, 0x4e22, @remote}}, 0x3, 0xffffffffffffffff, 0x100000000, 0x9d1, 0x3a3}, &(0x7f0000000940)=0x98) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r3, 0x84, 0xf, &(0x7f0000000980)={r4, @in6={{0xa, 0x4e20, 0x1, @loopback}}, 0x10000, 0x7, 0x6, 0x5c, 0x3b1}, &(0x7f0000000a40)=0x98) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet_sctp_SCTP_RTOINFO(r3, 0x84, 0x0, &(0x7f0000000a80)={r5, 0x5, 0x200, 0x7ff}, 0x10) getsockopt$nfc_llcp(r3, 0x118, 0x2, &(0x7f0000000ac0)=""/116, 0x74) getsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000b40), &(0x7f0000000b80)=0x4) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000bc0)={r4, 0x5}, 0x8) ioctl$VT_OPENQRY(r3, 0x5600, &(0x7f0000000c00)) ioctl$KVM_GET_XSAVE(r3, 0x9000aea4, &(0x7f0000000c40)) ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f0000001040)=0x0) tkill(r7, 0x28) read$alg(r3, &(0x7f0000001080)=""/44, 0x2c) ioctl$KDENABIO(r3, 0x4b36) ioctl$SG_GET_VERSION_NUM(r3, 0x2282, &(0x7f00000010c0)) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000001100)={@dev={0xac, 0x14, 0x14, 0x11}, @multicast1, r2}, 0xc) ioctl$VIDIOC_G_STD(r0, 0x80085617, &(0x7f0000001140)) ioctl$SIOCRSSL2CALL(r1, 0x89e2, &(0x7f0000001180)=@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}) ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f00000011c0)) preadv(r6, &(0x7f0000001240)=[{&(0x7f0000001200)=""/50, 0x32}], 0x1, 0x31) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000001280)=@sack_info={r5, 0x26, 0x10001}, &(0x7f00000012c0)=0xc) ioctl$IMDELTIMER(r3, 0x80044941, &(0x7f0000001300)=0x3) fcntl$getflags(r3, 0xb) setsockopt$inet_udp_int(r3, 0x11, 0xb, &(0x7f0000001340)=0x2, 0x4) setsockopt$MISDN_TIME_STAMP(r3, 0x0, 0x1, &(0x7f0000001380), 0x4) [ 1716.513223] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1716.525361] CPU: 1 PID: 1722 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1716.532522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1716.541891] Call Trace: [ 1716.544522] dump_stack+0x172/0x1f0 [ 1716.548355] handle_userfault.cold+0x41/0x5d [ 1716.552985] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1716.558143] ? __handle_mm_fault+0x36b7/0x3f20 [ 1716.562752] ? find_held_lock+0x35/0x130 [ 1716.566837] ? __handle_mm_fault+0x36b7/0x3f20 [ 1716.572374] ? kasan_check_read+0x11/0x20 [ 1716.576597] ? lock_downgrade+0x810/0x810 [ 1716.580788] ? kasan_check_read+0x11/0x20 [ 1716.585216] ? do_raw_spin_unlock+0x57/0x270 [ 1716.589648] __handle_mm_fault+0x36c8/0x3f20 [ 1716.594734] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1716.599703] ? find_held_lock+0x35/0x130 [ 1716.603783] ? handle_mm_fault+0x322/0xb30 [ 1716.608679] ? kasan_check_read+0x11/0x20 [ 1716.613207] handle_mm_fault+0x43f/0xb30 [ 1716.617580] __do_page_fault+0x5da/0xd60 [ 1716.621689] do_page_fault+0x71/0x581 [ 1716.625510] ? page_fault+0x8/0x30 [ 1716.629288] page_fault+0x1e/0x30 [ 1716.633103] RIP: 0033:0x451880 [ 1716.636574] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1716.655790] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1716.661264] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1716.668550] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1716.675839] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1716.683818] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1716.691166] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:17:27 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='hf#plus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) [ 1716.724961] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1716.745293] CPU: 0 PID: 1729 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1716.745808] FAT-fs (loop5): Unrecognized mount option "e" or missing value [ 1716.752488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1716.752494] Call Trace: [ 1716.752523] dump_stack+0x172/0x1f0 [ 1716.752546] handle_userfault.cold+0x41/0x5d [ 1716.752572] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1716.752589] ? __handle_mm_fault+0x36b7/0x3f20 [ 1716.752602] ? find_held_lock+0x35/0x130 [ 1716.752617] ? __handle_mm_fault+0x36b7/0x3f20 [ 1716.800132] ? kasan_check_read+0x11/0x20 [ 1716.804341] ? lock_downgrade+0x810/0x810 [ 1716.808519] ? kasan_check_read+0x11/0x20 [ 1716.812710] ? do_raw_spin_unlock+0x57/0x270 [ 1716.817143] __handle_mm_fault+0x36c8/0x3f20 [ 1716.821596] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1716.826559] ? find_held_lock+0x35/0x130 [ 1716.830732] ? handle_mm_fault+0x322/0xb30 [ 1716.835325] ? kasan_check_read+0x11/0x20 [ 1716.839511] handle_mm_fault+0x43f/0xb30 [ 1716.843866] __do_page_fault+0x5da/0xd60 [ 1716.848947] do_page_fault+0x71/0x581 [ 1716.852774] ? page_fault+0x8/0x30 [ 1716.856331] page_fault+0x1e/0x30 [ 1716.859805] RIP: 0033:0x451880 [ 1716.863021] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1716.883416] RSP: 002b:00007f04692b57a8 EFLAGS: 00010202 22:17:27 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1716.888995] RAX: 00007f04692b5850 RBX: 0000000000000003 RCX: 000000000000000e [ 1716.896619] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692b5850 [ 1716.903936] RBP: 000000000073bfa0 R08: 00000000000003ff R09: 0000000000000000 [ 1716.911224] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692b66d4 [ 1716.918511] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:17:27 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x500000000000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:27 executing program 0: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="2e000000300005000000e0713c444d24010000001000034014000000053582c137153e370000000000000000d1bd", 0x2e}], 0x1, 0x0, 0x0, 0x2}, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000001c0)={0x0, 0xfff}, &(0x7f00000002c0)=0x8) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x73, &(0x7f0000000340)={r3, 0x2, 0x30, 0x7fff, 0x9f}, &(0x7f0000000380)=0x18) r4 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/hash_stats\x00', 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) openat$selinux_member(0xffffffffffffff9c, &(0x7f00000003c0)='/selinux/member\x00', 0x2, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r1, 0xc08c5334, &(0x7f0000000200)={0x401, 0x9, 0x6, 'queue1\x00', 0x100}) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r4, 0xc08c5336, &(0x7f0000000100)={0x0, 0x43, 0x81, 'queue0\x00', 0xffffffff}) [ 1717.024074] FAT-fs (loop5): Unrecognized mount option "e" or missing value [ 1717.024488] gfs2: not a GFS2 filesystem [ 1717.037829] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1717.059696] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1717.118221] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1717.122906] CPU: 0 PID: 1749 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1717.130536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1717.130542] Call Trace: [ 1717.130571] dump_stack+0x172/0x1f0 [ 1717.130598] handle_userfault.cold+0x41/0x5d [ 1717.130624] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1717.130641] ? __handle_mm_fault+0x36b7/0x3f20 [ 1717.150856] ? find_held_lock+0x35/0x130 [ 1717.150874] ? __handle_mm_fault+0x36b7/0x3f20 [ 1717.150894] ? kasan_check_read+0x11/0x20 [ 1717.150911] ? lock_downgrade+0x810/0x810 [ 1717.150930] ? kasan_check_read+0x11/0x20 [ 1717.150946] ? do_raw_spin_unlock+0x57/0x270 [ 1717.150963] __handle_mm_fault+0x36c8/0x3f20 [ 1717.191259] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1717.196130] ? find_held_lock+0x35/0x130 [ 1717.200226] ? handle_mm_fault+0x322/0xb30 [ 1717.204498] ? kasan_check_read+0x11/0x20 [ 1717.208690] handle_mm_fault+0x43f/0xb30 [ 1717.213317] __do_page_fault+0x5da/0xd60 [ 1717.217510] do_page_fault+0x71/0x581 [ 1717.221380] ? page_fault+0x8/0x30 [ 1717.225132] page_fault+0x1e/0x30 [ 1717.228600] RIP: 0033:0x451880 [ 1717.231815] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1717.251149] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1717.256535] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1717.263854] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1717.271170] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1717.278560] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1717.285939] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1717.368963] gfs2: not a GFS2 filesystem 22:17:29 executing program 4: epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000032ff4)={0x2000}) mprotect(&(0x7f0000032000/0x1000)=nil, 0x1000, 0x5) setitimer(0x1, &(0x7f0000032fe0)={{}, {0x0, 0x2710}}, 0x0) r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x40, 0x0) accept4$llc(r0, 0x0, &(0x7f0000000040), 0x80000) 22:17:29 executing program 0: r0 = socket$inet6(0xa, 0x80000, 0xfffffffd) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000340)='./cgroup\x00', 0x200002, 0x0) fchdir(r1) munmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000500)=0xffffffffffffffff, 0x4) r2 = fcntl$getown(r0, 0x9) r3 = getpgid(r2) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x81, 0x101}, 0x0, 0x0, 0x4}, r3, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0x100000000000e002, 0x1, &(0x7f0000000180), 0x0, 0x0) r5 = socket$inet6(0xa, 0x1, 0xfd) ioctl(0xffffffffffffffff, 0x5a, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xe005, 0x1, &(0x7f00000005c0)=[{&(0x7f0000000140)="eb3c906d6b66732e64617400020401000200", 0x12, 0x100}], 0x10808410, 0x0) r6 = open(&(0x7f00000000c0)='./file0\x00', 0x4, 0x0) mkdirat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0) removexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000800)=ANY=[@ANYPTR64=&(0x7f0000000600)=ANY=[@ANYBLOB="840703000000000000000000ca28ff13653d939352afd46a6262ff00000016dfd3c07c8758390a479447bccc2b48387108a089b1ef15d4e0a32686eb65b2b1889a2e64a730cea71569d580fcbd645588b7786693de29abce6d594524d7094a42aaac86cfe9c3b81cb092afb4fd359426e90424c22a51704e23df55e779c87b1f4e2b4fd29edbeb3c8054ef929db65c65750a61cfdd008d7981246d11e6aa97816ba4592a766802fea1544dd01646bbec55375ed70d00000000000000000000000050b00edcf189c018d2b65dd5f4d9b449a3179215c4e480357d3824ce9c06756908a4717ed6fbcb5f8324af5678e1cb06dfe27f529f2f495b000d65058d9102ae7a046d7715a943fbc3ab213f5c3bd0f500b92c4c12f5ddd48a79fbbbffaa900bac2e06b78af87c8ba5222fe2920cfca72b9cb5082f3398eff06d8aedcaf66e0ef9df27aea73132cd49cec708ddcde35a8b27af9e23712ae00023beb77062a2d5975b6da43559d7acb2fbedd6cc6f7fed25ca8546897a0ad93ae4023062413adb8b"], @ANYPTR=&(0x7f00000007c0)=ANY=[@ANYPTR64, @ANYRESOCT=r4, @ANYRESHEX=r6, @ANYRES16=r1]]) perf_event_open(&(0x7f0000940000)={0x2, 0xfffffffffffffdcd, 0xfffffffffffffffe, 0x0, 0x0, 0xd1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2000000, 0x110, r1, 0x8000000) openat$fuse(0xffffffffffffff9c, &(0x7f0000000580)='/dev/fuse\x00', 0x2, 0x0) ioctl$FUSE_DEV_IOC_CLONE(r6, 0x8004e500, &(0x7f0000001140)) sched_setaffinity(0x0, 0x8, &(0x7f00000003c0)=0x100000001) r7 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x20000000000000, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x6}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioprio_get$pid(0x0, r3) capset(&(0x7f00000002c0)={0x19980330}, &(0x7f0000000300)={0x8, 0x2, 0x89, 0x0, 0xca, 0xca30}) r8 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2, 0xfd, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, @perf_bp, 0x1e}, 0x0, 0x0, r7, 0x0) setsockopt$inet6_MRT6_ADD_MIF(r5, 0x29, 0xca, &(0x7f0000000240)={0x0, 0x1, 