[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 67.667379][ T26] audit: type=1800 audit(1576198296.970:25): pid=8804 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 67.700730][ T26] audit: type=1800 audit(1576198296.980:26): pid=8804 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 67.740734][ T26] audit: type=1800 audit(1576198296.980:27): pid=8804 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.57' (ECDSA) to the list of known hosts. 2019/12/13 00:51:45 fuzzer started 2019/12/13 00:51:47 dialing manager at 10.128.0.26:41129 2019/12/13 00:51:47 syscalls: 2701 2019/12/13 00:51:47 code coverage: enabled 2019/12/13 00:51:47 comparison tracing: enabled 2019/12/13 00:51:47 extra coverage: enabled 2019/12/13 00:51:47 setuid sandbox: enabled 2019/12/13 00:51:47 namespace sandbox: enabled 2019/12/13 00:51:47 Android sandbox: /sys/fs/selinux/policy does not exist 2019/12/13 00:51:47 fault injection: enabled 2019/12/13 00:51:47 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/12/13 00:51:47 net packet injection: enabled 2019/12/13 00:51:47 net device setup: enabled 2019/12/13 00:51:47 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2019/12/13 00:51:47 devlink PCI setup: PCI device 0000:00:10.0 is not available 00:53:51 executing program 0: r0 = socket$inet6(0xa, 0x80003, 0x6b) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="080db5055e0bcfe8476071") bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum={0x9, 0x0, 0x0, 0x5}]}}, &(0x7f00000002c0)=""/225, 0x26, 0xe1, 0x8}, 0x20) 00:53:51 executing program 1: perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) pread64(0xffffffffffffffff, 0x0, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000013c0)={{{@in6=@remote, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast2, 0x0, 0x32}, 0x0, @in6, 0x0, 0x0, 0x0, 0x2, 0xfffffffffffffffe, 0x7ff}}, 0xe8) connect$inet6(r0, &(0x7f0000000140)={0xa, 0xffffffffffffffff, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x18}}}, 0x1c) sendmmsg(r0, &(0x7f0000000240), 0x5c3, 0x0) syzkaller login: [ 202.073097][ T8970] IPVS: ftp: loaded support on port[0] = 21 00:53:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = open(0x0, 0x0, 0x0) fcntl$setownex(0xffffffffffffffff, 0xf, 0x0) r2 = creat(&(0x7f0000000300)='./file0\x00', 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='devpts\x00', 0x0, &(0x7f00000001c0)='/selinux/policy\x00') r3 = gettid() tkill(r3, 0x3c) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r5 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r5, &(0x7f0000008880), 0x400000000000059, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r7, 0x407, 0x0) write(r7, &(0x7f0000000540)="522e8daa42740d7daab7a224c048a208537e038ab478dda564b4ae8e501d652c64ff148eefda3bdefd4f55e583095843c004a09d72d4780208e0c0d073da7c13333d3ce0682a6dab0bed4879d0cbcecf20e9ccd92c95b8b03c586e8144eeb0cd99e65838e7ba4f25856bb06d20979d65f2d71357ea9e95c3a31d6382b37fff13ca5ed16ba81a990dc066d7386f3de5e6d5d619cf8163e58b163fac48afb87004f9d6493d1c7863c7d4d8370fc8028dbc3ecf9ceb21f9bbb3", 0x41395558) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x10, 0x0, 0x0, "ad03064d0b090233180173920d2a3836f7d76f992ab41d9fcf9152ba5bd273eea9204e9b0e260d83009a02d5c5097cd5e21de9f73f07d13f44250cf2f92d6466", "7e2bc69a47db702cc8daf96f5e68254ee361331a88dd2965f18d2bee91bd828c9ec7b0c65e30a467c42d17bcaeb953b41590436e8cec4a4a5c7a1bd80aac5025", "b953833c4e60e7cc5d472aed8865f1f4e4ce7123a93bc1cedcd1a16ccf26f3f6", [0x101]}) vmsplice(r6, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r8, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) sendto$inet6(r8, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) ioctl$EVIOCGVERSION(r2, 0x80044501, &(0x7f0000000340)=""/173) r9 = open(0x0, 0x0, 0x0) fsetxattr$system_posix_acl(r9, &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="020100000000000000010005080000000000b6903dadc90000c3cd51bc62101f30f74676c9648800000000000000"], 0x24, 0x0) ioctl$BLKDISCARD(r9, 0x1277, &(0x7f0000000200)=0x3) ioctl$KVM_REINJECT_CONTROL(r9, 0xae71, &(0x7f0000000200)={0xe8}) fcntl$setlease(r1, 0x400, 0x0) ioctl$PPPIOCSPASS(r1, 0x40107447, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0xffff, 0x81, 0x0, 0x52}, {0x1000, 0x83, 0x0, 0x2}]}) [ 202.215031][ T8972] IPVS: ftp: loaded support on port[0] = 21 [ 202.319010][ T8970] chnl_net:caif_netlink_parms(): no params data found 00:53:51 executing program 3: semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f0000000480)) [ 202.498126][ T8976] IPVS: ftp: loaded support on port[0] = 21 [ 202.507256][ T8970] bridge0: port 1(bridge_slave_0) entered blocking state [ 202.516513][ T8970] bridge0: port 1(bridge_slave_0) entered disabled state [ 202.528937][ T8970] device bridge_slave_0 entered promiscuous mode [ 202.558093][ T8972] chnl_net:caif_netlink_parms(): no params data found [ 202.575422][ T8970] bridge0: port 2(bridge_slave_1) entered blocking state [ 202.592064][ T8970] bridge0: port 2(bridge_slave_1) entered disabled state [ 202.611745][ T8970] device bridge_slave_1 entered promiscuous mode [ 202.709231][ T8970] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 202.735646][ T8970] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link 00:53:52 executing program 4: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000180)=0x14) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000080)={@ipv4={[], [], @remote}, 0x4, r2}) [ 202.791822][ T8972] bridge0: port 1(bridge_slave_0) entered blocking state [ 202.799133][ T8972] bridge0: port 1(bridge_slave_0) entered disabled state [ 202.807241][ T8972] device bridge_slave_0 entered promiscuous mode [ 202.826496][ T8970] team0: Port device team_slave_0 added [ 202.841560][ T8972] bridge0: port 2(bridge_slave_1) entered blocking state [ 202.848773][ T8972] bridge0: port 2(bridge_slave_1) entered disabled state [ 202.874867][ T8972] device bridge_slave_1 entered promiscuous mode [ 202.904911][ T8970] team0: Port device team_slave_1 added [ 202.942931][ T8978] IPVS: ftp: loaded support on port[0] = 21 [ 202.965498][ T8972] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link 00:53:52 executing program 5: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FUSE_DEV_IOC_CLONE(0xffffffffffffffff, 0x8004e500, 0x0) set_mempolicy(0x0, &(0x7f0000000040)=0x5c9, 0x4) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fa, &(0x7f0000000140)={0x2, 0x4e23, @dev}, 0x10) syz_open_dev$loop(0x0, 0x0, 0x105084) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x1800) socket$inet_sctp(0x2, 0x5, 0x84) vmsplice(0xffffffffffffffff, &(0x7f0000000480)=[{0x0}], 0x1, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) r2 = dup(r1) setsockopt$packet_int(r2, 0x107, 0x10000000000f, &(0x7f0000006ffc)=0x400000000008, 0x26d) ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0x801c581f, 0x0) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'batadv0\x00', 0x0}) bind$packet(r1, &(0x7f0000000640)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @link_local}, 0x14) sendto$inet6(r1, &(0x7f0000000300)="0503000006023e0001a00000c52cf7c25975e697b02f08066b2b2ff0dac8897c6b11876d886b143a301817ccd51cc5471d130a6632a8816107d08f24286a57c3fe257c3314a3974bb654697f", 0xfdfa, 0x0, 0x0, 0x206) socket$inet(0x2, 0x4000000805, 0x0) [ 203.034164][ T8970] device hsr_slave_0 entered promiscuous mode [ 203.071256][ T8970] device hsr_slave_1 entered promiscuous mode [ 203.137073][ T8972] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 203.216889][ T8981] IPVS: ftp: loaded support on port[0] = 21 [ 203.250447][ T8972] team0: Port device team_slave_0 added [ 203.270328][ T8970] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 203.304777][ T8970] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 203.355486][ T8970] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 203.404376][ T8970] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 203.469526][ T8972] team0: Port device team_slave_1 added [ 203.496939][ T8984] IPVS: ftp: loaded support on port[0] = 21 [ 203.543039][ T8972] device hsr_slave_0 entered promiscuous mode [ 203.590981][ T8972] device hsr_slave_1 entered promiscuous mode [ 203.640819][ T8972] debugfs: Directory 'hsr0' with parent '/' already present! [ 203.660387][ T8976] chnl_net:caif_netlink_parms(): no params data found [ 203.768714][ T8972] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 203.808240][ T8972] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 203.885991][ T8976] bridge0: port 1(bridge_slave_0) entered blocking state [ 203.893193][ T8976] bridge0: port 1(bridge_slave_0) entered disabled state [ 203.900894][ T8976] device bridge_slave_0 entered promiscuous mode [ 203.908019][ T8972] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 203.972331][ T8976] bridge0: port 2(bridge_slave_1) entered blocking state [ 203.979437][ T8976] bridge0: port 2(bridge_slave_1) entered disabled state [ 203.987215][ T8976] device bridge_slave_1 entered promiscuous mode [ 204.009566][ T8972] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 204.161773][ T8976] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 204.185064][ T8984] chnl_net:caif_netlink_parms(): no params data found [ 204.216348][ T8976] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 204.234201][ T8978] chnl_net:caif_netlink_parms(): no params data found [ 204.258542][ T8981] chnl_net:caif_netlink_parms(): no params data found [ 204.309098][ T8978] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.319665][ T8978] bridge0: port 1(bridge_slave_0) entered disabled state [ 204.327834][ T8978] device bridge_slave_0 entered promiscuous mode [ 204.339999][ T8978] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.348132][ T8978] bridge0: port 2(bridge_slave_1) entered disabled state [ 204.355980][ T8978] device bridge_slave_1 entered promiscuous