0x80000000, 0x80, 0x1}, 0xc) openat$null(0xffffffffffffff9c, &(0x7f0000000480)='/dev/null\x00', 0xa2081, 0x0) write$cgroup_type(0xffffffffffffffff, 0x0, 0x0) mkdirat(r6, &(0x7f00000004c0)='./file1\x00', 0x0) creat(&(0x7f0000000a00)='./file0/file0\x00', 0x44) fchdir(r8) fstatfs(r6, &(0x7f0000000400)=""/128) 22:17:29 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003000)={[{@fat=@errors_continue='er\nors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:29 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x600000000000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:29 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='hf%plus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) 22:17:29 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1719.093041] FAT-fs (loop5): Unrecognized mount option "er [ 1719.093041] ors=continue" or missing value [ 1719.114962] gfs2: not a GFS2 filesystem [ 1719.124054] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1719.130128] CPU: 0 PID: 1762 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1719.137360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1719.146832] Call Trace: [ 1719.149593] dump_stack+0x172/0x1f0 [ 1719.153283] handle_userfault.cold+0x41/0x5d [ 1719.158087] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1719.162879] ? __handle_mm_fault+0x36b7/0x3f20 [ 1719.167841] ? find_held_lock+0x35/0x130 [ 1719.171934] ? __handle_mm_fault+0x36b7/0x3f20 [ 1719.176565] ? kasan_check_read+0x11/0x20 [ 1719.180751] ? lock_downgrade+0x810/0x810 [ 1719.185232] ? kasan_check_read+0x11/0x20 [ 1719.189446] ? do_raw_spin_unlock+0x57/0x270 [ 1719.194098] __handle_mm_fault+0x36c8/0x3f20 [ 1719.198639] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1719.203868] ? find_held_lock+0x35/0x130 [ 1719.208220] ? handle_mm_fault+0x322/0xb30 [ 1719.212523] ? kasan_check_read+0x11/0x20 [ 1719.216805] handle_mm_fault+0x43f/0xb30 [ 1719.220969] __do_page_fault+0x5da/0xd60 [ 1719.225073] do_page_fault+0x71/0x581 [ 1719.228901] ? page_fault+0x8/0x30 [ 1719.232466] page_fault+0x1e/0x30 [ 1719.235934] RIP: 0033:0x451880 [ 1719.239152] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1719.258353] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1719.263920] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1719.271683] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1719.279255] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1719.286816] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 22:17:30 executing program 4: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x0, 0x0) fchmodat(r0, &(0x7f0000000040)='./file0\x00', 0x100) ioctl$SG_EMULATED_HOST(r0, 0x2203, &(0x7f0000000080)) ioctl$sock_bt_cmtp_CMTPGETCONNINFO(r0, 0x800443d3, &(0x7f00000000c0)={{0x100000000, 0xffff, 0x401, 0x400, 0x5, 0xffffffffffffffff}, 0x9, 0x800, 0x3}) listen(r0, 0x0) listen(r0, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000100)={0x2738bd4c, 0x0, 0x9fb, 0x1000, 0x0}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000180)={r1, 0x5}, &(0x7f00000001c0)=0x8) r2 = socket(0x9, 0xb, 0x40) ioctl$sock_inet_SIOCGIFADDR(r2, 0x8915, &(0x7f0000000200)={'nr0\x00', {0x2, 0x4e20, @local}}) ioctl$RTC_WIE_OFF(r0, 0x7010) ioctl$KDGKBLED(r0, 0x4b64, &(0x7f0000000240)) r3 = socket$vsock_stream(0x28, 0x1, 0x0) r4 = accept4$unix(r2, &(0x7f0000000280), &(0x7f0000000300)=0x6e, 0x80000) ioctl$KVM_SET_CPUID2(r0, 0x4008ae90, &(0x7f0000000340)={0x6, 0x0, [{0x80000007, 0xffff, 0x4, 0xef, 0x8, 0x20, 0x1}, {0x0, 0x4, 0x1, 0x7, 0x8000, 0x100, 0x1}, {0x80000001, 0x0, 0x1, 0x9271, 0x1ff, 0x400, 0x100000001}, {0xc0000019, 0x2, 0x2, 0x10000, 0x81, 0x366, 0xca}, {0x8000001f, 0x9000000000000000, 0x4, 0x38, 0x6a, 0x7}, {0x0, 0x19a, 0x3, 0xa4, 0x6, 0xfffffffffffffffb, 0x1}]}) recvmsg$kcm(r0, &(0x7f0000001800)={&(0x7f0000000440)=@un=@abs, 0x80, &(0x7f00000016c0)=[{&(0x7f00000004c0)}, {&(0x7f0000000500)=""/4096, 0x1000}, {&(0x7f0000001500)=""/38, 0x26}, {&(0x7f0000001540)=""/233, 0xe9}, {&(0x7f0000001640)=""/109, 0x6d}], 0x5, &(0x7f0000001740)=""/160, 0xa0}, 0x40002020) bind$alg(r2, &(0x7f0000001840)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106(gcm(aes))\x00'}, 0x58) r5 = shmget(0x1, 0x1000, 0x42, &(0x7f0000fff000/0x1000)=nil) shmctl$SHM_STAT(r5, 0xd, &(0x7f00000018c0)=""/15) write$binfmt_script(r3, &(0x7f0000001900)={'#! ', './file0', [{0x20, 'self[#]!vmnet1@\':{)'}, {0x20, 'vboxnet0\x1f{'}, {0x20, 'keyring'}, {0x20, 'md5sum/-'}, {0x20, '/dev/autofs\x00'}, {}, {0x20, 'rfc4106(gcm(aes))\x00'}, {0x20, 'aead\x00'}, {0x20, '.{'}, {0x20, 'rfc4106(gcm(aes))\x00'}], 0xa, "e8579957cca06b07a924f8fe12fac8273b47ebd52832d5625b82886c0c5c1dfa22a2a494a0489e6caa46519d1c7db52ce481a2d1f8d369ec64cf9c05806de2b4f05f64050e3465d5b6af4f8c3d7490a3805de5611ab8dbef6532c7deb90c2c282e94e60ba2a5905c21b2fed9bacf231d3cc75f85"}, 0xec) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0xc0605345, &(0x7f0000001a00)={0x4, 0x0, {0x3, 0x3, 0x401, 0x1, 0x2}}) pread64(r4, &(0x7f0000001a80)=""/103, 0x67, 0x0) openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f0000001b00)='/proc/thread-self/attr/current\x00', 0x2, 0x0) ioctl$PPPIOCDISCONN(r0, 0x7439) ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f0000001b40)=0x1) openat$uhid(0xffffffffffffff9c, &(0x7f0000001b80)='/dev/uhid\x00', 0x0, 0x0) getsockopt(r4, 0x7, 0x1, &(0x7f0000001bc0)=""/215, &(0x7f0000001cc0)=0xd7) r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001d40)='IPVS\x00') sendmsg$IPVS_CMD_NEW_SERVICE(r2, &(0x7f0000001e80)={&(0x7f0000001d00), 0xc, &(0x7f0000001e40)={&(0x7f0000001d80)={0x8c, r6, 0x200, 0x70bd26, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_SERVICE={0x2c, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x6}, @IPVS_SVC_ATTR_TIMEOUT={0x8}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}]}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast2}]}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x76}]}, @IPVS_CMD_ATTR_SERVICE={0x2c, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0xff}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'dh\x00'}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0xfffffffffffffffa}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x3f}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x9}]}, 0x8c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000000) getsockopt$bt_BT_CHANNEL_POLICY(r0, 0x112, 0xa, &(0x7f0000001ec0)=0xfe, &(0x7f0000001f00)=0x4) [ 1719.294285] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1719.305421] capability: warning: `syz-executor.0' uses 32-bit capabilities (legacy support in use) 22:17:30 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x700000000000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:30 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\xff', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1719.452137] FAT-fs (loop5): Unrecognized mount option "er [ 1719.452137] ors=continue" or missing value 22:17:30 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='hf*plus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) [ 1719.533789] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1719.560769] CPU: 0 PID: 1788 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1719.567937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1719.577321] Call Trace: [ 1719.579939] dump_stack+0x172/0x1f0 [ 1719.583592] handle_userfault.cold+0x41/0x5d [ 1719.588035] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1719.593279] ? __handle_mm_fault+0x36b7/0x3f20 [ 1719.598070] ? find_held_lock+0x35/0x130 [ 1719.602261] ? __handle_mm_fault+0x36b7/0x3f20 [ 1719.606870] ? kasan_check_read+0x11/0x20 [ 1719.611040] ? lock_downgrade+0x810/0x810 [ 1719.615231] ? kasan_check_read+0x11/0x20 [ 1719.619401] ? do_raw_spin_unlock+0x57/0x270 [ 1719.623834] __handle_mm_fault+0x36c8/0x3f20 [ 1719.628363] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1719.633311] ? find_held_lock+0x35/0x130 [ 1719.637391] ? handle_mm_fault+0x322/0xb30 [ 1719.641663] ? kasan_check_read+0x11/0x20 [ 1719.646011] handle_mm_fault+0x43f/0xb30 [ 1719.650112] __do_page_fault+0x5da/0xd60 [ 1719.654295] do_page_fault+0x71/0x581 22:17:30 executing program 4: gettid() r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffff9f8f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x0, &(0x7f0000000000)=0x100100001, 0x4) write$binfmt_elf64(r0, 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) syz_open_procfs(0x0, 0x0) ioctl$PIO_SCRNMAP(0xffffffffffffffff, 0x4b41, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) timer_create(0x0, 0x0, 0x0) r2 = socket$inet6(0xa, 0x400000000001, 0x0) r3 = getgid() fstat(0xffffffffffffffff, 0x0) fstat(0xffffffffffffffff, 0x0) getgroups(0x1, &(0x7f0000000180)=[0x0]) getgroups(0x0, 0x0) lstat(0x0, 0x0) setgroups(0x6, &(0x7f0000000480)=[r3, 0x0, 0x0, r4, 0x0, 0x0]) rename(0x0, 0x0) r5 = dup(r2) bind$inet6(r2, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r2, 0x0, 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r6 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0xfffffffffffffffd) openat$cgroup_ro(r5, &(0x7f00000003c0)='cgroup.stat\x00', 0x0, 0x0) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000280)=0x200, 0x2d) ftruncate(r6, 0x80003) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r6, &(0x7f0000000080), 0x8000fffffffe) [ 1719.658116] ? page_fault+0x8/0x30 [ 1719.661672] page_fault+0x1e/0x30 [ 1719.665319] RIP: 0033:0x451880 [ 1719.668530] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1719.688244] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1719.688257] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1719.688264] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 22:17:30 executing program 0: r0 = semget(0x0, 0x2, 0x40) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000100)=""/4096) r1 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x0) r2 = accept4(0xffffffffffffff9c, 0x0, &(0x7f0000000000), 0x80800) getsockopt$bt_BT_FLUSHABLE(r2, 0x112, 0x8, &(0x7f0000000080)=0x3, &(0x7f00000000c0)=0xffffffffffffff1b) ioctl$LOOP_SET_DIRECT_IO(r1, 0x1278, 0xc) pipe2(&(0x7f0000001100), 0x80800) 22:17:30 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003000)={[{@fat=@errors_continue='er\"ors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1719.688271] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1719.688278] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1719.688285] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:17:30 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x900000000000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:30 executing program 0: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000440)='/proc/sys/net/ipv4/vs/am_droprate\x00', 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000200, 0x100000110, r0, 0x0) setsockopt$TIPC_IMPORTANCE(r0, 0x10f, 0x7f, &(0x7f0000000000)=0x40, 0x4) write$cgroup_pid(r0, &(0x7f0000000080), 0x12) 22:17:30 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x2, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:17:30 executing program 4: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='X', 0x1, 0xfffffffffffffffe) add_key$keyring(&(0x7f00000000c0)='keyring\x00', 0x0, 0x0, 0x0, 0xffffffffffffffff) keyctl$update(0x2, r0, &(0x7f00000006c0)="c0ca1cdbaa1aedbbed80dddaa28e15b9449e2e82cca4244c40ffd0fd4e6631c7d3d86e1339de17344340b02dd527f2d8b3ae6c1db3594e657da33c3ec668f143974a65753472df5319a6b83e1e86b8f2666c61a2e700d1c1e0ae1fc52494bd4885a5c64e9007d39fa11313805290dd6342f9775f01a02ec88f6bee22f25a377a9b143abba1264586d2779088006d5f9be82b00f10287031623f73470264cc5897f18f357aad6deb3883da88ae2266664933785a3ce72bb224a441437ea93c217b8c241c03f4fa4d69584cebe20463c747252f24dcc930c4a0f1eb42f0c32ba9a5a098eac04ae3a79f168570b10bda39e99786d33d6c2d40bb019886cb3eaab170696e52cd6ba7d0576ef87b3cfc4de055f7535aa862b7e124b", 0x119) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x4000, 0x22) ioctl$PERF_EVENT_IOC_DISABLE(r2, 0x2401, 0x5) r3 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f00000005c0)={'syz'}, &(0x7f00000000c0), 0x9a, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000080)={r3, r0, r3}, &(0x7f00000009c0)=""/240, 0x4a3, 0x0) [ 1719.968556] FAT-fs (loop5): Unrecognized mount option "er"ors=continue" or missing value [ 1720.032376] audit: type=1400 audit(1549923450.932:113): avc: denied { map } for pid=1820 comm="syz-executor.0" path="/proc/sys/net/ipv4/vs/am_droprate" dev="proc" ino=280078 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:sysctl_net_t:s0 tclass=file permissive=1 [ 1720.065872] FAULT_FLAG_ALLOW_RETRY missing 70 22:17:30 executing program 0: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf5b, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x1, 0x0) ioctl$VIDIOC_ENCODER_CMD(r1, 0xc028564d, &(0x7f0000000080)={0x1, 0x0, [0x5, 0x7, 0x7, 0xa67, 0x3f, 0x9, 0x4, 0x2]}) ioctl$UI_SET_EVBIT(r0, 0x40045567, 0x4000000000001a) ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r1, 0xc034564b, &(0x7f0000000040)={0x0, 0xbd717379, 0xfffffffffffffff8, 0xfffffffffffffffa, 0x3, @stepwise={{0x1f, 0x20}, {0x1, 0x6}, {0x4}}}) [ 1720.082318] CPU: 1 PID: 1822 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1720.089829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1720.099996] Call Trace: [ 1720.102658] dump_stack+0x172/0x1f0 [ 1720.106318] handle_userfault.cold+0x41/0x5d [ 1720.110965] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1720.115927] ? __handle_mm_fault+0x36b7/0x3f20 [ 1720.121142] ? find_held_lock+0x35/0x130 [ 1720.125245] ? __handle_mm_fault+0x36b7/0x3f20 22:17:31 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='hf+plus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) [ 1720.129869] ? kasan_check_read+0x11/0x20 [ 1720.134049] ? lock_downgrade+0x810/0x810 [ 1720.138386] ? kasan_check_read+0x11/0x20 [ 1720.142551] ? do_raw_spin_unlock+0x57/0x270 [ 1720.146993] __handle_mm_fault+0x36c8/0x3f20 [ 1720.151596] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1720.156538] ? find_held_lock+0x35/0x130 [ 1720.160876] ? handle_mm_fault+0x322/0xb30 [ 1720.165138] ? kasan_check_read+0x11/0x20 [ 1720.169487] handle_mm_fault+0x43f/0xb30 [ 1720.173665] __do_page_fault+0x5da/0xd60 [ 1720.177790] do_page_fault+0x71/0x581 [ 1720.181652] ? page_fault+0x8/0x30 [ 1720.185579] page_fault+0x1e/0x30 [ 1720.189044] RIP: 0033:0x451880 [ 1720.192249] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1720.211185] RSP: 002b:00007f04692b57a8 EFLAGS: 00010202 [ 1720.216650] RAX: 00007f04692b5850 RBX: 0000000000000003 RCX: 000000000000000e [ 1720.223939] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692b5850 [ 1720.231252] RBP: 000000000073bfa0 R08: 00000000000003ff R09: 0000000000000000 [ 1720.238627] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692b66d4 [ 1720.245911] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1720.272477] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1720.277062] CPU: 1 PID: 1817 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1720.284192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1720.293824] Call Trace: [ 1720.296439] dump_stack+0x172/0x1f0 [ 1720.300136] handle_userfault.cold+0x41/0x5d [ 1720.300175] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1720.300194] ? __handle_mm_fault+0x36b7/0x3f20 [ 1720.313830] ? find_held_lock+0x35/0x130 [ 1720.313851] ? __handle_mm_fault+0x36b7/0x3f20 [ 1720.313871] ? kasan_check_read+0x11/0x20 [ 1720.313887] ? lock_downgrade+0x810/0x810 22:17:31 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003000)={[{@fat=@errors_continue='er%ors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1720.330955] ? kasan_check_read+0x11/0x20 [ 1720.335129] ? do_raw_spin_unlock+0x57/0x270 [ 1720.339717] __handle_mm_fault+0x36c8/0x3f20 [ 1720.344167] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1720.344183] ? find_held_lock+0x35/0x130 [ 1720.344198] ? handle_mm_fault+0x322/0xb30 [ 1720.344226] ? kasan_check_read+0x11/0x20 [ 1720.361563] handle_mm_fault+0x43f/0xb30 [ 1720.361589] __do_page_fault+0x5da/0xd60 [ 1720.361612] do_page_fault+0x71/0x581 [ 1720.373559] ? page_fault+0x8/0x30 [ 1720.377121] page_fault+0x1e/0x30 [ 1720.380606] RIP: 0033:0x451880 [ 1720.380622] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1720.380630] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1720.380643] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1720.380651] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1720.402763] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1720.402771] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1720.402778] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:17:31 executing program 0: setrlimit(0x40000000000008, &(0x7f0000000040)={0x40000003, 0x81000000003}) mlockall(0x7) r0 = socket$bt_hidp(0x1f, 0x3, 0x6) fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f0000000000)) [ 1720.478265] gfs2: not a GFS2 filesystem 22:17:31 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x2000000000000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1720.537113] FAT-fs (loop5): Unrecognized mount option "er%ors=continue" or missing value 22:17:31 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x3, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1720.697836] FAT-fs (loop5): Unrecognized mount option "er%ors=continue" or missing value [ 1720.720104] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1720.729704] CPU: 0 PID: 1852 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1720.736862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1720.746620] Call Trace: [ 1720.746656] dump_stack+0x172/0x1f0 [ 1720.752885] handle_userfault.cold+0x41/0x5d [ 1720.757327] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1720.761934] ? __handle_mm_fault+0x36b7/0x3f20 [ 1720.766585] ? find_held_lock+0x35/0x130 [ 1720.766605] ? __handle_mm_fault+0x36b7/0x3f20 [ 1720.766627] ? kasan_check_read+0x11/0x20 [ 1720.781787] ? lock_downgrade+0x810/0x810 [ 1720.785960] ? kasan_check_read+0x11/0x20 [ 1720.790144] ? do_raw_spin_unlock+0x57/0x270 [ 1720.794922] __handle_mm_fault+0x36c8/0x3f20 [ 1720.799630] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1720.804496] ? find_held_lock+0x35/0x130 [ 1720.808620] ? handle_mm_fault+0x322/0xb30 [ 1720.812940] ? kasan_check_read+0x11/0x20 [ 1720.817137] handle_mm_fault+0x43f/0xb30 [ 1720.821381] __do_page_fault+0x5da/0xd60 [ 1720.825572] do_page_fault+0x71/0x581 [ 1720.829448] ? page_fault+0x8/0x30 [ 1720.833375] page_fault+0x1e/0x30 [ 1720.836836] RIP: 0033:0x451880 22:17:31 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='hf-plus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) 22:17:31 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x4000000000000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1720.836849] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1720.836857] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1720.836869] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1720.836877] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1720.836885] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1720.836895] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 22:17:31 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003000)={[{@fat=@errors_continue='er,ors=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1720.859207] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:17:31 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000240)='/dev/snd/controlC#\x00', 0xfffffffffffffffe, 0x100000) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r0, 0xc10c5541, &(0x7f0000000040)={0x0, 0x0, 0x1, 0x0, 0x0, [], [], [], 0x10000}) r1 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x2, 0x2) ioctl$CAPI_GET_PROFILE(r1, 0xc0404309, &(0x7f0000000180)=0x40) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) fcntl$getown(r2, 0x9) write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000000)={0x3, 0x40, 0xfa00, {{0x19000003, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}}, {0xa, 0x0, 0x0, @ipv4={[], [], @loopback}}}}, 0x48) setsockopt$bt_hci_HCI_FILTER(r1, 0x0, 0x2, &(0x7f00000001c0)={0x5, 0x10001, 0x80, 0x9}, 0x10) [ 1720.946396] gfs2: not a GFS2 filesystem [ 1721.033219] FAT-fs (loop5): Unrecognized mount option "er" or missing value [ 1721.041245] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1721.041334] gfs2: not a GFS2 filesystem [ 1721.056486] CPU: 0 PID: 1865 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1721.063767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1721.073174] Call Trace: [ 1721.075847] dump_stack+0x172/0x1f0 [ 1721.079542] handle_userfault.cold+0x41/0x5d [ 1721.084029] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1721.088832] ? __handle_mm_fault+0x36b7/0x3f20 [ 1721.093464] ? find_held_lock+0x35/0x130 [ 1721.097591] ? __handle_mm_fault+0x36b7/0x3f20 [ 1721.102527] ? kasan_check_read+0x11/0x20 [ 1721.106740] ? lock_downgrade+0x810/0x810 [ 1721.110944] ? kasan_check_read+0x11/0x20 [ 1721.115155] ? do_raw_spin_unlock+0x57/0x270 [ 1721.119620] __handle_mm_fault+0x36c8/0x3f20 [ 1721.124227] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1721.129135] ? find_held_lock+0x35/0x130 22:17:32 executing program 0: r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000) write$FUSE_LSEEK(r0, &(0x7f0000000080)={0x18, 0x0, 0x4, {0x200}}, 0x18) recvmmsg(r0, &(0x7f00000041c0)=[{{0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1}, 0x80}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='sessionid\x00') preadv(r1, &(0x7f00000017c0), 0x324, 0x0) [ 1721.133232] ? handle_mm_fault+0x322/0xb30 [ 1721.137520] ? kasan_check_read+0x11/0x20 [ 1721.141697] handle_mm_fault+0x43f/0xb30 [ 1721.145790] __do_page_fault+0x5da/0xd60 [ 1721.149879] do_page_fault+0x71/0x581 [ 1721.153700] ? page_fault+0x8/0x30 [ 1721.157430] page_fault+0x1e/0x30 [ 1721.160895] RIP: 0033:0x451880 [ 1721.164120] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1721.183734] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1721.189122] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1721.196671] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1721.203956] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1721.211253] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1721.218538] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:17:32 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x4800000000000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:32 executing program 4: chroot(&(0x7f0000000100)='./file0\x00') socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffff9c, 0x84, 0xd, &(0x7f0000000040)=@assoc_value={0x0, 0x9}, &(0x7f0000000080)=0x8) r3 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x2, 