mode [ 204.384240][ T8978] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 204.403604][ T8976] team0: Port device team_slave_0 added [ 204.409531][ T8984] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.420870][ T8984] bridge0: port 1(bridge_slave_0) entered disabled state [ 204.428550][ T8984] device bridge_slave_0 entered promiscuous mode [ 204.437394][ T8984] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.444693][ T8984] bridge0: port 2(bridge_slave_1) entered disabled state [ 204.452709][ T8984] device bridge_slave_1 entered promiscuous mode [ 204.461220][ T8978] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 204.481549][ T8976] team0: Port device team_slave_1 added [ 204.517308][ T8970] 8021q: adding VLAN 0 to HW filter on device bond0 [ 204.532786][ T8984] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 204.544665][ T8984] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 204.567409][ T8978] team0: Port device team_slave_0 added [ 204.593520][ T8981] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.600577][ T8981] bridge0: port 1(bridge_slave_0) entered disabled state [ 204.608379][ T8981] device bridge_slave_0 entered promiscuous mode [ 204.617200][ T8978] team0: Port device team_slave_1 added [ 204.684199][ T8976] device hsr_slave_0 entered promiscuous mode [ 204.721102][ T8976] device hsr_slave_1 entered promiscuous mode [ 204.761746][ T8976] debugfs: Directory 'hsr0' with parent '/' already present! [ 204.783305][ T8981] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.790370][ T8981] bridge0: port 2(bridge_slave_1) entered disabled state [ 204.798284][ T8981] device bridge_slave_1 entered promiscuous mode [ 204.893108][ T8978] device hsr_slave_0 entered promiscuous mode [ 204.941237][ T8978] device hsr_slave_1 entered promiscuous mode [ 204.980804][ T8978] debugfs: Directory 'hsr0' with parent '/' already present! [ 204.993742][ T8984] team0: Port device team_slave_0 added [ 205.006668][ T8984] team0: Port device team_slave_1 added [ 205.028004][ T8981] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 205.041108][ T8981] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 205.076957][ T8970] 8021q: adding VLAN 0 to HW filter on device team0 [ 205.090111][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 205.099394][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 205.109408][ T8981] team0: Port device team_slave_0 added [ 205.121216][ T8976] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 205.192653][ T8984] device hsr_slave_0 entered promiscuous mode [ 205.231038][ T8984] device hsr_slave_1 entered promiscuous mode [ 205.290757][ T8984] debugfs: Directory 'hsr0' with parent '/' already present! [ 205.303614][ T8981] team0: Port device team_slave_1 added [ 205.318924][ T8972] 8021q: adding VLAN 0 to HW filter on device bond0 [ 205.327098][ T8976] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 205.363125][ T3010] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 205.372545][ T3010] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 205.381250][ T3010] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.388374][ T3010] bridge0: port 1(bridge_slave_0) entered forwarding state [ 205.396694][ T3010] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 205.405398][ T3010] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 205.414087][ T3010] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.421213][ T3010] bridge0: port 2(bridge_slave_1) entered forwarding state [ 205.465927][ T8976] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 205.493649][ T3010] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 205.501613][ T3010] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 205.510061][ T3010] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 205.519847][ T3010] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 205.527627][ T3010] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 205.536271][ T3010] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 205.544818][ T3010] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 205.560452][ T3010] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 205.589961][ T8972] 8021q: adding VLAN 0 to HW filter on device team0 [ 205.602979][ T8976] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 205.656424][ T8978] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 205.753524][ T8981] device hsr_slave_0 entered promiscuous mode [ 205.810969][ T8981] device hsr_slave_1 entered promiscuous mode [ 205.880813][ T8981] debugfs: Directory 'hsr0' with parent '/' already present! [ 205.888403][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 205.900874][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 205.909143][ T17] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.916262][ T17] bridge0: port 1(bridge_slave_0) entered forwarding state [ 205.933839][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 205.942130][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 205.950800][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 205.959056][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 205.969992][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 205.978712][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.985808][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 205.993467][ T8978] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 206.048118][ T8978] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 206.112773][ T8978] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 206.182780][ T8984] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 206.237988][ T8970] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 206.248664][ T8970] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 206.260762][ T1119] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 206.269041][ T1119] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 206.278384][ T1119] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 206.287164][ T1119] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 206.296375][ T1119] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 206.305032][ T1119] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 206.333317][ T8984] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 206.373791][ T8984] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 206.426342][ T8984] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 206.482889][ T1119] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 206.494126][ T1119] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 206.503154][ T1119] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 206.512445][ T1119] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 206.567735][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 206.577417][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 206.586134][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 206.594701][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 206.624032][ T8981] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 206.657360][ T8981] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 206.714626][ T8981] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 206.774964][ T8970] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 206.783560][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 206.791342][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 206.798709][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 206.807253][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 206.834111][ T8981] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 206.904536][ T8972] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 206.937185][ T8976] 8021q: adding VLAN 0 to HW filter on device bond0 [ 206.980132][ T3010] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 206.988948][ T3010] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 207.031732][ T8972] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 207.045989][ T8976] 8021q: adding VLAN 0 to HW filter on device team0 [ 207.081966][ T8988] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 207.089787][ T8988] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 207.115312][ T8978] 8021q: adding VLAN 0 to HW filter on device bond0 [ 207.136010][ T8992] BPF:[1] Invalid name_offset:9 [ 207.155947][ T8993] BPF:[1] Invalid name_offset:9 [ 207.161105][ T1119] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 207.171537][ T1119] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 207.180247][ T1119] bridge0: port 1(bridge_slave_0) entered blocking state [ 207.180290][ T1119] bridge0: port 1(bridge_slave_0) entered forwarding state [ 207.209595][ T8978] 8021q: adding VLAN 0 to HW filter on device team0 00:53:56 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r3, 0x29, 0x11, &(0x7f0000005ffc)=0x2, 0x4) connect$inet6(r3, &(0x7f0000001ff2)={0xa, 0x0, 0x0, @mcast1}, 0x1c) setsockopt$inet6_IPV6_ADDRFORM(r3, 0x29, 0x4e, &(0x7f0000000080), 0x4) [ 207.235222][ T8984] 8021q: adding VLAN 0 to HW filter on device bond0 [ 207.252073][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 207.270362][ C0] hrtimer: interrupt took 26604 ns [ 207.299892][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 207.327657][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 207.395156][ T3010] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 207.411916][ T3010] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 207.432348][ T3010] bridge0: port 1(bridge_slave_0) entered blocking state 00:53:56 executing program 0: socket$inet6_tcp(0xa, 0x1, 0x0) perf_event_open(&(0x7f0000000840)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x9) write$binfmt_misc(0xffffffffffffffff, &(0x7f00000003c0)=ANY=[@ANYBLOB="5300000044a6aeabec2e1520000000000000001000fff64017db9820000000003b08d403ffff633b27e59aa144175dd106736d17c3f2c876c699010000000000000025da3f0fc7ec6e265600000800490d524fa45780fbe1924a1f42bad5b433d2e181baf9459c5c953948c6801d2c0945c08ba8c552fc99a7422007653872ecb4f63acdf680812d274014ae40b88f15ff2258dd247239ece16a61fd06d4026ed7360627ec60cb274e00da971f7ee096d74c92fad7e34bd5f0e4542636c2cb6222bc224609aba9e68d66d7e6241bf25e627dbaaf582393a2944b5f39be22eea4717fbc7bf1744386f4f70511a75d9afc60ba10f1fa55313f5683a709a5b0bf03005c4015cc0000000000001dbc3d7b48529175c97a1e48f918018d49cac053da9f58ae69f4c78751203b47c9a8a5074b4c6f4a8d9e1398fce2ab8959853f2d04ef26ac028d938e730b8e435aeb43f2ad789900000000000000000000009450003333ece2f9488cdbd16155ad5578d57ffe9ea25556354da491f265617cb943014b01b02587b3d3692e3c672da61a09aabf2d0a3bbc9dd3ad0d8f809cbea5aab8fd639ea795e57d6531a19783334b006ab7fd7ef38d6f624f7cbf0510641e985dfea5e3722522c51ad905d113329b514b019d328e0d27f47d5e8f0c22cba7ffd080fae5855f0a7ab6fa39d35f416b9f2326acde31c7e41de635cf7020f1845eec62caad1cc30bb1eb5f1876ed71de3fd1bbbb02dfd40c0e703228e01d08005d33d0ba2b05a001fc329482d616846ce8589971cee164300d5dce35141d7c4f77303a3bd6162424971f14562ecc73e3f8511ab3560ec784f033163959f095d1f3148f0b0cc4aa643b87e8f6273a354778337ec84bede9a73eca5bd425c885f94a771298c5e16af73439c3785db7e8fcd53f865225cb2bae57cba78f1e2bcfd635cd390fe90e334702db1e1b16a04ed66a2403531f58e5020f00d85707a92ee43e2f21f30fb36b074ece3125b78bcc52330ef597f8e39f21c3b9188b38ce140edb91ab2690b483b913a0cc91525ffb0fc9bc019c636c7b3438996dbf43d33487b401992f0a93d35510287b1d878738269e4cd3a2edcbc037e0277093de4f8791f79f57e80082962b3b58fc20a10c8704cc2f36d8a37e13b7fc16279b756b653e597b212a3eb64ce66346981f3c26393595e7ff3b363de9116a1b9fb90006299a4a5cc4d24ea11a2d490db068cf03eb942a30c6b6444db4094e13bcf5da3be56f1398fd74306700e91f4b3e2a67ce7abd0dbdd2"], 0x391) socket(0x10, 0x0, 0x0) getrlimit(0x2, &(0x7f0000000080)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0x375) r0 = syz_open_procfs(0x0, &(0x7f0000000140)='net/mcfilter\x00') write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000240)={{0x7f, 0x45, 0x4c, 0x46, 0x5, 0x3, 0x0, 0x0, 0x401, 0x3, 0x3e, 0x3, 0x0, 0x38, 0x0, 0x5, 0x3, 0x20, 0x1, 0x2, 0xff}, [{0x6474e551, 0x5, 0x1, 0x0, 0x0, 0x0, 0x8, 0x3}]}, 0x58) preadv(r0, &(0x7f0000001940)=[{&(0x7f0000000180)=""/96, 0x60}], 0x1, 0x4c) [ 207.439417][ T3010] bridge0: port 1(bridge_slave_0) entered forwarding state [ 207.450375][ T3010] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 207.459178][ T3010] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 207.469912][ T3010] bridge0: port 2(bridge_slave_1) entered blocking state [ 207.477044][ T3010] bridge0: port 2(bridge_slave_1) entered forwarding state [ 207.511442][ T3010] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 207.520294][ T3010] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 207.543707][ T3010] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 00:53:56 executing program 1: perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) pread64(0xffffffffffffffff, 0x0, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000013c0)={{{@in6=@remote, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast2, 0x0, 0x32}, 0x0, @in6, 0x0, 0x0, 0x0, 0x2, 0xfffffffffffffffe, 0x7ff}}, 0xe8) connect$inet6(r0, &(0x7f0000000140)={0xa, 0xffffffffffffffff, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x18}}}, 0x1c) sendmmsg(r0, &(0x7f0000000240), 0x5c3, 0x0) 00:53:56 executing program 0: r0 = socket(0x10, 0x2, 0x0) getsockopt$SO_BINDTODEVICE(r0, 0x1, 0x1c, &(0x7f0000000000), 0x20a154cc) [ 207.612529][ T3010] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 207.622806][ T3010] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 207.638088][ T3010] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 207.647747][ T3010] bridge0: port 2(bridge_slave_1) entered blocking state [ 207.654867][ T3010] bridge0: port 2(bridge_slave_1) entered forwarding state [ 207.668393][ T3010] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 207.678315][ T3010] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 207.696090][ T3010] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 207.708338][ T3010] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 207.759486][ T3010] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready 00:53:57 executing program 0: socket$inet6_tcp(0xa, 0x1, 0x0) perf_event_open(&(0x7f0000000840)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x9) socket$inet_tcp(0x2, 0x1, 0x0) request_key(&(0x7f0000000100)='id_legacy\x00', &(0x7f0000000200)={'syz', 0x1}, &(0x7f0000000240)='syz', 0x0) [ 207.808610][ T8981] 8021q: adding VLAN 0 to HW filter on device bond0 [ 207.850382][ T8984] 8021q: adding VLAN 0 to HW filter on device team0 [ 207.909156][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 207.928344][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 207.956583][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready 00:53:57 executing program 0: r0 = socket$inet6(0xa, 0x400000000001, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) openat$dsp1(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dsp1\x00', 0x2, 0x0) r1 = creat(&(0x7f0000000480)='./bus\x00', 0x0) ftruncate(r1, 0x208200) pipe(0x0) pidfd_send_signal(r1, 0x0, 0x0, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) sendfile(r0, r2, 0x0, 0x800000000020) r3 = syz_open_dev$vcsu(0x0, 0x5, 0x0) ioctl$VFIO_IOMMU_GET_INFO(r3, 0x3b70, &(0x7f00000000c0)={0x10}) 00:53:57 executing program 1: r0 = socket$kcm(0xa, 0x2, 0x0) setsockopt$sock_attach_bpf(r0, 0x29, 0x6, &(0x7f0000000100), 0x4) r1 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) setsockopt$sock_attach_bpf(r0, 0x29, 0x36, 0x0, 0x0) [ 207.980202][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 208.002092][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 208.016580][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 208.037719][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 208.071536][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 208.084975][ T26] kauditd_printk_skb: 3 callbacks suppressed [ 208.084989][ T26] audit: type=1804 audit(1576198437.390:31): pid=9021 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir347295038/syzkaller.acZg3G/5/bus" dev="sda1" ino=16529 res=1 [ 208.098641][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 208.124111][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 208.133967][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 208.142795][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 208.152278][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 208.190507][ T8976] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 208.213199][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 208.224614][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 208.238105][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 208.249517][ T17] bridge0: port 1(bridge_slave_0) entered blocking state [ 208.256672][ T17] bridge0: port 1(bridge_slave_0) entered forwarding state [ 208.271367][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 208.280241][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 208.295812][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 208.302961][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 208.317966][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 208.326950][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 208.342285][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 208.363082][ T8978] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready 00:53:57 executing program 1: r0 = socket$kcm(0xa, 0x2, 0x73) sendmsg$kcm(r0, &(0x7f0000001240)={&(0x7f0000000040)=@in6={0xa, 0x0, 0x0, @empty, 0x22}, 0x80, 0x0}, 0x0) [ 208.387153][ T8981] 8021q: adding VLAN 0 to HW filter on device team0 [ 208.401444][ T8989] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 208.414085][ T8989] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 208.429869][ T8989] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 208.514904][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 208.531985][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 208.539469][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 208.554988][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 208.566124][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 208.578885][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 208.589960][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 208.611414][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 208.620186][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 208.629130][ T8980] bridge0: port 1(bridge_slave_0) entered blocking state [ 208.636357][ T8980] bridge0: port 1(bridge_slave_0) entered forwarding state [ 208.644818][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 208.645432][ T26] audit: type=1804 audit(1576198437.950:32): pid=9025 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir347295038/syzkaller.acZg3G/5/bus" dev="sda1" ino=16529 res=1 [ 208.653537][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 208.686436][ T8980] bridge0: port 2(bridge_slave_1) entered blocking state [ 208.693562][ T8980] bridge0: port 2(bridge_slave_1) entered forwarding state [ 208.708037][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 208.717925][ T9021] syz-executor.0 (9021) used greatest stack depth: 22712 bytes left [ 208.735710][ T8976] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 208.761768][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 208.769536][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 208.780050][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 208.789085][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 208.798538][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 208.808071][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 