0x80100) setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f00000000c0)={r2, 0x5a}, 0x8) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000003fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r4, 0x84, 0x8, &(0x7f0000013e95)=0xfffffffc, 0x10f) ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000200)={'veth0_to_bridge\x00', &(0x7f0000000280)=@ethtool_perm_addr={0x20, 0x6, "1bafaa662fe7"}}) close(r4) syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0x2, 0x2) close(r1) 22:17:32 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='hf.plus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) 22:17:32 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x4, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1721.354947] FAT-fs (loop5): Unrecognized mount option "er" or missing value 22:17:32 executing program 4: setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x33, &(0x7f00000001c0), 0x10) 22:17:32 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e39, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x0) ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f0000000080)) ioctl$TUNSETNOCSUM(r0, 0x400454c8, 0x1) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x5452, &(0x7f0000000300)={'nr0\x01\x00'}) syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x80) syz_open_dev$radio(&(0x7f00000000c0)='/dev/radio#\x00', 0x0, 0x2) [ 1721.478846] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1721.488883] CPU: 1 PID: 1890 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1721.496069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1721.505444] Call Trace: [ 1721.508077] dump_stack+0x172/0x1f0 [ 1721.511817] handle_userfault.cold+0x41/0x5d [ 1721.516375] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1721.520987] ? __handle_mm_fault+0x36b7/0x3f20 [ 1721.525807] ? find_held_lock+0x35/0x130 [ 1721.529898] ? __handle_mm_fault+0x36b7/0x3f20 [ 1721.534595] ? kasan_check_read+0x11/0x20 [ 1721.538851] ? lock_downgrade+0x810/0x810 [ 1721.543020] ? kasan_check_read+0x11/0x20 [ 1721.547206] ? do_raw_spin_unlock+0x57/0x270 [ 1721.551901] __handle_mm_fault+0x36c8/0x3f20 [ 1721.556337] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1721.561630] ? find_held_lock+0x35/0x130 [ 1721.565882] ? handle_mm_fault+0x322/0xb30 [ 1721.570150] ? kasan_check_read+0x11/0x20 [ 1721.574495] handle_mm_fault+0x43f/0xb30 [ 1721.578587] __do_page_fault+0x5da/0xd60 [ 1721.582779] do_page_fault+0x71/0x581 [ 1721.586770] ? page_fault+0x8/0x30 [ 1721.590323] page_fault+0x1e/0x30 [ 1721.593785] RIP: 0033:0x451880 [ 1721.600030] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1721.618960] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 22:17:32 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003000)={[{@fat=@errors_continue='err\nrs=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:32 executing program 4: r0 = socket$inet6(0xa, 0x3, 0x4000000000001) connect$inet6(r0, &(0x7f000052f000)={0xa, 0x0, 0x0, @mcast2, 0x200000006}, 0x1c) r1 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0xb40f, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000c9af18)={{{@in, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x22}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast2, 0x0, 0x3c}, 0x0, @in=@remote, 0x0, 0x0, 0x0, 0xfffffffffffffffd}}, 0xe8) sendmsg(r0, &(0x7f00000024c0)={0x0, 0x0, 0x0}, 0x0) [ 1721.624380] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1721.631665] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1721.638945] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1721.646227] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1721.653827] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:17:32 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x4c00000000000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1721.755840] gfs2: not a GFS2 filesystem 22:17:32 executing program 4: write$P9_RLINK(0xffffffffffffffff, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x8000, 0x0) ioctl$BLKPG(r1, 0x1269, &(0x7f00000000c0)={0x2, 0x3ff, 0x42, &(0x7f0000000040)="aa5b761a6e5f74628c369935e8d5c095d6235a5579cad986ce79c8074d343f5dd0de6ef716de48309f9c22f640c32711ec4a8058c473a31173f9daed77d81c64b0c1"}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) munmap(&(0x7f0000002000/0x3000)=nil, 0x3000) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f00000056c0)) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0x4000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) mremap(&(0x7f0000013000/0x2000)=nil, 0x2000, 0x3000, 0x3, &(0x7f0000009000/0x3000)=nil) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:17:32 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='hf0plus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) 22:17:32 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x5, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1721.894090] FAT-fs (loop5): Unrecognized mount option "err [ 1721.894090] rs=continue" or missing value 22:17:32 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) write(r1, &(0x7f00000000c0)="94b5ced1c1c16ac6d1a1c2b9770e1b98151594aee42c944d504381541ef74302a5b96ffe135e2558ff7464c92e5da3c38ee8d0d9c5f527213ec0e5d7e7cf71dba636260456322536357210febe07a7fd8aa0c8f5bcd7a0d11ffd83f681ea888195ef58ba8ec9014bc93344f0416444ebce4eb303e5ae1e32a158f1c11b787074819112ef6ec18c900eafed1ca71d6ed883766bfa2a5ba3cf52840534b45e0e885e9caddcbde55fa35e5e704b07bfb12bf050f699a1a19a704b625b9f8476a1016e22141a0a38bc57b82ead410d3b468ae37fd43273ca1e6456a03065a51658934e4b0a7a5b608894c2b9a69cc824219a660e59d9be30ebe1e0112df9535a0368c26fa3b2cb069037a565d9b51b70c4e08df2e8e1371ab0065195b0cc12e1c4e3ef8b2845790bf990c711db4df0c1b88da0902d38197ada8fdb5c17b18244119900e66aff880d272bceda6ec28cd5694782c950b63c4fbaf831e60d5036fc9194e39a61845f2927c093bdab1897aef8e684efcd5d083a157ac2bc94321416cc623760892e202eb1fa1548dd7ff81a93af9dc86022074a3d749f80e1ad2e63c4df24bbba78c643a84eb556a32f8bef133f12ea20ce5a16f081e7ae162a294fb0054cd29b87271ae2bf0ad079b15b19359083da3135dce4c0a661653293873921573a43f95494e5f3fca960f470b59c78ce04b3499d166619407c567b59e7c30942eae9b419f25ab5b45c175dce4dcd853badcaae3076a3d3d3d257a505dfcda812d874869ee73de632749e68334b3b3f7a63724d4fec210551073d8f73c51d70270644322cf9b06bfb1b8d9c4c0a3702ef2cf3471c61cf45499d0663e695b0d1fdfd519b1278a7158b99f49f855e5295a7a9774946b1f37677041411ca0fdab09ea0f4eee1bb2e9314ef2786c390b7d95a4a08394f24484ff0bafb1fc54e6af63ae5c4cdb7542c8073e7b07ea0b5d5614f80ecb177506714c84b384d25191371a92f6ba5ae975b62b9b42c9f578f6e3b7e5300d68035454d8418fc91942acb8db72195caa0f66975cf554f81dab1f511a4cda53e24b037b54680ae95a9cec425d66bb28f07827509789feda2821899eff992e18256bb8cca0016b7b7e245eecef35dc1e4b86833fb8c027f98b24026588b91ada6f96805a13dd3a5030d49a4cf8ec66eeca9af75b6c80badd95897e6b7d735601ef05de5924b0d4986f0a60d9fc45fd0a51322f207eaaf77bc7e575a905ef0e533d22c28ad66214ac1b26622358432d2bdc351aa843e89e062028cc867502ece2c075b95bd6e7106d80807a151da41b507c25c4b741eca29bdac9bb8b17904367a0a060e25b259f401b59d466a44eae17111a17728a885f751e4d312faf599fdc8ade9add52476495fb46d5bd072dfdd2ef6aee74063cdf57b8aafbd7b2b8082b7d1ea34de144f37fdb03e76d43560881e046759856a9c23de2099e20438c18b80ea1e72f7f127b518ccd1c99e3ccc2e68a9719e4cd5d08f6912fb7b7f51ce8ff6c19d28da5df135131fec617d93ce8b023adf5c014b9ec815b9aac172d4420f0c020fc9b6331e8607c01ca129a2c1ea79104a1299ee636b17d4bd2b484d8e0d001bb6f6c5d941547d9c4cff6d69d376831a0f135b2105897d0ceda69d99f68021aae557fc8c7b1853271ffdef6e9560fa26b8c791d9fb0d52e24009917dcd89d16991a19412242d10535c6cb6aeca9f48f2b11c9abea6f9795f0732ee13bc3328220417ee2dbc97c261bf83b09bea87de84dc7cc2c54cfd0cef6b47b61b7a192c523ffed7fb5eedbbcaf4a6f861ef4e390cfe6ba7c5c5ced7b2859fc6552211ff6f6c7c22d1a2ea48f8340a8b33a4663a1845802cab1dc60ca73a0c48f23ca2ae9defbe2264d1622493de8932a1e7982fed2b12f72fac7310c415fe064b390db0b37294a281fa3372e47dd098de86d1178e7819415520c1081f5a0b9abb834340349d1513afa51b4d5dc28b1fa60e73c6684fb282c858da07bdc2a48bff177970eb1fb1512fc70997c6b1bd346307e32ad0209b1f07395471eb0ed7d425ceb351570b4a139f2281fef8efe0cef04e729cf45b988c438ae1ab67adedcba693fd72741b5e83bb0967abdf823db720e57af77acd8955770e1f994e2927d3de69168f3a1a99ea34cb24051391bd21f8d082db899db31da1241b995682a51ffc976a58401a231d00b9c68374f9f0e4b0379322a0e69524a7c9f3ce1b0a2e0025306c1423c61ba5a3f47c7b7a020b7f28d06a995d853022ef5a4cecd3515ab4b3239f6a1a2109274667aa234e3aea3466d35712180df8fe3fa5d9530bc68208596907bb35016f0a680a388dd9e9f94866e9ecedb2d3e9eae43e0f2e49d842dded3505346390291074fd6bfaf31f40375a8b1ab44f4821fdeff8dcc241882492767313e5399ad6cf3e8d40158d8c3779960f48c49c6aa439770a3a55bb24382d5dfe4e8e53ea2171ce98077df7671b569f1d17178188768088448674998520d6ada10725dcd1c915d0906147b84c1995683f643d4701ab72e5421e07451d233bef81a1eb6c2b32c542cf356ef6c33854e99be05c0a5cb5e1c4fa33258ba7e703a0e45fb627b8d4c2e13e8b558d9fbbcaeaac0ff1f09f89e0f1a0016ce6c1b927f941fdbdd85c5c2b80dd1517e0794abca3015cab6885c8cfec143e5ca9ed003f5678d3c77e952fc9a129edd1871652b5acc0a42001b62d1b272f17e0c8e631ec84089889dd70f54ebc4662a20dd20be3c48664f35f768859bde70d300ff2268b70673bce26e4eaa3f7236ac14011210218488aa25e53db2cf00096606f9827f3fdd9507d61b27e54df925897184743de3bd0c4b7dd066de9caa89fc43f9cf21b6e188d033733d9a54791db4d2656ba84de90cbd84577f1d04f25014d5590213e641c91bc4992144b95674017f725eb1489611d964605b7754f237b9d1ce38edfe8e70d557868df70ea2ca512a8c95e07e91bdbda83b00e4cd000d8da7eb5729933013b490b8a8abdab15a515fda4e3b1f87b1d865a8b79fe509c766b99869946540d5a9cc68ba3c989b298b35599d1b176ea9a74ad13b9d69395f709dcb61677e619d5c7e61c5bd110a3aa91e2d46559bcefa2f60f0d93e5a8083336f46887bf0664f07f14699dcfc0670b5b6bfa268c5fc87954db1ee32948d0777588c21a7b6c2004c0a3cd5d4437298d6f4969e18edde9c702504b9d6292eec1a1705a253114410428480716e2e736a293e480d44da688ccdd4b5831c89d24541dd64ae931f7f27605721c472f5e903a8ed98d09b74eace02d26eecb8b55cfbdfc3b2f524813d8ef71806877850e56a07304383a2dfcffff8fddeee967b571a13f98c99f0ba9f140b7ab4cc6dedc32479026984adbd9973e834bb7fd6fffca1deb3321dfd2339a678ab18c51bbce850b6c2ed2da83e2346a64f97b6d68c3bcd8235a3c9d7295d6a0c22d81d69b151eea85a897800124f50ac56770fc4d71110f91539cfb5f9bb9ac7a536c3913c2bd2014b03e242bc0630f5804dd388ae4ffc3b4496b3a7d05328ff8e90ae8845235a2ff8cdb78c73b10400577d1e985734e0956567b5565977673a573469959a9f591cf747c3eeab77935639ed060d3caf566b2850a0b44b4e256f3c135fc28eb07e5952ff74d01798294d4584d48372ff4f1aa27018007909e2a42e0a442aa1eae67d5437e0e8e19d88fcd77ee51412dad1be00ff753a846890237c3b69331f990bfc795524d7e9c75c9862f9c1d1504de7f9d2147d7aff86a538816600292d73fe114111e3668345130ad8f6902a0de4922284fbdb2c26aef89e2cdd8eb589469cf81ecb844878d70b024733bcea69bedf9693a1b31b402603f164ff12da86216270d35374df3dbb8400705cc6b89af3929b99a498578391a00d6e3a8a7c13c7cb2194e1b1db068a0a73c0ba3e17c1a4a3f7eb6a2535fe110d82722d2a2f9291de0ec2abcd51155396c82b2062b4162dc2c8637fc3b454ea7f849cc3c9f203ad551d1acac976a0d2d363212a45f44f9637d6d584972b9227e4238a2b6917f60bd643b13088f5ef158a17a8d7d07d599e050d73068b023d01d00d7d48dd03978d041ff60e344f93113664e90f47e31554eae95127f834470127a3ba276cc7ba63e6c592a2bfe255cd9987a76e1ec5861943b1c446467494024c2b01606ee10f77fbc27608aebaec26a7f67d1b640a1c935a8674a8cc4ee78cd275c70391aabd8e37e1f0185f60a4c41e48acd4c612c7280025a2f1409818e4242f2945688390fbaa6578c75cc67ada47ff95250106a7d15a00c56eb8db2870962d4bee13ef69b04d0e71636a47754ebd63f971e20130a39af3488261c71cb01b3bfeeec1aeeff82f1dcc45c28fca85e00fc2705c6831ffe8a9a3de6299c9d9d251f3cfb29b27a9b620949d110aeca6284