208.816749][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 208.831998][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 208.846631][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 208.855394][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 208.864591][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 208.876308][ T8984] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 208.900839][ T8989] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 208.908904][ T8989] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 208.916509][ T8989] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 208.924084][ T8989] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 208.932342][ T8989] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 208.940421][ T8989] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 208.948768][ T8989] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 208.965486][ T8978] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 208.981180][ T8981] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 209.032113][ T8988] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 209.039599][ T8988] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 209.053943][ T9035] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 209.097353][ T8984] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 209.124414][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 209.133402][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 209.138698][ T9038] devpts: called with bogus options [ 209.155580][ T8981] 8021q: adding VLAN 0 to HW filter on device batadv0 00:53:59 executing program 2: syz_emit_ethernet(0x4a, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd6080000000140600fe8000000000000000000d00000000aafe8000000000000000000000000000aa00004e20", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB='P<\x00x\x00\x00\x00\x00'], 0x0) 00:53:59 executing program 0: r0 = socket$inet6(0xa, 0x80003, 0x6b) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="080db5055e0bcfe8476071") bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x7, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x2, 0x2}, [@map_val]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0xbe2fead917efbaef, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:53:59 executing program 1: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$inet(0x10, 0x2, 0x0) write(0xffffffffffffffff, &(0x7f0000000000)="fc0000001c00071bab09250009000700079d08fe010008", 0x17) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe0, 0x0) 00:53:59 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000280)={0x2, 0x0, @loopback}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x0, @local}, 0x10) 00:53:59 executing program 5: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FUSE_DEV_IOC_CLONE(0xffffffffffffffff, 0x8004e500, 0x0) set_mempolicy(0x0, &(0x7f0000000040)=0x5c9, 0x4) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fa, &(0x7f0000000140)={0x2, 0x4e23, @dev}, 0x10) syz_open_dev$loop(0x0, 0x0, 0x105084) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x1800) socket$inet_sctp(0x2, 0x5, 0x84) vmsplice(0xffffffffffffffff, &(0x7f0000000480)=[{0x0}], 0x1, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) r2 = dup(r1) setsockopt$packet_int(r2, 0x107, 0x10000000000f, &(0x7f0000006ffc)=0x400000000008, 0x26d) ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0x801c581f, 0x0) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'batadv0\x00', 0x0}) bind$packet(r1, &(0x7f0000000640)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @link_local}, 0x14) sendto$inet6(r1, &(0x7f0000000300)="0503000006023e0001a00000c52cf7c25975e697b02f08066b2b2ff0dac8897c6b11876d886b143a301817ccd51cc5471d130a6632a8816107d08f24286a57c3fe257c3314a3974bb654697f", 0xfdfa, 0x0, 0x0, 0x206) socket$inet(0x2, 0x4000000805, 0x0) 00:53:59 executing program 4: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$inet(0x10, 0x2, 0x0) write(0xffffffffffffffff, &(0x7f0000000000)="fc0000001c00071bab0925000900070007", 0x11) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe0, 0x0) [ 209.961716][ T9081] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.1'. [ 209.987500][ T9083] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.4'. 00:53:59 executing program 3: syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @empty, [], {@arp={0x806, @ether_ipv4={0x1, 0x500, 0x6, 0x4, 0x0, @dev, @empty, @random="cfa8c720518a", @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, 0x0) 00:53:59 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000480)="b0a3cdef47f59ec515de0fcb5dfc761cf7120c4312b2054efdc0cf574f65329a05d03a24674b1d94d072b4bd702c576dc1d6e4fef97bdd899d359dadcfe32ba24fb1e152533e4df2c20324dda85d95c102000000d81d2b9bea7f9e468b3da19d62e9913b2f7cd488de25886811470818af91afd3bce1422670d6f2d054d8b16374e3617a22b1c70e7e3104b814e24e6e7b62256ae8faaae5f59f840c029418a34c", 0x10000001c) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, &(0x7f00000003c0)={'filter\x00', 0x0, 0x3, 0xd8, [], 0x3, &(0x7f0000000380)=[{}, {}, {}], &(0x7f0000001540)=""/216}, &(0x7f0000000440)=0x78) mkdir(&(0x7f0000002000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) symlink(&(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00', &(0x7f00000002c0)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(r4, 0x89f0, &(0x7f00000001c0)={'bridge0\x00\x00\x00\x00\x00\x00\x00\x00\x02'}) getsockopt$EBT_SO_GET_INIT_ENTRIES(r4, 0x0, 0x83, &(0x7f0000000300)={'broute\x00', 0x0, 0x4, 0x1000, [], 0x3, &(0x7f00000001c0)=[{}, {}, {}], &(0x7f0000000540)=""/4096}, &(0x7f0000000240)=0x78) truncate(&(0x7f0000000100)='./file0\x00', 0x0) unlink(&(0x7f0000000040)='./file0\x00') open(&(0x7f00000000c0)='./file0\x00', 0x3fd, 0x0) r5 = socket$inet6(0xa, 0x800000003, 0xff) fcntl$dupfd(0xffffffffffffffff, 0x0, r5) 00:53:59 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ifreq(r0, 0x8922, &(0x7f0000000040)={'ip6gretap0\x00', @ifru_map}) [ 210.142139][ T9093] ip6gretap0: mtu less than device minimum 00:53:59 executing program 5: sched_setscheduler(0x0, 0x0, 0x0) ptrace$getregs(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000140)=""/70) syz_genetlink_get_family_id$tipc(&(0x7f00000005c0)='TIPC\x00') perf_event_open(&(0x7f0000000580)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$proc_capi20(0xffffffffffffff9c, 0x0, 0x801, 0x0) pipe(&(0x7f00000000c0)={0xffffffffffffffff}) close(r0) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000340)={0xffffffffffffffff}, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f0000000000)={0x7, 0x8, 0xfa00, {r2}}, 0x10) 00:53:59 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ifreq(r0, 0x8922, &(0x7f0000000040)={'bridge_slave_0\x00', @ifru_map={0xfffffffffffffffb}}) 00:53:59 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) ptrace$setsig(0x4203, 0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1}) ioctl$VIDIOC_G_CTRL(0xffffffffffffffff, 0xc008561b, &(0x7f0000000500)={0x6, 0x6}) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000580)=""/143, &(0x7f0000000340)=0xfee5) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb, 0x0, 0x0, 0x0, 0x400000000000000]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) recvfrom$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x2, 0x4e21, @remote}, 0x10) sendmsg$IPVS_CMD_DEL_DEST(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[]}}, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) stat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 210.353684][ T9102] bridge_slave_0: mtu less than device minimum 00:53:59 executing program 2: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FUSE_DEV_IOC_CLONE(0xffffffffffffffff, 0x8004e500, 0x0) set_mempolicy(0x2, 0x0, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fa, &(0x7f0000000140)={0x2, 0x4e23, @dev}, 0x10) syz_open_dev$loop(0x0, 0x0, 0x0) signalfd4(0xffffffffffffffff, &(0x7f00000002c0), 0x8, 0x1800) pipe(0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000480)=[{0x0}], 0x1, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000100)=ANY=[@ANYBLOB="2c5a9237160241a835670f5e"], &(0x7f0000000200)=0x1) r1 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_SET_CAPACITY(r1, 0x4c07) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x5173db846272db0e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r2 = socket$packet(0x11, 0x3, 0x300) r3 = dup(r2) setsockopt$packet_int(r3, 0x107, 0x10000000000f, &(0x7f0000006ffc)=0x400000000008, 0x26d) ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0x801c581f, 0x0) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'batadv0\x00', 0x0}) bind$packet(r2, &(0x7f0000000640)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @link_local}, 0x14) sendto$inet6(r2, &(0x7f0000000300)="0503000006023e0001a00000c52cf7c25975e697b02f08066b2b2ff0dac8897c6b11876d886b143a301817ccd51cc5471d130a6632a8816107d08f24286a57c3fe257c3314a3974bb654697f", 0xfdfa, 0x0, 0x0, 0x206) 00:53:59 executing program 3: r0 = creat(&(0x7f0000000140)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000080)=ANY=[], 0xffdbc2ca) unlink(&(0x7f00000002c0)='./file0\x00') clone(0x2100001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lseek(r0, 0xfffffc0000010001, 0x4) close(r0) creat(&(0x7f0000000080)='./file0\x00', 0x0) 00:54:00 executing program 1: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x8000, 0x0) 00:54:00 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000028c0), 0x0, 0x0, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000240)=0x0) sched_setaffinity(r1, 0x8, &(0x7f00000002c0)) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2}, 0x0) rmdir(&(0x7f0000000140)='./bus\x00') r4 = dup(0xffffffffffffffff) write$apparmor_exec(0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0406618, &(0x7f00000001c0)={{0x2, 0x0, @descriptor="720053633545458a"}}) perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000180)={'bond_slave_1\x00', 0x0}) r5 = socket$inet(0x10, 0x3, 0x0) sendmsg(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000003c0)="4c0000001200ef09fffefd956fa283b7270fd917df226c24a6008000200000000000683540150024001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d0f48d947f1e128a02500c57bb79ac313e5a1174c1f5c561412522e6ab7c67f57b0afbacf0b9c7a67", 0x73}], 0x1}, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x3f}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCMSET(r4, 0x5418, &(0x7f0000000300)=0x1) recvmmsg(r5, &(0x7f0000001380), 0x4000056, 0x0, &(0x7f0000000200)={0x77359400}) syz_emit_ethernet(0x1, &(0x7f0000001640)=ANY=[@ANYRESDEC], 0x0) 00:54:00 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x8000000004) r1 = socket$inet6(0xa, 0x2, 0x0) recvfrom(r1, 0x0, 0x0, 0x0, 0x0, 0x0) bind$inet6(r1, &(0x7f0000f13000)={0xa, 0x4e22}, 0x1c) writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="580000001500add427323b472545b45602117fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1) [ 210.846779][ T9132] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.5'. [ 210.868002][ T9132] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.5'. 00:54:00 executing program 2: socket$inet6(0xa, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) r1 = socket$inet6(0xa, 0x2, 0x0) recvfrom(r1, 0x0, 0x0, 0x0, 0x0, 0x0) bind$inet6(r1, &(0x7f0000f13000)={0xa, 0x4e22}, 0x1c) writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="580000001500add427323b472545b45602117fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1) [ 210.915236][ T9132] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.5'. [ 210.932207][ T9132] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.5'. 00:54:00 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000480)="b0a3cdef47f59ec515de0fcb5dfc761cf7120c4312b2054efdc0cf574f65329a05d03a24674b1d94d072b4bd702c576dc1d6e4fef97bdd899d359dadcfe32ba24fb1e152533e4df2c20324dda85d95c102000000d81d2b9bea7f9e468b3da19d62e9913b2f7cd488de25886811470818af91afd3bce1422670d6f2d054d8b16374e3617a22b1c70e7e3104b814e24e6e7b62256ae8faaae5f59f840c029418a34c", 0x10000001c) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, &(0x7f00000003c0)={'filter\x00', 0x0, 0x3, 0xd8, [], 0x3, &(0x7f0000000380)=[{}, {}, {}], &(0x7f0000001540)=""/216}, &(0x7f0000000440)=0x78) mkdir(&(0x7f0000002000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) symlink(&(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00', &(0x7f00000002c0)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(r4, 0x89f0, &(0x7f00000001c0)={'bridge0\x00\x00\x00\x00\x00\x00\x00\x00\x02'}) getsockopt$EBT_SO_GET_INIT_ENTRIES(r4, 0x0, 0x83, &(0x7f0000000300)={'broute\x00', 0x0, 0x4, 0x1000, [], 0x3, &(0x7f00000001c0)=[{}, {}, {}], &(0x7f0000000540)=""/4096}, &(0x7f0000000240)=0x78) truncate(&(0x7f0000000100)='./file0\x00', 0x0) unlink(&(0x7f0000000040)='./file0\x00') open(&(0x7f00000000c0)='./file0\x00', 0x3fd, 0x0) r5 = socket$inet6(0xa, 0x800000003, 0xff) fcntl$dupfd(0xffffffffffffffff, 0x0, r5) 00:54:00 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x8}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000480)="b0a3cdef47f59ec515de0fcb5dfc761cf7120c4312b2054efdc0cf574f65329a05d03a24674b1d94d072b4bd702c576dc1d6e4fef97bdd899d359dadcfe32ba24fb1e152533e4df2c20324dda85d95c102000000d81d2b9bea7f9e468b3da19d62e9913b2f7cd488de25886811470818af91afd3bce1422670d6f2d054d8b16374e3617a22b1c70e7e3104b814e24e6e7b62256ae8faaae5f59f840c029418a34c", 0x10000001c) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, &(0x7f00000003c0)={'filter\x00', 0x0, 0x3, 0xd8, [], 0x3, &(0x7f0000000380)=[{}, {}, {}], &(0x7f0000001540)=""/216}, &(0x7f0000000440)=0x78) mkdir(&(0x7f0000002000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) symlink(&(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00', &(0x7f00000002c0)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(r4, 0x89f0, &(0x7f00000001c0)={'bridge0\x00\x00\x00\x00\x00\x00\x00\x00\x02'}) getsockopt$EBT_SO_GET_INIT_ENTRIES(r4, 0x0, 0x83, &(0x7f0000000300)={'broute\x00', 0x0, 0x4, 0x1000, [], 0x3, &(0x7f00000001c0)=[{}, {}, {}], &(0x7f0000000540)=""/4096}, &(0x7f0000000240)=0x78) truncate(&(0x7f0000000100)='./file0\x00', 0x0) unlink(&(0x7f0000000040)='./file0\x00') open(&(0x7f00000000c0)='./file0\x00', 0x3fd, 0x0) r5 = socket$inet6(0xa, 0x800000003, 0xff) fcntl$dupfd(0xffffffffffffffff, 0x0, r5) [ 211.027891][ T9132] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.5'. [ 211.104725][ T9132] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.5'. 00:54:00 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f00000000c0)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0) r2 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) fchdir(r2) r3 = open(&(0x7f0000000000)='./file1\x00', 0x117e, 0x0) write$binfmt_elf64(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='d'], 0x1) unlink(&(0x7f0000001e00)='./bus\x00') [ 211.175950][ T9132] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.5'. [ 211.206972][ T9132] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.5'. 00:54:00 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x3, @local, 'erspan0\x00'}}, 0x1e) ioctl$PPPOEIOCSFWD(r0, 0x4008b100, &(0x7f0000000380)={0x18, 0x0, {0x0, @local, 'ip6_vti0\x00'}}) 00:54:00 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_ENABLE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x28, r4, 0xd0f, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x14, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz0\x00'}]}]}, 0x28}}, 0x0) 00:54:00 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$pppoe(0x18, 0x1, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r1, &(0x7f00000001c0)={0x18, 0x0, {0x100003, @local, 'ip6_vti0\x00'}}, 0x1e) connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x3, @local, 'erspan0\x00'}}, 0x1e) ioctl$PPPOEIOCSFWD(r0, 0x4008b100, &(0x7f0000000380)={0x18, 0x0, {0x3, @local, 'ip6_vti0\x00'}}) 00:54:00 executing program 5: epoll_create1(0x0) arch_prctl$ARCH_SET_CPUID(0x1012, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, 0x0) write$P9_RRENAMEAT(r0, 0x0, 0xffffff7f) [ 211.580480][ T9182] tipc: Enabling of bearer rejected, failed to enable media [ 211.628569][ T9183] tipc: Enabling of bearer rejected, failed to enable media 00:54:01 executing program 2: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c58110308d9123127ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r3, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000180)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="d00800002800ffcd3bff0f000000000081fffff7", @ANYRES32=r4], 0x2}}, 0x0) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000000)={@mcast2}, 0x14) close(r2) socket$inet(0x10, 0x2, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) r5 = socket$inet6(0xa, 0x80003, 0x6b) ioctl(r5, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071") splice(r0, 0x0, r2, 0x0, 0x4ffe0, 0x0) 00:54:01 executing program 3: 00:54:01 executing program 5: r0 = syz_open_dev$loop(&(0x7f0000000180)='/dev/loop#\x00', 0x0, 0x0) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x1}) 00:54:01 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$pppoe(0x18, 0x1, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r1, &(0x7f00000001c0)={0x18, 0x0, {0x100003, @local, 'ip6_vti0\x00'}}, 0x1e) connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x3, @local, 'erspan0\x00'}}, 0x1e) ioctl$PPPOEIOCSFWD(r0, 0x4008b100, &(0x7f0000000380)={0x18, 0x0, {0x3, @local, 'ip6_vti0\x00'}}) 00:54:01 executing program 0: 00:54:01 executing program 3: 00:54:01 executing program 4: 00:54:01 executing program 5: 00:54:01 executing program 0: 00:54:01 executing program 3: 00:54:01 executing program 4: 00:54:01 executing program 1: 00:54:02 executing program 2: 00:54:02 executing program 5: 00:54:02 executing program 4: 00:54:02 executing program 0: 00:54:02 executing program 3: 00:54:02 executing program 1: 00:54:02 executing program 3: 00:54:02 executing program 0: 00:54:02 executing program 4: 00:54:02 executing program 1: 00:54:02 executing program 2: 00:54:02 executing program 5: 00:54:02 executing program 4: 00:54:02 executing program 3: 00:54:02 executing program 0: 00:54:02 executing program 1: 00:54:02 executing program 2: 00:54:02 executing program 0: 00:54:02 executing program 3: 00:54:02 executing program 5: 00:54:02 executing program 4: 00:54:02 executing program 1: 00:54:02 executing program 3: 00:54:02 executing program 2: 00:54:02 executing program 0: 00:54:02 executing program 4: 00:54:02 executing program 5: 00:54:02 executing program 1: 00:54:02 executing program 2: 00:54:02 executing program 3: 00:54:02 executing program 0: 00:54:02 executing program 4: 00:54:03 executing program 1: 00:54:03 executing program 5: 00:54:03 executing program 2: 00:54:03 executing program 3: 00:54:03 executing program 4: 00:54:03 executing program 0: 00:54:03 executing program 1: 00:54:03 executing program 2: 00:54:03 executing program 5: 00:54:03 executing program 3: 00:54:03 executing program 2: 00:54:03 executing program 4: 00:54:03 executing program 0: 00:54:03 executing program 5: 00:54:03 executing program 1: 00:54:03 executing program 3: 00:54:03 executing program 2: 00:54:03 executing program 4: 00:54:03 executing program 5: 00:54:03 executing program 0: 00:54:03 executing program 1: 00:54:03 executing program 3: 00:54:03 executing program 4: 00:54:03 executing program 2: 00:54:03 executing program 5: 00:54:03 executing program 1: 00:54:03 executing program 0: 00:54:03 executing program 3: 00:54:04 executing program 2: 00:54:04 executing program 5: 00:54:04 executing program 4: 00:54:04 executing program 0: 