ba0a8c3c05cd6913bbb6686e26d464fd14c026d6b1ca2aafc5546f52679c05819fa734609a2edf82c70a6b28f9db880728848c1d6a393be3dd8c5f80fdc605e7d389eaadfb7097e8945aaa328fc4861b781fb88c0a06c86a7f9b52f38021d0f1399f67481cbe125fcb1fb4323138c4a1421d65e83a3288fd3eba970b6063415457f88d4f1e8958809f67d834ef74a0c9faebd0df386c53941378657d3dd2bef0d25b96f7668231e2f6153e37375737874cd23ea8a4d34d968dc49b721b23372dd50f8d88d9e4946e0b0247eba7d894022630c4c7822a3147e46bd61af72a0c09b98c5a75c928283b8b2649d46117a934e4a5cec60300d218d8b65b97913d45da31c31d7744fcb91a18ac9c30f1bea289a68dad856523ae553e778c7ac36041e7b01bec68388df7b0e7c190b4a10f944f4edc47559a6f80b02e73a2d6352712ba19cde3d016cdb6a93b26ff19a27b093d8a891b6a0eb8d4d2fb9cea0823e76501a9f5278d26ea57a09be84b75c39e22a7c6c66fa1c1ec0012c0af64ad63459f1231369c963e88e01e0fbd3ddc7b73dd7cf6cdc509f55cf5b1aaca65fe90c80c1a40dcd72840cda870d877e0aebe61946f06d949a7eee63f59438000edfaa1d69e580313df72da7cb4e0198989eae94b939d0f293861bd63b47090f95137e9bc1fcf7392f139032d8c76f97557a83a6cfe9d1014938484ce80c800f3b1820696a38634b5394418a0de6ec3440d1e9aa019981301141349cda1314f511385dd95e220c5adc1909fd2e2de6494fd45c51300d69c35db67ba7ed47543e98c5dff0f917653a3cb7599f91aee159c3f74d24c32f615f6954bb230c0f20c37ade40500c44716c6203878cc9089640b11dd88e57ac1d0cbd858519a1cf50a3ab312c91fc24ffb2709cfa06ec71d2cd75d89ec4cc796bd5407cf796bbdab6f3e3ba3805bb005e17bc0798c45890c55fdf5c217e3843af968e12f0938270b2b6a61cf8e53cd0e6e22666601460a78f7b23225be4319bcbdeb4d11fbd8ba6e7824e9ec2b3da28c2b5e47c1b93d031b49c5e8c6d7b3b70aa052ca5e8d974105db76b329662b3f5933087b16b667c49506382a08b98de375c4dd5a0d92ae2da309355f3056c77529269bdbf9a7b7d8a3783af8ec19dfbb12e58c30ebc2e6b64eb47f8b2751cecd8d3012ff0390f60afabf174ba30633f436451aa6cc47b1d2d149ac2e7cbaac7ef5148c3b9204cd486d8e3c286c878ea651f49c2b43e6ce0b0715dece711e6f9596ae3804664f0181de85bfdbc2a6186e9e9650c17950519d3abf020d849ca665947a8e6ad58623a7e4aa89e1b6adbee63a204b8a794e5e4026f75e21dd28", 0x1000) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = dup(r0) sendto$netrom(r3, &(0x7f00000010c0)="7d10e352661306badda51678c4d1755058542ad5f119e877ac54a05dcaa8346f513453a4b76be8ce814756b0d2f2f393e1c9929806fd6fb9e58a3515bdd63218a3dbf661550faa4496f332ccde57e5e689a3503589468f472c931f487bea6584535efd985c5b27699cca71e1a839af2ea4d6c633194e5dafc40b27c694506bdea1c39783d210be0bed709a513aa9ba29ec7e5fbe", 0x94, 0x20000810, &(0x7f0000001180)={{0x3, @bcast}, [@bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @bcast, @bcast, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000001200)={0x5, 0x87}) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r4, 0x4008ae89, &(0x7f0000000000)={0x7b, 0x600000000000000, [0x40000072, 0x0, 0x1b], [0xc2]}) [ 1721.969190] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1721.975232] CPU: 1 PID: 1916 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1721.982362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1721.991744] Call Trace: [ 1721.994365] dump_stack+0x172/0x1f0 [ 1721.998198] handle_userfault.cold+0x41/0x5d [ 1722.002647] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1722.007258] ? __handle_mm_fault+0x36b7/0x3f20 [ 1722.011968] ? find_held_lock+0x35/0x130 [ 1722.016075] ? __handle_mm_fault+0x36b7/0x3f20 [ 1722.020684] ? kasan_check_read+0x11/0x20 [ 1722.024857] ? lock_downgrade+0x810/0x810 [ 1722.024877] ? kasan_check_read+0x11/0x20 [ 1722.024893] ? do_raw_spin_unlock+0x57/0x270 [ 1722.033385] __handle_mm_fault+0x36c8/0x3f20 [ 1722.033408] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1722.033425] ? find_held_lock+0x35/0x130 [ 1722.051161] ? handle_mm_fault+0x322/0xb30 [ 1722.055528] ? kasan_check_read+0x11/0x20 [ 1722.059818] handle_mm_fault+0x43f/0xb30 [ 1722.063911] __do_page_fault+0x5da/0xd60 [ 1722.068263] do_page_fault+0x71/0x581 [ 1722.072082] ? page_fault+0x8/0x30 [ 1722.075640] page_fault+0x1e/0x30 [ 1722.075653] RIP: 0033:0x451880 [ 1722.075668] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1722.075677] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1722.082336] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1722.082345] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1722.082354] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1722.082363] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1722.082372] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1722.204670] FAT-fs (loop5): Unrecognized mount option "err [ 1722.204670] rs=continue" or missing value [ 1722.204869] gfs2: not a GFS2 filesystem 22:17:33 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000003fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f00000000c0), 0x4) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000040)={'veth1_to_bond:\x00', &(0x7f0000000100)=ANY=[@ANYBLOB='O']}) close(r2) close(r1) r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x10300, 0x0) getsockopt$inet6_tcp_buf(r3, 0x6, 0x1f, &(0x7f0000000140)=""/4096, &(0x7f0000000080)=0x1000) 22:17:33 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003000)={[{@fat=@errors_continue='err\"rs=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1722.262297] kvm [1927]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc2 data 0x0 [ 1722.290020] kvm [1927]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc2 data 0x0 22:17:33 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'nr0\x01\x01\x00', 0x2}) ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000000)={0x0, 0x1, [@random="7aaf96e740b5"]}) syz_open_dev$amidi(&(0x7f0000000100)='/dev/amidi#\x00', 0x3, 0x101001) openat$selinux_enforce(0xffffffffffffff9c, &(0x7f00000001c0)='/selinux/enforce\x00', 0x20000, 0x0) 22:17:33 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x6000000000000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1722.398898] gfs2: not a GFS2 filesystem 22:17:33 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x6, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:17:33 executing program 4: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x303000, 0x0) read$FUSE(r0, 0x0, 0x1f) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) [ 1722.508395] FAT-fs (loop5): Unrecognized mount option "err"rs=continue" or missing value [ 1722.522071] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1722.530259] CPU: 0 PID: 1947 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1722.537493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1722.537500] Call Trace: [ 1722.537527] dump_stack+0x172/0x1f0 [ 1722.537549] handle_userfault.cold+0x41/0x5d [ 1722.537577] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1722.537595] ? __handle_mm_fault+0x36b7/0x3f20 [ 1722.537610] ? find_held_lock+0x35/0x130 [ 1722.537626] ? __handle_mm_fault+0x36b7/0x3f20 [ 1722.537645] ? kasan_check_read+0x11/0x20 [ 1722.537661] ? lock_downgrade+0x810/0x810 [ 1722.537677] ? kasan_check_read+0x11/0x20 [ 1722.537691] ? do_raw_spin_unlock+0x57/0x270 [ 1722.537710] __handle_mm_fault+0x36c8/0x3f20 [ 1722.557765] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1722.557781] ? find_held_lock+0x35/0x130 [ 1722.557794] ? handle_mm_fault+0x322/0xb30 [ 1722.557821] ? kasan_check_read+0x11/0x20 [ 1722.557843] handle_mm_fault+0x43f/0xb30 [ 1722.557864] __do_page_fault+0x5da/0xd60 [ 1722.567645] do_page_fault+0x71/0x581 [ 1722.567660] ? page_fault+0x8/0x30 [ 1722.567673] page_fault+0x1e/0x30 [ 1722.567685] RIP: 0033:0x451880 [ 1722.567698] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d 22:17:33 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='hfXplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) 22:17:33 executing program 4: [ 1722.567706] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1722.567718] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1722.567726] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1722.567734] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1722.567742] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1722.567750] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:17:33 executing program 0: mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f00000000c0)='tmpfs\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') getpid() sched_setscheduler(0x0, 0x0, 0x0) mkdir(&(0x7f0000000380)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file2\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]}) r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) 22:17:33 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x6800000000000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:33 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003000)={[{@fat=@errors_continue='err%rs=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1722.771493] gfs2: not a GFS2 filesystem 22:17:33 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e24, 0x0, @loopback}, 0x1c) listen(r0, 0x22b) socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f000055bfe4), 0xfffffffffffffd56) r1 = accept4(r0, 0x0, 0x0, 0x0) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x880, 0x0) openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x0, 0x0) setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r2, 0x84, 0x4, &(0x7f0000000040)=0x64, 0x4) syz_genetlink_get_family_id$nbd(&(0x7f0000000080)='nbd\x00') ioctl$TIOCEXCL(r2, 0x540c) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000100)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x9c) [ 1722.859204] gfs2: not a GFS2 filesystem 22:17:33 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x6c00000000000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:33 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x7, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1722.936110] overlayfs: failed to resolve './file1': -2 [ 1722.954039] FAT-fs (loop5): Unrecognized mount option "err%rs=continue" or missing value 22:17:33 executing program 0: socket$inet(0x2, 0x3, 0x2) r0 = syz_open_dev$cec(&(0x7f0000000200)='/dev/cec#\x00', 0x3, 0x2) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000400)={0x0, 0x6, 0x2}, &(0x7f0000000480)=0x8) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x74, 0x4) bind$inet(r1, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) r2 = syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x43, 0x8002) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x8040ae9f, &(0x7f0000000140)) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) ioctl$VIDIOC_S_FBUF(r2, 0x4030560b, &(0x7f00000001c0)={0x40, 0x0, &(0x7f0000000240)="44c3f4755dc2fa992c8469d051e6fe83017a5a18583988964aa02fe2e882249e26cc59108e521b657d0130d45e68f0359fbfcba92a20e3c10e35aac6e9946fe1969ea4df9fb5ce60758cfc3e2a676f9cec53328621d28f738b908046a43e603c52474cfa822062b11e5ca70bad1a65470e41dec385486cf7fcaca665f6ba625c0d744af3ba8dc9c5363fd722be2ef8b88635633c88f3251913083c523a1339c35c8cf36424ed4d7add7f2e5d95db3db976e557abc404a823577c1438fce2f6bdeabe030df61751ca2b6a7fa363a1e6414398371496eb206cc061bb3c0f7cdc6d16eed0c6ce314e39dc4e5f4273fa0ca776", {0x1, 0x1ff, 0x35303553, 0x0, 0x5, 0x7, 0x9, 0x3b3}}) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x4) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f00000004c0)={{{@in=@dev, @in6}}, {{@in=@empty}, 0x0, @in6=@remote}}, &(0x7f00000005c0)=0xe8) fstat(r0, &(0x7f0000000600)) writev(r1, &(0x7f0000000340)=[{&(0x7f0000000a80)="d85e678e676090b1343eb9c52bd02479d0747d8b2ab1410220300dba233c5193d6240d4a4d3d2a693cc7b07ce79ebbae29f214bee98043109616a4205ae885b9fa8c3b79353fa61bf3da3d814e673a4e0524a241d81a07f6dd09e1d0e34871ddf209e2e0ea4539e15d", 