00:54:04 executing program 3: 00:54:04 executing program 1: 00:54:04 executing program 2: 00:54:04 executing program 5: 00:54:04 executing program 4: 00:54:04 executing program 1: 00:54:04 executing program 0: 00:54:04 executing program 3: 00:54:04 executing program 2: 00:54:04 executing program 4: 00:54:04 executing program 5: 00:54:04 executing program 1: 00:54:04 executing program 0: 00:54:04 executing program 2: 00:54:04 executing program 3: 00:54:04 executing program 5: 00:54:04 executing program 4: 00:54:04 executing program 1: 00:54:04 executing program 0: 00:54:04 executing program 3: 00:54:04 executing program 4: 00:54:04 executing program 2: 00:54:04 executing program 5: 00:54:05 executing program 1: 00:54:05 executing program 2: 00:54:05 executing program 3: 00:54:05 executing program 0: 00:54:05 executing program 4: 00:54:05 executing program 5: 00:54:05 executing program 1: 00:54:05 executing program 2: 00:54:05 executing program 4: 00:54:05 executing program 0: 00:54:05 executing program 3: 00:54:05 executing program 5: 00:54:05 executing program 1: 00:54:05 executing program 2: 00:54:05 executing program 0: 00:54:05 executing program 3: 00:54:05 executing program 4: 00:54:05 executing program 1: 00:54:05 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="280000001e000102000000000000000007000000", @ANYRES32=0x0, @ANYBLOB="0000006e6b489bc20b3cbde1b240d9e636ad3e24498f24ceced7f700c7b207b3194b18fd86c59e", @ANYRES32], 0x28}}, 0x0) 00:54:05 executing program 2: r0 = creat(&(0x7f00000004c0)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40046602, &(0x7f0000000000)) creat(0x0, 0x0) r1 = open(&(0x7f0000000440)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x2007fff) r2 = open(&(0x7f0000000440)='./bus\x00', 0x141042, 0x0) ftruncate(r2, 0x2007fff) 00:54:05 executing program 3: 00:54:05 executing program 0: 00:54:05 executing program 4: 00:54:05 executing program 1: [ 216.537201][ T9438] __nla_validate_parse: 7 callbacks suppressed [ 216.537210][ T9438] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. 00:54:05 executing program 3: clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000000)='dns_resolver\x00\xccG\x9f^\xc5\x9d\xb0/\x01\xdaI\x04\x88\xf9\xcc\xe7Nv\x1a\xfeC\xfa|\xb3+\x9f\x15\xab\xbc\xffC\xc8\x950x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468000000001800ff0014000100000000001834dd776a2d09b05089ca484ad143928e527d22e51fe16db79932ef99ace7f847add0280aadc971d360a429aa46", @ANYRES32=0x0, @ANYBLOB="0200cb76ea7211439a321f589f32be513a25de0b608088ed10ecd8f255705addfd40df1c69c799b0f81a11ab4971f9166617a497a18603807eeab93d20ca8f83d9cced9e34e7d843976e821bd4c9e34997ea210181451b143521435cb49840b0f61274420a5d97"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=@ipv6_newaddr={0x40, 0x14, 0x2bb19afb0fa4f39f, 0x0, 0x0, {0xa, 0x0, 0x2, 0x0, r4}, [@IFA_ADDRESS={0x14, 0x1, @dev}, @IFA_LOCAL={0x14, 0x2, @initdev={0xfe, 0x88, [], 0x0, 0x0}}]}, 0x40}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=@newlink={0x20, 0x11, 0xe3b, 0x0, 0x0, {0x0, 0x0, 0x0, r4}}, 0x20}}, 0x0) 00:54:06 executing program 3: mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\xeb', 0x1ff) mount$fuse(0x20000000, &(0x7f0000000240)='./file0\x00', 0x0, 0x7a00, 0x0) r0 = open(&(0x7f0000000280)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f00000000c0)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f00000001c0), 0x12) 00:54:06 executing program 5: poll(&(0x7f0000000080)=[{0xffffffffffffff9c}], 0x1, 0x40) r0 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r0, 0x0, 0x91, 0x0, 0x0, 0x800e004e1) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) shutdown(r0, 0x0) 00:54:06 executing program 4: unshare(0x60000000) r0 = socket$inet6(0xa, 0x80003, 0x6b) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071") [ 216.849556][ T9467] IPVS: ftp: loaded support on port[0] = 21 00:54:06 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) readv(r0, &(0x7f0000001bc0)=[{&(0x7f0000000000)=""/37, 0x25}, {0x0}], 0x2) r1 = dup(r0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r2, 0x0, 0x1014a, 0x0, 0x0, 0x800e00515) shutdown(r1, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) readv(r3, &(0x7f0000000140)=[{&(0x7f00000001c0)=""/159, 0x9f}, {0x0}, {0x0}], 0x3) r4 = dup(r3) r5 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r5, 0x0, 0xccf3, 0x0, 0x0, 0x800e0050e) shutdown(r4, 0x0) r6 = socket$inet_udplite(0x2, 0x2, 0x88) recvmsg(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000180)=""/30, 0x1e}, {0x0}, {0x0}], 0x3}, 0x0) shutdown(r5, 0x0) shutdown(r2, 0x0) 00:54:06 executing program 2: pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x0) poll(&(0x7f0000000080)=[{0xffffffffffffff9c}, {r0}], 0x2, 0x40) r1 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r1, 0x0, 0x91, 0x0, 0x0, 0x800e004e1) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) shutdown(r1, 0x0) 00:54:06 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = socket$inet_udplite(0x2, 0x2, 0x88) readv(r0, &(0x7f0000000040)=[{&(0x7f0000000180)=""/141, 0x8d}, {0x0}, {0x0}, {0x0}], 0x4) recvfrom$inet(r1, 0x0, 0xa1a2, 0x0, 0x0, 0x800e00545) shutdown(r0, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) recvmsg(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000080)=""/228, 0xe4}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x6}, 0x0) r3 = dup(r2) r4 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r4, 0x0, 0x73a0b1b, 0x0, 0x0, 0x800e00549) shutdown(r3, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) read(r5, &(0x7f0000000240)=""/183, 0xb7) shutdown(r4, 0x0) shutdown(r1, 0x0) 00:54:06 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) poll(&(0x7f0000000080)=[{}, {}, {}, {r0}], 0x4, 0x40) r1 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r1, 0x0, 0x91, 0x0, 0x0, 0x800e004e1) ppoll(0x0, 0x0, &(0x7f0000000100)={0xd4}, 0x0, 0x0) shutdown(r1, 0x0) [ 217.380804][ T251] tipc: TX() has been purged, node left! 00:54:07 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240)='/dev/net/tun\x00', 0x8802, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000580)={'nr0\x01\x00', 0x3202}) r1 = socket$kcm(0x29, 0x2, 0x0) ioctl$TUNSETSNDBUF(r0, 0x400454d4, &(0x7f0000000080)=0x8) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8914, &(0x7f00000018c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\a\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83CZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x98\x86\"R\x06\x00\x00\x00\x00\x00\x00\x00\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x0e\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xfeu\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&\x014\x01\xf4\xb7\x83\x9a\xfa*\xa6\x06\xb7Pk7N\xc2\xd9\xee\xd0\xb0M\x00\xab\xc3\t\fc\xd8dx\xd5\x1dU*s)\x12[\x14\xb1\xc0\xd7\x1a\xa0\x16\xa2z\x9e\x93 \xddeF>29\v\x02\xa2b\x13R\xef\xffA,\xb9.$\xfa\x9f\xde[\x80\xd1=\xce\x1b\xeb\xf6\xf4\xe3z\x1f\x9dz\xa3\xc0\xe2\xa2\xb1\xeeq\xf5\xec0\x8e\xf4\xfb\xd9\x87\xf03\xdb\xae|\x10&V5c\xa6\xce\xcd\x8a\xdf\xe1\x89\"\xea\xde\xe7\xa3\xbe\xe7\xff\xf9 \x11\xfdY\xc6\xa1\xe8\xda\v\\?\xcb\x87\bn\x9b\x01\x1f\xf8\xe8\x1eV\xfaC\xdf\xc3Vv\x9b\x1a\xfc\x14.c\x94\xc9=\xb0\x0f!d\b\x18*@m\x7f\xaal\x17G\xd6?\x81\x16P\x03\x10e\xc3\xcd\xb1B\xeb\x01B\\\x91A\xa1\x8an\xb4#\xadr\x1e\x81v\xa2\x0e6x\xca\x8b\xa6\xd8\x81\x10:\x0e(\xdd\xfc\xc9\xc6\xb4\xf0\'f:\xbd\xfe\x11\xf8\xc8W\x81s^\xd9W\xf1\x94\xaf\xc5\x8a\xb4f\x1b\x17E\xb23\x12\xb0\xeb\xef\x8c\xb24h\xd7}\x7f\x92Hgej\x957\xe2A') write$cgroup_subtree(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="13030e80493f1ec2cec9607e88a8"], 0xe) 00:54:07 executing program 5: r0 = socket$kcm(0x2, 0x5, 0x84) setsockopt$sock_attach_bpf(r0, 0x1, 0x21, &(0x7f0000000040), 0x63610d7a71bc6196) [ 217.884726][ T9511] device nr0 entered promiscuous mode 00:54:07 executing program 2: r0 = socket$kcm(0x2, 0x5, 0x84) setsockopt$sock_attach_bpf(r0, 0x1, 0x42, &(0x7f0000000040), 0x63610d7a71bc6196) 00:54:07 executing program 5: r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000100)="24000000020307031dfffd946ff20c0020200a1009000200021d8568021baba20400ff7e", 0x24}], 0x1}, 0x0) 00:54:07 executing program 1: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shutdown(0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6(0xa, 0x3, 0x100000001) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) sendmmsg(r1, &(0x7f0000007e00), 0x400000000000058, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000)="a94aedaeb6db1f2086b6e14a83244001dd0316b1bfb77b32d9f3db2828e0f526230499c227ecb297f696faa50540f9a7361afc93ec2f4d9f0e771553f02f34551a3a0e908609954068ec7da1d86f7e9004a23f5daa9eecb1ede863b8c4cbf10d229a6515af3baf7ec02645abae5d71cca19ff4fc6d0ad9f2e0f67e3379f94277b916d7f2ef17eb5fb3665192a21c3460f0a4eb4b09aaab4289d43bea3f54169ec78def87", 0xa4, 0x4000, &(0x7f0000000100)={0xa, 0x0, 0xfffffffa, @mcast1, 0xbc}, 0x1c) syz_open_dev$dri(0x0, 0x0, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0) 00:54:07 executing program 5: r0 = socket$inet6(0xa, 0x80003, 0x6b) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071") close(0xffffffffffffffff) r1 = socket$inet(0x2, 0x3, 0x2) setsockopt$inet_int(r1, 0x0, 0xca, &(0x7f0000000000)=0x10001, 0x10) 00:54:07 executing program 2: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x2, 0xb, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, [@sadb_x_nat_t_type={0x1}]}, 0x18}}, 0x0) 00:54:07 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) rt_sigpending(&(0x7f0000000000), 0x8) 00:54:07 executing program 3: r0 = socket$inet6(0xa, 0x800000000000002, 0x0) getsockopt$SO_COOKIE(r0, 0x1, 0x39, &(0x7f0000000000), &(0x7f0000000040)=0x8) 00:54:07 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) prctl$PR_GET_DUMPABLE(0x3) 00:54:07 executing program 4: statx(0xffffffffffffffff, 0x0, 0x8000, 0x0, 0x0) 00:54:07 executing program 5: clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) clone(0x0, 0x0, &(0x7f0000000000), &(0x7f0000000180), &(0x7f0000000200)="b5f9f5153a43a2f2aa51343285febb48d5c7db34bd8092b4f6cd71f1871a48928a7800eac8b9de49d335809361f33e6834ea7eeb040d675fe39b680cbcc8eccbb33150e0aa06e33142aa87172f4ae0c11bf1e05405dca56fe096fc75f035f69d0644af58207cca41d1ed2ad2dc55f91a60d2948961ddbbea3efde9d3452ebbf7db9708cdcef8df8ab00cc2b799dcffea980321147a41b279a21e6273221f5ee17f23ebc7cba635b18ea23169e8ed164f5387871007228fd30749083e6efe274651c88ca36a151a228c77ce7ef091e2da9bf0892ad95ee83ddfda39ee647cf95e8df5240db996129d") [ 218.459605][ T9511] device nr0 entered promiscuous mode 00:54:08 executing program 0: pipe(&(0x7f0000000680)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)}, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000080)='fd/4\x00\xa7$\xbf\x05l\xb8\t\xd0\x06\xae\b\x86$nV\x92M%\xfd)0m6Z\x05\xae\xa7\rM\bp\xa6Q\x871B\x973\xfe\x05\x12\xf3\xd496\xf9\x1aM6\xb2|\xc5\x05\xbc\xe71g\xe4<&\xd2\xd8g\xb6\xa2U\xae\x9a\x17F\xa5xi\xe8_\xa8R\x96d\x99\xf6_E\xd0\x8f<\xa840\xd6\x84\xd0\x17\xafP\'\xdc{\b\x94\x00Y+\x18N\xc6\x96Y\xf7\xd3`\\\xc9\x1f\a\xf9X\x125\xb9\xd6\xbf\x1a4V\x10\xa6Uq\xceN\xeb\xa8M\xb2?\xda\xfb\xb1\x9d\x94\x13O\xab\xde\xc0t\x8c\")\x05~\x0f\xb8\xf3\xf6d\xbe\xad\xee\"\xaa\x91\x05\xcb9A\x1a\x8d&\x9e\x81\xcf\x9eWvT\x8a\xbfl\x8a\x83%\xec\x94\xfd\x90\xeb\xb3\xa3\xa8\x90\x90\xdb\xc2X\xf48\xd1\x83Eu\xe5c\xd7\xb7qe\xab\xae\xef*\x9e\x95\xde\xa0\x894r[\\\xc4?\xb7\xcfo\xdb\xbeR\xc5\xbc\xb34\xbe}\xf7n/4}\xbc.t\x94\x1c%\xcb\x93\xea\"Aa(\xd6FX\xd8\b\xd1\x10N{\xe8\xbc)\xc8\x1e6\xff\x95\xa3\xf3\x84\xf4\xa5\xe8f\xc2@\x1f7h\xb3\xd6\xab\x9a\x03\x95>V\\\xc4%T\x94M\xc7`\x83\xa1\xa0\xc8g{\xc2?\x04W\xbd~\xb9^\xe7\xc17an\xe3\xfe\xef[\xb3\xbd\x18R\x1b=\xab\x97$\x03\xaa\x84C\x0eWD\xeea\xf5\xb9\x82\xea\xbd5:\"\xf6f/\xa1\x8f%8\xa8\x1e\xcf\xb6\xa7\xe1\x1b1\x94\xc1G\xf9\xfc\xc77\x1c\x00'/389) socket(0x0, 0x0, 0x8) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) 00:54:08 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)) socket$inet(0x2, 0x2, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) socket$packet(0x11, 0x2, 0x300) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)) socket$inet(0x2, 0x2, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:54:08 executing program 4: r0 = syz_open_dev$sndtimer(&(0x7f0000014000)='/dev/snd/timer\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) dup2(r1, r0) 00:54:08 executing program 1: clone3(&(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, &(0x7f0000000380)=[0x0], 0x1}, 0x50) 00:54:08 executing program 5: creat(&(0x7f0000000000)='./bus\x00', 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0xb6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000200)='\x00\x00\x00\x00\x00\xe8\xee\xc9\x96\xc2;\xaf\t\xa8M*\xe4;~y\xb2\xb3\xba\b;/\xb6&\xa5\xaa\xcec\x1e\x8a;\xea;P\xb5w^2\f\xe5\xcc`\xa0\xce\xf0D\x19v\xb9I\xdf\xfe\x13\xd9\x1a\xd6;+\x16\x05\x1aul>\x82@\x0f\xdf\xcd\x99\x9a\x13\xe2[F\xf0\xc1\xfb\xae\xb5\xb5\x1f\xf3\xe9\xd5\xbf\x13k\xbc)\xa1nbx\x9c\x02\xa6p?\x12\x89\nAr\xe9Q\xb0\x80Q\x8e\xf2\xf0yX\x9b\x96\xa4\x8b\x01f\xe0\x04\xbd\x93K!\xa0D-\xfc\x12\x02\xe2\xb5WQ\xb4\xb1\xf2\x16)\xc8\b\xc2\x99\x9a\xd9\xa6p\xedK\xb5\x8b\xe8\xbf\xa0\xa1\x13\xd78Mt$\x06\xb6c\xd0Y\x05\xd1l\x98|\xff\xb5\v\x93\x7f\xbc\x1a\x7f\xa90xffffffffffffffff}) dup2(r1, r0) [ 219.201148][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 219.207515][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 219.212198][ T9576] kvm: emulating exchange as write [ 219.213894][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 219.224584][ C0] protocol 88fb is buggy, dev hsr_slave_1 00:54:08 executing program 0: pipe(&(0x7f0000000680)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)}, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000080)='fd/4\x00\xa7$\xbf\x05l\xb8\t\xd0\x06\xae\b\x86$nV\x92M%\xfd)0m6Z\x05\xae\xa7\rM\bp\xa6Q\x871B\x973\xfe\x05\x12\xf3\xd496\xf9\x1aM6\xb2|\xc5\x05\xbc\xe71g\xe4<&\xd2\xd8g\xb6\xa2U\xae\x9a\x17F\xa5xi\xe8_\xa8R\x96d\x99\xf6_E\xd0\x8f<\xa840\xd6\x84\xd0\x17\xafP\'\xdc{\b\x94\x00Y+\x18N\xc6\x96Y\xf7\xd3`\\\xc9\x1f\a\xf9X\x125\xb9\xd6\xbf\x1a4V\x10\xa6Uq\xceN\xeb\xa8M\xb2?\xda\xfb\xb1\x9d\x94\x13O\xab\xde\xc0t\x8c\")\x05~\x0f\xb8\xf3\xf6d\xbe\xad\xee\"\xaa\x91\x05\xcb9A\x1a\x8d&\x9e\x81\xcf\x9eWvT\x8a\xbfl\x8a\x83%\xec\x94\xfd\x90\xeb\xb3\xa3\xa8\x90\x90\xdb\xc2X\xf48\xd1\x83Eu\xe5c\xd7\xb7qe\xab\xae\xef*\x9e\x95\xde\xa0\x894r[\\\xc4?\xb7\xcfo\xdb\xbeR\xc5\xbc\xb34\xbe}\xf7n/4}\xbc.t\x94\x1c%\xcb\x93\xea\"Aa(\xd6FX\xd8\b\xd1\x10N{\xe8\xbc)\xc8\x1e6\xff\x95\xa3\xf3\x84\xf4\xa5\xe8f\xc2@\x1f7h\xb3\xd6\xab\x9a\x03\x95>V\\\xc4%T\x94M\xc7`\x83\xa1\xa0\xc8g{\xc2?\x04W\xbd~\xb9^\xe7\xc17an\xe3\xfe\xef[\xb3\xbd\x18R\x1b=\xab\x97$\x03\xaa\x84C\x0eWD\xeea\xf5\xb9\x82\xea\xbd5:\"\xf6f/\xa1\x8f%8\xa8\x1e\xcf\xb6\xa7\xe1\x1b1\x94\xc1G\xf9\xfc\xc77\x1c\x00'/389) socket(0x0, 0x0, 0x8) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) 00:54:08 executing program 4: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) dup3(r4, r0, 0x0) 00:54:08 executing program 1: fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) socket$alg(0x26, 0x5, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x4000000000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) r2 = request_key(0x0, 0x0, 0x0, 0x0) keyctl$get_keyring_id(0x0, r2, 0x0) write(r1, &(0x7f0000000000)="b6", 0xfffffe7e) pipe(0x0) syz_emit_ethernet(0x0, 0x0, &(0x7f00000000c0)={0x0, 0x4, [0xa10, 0x97a]}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) fchdir(0xffffffffffffffff) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000540)='./file0\x00', 0x0) syz_open_procfs(0x0, 0x0) 00:54:08 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04e20c21d4b5f79bbb40eeaf27c6d63e1c374ec079849d193eb670b2096aba59615f9a150bb12868c92f0e944fbf3df6bda6eb4a583419c80bb2c515ca63915622b292862a626c20e8e8b6fa178270bca3ed33ceec15b38a", 0xa0}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:54:08 executing program 4: openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xe) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_open_procfs(0x0, &(0x7f0000dec000)='smaps\x00') sendfile(r0, r1, 0x0, 0x320f) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4004ae8b, 0x0) [ 219.680716][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 219.686545][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 219.750699][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 219.756618][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 219.830762][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 219.836584][ C1] protocol 88fb is buggy, dev hsr_slave_1 00:54:09 executing program 2: mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0xa46e4e5b063aff1, 0xffffffffffffffff, 0x0) 00:54:09 executing program 0: r0 = memfd_create(&(0x7f0000000440)='\xb3\x17MS\xdb\xe0\x91~\xd8\x10\xb3\xd4\x9b\xfa\xdc\x1c\xb2\xc7\xdcp<\xefB\x05J\xe4cE\xbe\xd1C\xb5J\x16\'\xfb~\xfa\xfd\xbd\xdb\xc5\'\x8dmm\x9d\x9d\x1cv\x91y\xca\xec\xc7\xa5\xfa\xdf\xdc\xa7&!^\xac\x89a\x8c4\xa6\x85~e< \xc8d\xc4\xce\x7f\xb80\xd3\x03\x97\xea\x98\xfb.x\x1a3\x17\r\x00\xc8\xd0G\x1dq\x9c\x90g7$S8Sw:(+\xd6x$\xd4\xb2L\xf8\xf0<\n-\xe6\xb1\x0e&f\xec{YP%f\x02,M@a{\xe1\xeb*\x93\t', 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net\x00') fstat(r3, &(0x7f00000022c0)) 00:54:09 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/mnt\x00') setns(r2, 0x0) 00:54:09 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net\x00') fstat(r2, &(0x7f00000022c0)) 00:54:09 executing program 4: timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) clock_nanosleep(0x0, 0x0, &(0x7f0000000140)={0x0, r1+30000000}, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f00000002c0)=0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) 00:54:09 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:54:09 executing program 1: write(0xffffffffffffffff, &(0x7f0000000040)="e9", 0x1) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = fcntl$dupfd(r4, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:54:09 executing program 0: r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x0, 0x0) ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000080)) r1 = socket$inet6(0xa, 0x3, 0x7) dup2(r1, r0) 00:54:09 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x50}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0x8}]}, &(0x7f0000003ff6)='G\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xf7}, 0x48) 00:54:09 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/mnt\x00') 00:54:12 executing program 3: r0 = socket$inet_sctp(0x2, 0x5, 0x84) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$sock_inet_SIOCGIFADDR(r0, 0x890c, &(0x7f0000000200)={'sit0\x00', {0x2, 0x4e24, @broadcast}}) 00:54:12 executing program 0: r0 = memfd_create(&(0x7f0000000440)='\xb3\x17MS\xdb\xe0\x91~\xd8\x10\xb3\xd4\x9b\xfa\xdc\x1c\xb2\xc7\xdcp<\xefB\x05J\xe4cE\xbe\xd1C\xb5J\x16\'\xfb~\xfa\xfd\xbd\xdb\xc5\'\x8dmm\x9d\x9d\x1cv\x91y\xca\xec\xc7\xa5\xfa\xdf\xdc\xa7&!