0x69}], 0x1) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semget$private(0x0, 0x1000003, 0x100000000a4) write$P9_RLINK(r2, &(0x7f0000000040)={0x7, 0x47, 0x1}, 0x7) semctl$SETALL(0x0, 0x0, 0x11, 0x0) write$binfmt_elf32(r1, &(0x7f00000008c0)=ANY=[@ANYBLOB="7f454c4600010000000000040000000000003e0000000000000000003800000000000000042233e9c50000000000002000000000009c00000000c9484caaef0000000000000000000000000000000000000008000500000000000000000000000000dcd22cd830a0b2dfb284f65df3be04dde0a02b9b0419a613996c39550c551257a02ed03c964962b39865598eb492c34f905034bd7d9f10500ef64d649be114b2288c34fb7ddc637b9d0946f83fec2e839af8f9e12f1ee74fb6162bd4376c76bc5adde08ed5100ccc787198f570d1cf8416e898239ed43d19c4bb3eaa5c94af371c3873f17fd32c7f6dcd68149eaab27808e12a5f8b9eba051e6aa9643ecc28e846a75295aa20a67542b2e0f401cfa52d12d67c3a56d14afd8a0400576c97aa3fd8157f787bc01ec50235d4478600038529f054d742fc59d22047ac17a240259f075336007911856ceec85f08002e4a10870b1dcaafd938a33e8aaef120c74f3535db08184a92fa"], 0x169) setsockopt$inet6_buf(r0, 0x29, 0x17, &(0x7f0000000740)="0b67bfee6402958c238c7e000be87cce0800944a92ff9d0959b40755407f954720efa627a2715c95ce99259d7b34648d73ff351800c180e01ad7628579e3143541441c37f2d99b71d41008195110059e32cb7225fd3779c8dd80ae4348371751e0f451e897eb238d23db38f89d4f84d069231816d5600455dedc8ab4ccce218485509eb121a1723817552d00f92ea1", 0x8f) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) r3 = socket(0x10, 0x803, 0x0) sendto(r3, &(0x7f00000000c0)="120000001400e7ef007b0000f4afd7030a7c", 0x12, 0x0, 0x0, 0x0) socket$inet_smc(0x2b, 0x1, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) [ 1722.999447] overlayfs: failed to resolve './file0': -2 22:17:33 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x7400000000000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:34 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='hfcplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) [ 1723.100756] gfs2: not a GFS2 filesystem [ 1723.155281] FAT-fs (loop5): Unrecognized mount option "err%rs=continue" or missing value [ 1723.167716] gfs2: not a GFS2 filesystem 22:17:34 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003000)={[{@fat=@errors_continue='err,rs=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:34 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x7a00000000000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:34 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x8, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1723.450315] FAT-fs (loop5): Unrecognized mount option "err" or missing value 22:17:34 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x8000000000000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:34 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='hfdplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) 22:17:34 executing program 4: sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980)}, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair(0x1, 0x5, 0x0, &(0x7f0000000740)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f0, &(0x7f0000000000)='ip6tnl0\x00') [ 1723.750661] gfs2: not a GFS2 filesystem 22:17:34 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0xffffffff00000000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1723.808950] FAT-fs (loop5): Unrecognized mount option "err" or missing value 22:17:34 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003000)={[{@fat=@errors_continue='erro\ns=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:34 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x1, 0x0) r1 = dup(r0) ioctl$SNDRV_TIMER_IOCTL_START(r1, 0x54a0) stat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0}) r3 = getegid() write$P9_RGETATTR(r1, &(0x7f0000000100)={0xa0, 0x19, 0x1, {0x1800, {0x80, 0x1}, 0x1, r2, r3, 0x4, 0x80, 0x144, 0x8, 0x4, 0x100, 0x8, 0xffffffff, 0x3, 0x0, 0x80000000, 0x3ff, 0x6, 0x1ff, 0x4}}, 0xa0) 22:17:34 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x9, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:17:34 executing program 4: r0 = open(&(0x7f0000000180)='./file1\x00', 0x0, 0x3) ioctl$RTC_EPOCH_READ(r0, 0x8008700d, &(0x7f0000000200)) syz_mount_image$hfsplus(&(0x7f0000000240)='hfsplus\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[]) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cachefiles\x00', 0x40, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000080)={0x0, 0x1, 0x30}, &(0x7f0000000000)=0xc) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000100)={r2}, &(0x7f0000000140)=0x8) 22:17:34 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='hfiplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) 22:17:34 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0xffffffffa0008000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1724.042344] FAT-fs (loop5): Unrecognized mount option "erro [ 1724.042344] s=continue" or missing value 22:17:35 executing program 0: r0 = syz_open_dev$sndpcmc(&(0x7f0000000040)='/dev/snd/pcmC#D#c\x00', 0x1, 0x0) ioctl(r0, 0xc1004110, &(0x7f0000000000)="b60be09850e7fa9164681948a632ac99f03dcd88acc191a27c") [ 1724.122426] gfs2: not a GFS2 filesystem [ 1724.147998] hfsplus: unable to find HFS+ superblock [ 1724.189080] FAT-fs (loop5): Unrecognized mount option "erro [ 1724.189080] s=continue" or missing value [ 1724.205079] handle_userfault: 7 callbacks suppressed [ 1724.205087] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1724.219797] CPU: 0 PID: 2054 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1724.226959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1724.236332] Call Trace: [ 1724.238948] dump_stack+0x172/0x1f0 [ 1724.242616] handle_userfault.cold+0x41/0x5d [ 1724.247066] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1724.251679] ? __handle_mm_fault+0x36b7/0x3f20 [ 1724.257414] ? find_held_lock+0x35/0x130 [ 1724.261498] ? __handle_mm_fault+0x36b7/0x3f20 [ 1724.266109] ? kasan_check_read+0x11/0x20 [ 1724.270458] ? lock_downgrade+0x810/0x810 [ 1724.274635] ? kasan_check_read+0x11/0x20 [ 1724.278801] ? do_raw_spin_unlock+0x57/0x270 [ 1724.283251] __handle_mm_fault+0x36c8/0x3f20 [ 1724.287744] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1724.293559] ? find_held_lock+0x35/0x130 [ 1724.297640] ? handle_mm_fault+0x322/0xb30 [ 1724.301906] ? kasan_check_read+0x11/0x20 [ 1724.306080] handle_mm_fault+0x43f/0xb30 [ 1724.310169] __do_page_fault+0x5da/0xd60 [ 1724.314261] do_page_fault+0x71/0x581 [ 1724.318085] ? page_fault+0x8/0x30 [ 1724.321867] page_fault+0x1e/0x30 [ 1724.325332] RIP: 0033:0x451880 22:17:35 executing program 0: mkdir(&(0x7f0000000340)='./file0\x00', 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffff9c, 0x29, 0x20, &(0x7f0000000000)={@mcast1, 0x1, 0x0, 0x2, 0x9, 0x5, 0x3}, 0x20) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount(&(0x7f0000000040)=ANY=[@ANYBLOB="5b6401005d3a2f6c6c623a10"], &(0x7f0000000200)='./file0\x00', &(0x7f0000000100)='ceph\x00', 0x0, 0x0) [ 1724.328536] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1724.347453] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1724.352849] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1724.360136] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1724.367419] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1724.374840] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1724.382128] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:17:35 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0xffffffffa0028000, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:35 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003000)={[{@fat=@errors_continue='erro\"s=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:35 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='hflplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) 22:17:35 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0xa, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) 22:17:35 executing program 0: clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r0) futex(&(0x7f0000000140), 0x0, 0x1, 0x0, 0x0, 0xffffffffffffffff) ptrace$setopts(0x4206, r0, 0x0, 0x0) r1 = openat$vfio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vfio/vfio\x00', 0x100, 0x0) getsockname$netlink(r1, &(0x7f0000000100), &(0x7f00000002c0)=0xc) r2 = msgget$private(0x0, 0x10) msgsnd(r2, &(0x7f0000000180)=ANY=[@ANYBLOB="03000000000000000000000555f2b3d7df37e2944d4824c025539bf232ae6e0fe9146369824ee0a60921b037495af5539bfc59eac1767b3d2c154c5f41ba318b0f7afb02c667d7ea9a3006e8f80dcd7b6f30ee67705453800a99e6c2f57aeb8df8e87a7991f57da9bb128ac76a1a779fab7747b363e0d5a94b7fe149b02a7b982b60d32c7e0880124f605c818829ffaf4d4c302cc105fe0d138c57a135c9b58b7dff7f98dd666629c90cffe0964d1df4661118f41290856c5a5541540a3af67d92eadbb4a1fbc10da3c76dfb2683500cf1bae2274bc7981ee4c683730cab1effaa316f7e3800c3daacda555cc96924476e1095297e9a1402e4e0c217d455be97feff6e18c742404fa2177d988ffdda2e81c5e54237fb30f1ab0cf913fb4b6ceed6a78df03fdcb2d6dbfa45e8"], 0xad, 0x800) tkill(r0, 0x2f) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="3900559592f402f48bba685ddaad3517a06a1e5f18e367ace25718383c78f16fb5bcbc16bb1408774b5e1a918a7c305e29b37afa243774f3a17d1bc1ccf0db00d7273cb844759a6180833e0ef22a6b327e14653a4a7b231982727c939d0000a5c13ce670b5da00332601d42e6b9a0e7b9508e9d1391cb555ecf5936aada359f6f24f1a563484f87c731bd433ce8299b38aaf4ecace2729c04655d9a0fb07824f4b6cf0322a"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 1724.509299] hfsplus: unable to find HFS+ superblock [ 1724.513302] ceph: device name is missing path (no : separator in [d) 22:17:35 executing program 4: r0 = accept$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x0, @local}, &(0x7f00000002c0)=0x10) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffff9c, 0x84, 0x66, &(0x7f0000000300)={0x0}, &(0x7f0000000340)=0x8) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000380)={r1, 0x5d, "c7539cfbddd3a0f26df54aa5f20e0cf9e01f0670f0bcec96b38dd55c7c2088eb33de8e5b7a6ebfc57f09671424879c6bf39f80212e990896b5a673be543517e42e2f53de2ceca1fdb4fa75dc9dc1be74546dffad0afbf6394fcf95251e"}, &(0x7f0000000400)=0x65) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) keyctl$join(0x1, 0x0) recvfrom$unix(0xffffffffffffffff, 0x0, 0xfffffffffffffe71, 0x0, 0x0, 0xb1) r2 = syz_open_dev$admmidi(&(0x7f0000000180)='/dev/admmidi#\x00', 0x2, 0x2000) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(r2, 0x6, 0x15, &(0x7f00000001c0)=0x4, 0x4) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, 0x0, 0x0) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, 0x0, 0x0) ioctl$VIDIOC_G_EXT_CTRLS(r2, 0xc0205647, &(0x7f0000000480)={0x9c0000, 0x1f, 0x80000001, [], &(0x7f0000000440)={0x9b096b, 0x20, [], @ptr=0x4}}) r3 = openat$ion(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r3, 0xc0184900, &(0x7f0000000080)={0x10000009, 0xffffffffffffffff, 0x0, 0xffffffffffffffff}) r5 = open(&(0x7f0000000000)='./file0\x00', 0x8000, 0x10) prctl$PR_CAPBSET_DROP(0x18, 0xd) ioctl$CAPI_GET_PROFILE(r2, 0xc0404309, &(0x7f0000000200)=0x6) getsockopt$inet_sctp_SCTP_EVENTS(r5, 0x84, 0xb, &(0x7f0000000040), &(0x7f0000000100)=0xb) close(r2) ioctl$DMA_BUF_IOCTL_SYNC(r4, 0x40086200, &(0x7f0000000240)=0x1) mincore(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x0) setsockopt$inet6_dccp_int(r5, 0x21, 0x5, &(0x7f0000000140)=0x401, 0x4) shmdt(0x0) ioctl$VIDIOC_G_OUTPUT(0xffffffffffffffff, 0x8004562e, &(0x7f0000000540)) [ 1724.602106] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1724.606874] CPU: 0 PID: 2068 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1724.613988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1724.623350] Call Trace: [ 1724.625967] dump_stack+0x172/0x1f0 [ 1724.629652] handle_userfault.cold+0x41/0x5d [ 1724.634126] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1724.638722] ? __handle_mm_fault+0x36b7/0x3f20 [ 1724.643318] ? find_held_lock+0x35/0x130 [ 1724.647391] ? __handle_mm_fault+0x36b7/0x3f20 [ 1724.652080] ? kasan_check_read+0x11/0x20 [ 1724.656251] ? lock_downgrade+0x810/0x810 [ 1724.660419] ? kasan_check_read+0x11/0x20 [ 1724.664575] ? do_raw_spin_unlock+0x57/0x270 [ 1724.669098] __handle_mm_fault+0x36c8/0x3f20 [ 1724.673616] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1724.678467] ? find_held_lock+0x35/0x130 [ 1724.682540] ? handle_mm_fault+0x322/0xb30 [ 1724.686827] ? kasan_check_read+0x11/0x20 [ 1724.690997] handle_mm_fault+0x43f/0xb30 [ 1724.695256] __do_page_fault+0x5da/0xd60 [ 1724.699340] do_page_fault+0x71/0x581 [ 1724.703150] ? page_fault+0x8/0x30 [ 1724.706697] page_fault+0x1e/0x30 [ 1724.710162] RIP: 0033:0x451880 [ 1724.713368] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1724.732280] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1724.737649] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1724.745014] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1724.752293] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1724.759575] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1724.766872] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:17:35 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = fcntl$dupfd(r0, 0x3fffffffffffffff, r0) getresgid(&(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0)) accept$inet(r1, &(0x7f0000000140)={0x2, 0x0, @broadcast}, &(0x7f0000000000)=0x6) 22:17:35 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x2) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 1724.920556] FAT-fs (loop5): Unrecognized mount option "erro"s=continue" or missing value [ 1724.930041] gfs2: not a GFS2 filesystem 22:17:35 executing program 0: mkdir(&(0x7f0000000200)='./file1\x00', 0x0) symlink(&(0x7f0000000500)='./file0/f.le.\x00', &(0x7f0000000140)='.//ile0\x00') prctl$PR_GET_FP_MODE(0x2e) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) fstat(0xffffffffffffffff, 0x0) geteuid() syz_mount_image$hfsplus(&(0x7f0000000040)='hfsplus\x00', &(0x7f0000000080)='./file0/f.le.\x00', 0xffffffff, 0x1, &(0x7f0000000700)=[{&(0x7f0000000640)="c5ef7bce052c4b7b599c0fe98874f058b8ffe4460d401446dd5c4a9db84bf529a654cf4b7fd7b599b75483566c1a5a4d2f05516f133318e6074758a44f16318a6f336d6911375f5110ee21b2d24a9f6145972d43d98d25eb0b9d5affec96c836d5cebd313fc64de241291d4391b202c985ed9c8374759708ccc69c7051db261b53cb423a3d875e8c5b6117304fca9ee1a04053665aca6b9bd5ccb69315810375ec699c20d94650ecc44ef7f358031392521b00ce938388858556efd3ea16", 0xbe, 0x38}], 0x1900000, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) renameat(r0, &(0x7f0000000240)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 1725.023094] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1725.029094] CPU: 0 PID: 2098 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1725.036265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1725.036272] Call Trace: [ 1725.036298] dump_stack+0x172/0x1f0 [ 1725.036321] handle_userfault.cold+0x41/0x5d [ 1725.036350] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1725.036368] ? __handle_mm_fault+0x36b7/0x3f20 [ 1725.056480] ? find_held_lock+0x35/0x130 [ 1725.056499] ? __handle_mm_fault+0x36b7/0x3f20 [ 1725.056519] ? kasan_check_read+0x11/0x20 [ 1725.056537] ? lock_downgrade+0x810/0x810 [ 1725.056554] ? kasan_check_read+0x11/0x20 [ 1725.087119] ? do_raw_spin_unlock+0x57/0x270 [ 1725.091558] __handle_mm_fault+0x36c8/0x3f20 [ 1725.095989] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1725.100933] ? find_held_lock+0x35/0x130 [ 1725.105010] ? handle_mm_fault+0x322/0xb30 [ 1725.109276] ? kasan_check_read+0x11/0x20 [ 1725.113445] handle_mm_fault+0x43f/0xb30 [ 1725.117667] __do_page_fault+0x5da/0xd60 [ 1725.121771] do_page_fault+0x71/0x581 [ 1725.125583] ? page_fault+0x8/0x30 [ 1725.129137] page_fault+0x1e/0x30 [ 1725.132600] RIP: 0033:0x451880 [ 1725.135814] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1725.155165] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1725.160543] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e 22:17:36 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='hfoplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) [ 1725.167937] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1725.175216] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1725.182495] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1725.189785] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff 22:17:36 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0xb, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1725.245090] FAT-fs (loop5): Unrecognized mount option "erro"s=continue" or missing value 22:17:36 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003000)={[{@fat=@errors_continue='erro%s=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1725.380213] gfs2: not a GFS2 filesystem 22:17:36 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='hfpplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) 22:17:36 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0xe, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1725.496755] FAT-fs (loop5): Unrecognized mount option "erro%s=continue" or missing value [ 1725.535979] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1725.543407] CPU: 1 PID: 2098 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1725.552143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1725.561598] Call Trace: [ 1725.564388] dump_stack+0x172/0x1f0 [ 1725.568145] handle_userfault.cold+0x41/0x5d [ 1725.572599] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1725.577214] ? __handle_mm_fault+0x36b7/0x3f20 [ 1725.581834] ? find_held_lock+0x35/0x130 [ 1725.585928] ? __handle_mm_fault+0x36b7/0x3f20 [ 1725.590762] ? kasan_check_read+0x11/0x20 [ 1725.595114] ? lock_downgrade+0x810/0x810 [ 1725.599639] ? kasan_check_read+0x11/0x20 [ 1725.603819] ? do_raw_spin_unlock+0x57/0x270 [ 1725.608267] __handle_mm_fault+0x36c8/0x3f20 [ 1725.612761] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1725.617633] ? find_held_lock+0x35/0x130 [ 1725.626773] ? handle_mm_fault+0x322/0xb30 [ 1725.631375] ? kasan_check_read+0x11/0x20 [ 1725.635683] handle_mm_fault+0x43f/0xb30 [ 1725.639824] __do_page_fault+0x5da/0xd60 [ 1725.644124] do_page_fault+0x71/0x581 [ 1725.648992] ? page_fault+0x8/0x30 [ 1725.652557] page_fault+0x1e/0x30 [ 1725.656038] RIP: 0033:0x451880 [ 1725.659260] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1725.678179] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1725.683878] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1725.691265] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1725.698562] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1725.705853] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1725.713148] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1725.723570] overlayfs: filesystem on './file0' not supported as upperdir 22:17:36 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003000)={[{@fat=@errors_continue='erro,s=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) [ 1725.765843] syz-executor.0 (2110) used greatest stack depth: 23296 bytes left 22:17:36 executing program 0: mkdir(&(0x7f0000000200)='./file1\x00', 0x0) symlink(&(0x7f0000000500)='./file0/f.le.\x00', &(0x7f0000000140)='.//ile0\x00') prctl$PR_GET_FP_MODE(0x2e) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) fstat(0xffffffffffffffff, 0x0) geteuid() syz_mount_image$hfsplus(&(0x7f0000000040)='hfsplus\x00', &(0x7f0000000080)='./file0/f.le.\x00', 0xffffffff, 0x1, &(0x7f0000000700)=[{&(0x7f0000000640)="c5ef7bce052c4b7b599c0fe98874f058b8ffe4460d401446dd5c4a9db84bf529a654cf4b7fd7b599b75483566c1a5a4d2f05516f133318e6074758a44f16318a6f336d6911375f5110ee21b2d24a9f6145972d43d98d25eb0b9d5affec96c836d5cebd313fc64de241291d4391b202c985ed9c8374759708ccc69c7051db261b53cb423a3d875e8c5b6117304fca9ee1a04053665aca6b9bd5ccb69315810375ec699c20d94650ecc44ef7f358031392521b00ce938388858556efd3ea16", 0xbe, 0x38}], 0x1900000, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) renameat(r0, &(0x7f0000000240)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 1725.866179] FAT-fs (loop5): Unrecognized mount option "erro" or missing value [ 1725.874327] gfs2: not a GFS2 filesystem 22:17:36 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x10, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1726.073188] FAT-fs (loop5): Unrecognized mount option "erro" or missing value [ 1726.141977] gfs2: not a GFS2 filesystem 22:17:37 executing program 4: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x13f}}, 0xffaf) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000200)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21}, {0xa, 0x0, 0x0, @mcast1}, r1}}, 0x48) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000800)={0x0, 0x2, 0xfa00, {0x0, &(0x7f00000007c0)={0xffffffffffffffff}, 0x13f}}, 0x20) r3 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x7, 0x400000) fstat(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0}) fstat(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r6 = getuid() r7 = getegid() getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000000440)={{{@in=@empty, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in=@empty}}, &(0x7f0000000180)=0xe8) lstat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000000540)='./file0\x00', &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000600)='./file0\x00', &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000006c0)={0x0, 0x0}, &(0x7f0000000700)=0xc) getgroups(0x3, &(0x7f0000000740)=[0x0, 0x0, 0xffffffffffffffff]) fstat(r0, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000780)={0x0, 0x0, 0x0}, &(0x7f00000008c0)=0xc) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000900)={{{@in=@multicast2, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@initdev}, 0x0, @in=@empty}}, &(0x7f0000000a00)=0xe8) r17 = getegid() write$FUSE_DIRENTPLUS(r3, &(0x7f0000000a40)={0x4a8, 0x0, 0x8, [{{0x1, 0x2, 0x3ff, 0x1, 0xffff, 0x8, {0x5, 0xdc, 0x200000002000000, 0x3, 0xd1b, 0xffffffffffff0001, 0x0, 0x8001, 0x3, 0x3, 0x7fff, r4, r5, 0xfff, 0x6}}, {0x0, 0x7fffffff, 0x2, 0x4, '$\xa5'}}, {{0x6, 0x3, 0x70, 0x3ff, 0x3, 0x100000000, {0x3, 0xf6ce, 0x80000001, 0x69b2, 0x4, 0x0, 0x100000001, 0x1, 0x8, 0xffffffffffffffff, 0x3, r6, r7, 0x100000001, 0x634}}, {0x3, 0x0, 0x18, 0x245, '/dev/infiniband/rdma_cm\x00'}}, {{0x2, 0x3, 0x680, 0xf7ff, 0x80000000, 0x600, {0x0, 0x8001, 0xc38, 0x7ff, 0xfffffffffffffffc, 0x400, 0x0, 0x200, 0x200, 0xfffffffffffffff7, 0x4, r8, r9, 0x7fff, 0x400000000000000}}, {0x2, 0x70f1fd9f, 0x1, 0x6, '&'}}, {{0x2, 0x0, 0x5a31, 0x80000001, 0x7, 0x33, {0x5, 0xffff, 0x7fff, 0x5, 0x1, 0x80000001, 0x6, 0x401, 0xb9, 0x12e9f4aa, 0x4, r10, r11, 0xfffffffffffffff8, 0xffff}}, {0x6, 0x623, 0x0, 0x80}}, {{0x2, 0x2, 0x7, 0x7, 0x7fffffff, 0x8, {0x6, 0x1b8b, 0xfd, 0x7, 0x8, 0xff, 0x100000001, 0x82a2, 0x8, 0x6, 0x6, r12, r13, 0x8, 0x7fff}}, {0x5, 0x0, 0x18, 0xc5, '/dev/infiniband/rdma_cm\x00'}}, {{0x3, 0x3, 0x40, 0x8000, 0x20, 0xffffffff, {0x6, 0xfffffffffffffffe, 0x80000000, 0x3ff, 0x4, 0x9, 0x5, 0xe818, 0x6, 0x80000001, 0x3, r14, r15, 0x1000, 0x7fff}}, {0x2, 0x80, 0x18, 0x1, '/dev/infiniband/rdma_cm\x00'}}, {{0x3, 0x1, 0x5, 0x9, 0x1f, 0x8, {0x4, 0x4, 0x1e8, 0x8, 0xfffffffffffffff7, 0x5, 0x8, 0xfffffffffffffffc, 0x7f, 0x7, 0xffff, r16, r17, 0xd, 0x9eb}}, {0x3, 0x8, 0x18, 0x43, '/dev/infiniband/rdma_cm\x00'}}]}, 0x4a8) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f00000003c0)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21, 0x0, @ipv4}, {}, r2}}, 0x48) write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f00000001c0)={0x7, 0x8, 0xfa00, {r1, 0x6}}, 0x10) 22:17:37 executing program 2: syz_mount_image$hfsplus(&(0x7f00000001c0)='hfuplus\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[{@creator={'creator', 0x3d, "3b2c9734"}}]}) 22:17:37 executing program 0: openat$ptmx(0xffffffffffffff9c, &(0x7f00003e0000)='/dev/ptmx\x00', 0x0, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f0000000340), 0x10000014c) request_key(&(0x7f00000001c0)='rxrpc\x00', &(0x7f0000000240)={'syz', 0x1}, &(0x7f0000000340)='rose', 0xfffffffffffffff8) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm-control\x00', 0x800, 0x0) socket(0x40000000015, 0x5, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") ioctl$sock_rose_SIOCDELRT(r1, 0x890c, &(0x7f00000002c0)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0xffffffffffffc750, @bcast, @rose={'rose', 0x0}, 0x5, [@bcast, @null, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default]}) clock_gettime(0x0, &(0x7f0000000280)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b9}, &(0x7f0000000200)={0x0, r3+30000000}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='\x00', r1}, 0x10) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) 22:17:37 executing program 5: syz_mount_image$msdos(&(0x7f0000000280)='msdos\x00', &(0x7f0000000a00)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000003000)={[{@fat=@errors_continue='error\n=continue'}]}) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 22:17:37 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x3) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 22:17:37 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$gfs2(&(0x7f00000000c0)='gfs2\x00', &(0x7f0000000100)='./file0\x00', 0x23, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{@statfs_percent={'statfs_percent'}}]}) [ 1726.394390] FAT-fs (loop5): Unrecognized mount option "error [ 1726.394390] =continue" or missing value [ 1726.412447] gfs2: not a GFS2 filesystem [ 1726.440188] FAULT_FLAG_ALLOW_RETRY missing 70 [ 1726.444613] ================================================================== [ 1726.446236] CPU: 1 PID: 2163 Comm: syz-executor.1 Not tainted 5.0.0-rc6 #67 [ 1726.452480] BUG: KASAN: use-after-free in __list_del_entry_valid+0xe6/0xf5 [ 1726.459566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1726.466573] Read of size 8 at addr ffff888094bf06a0 by task syz-executor.4/2161 [ 1726.475930] Call Trace: [ 1726.483366] [ 1726.485961] dump_stack+0x172/0x1f0 [ 1726.491179] handle_userfault.cold+0x41/0x5d [ 1726.495597] ? userfaultfd_ioctl+0x39e0/0x39e0 [ 1726.500183] ? __handle_mm_fault+0x36b7/0x3f20 [ 1726.504762] ? find_held_lock+0x35/0x130 [ 1726.508907] ? __handle_mm_fault+0x36b7/0x3f20 [ 1726.513492] ? kasan_check_read+0x11/0x20 [ 1726.517650] ? lock_downgrade+0x810/0x810 [ 1726.521800] ? kasan_check_read+0x11/0x20 [ 1726.525949] ? do_raw_spin_unlock+0x57/0x270 [ 1726.530358] __handle_mm_fault+0x36c8/0x3f20 [ 1726.534769] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 1726.539632] ? find_held_lock+0x35/0x130 [ 1726.543694] ? handle_mm_fault+0x322/0xb30 [ 1726.547969] ? kasan_check_read+0x11/0x20 [ 1726.552121] handle_mm_fault+0x43f/0xb30 [ 1726.556201] __do_page_fault+0x5da/0xd60 [ 1726.560282] do_page_fault+0x71/0x581 [ 1726.564083] ? page_fault+0x8/0x30 [ 1726.567630] page_fault+0x1e/0x30 [ 1726.571101] RIP: 0033:0x451880 [ 1726.574293] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 1726.593206] RSP: 002b:00007f04692d67a8 EFLAGS: 00010202 [ 1726.598587] RAX: 00007f04692d6850 RBX: 0000000000000003 RCX: 000000000000000e [ 1726.605854] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f04692d6850 [ 1726.613120] RBP: 000000000073bf00 R08: 00000000000003ff R09: 0000000000000000 [ 1726.620562] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04692d76d4 [ 1726.627829] R13: 00000000004c68be R14: 00000000004dbdb8 R15: 00000000ffffffff [ 1726.635123] CPU: 0 PID: 2161 Comm: syz-executor.4 Not tainted 5.0.0-rc6 #67 [ 1726.642236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1726.642241] Call Trace: [ 1726.642267] dump_stack+0x172/0x1f0 [ 1726.642282] ? __list_del_entry_valid+0xe6/0xf5 [ 1726.642301] print_address_description.cold+0x7c/0x20d [ 1726.642312] ? __list_del_entry_valid+0xe6/0xf5 [ 1726.642327] ? __list_del_entry_valid+0xe6/0xf5 [ 1726.662549] kasan_report.cold+0x1b/0x40 [ 1726.662568] ? __list_del_entry_valid+0xe6/0xf5 [ 1726.662586] __asan_report_load8_noabort+0x14/0x20 [ 1726.662599] __list_del_entry_valid+0xe6/0xf5 [ 1726.662724] cma_cancel_operation+0x2d7/0xa10 [ 1726.662743] rdma_destroy_id+0x8d/0xab0 [ 1726.704050] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1726.709165] ? complete+0x61/0x80 [ 1726.712702] ucma_close+0x115/0x320 [ 1726.716328] ? ucma_free_ctx+0xb90/0xb90 [ 1726.720383] __fput+0x2df/0x8d0 [ 1726.723662] ____fput+0x16/0x20 [ 1726.726933] task_work_run+0x14a/0x1c0 [ 1726.730829] exit_to_usermode_loop+0x273/0x2c0 [ 1726.735405] do_syscall_64+0x52d/0x610 [ 1726.739300] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1726.744478] RIP: 0033:0x411d41 [ 1726.747665] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 94 19 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 1726.766554] RSP: 002b:00007ffe1b30ea30 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 1726.775692] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000411d41 [ 1726.782951] RDX: 0000000000000000 RSI: 0000000000743940 RDI: 0000000000000004 [ 1726.790209] RBP: 0000000000000000 R08: 0000000000743938 R09: 00000000001a57ae [ 1726.797467] R10: 00007ffe1b30e950 R11: 0000000000000293 R12: 0000000000000000 [ 1726.804727] R13: 0000000000000001 R14: 00000000000008ed R15: 0000000000000004 [ 1726.812089] [ 1726.813702] Allocated by task 2162: [ 1726.817324] save_stack+0x45/0xd0 [ 1726.821200] __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 1726.826175] kasan_kmalloc+0x9/0x10 [ 1726.829812] kmem_cache_alloc_trace+0x151/0x760 [ 1726.834471] __rdma_create_id+0x5f/0x4e0 [ 1726.838532] ucma_create_id+0x1de/0x640 [ 1726.842849] ucma_write+0x2da/0x3c0 [ 1726.846485] __vfs_write+0x116/0x8e0 [ 1726.850186] vfs_write+0x20c/0x580 [ 1726.853715] ksys_write+0xea/0x1f0 [ 1726.857336] __x64_sys_write+0x73/0xb0 [ 1726.861224] do_syscall_64+0x103/0x610 [ 1726.865099] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1726.870271] [ 1726.871882] Freed by task 2161: [ 1726.875338] save_stack+0x45/0xd0 [ 1726.878790] __kasan_slab_free+0x102/0x150 [ 1726.883012] kasan_slab_free+0xe/0x10 [ 1726.886799] kfree+0xcf/0x230 [ 1726.889896] rdma_destroy_id+0x723/0xab0 [ 1726.893946] ucma_close+0x115/0x320 [ 1726.897658] __fput+0x2df/0x8d0 [ 1726.900927] ____fput+0x16/0x20 [ 1726.904192] task_work_run+0x14a/0x1c0 [ 1726.908088] exit_to_usermode_loop+0x273/0x2c0 [ 1726.912669] do_syscall_64+0x52d/0x610 [ 1726.916555] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1726.921822] [ 1726.923446] The buggy address belongs to the object at ffff888094bf04c0 [ 1726.923446] which belongs to the cache kmalloc-2k of size 2048 [ 1726.936108] The buggy address is located 480 bytes inside of [ 1726.936108] 2048-byte region [ffff888094bf04c0, ffff888094bf0cc0) [ 1726.948640] The buggy address belongs to the page: [ 1726.953578] page:ffffea000252fc00 count:1 mapcount:0 mapping:ffff88812c3f0c40 index:0x0 compound_mapcount: 0 [ 1726.963545] flags: 0x1fffc0000010200(slab|head) [ 1726.968207] raw: 01fffc0000010200 ffffea000171e688 ffffea0001682308 ffff88812c3f0c40 [ 1726.976125] raw: 0000000000000000 ffff888094bf04c0 0000000100000003 0000000000000000 [ 1726.983991] page dumped because: kasan: bad access detected [ 1726.989684] [ 1726.991297] Memory state around the buggy address: [ 1726.996214] ffff888094bf0580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1727.003737] ffff888094bf0600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1727.011108] >ffff888094bf0680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1727.018471] ^ [ 1727.022873] ffff888094bf0700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1727.030221] ffff888094bf0780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1727.037603] ================================================================== [ 1727.044979] Disabling lock debugging due to kernel taint [ 1727.052712] Kernel panic - not syncing: panic_on_warn set ... [ 1727.058637] CPU: 0 PID: 2161 Comm: syz-executor.4 Tainted: G B 5.0.0-rc6 #67 [ 1727.060946] kobject: 'loop5' (000000004fde260c): kobject_uevent_env [ 1727.067132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1727.079540] kobject: 'loop5' (000000004fde260c): fill_kobj_path: path = '/devices/virtual/block/loop5' [ 1727.082890] Call Trace: [ 1727.094957] dump_stack+0x172/0x1f0 [ 1727.099068] panic+0x2cb/0x65c [ 1727.102304] ? __warn_printk+0xf3/0xf3 [ 1727.106219] ? __list_del_entry_valid+0xe6/0xf5 [ 1727.110926] ? preempt_schedule+0x4b/0x60 [ 1727.115199] ? ___preempt_schedule+0x16/0x18 [ 1727.119639] ? trace_hardirqs_on+0x5e/0x230 [ 1727.123988] ? __list_del_entry_valid+0xe6/0xf5 [ 1727.128682] end_report+0x47/0x4f [ 1727.132173] ? __list_del_entry_valid+0xe6/0xf5 [ 1727.136893] kasan_report.cold+0xe/0x40 [ 1727.140896] ? __list_del_entry_valid+0xe6/0xf5 [ 1727.145611] __asan_report_load8_noabort+0x14/0x20 [ 1727.150600] __list_del_entry_valid+0xe6/0xf5 [ 1727.155157] cma_cancel_operation+0x2d7/0xa10 [ 1727.159855] rdma_destroy_id+0x8d/0xab0 [ 1727.163863] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1727.168998] ? complete+0x61/0x80 [ 1727.172492] ucma_close+0x115/0x320 [ 1727.176160] ? ucma_free_ctx+0xb90/0xb90 [ 1727.180257] __fput+0x2df/0x8d0 [ 1727.183561] ____fput+0x16/0x20 [ 1727.186860] task_work_run+0x14a/0x1c0 [ 1727.190764] exit_to_usermode_loop+0x273/0x2c0 [ 1727.195532] do_syscall_64+0x52d/0x610 [ 1727.199430] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1727.204619] RIP: 0033:0x411d41 [ 1727.207812] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 94 19 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 1727.226836] RSP: 002b:00007ffe1b30ea30 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 1727.234908] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000411d41 [ 1727.242185] RDX: 0000000000000000 RSI: 0000000000743940 RDI: 0000000000000004 [ 1727.249460] RBP: 0000000000000000 R08: 0000000000743938 R09: 00000000001a57ae [ 1727.256821] R10: 00007ffe1b30e950 R11: 0000000000000293 R12: 0000000000000000 [ 1727.264100] R13: 0000000000000001 R14: 00000000000008ed R15: 0000000000000004 [ 1727.272744] Kernel Offset: disabled [ 1727.277168] Rebooting in 86400 seconds..