^\xac\x89a\x8c4\xa6\x85~e< \xc8d\xc4\xce\x7f\xb80\xd3\x03\x97\xea\x98\xfb.x\x1a3\x17\r\x00\xc8\xd0G\x1dq\x9c\x90g7$S8Sw:(+\xd6x$\xd4\xb2L\xf8\xf0<\n-\xe6\xb1\x0e&f\xec{YP%f\x02,M@a{\xe1\xeb*\x93\t', 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0}) 00:54:12 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xa8}]}, 0x10) sendto$inet(r0, 0x0, 0x211, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @empty}, 0x10) write$binfmt_script(r0, &(0x7f00000009c0)=ANY=[], 0x378) sendmmsg(r0, &(0x7f0000000440)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f00000002c0)="e61b437caebaa5e1f3fb4a06f3acde25ab78dbce5908cb811f7ca7bd439bc21238d5254910d09b4bd69cc60681e7aa6c6b75b16146ae42da85d63036741e437ee1190d40d9827ac9c1759e809154d4594add02673f522d91313d19e094d1a2060e3507113d602176a8665e4e011865dc175c91ecdb567a95fe846fe46732a352f306aeeb367f0604681eb7c29acff29b9d0a8a9c4d92a05375af1acb825c0bf2b9e97f06d6c67cf8f510a128d61fd91fc3f9219518aa1d31609cf0596e400373fb8de2d2fb1325169923b3", 0xcb}, {&(0x7f0000000180)="2ef8cae8b00c89db1f9dec3f7946a1adffab870235ea7217f782c0e8e5e44cba5ca1a6426055d80b34524cd64264ac925f36ee4271a8d84c78186ba28756d0aabe", 0x41}], 0x2}}], 0x1, 0x0) 00:54:12 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0xa, &(0x7f0000000080)=0xfd1, 0x4) bind$inet(r0, &(0x7f0000001440)={0x2, 0x4e23, @multicast2}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x2200cf7d, &(0x7f0000e68000)={0x2, 0x4e23}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x7843c471) sendto$inet(r0, &(0x7f00000023c0)='x', 0x1, 0x0, 0x0, 0x0) sendmsg$inet(r0, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000180)="b851f4f7c14f7500dbe96179d9abc2fd0d1ff2bc6986a2e920a7b715221bbe0318a91e059a8067a84d88e3adbe3f29149610c3e006c5d4e2fd382676ccd1af48756ff7a7ed0b08404a3a02cc97e64d59afd702628bf89f8100040bfb66bf7165da3547272ab2e9aeb9573e918e26516b35d4b82ace901f0bb2a2d465c6aaca0dfaab0e16fe74e9cc0553fdb3cae533", 0x8f}, {&(0x7f0000000240)="a5e0ed3c6d05bc68ddbc9115f4dee2643c61cf3a5c41245d677c7f88b843a2dc46e983241634de7cc5b515aa1efc2bc73f2a0f5b290795c48ee0cf62e4f24abc4a087ce13cf8b8851e29d3b6dc86f09b99b7b3afd70ce201777c56e0ea853fa16e4d80e8873862a6250f551d1b2eb0ef97b77daa0ebcc2ab1a7e595c01d32c4dcb9234c39da95e5d8d7dd743d9c59a94d35b930a9ce850026b9872c31c7625c585a0327f4c831cf214b9af5f02ad198b281490fd71f2e6354e9f360b", 0xbc}, {&(0x7f0000000300)="d375138cd73b899397fcdd92a9faadd8ea99b55cd37ae4e2f04ef31ff9c26614b0396efd581bf37d46698d69620bd20491775fdcdf4bd5a496207e37de67fdb66cf3ac91b4007b167f80ca2f4c484c1c5094f0c758927804df8fc1c3a0db430368a63b39bdff010000c03679183ed660f0af7a002e3144d70e843e9191c90ef10cc0f8579765db483b29dbb7b9d3d29437218c07953ffd36424546630fc16eefbe090d52930221ecc77775c99130182390ff4fdccb807fa2563164cf8e7ed100"/201, 0xc9}, {&(0x7f0000001600)="41edcc4d89cc7924b560ff762f88f413b78ebe542ff8cf338e2b4de306cdd6f251d68f51a478cb3360fb063af8a5dbc86c7a10a92a57183c97fd5c2fee962e0d2c9a083abeca376301d81772f410d58955a607cccaa6023bfebc9bf21bd781fa607f908d00f6e97486a210eef75df7ad266cb10441267052b8fc669a3248d16227a7514e427c92a128be82186ac94e524005418c03dda2781f4b2f51534883100656a18eda9f2f927870bdc0e5cdc7e3a496d97f786047a95ee1139283d8c7d8fc51d1ba93549005b2da0af7bf55227d99ead5f7cfbba5f640d851a0ff4898aa34dc19a682a7334a1eaf131b708ad21cba648fa3be5e4cb6474c020dc405f1759e7bcd1d708edfeaa8d90cdf581bf2aee93437889791485b61ad188494595cabf03d7f5aede7ac7e0b9b0e4e5a8223b6ddd71630bff1f8b3bb995eac5f07fbf8e49a2bff40e2d4c34a54c0074a6cf08b0f00c7560551fefb00aa36740071e819621a409ca0263a0dd8e60c9d5eb3494516d7a45613a12968c10abf0202b10c57b0d4853c2d56b66ec3aae29ce9d17fdcb20f7124c456086addb2511a14485cf74deede2b26b83975f36baef1b032eafe88ea3892ddcebf2954df856dfa53ca20fe98141fe905436012c0ece697155026b4db9da65f29750f3c904207ad2b48ce0e4eeb510e4e3c6f258c209ebc4fdd89728d6f91ab6137f44d86564f552eddfdc06525c51cd79c221637fc750df237354cad000baf0157edef4b9aae37ef81c6f7245d134051641bef98cfa58b2a995ae13283c5befda81a6dc9a41ba1ed8545a3a44e8bf9512210d74b98ad882a887a923acb8fcfce60a63a651efb2a95713279db4d50227f76b45b002166fdf5859fa8216e70956f5ac83825ca126b34a69b1ba62848cedfd48a64c744b7a8de7978d2c07db09446924e6c20dad13318dfab77bb4a30eefbba0a42f425462bead2b19e55baa9d228f338318e5dcac8322c4a7d19783988c64246cc65cd7dcaf101f18db09d56465958fc5c795b1e2e687877cd0629e023f1cb9ecdbfa8add0fc7e89d450daee2eb0c65bba55de73e6405fe4df131c4931daf3af650b473b1c1d1282939ae49e256380fb0329c97f4ed4cb33871d68936040070ac8f94259045a6c1ab1cc1c2dcee547a5f34139ceed24d5ce36fbd9056df147c7ca81e515a573093faa32480dea4607695cd9585db37aa027f668583c1eaeb9097f474476171d445a66b064e5e26bdad7627484b6c059a076dd277c5b5841ee6564467424958feb847231d6e73ac6938f23c274a4bea3d65d12fdc0bd926909dda22c28243d23a3eeac3e125081edf6bab5796926b7130334cbdff15bcf0c36cc1f3e2cbc7d11774321226f8cdab12f03508b67d02ed649b1c513edcaacfcc81ca63f1644efae442a873f2bed362b5ca9501fd9bdf52cf4cb77b37c00a66826bac669478ea6d03fe8ce18a5f917f004478eea78418fe63d111aa7b9cda469c493bbf00f60959ffb800f25c4c8bdd64f449a0b01f0854c297b689c1e2b7b0a546d3214dff51ecbae475ba58c8466a4e6954d21d13a438370caa4cff765e486691da1584f6650eab0ecd5f674083e759ca85519f67b6699e33b7fc4c4a4364786ca70311910e05ab382a960ed3a58005c5c2f086215121ad48e29c1bdd0385cd66adbbc70fdce471e7198de8c8f8cf30f4442c12853baaf551dc9fa8f35cff7a152bbd6df661b3db2ac563a4f86ca2ad56ff2e95198f124ac93e94a6b3d6baf3b93cb94420faea74f1b7242c381103e4b343c8110495cce59bbe6d16f1ae9f0369e9d766505a7c7dd9220325c4e299aa1574924330fc0d21bbc0147512ec05a36d0ad5c67433390d8cac1b7fdff27fd65210c170e3ec80d16c9873905e7ba88741c0342b8d1ec03d6fdcc438b4ddc42660ec31087c6367daf8d5a78efbd5f59544ba0955ced5756050464896e1cc964826d476ad89e3b1b1e380a3d8ad448468064a29873fad6d3b395089bf192897eec7a0ca9000735b528ea7d83655a2ca0c727dd141d08891c5a7ec172cea71740c63344341923776f6e14d9f11bab3d45fd8e8c87374070fe0abcce2edf71a0aace03c73f8da0c0bcb490d3d295a8c8b98f39b6660de627dca81fc4c032a503fe3f5f553f3901b385056118320056eb1a1bee6164a54e6c00bc06faf921f007e0abeb18069c1d18abfca971128d2c5a6067c09575e1b12138153ddf71d42bdfef5e875b142d951a7c429dddae82aafcef190c60225bfeec0d379e08b2273b131631c43cdd00adfee0cf4eb1484432b502fd2d770a9f2d9775667ea5007107ae64a1e23618d6ecd4956720ab1e5612868df73e5d57cb6d3d369c2e5dcf0647aa978a1a6fa388f947ff4f1c3226c76d9ddeeb1f8eec9f1ed3e3fc84900a07ccff12351548ae4e618bf9e6ff4eb8d7b22e805d678c949a690e275c430b4df95921daee52a882039ed95439898092d316b927753f35e04f6dfa743f5df0c10deea82415bf41187c2001fc6bd2e082916a02da691a1cc53c0848d1f69e40a5c18c4afa5f5eaf89b85ffec21d8600892ef1e8a93266c2f86db75acb5752e3c19958562fcf59a9e60dd2d5cecbff874aae3fda1b82291c9e24dc3d6998b4dfa13093e94724568d716cb8cd46c91e6f77cc102c4ab5cf3aa1e2a774dc73f0810d966ecc57594652ab195f00b23267c6f72f3161e5344f3f9d5b097dac5f29d8a91e7d10ebaf04556c95937a54ff236762b7c1cf1eb48e5d277475fc1efc1b60bd73a3b004edaf2f16b2d59c827057fc7fc76726535ed5aaa59ca6b791fd4b88bcd5a017b0eda5d26432d5852c6066819522419fa13e90ea1c7dd9728de9412572255d95a5a282e836e88422225ebce0561c398e704bf2d35f21053c5c7a2d44ae2aa8abc90dad4e35e9b377b6e6d08f5b50ffd24789ebe6e7ca285d087febb5dffacf9cb7acf9a64f982d740f5b2b2579696111e66985bfb7cd35af7eed90c0b9f0b23e197bd86855a0d86143cbb1e7e0f81bae053585bb32bfd8b98a4cc3179168d4f0d835cdd6d6befa537085e5020e3af0ce3417efbb335c3b9716f011d89a220f21c06c90636c337586bf4a3dd85a541b6d29f81027b16a82a1b2f208d68e9ecad701e3f06b5dd57356cc6cae63a4ef29a5ad3164b9ce44494a030016586d8676ccc83694ed8191713b1eb2a96adfcf5c2e0fee4bfc9dd2700c225abd3687ddcdd92abbae337315c4d8c2aa1c67ede0c23b80c4306e8755bb681fa6eec6e8231b4cc38693a122c0adfe235cc9e61c61582908319941e99ff7dbd3faf11d88b571d9c09a326de986a37d9792007e88f6b3f612f6e2daf6bd93a2b36d4ced3368128626a5aa9e3cd7cf311a51cd125124f38ca734979da45de9a958e10b57a86c43160d63e50e7392bd9bd7104c4d4583507d233ff8c5438e19c6abc369a69c6790209e8dc0d6c90532096315775c87d9fd2aa3e9882f884970df1e742adf08ee3d6291808581936937c96bd1627fa29fcb158dd01e924d05494fc9bcedbbfa13bc80fff38410d32e44fc7d6ac60d879fe85b00177532498a0e1d9b478a53885ddf47dd1444b792314cc50b46c21fed48adec8eb818d6a8e812e2d5de0ad9da9090c72830f447215df23ed877a26e8e50496faa9931383ec9773efc6fe585bbbc780916ae03fe73be25243b3a7b8740ca54131850844feac3f83167d8b872a3e58b599894de18c37ae0b6006f4da2096cf783d1197909bf41142cac48957c3cfacfbc9a5482cd8758d4a090287067a8a73e8ba0f849ccd89befc61ac3c62c47141f082a1de5475e71022821d6e9e210fe787789244d77a3ffb4b1f6f3d5314d391817a57c52ddcf61aab3aacf5b0ad8249c4298163bb8416c23c1162fe8f4e87690a34a5aa6f5514858bad4afbffcf5ebe1f097eeafb76c0ec65aec8f43613096c0a9c8917be265bf10ce68d91fe5a7a3cb093fed3bf52215d2ffb8131c50beb820aecf7f2376ab1b3ede4f8342aec903363df98de9c28b6ba8f53eefcf10f5051c12a53f86b2caaf0496f0a6d9c45518eb88f862aaa0d0e4ca487ff97003650da37fcec784f765af9bbbdb8340a55265200c1ec902666d7ee3ff5cef3636c625b9bb0965bb9bc96d403888752eb1dd9523d8ed34956b6c7e34a79a8146f91c1981fe25d36633527c1987581a414e23fb0b31fe0cf7db05f113b5956dc41c4b23849f1c34c2894f7330cf02c405275640c6bf4b3c1af73ab80a0395b62604761b3ba9a57d25ae4afe07fad2637c2e7738f4b3e24320ea836a0f037d3d565b63860c807e57c478bc9f17297064ebcb3b2ec1649251c0042bd69e2f4292b928d3e4065c89c56fcf5f5ade3ed01a93bff089cdad7fed11717bf56b089b3d3f3cc1868435317d9dbcf1cf67256005fd57b0de611d291b71d03dd8cda0dd7bf96121345fc99c3c193dd21da9d68e41185d4c12f93137e79d2de078917199e55d1b35e32d493c121024c35fbcbb76ff5ec587109464543b9ef96541ab3ca76dfbea6e569e3a87f132092a92a370e2150986c3712d994faa2350f64bad805f108de433ae55a4c6dd25ba56e5a71425e310cd8942a656b9963e82ca639fdd179740422126fd6113ce09a1500f589a2c051dceacb5a7dca2ef4afe4a3ac421bd988fc44396411ed1c88b7e5c869330da67206659dcfd95a4cbcf687871500e1c46963905534566e1e52e9065d68a48fe9e9c914d70269f73c47db03b821bf46db90e7b36802c180825e262bad3af40b75a393527a3771b23e0340acbb72a54b4a3672ded708729afa5fed78f4da63579fd60a105ed3d9fb7d8313c52a41c61eaab92d7156cc0c9b05a5d49491f57e1f5db94261f6b2126d626d59b8f6b54fbab461053cba4223aa3dbed68a969d79ce38031500259df979c319103eef5da226952186e9366f0fb61d3a28800920688", 0xdbd}], 0x4}, 0x14000049) recvmsg(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f0000000400)=""/4096, 0x22e8}], 0x1, 0x0, 0xff96ce4aaaa47475}, 0x100) 00:54:12 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @multicast1}, 0x10) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f0000000080)={0x0, 0x382, &(0x7f0000000140)={0x0, 0xb7ff}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) setsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000040)={r2, @empty, @multicast1}, 0xc) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, 0x0, 0x0) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x1}, 0x0) r5 = memfd_create(&(0x7f0000000340)='-B\xd5NI\xc5j\xbappp\xf0\b\x84\xa2m\x00:)\x00\xbb\x8d\xac\xacva}knh#\xcb)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8bCc\xad\x89\x9ck\xde\xc5\xe96\xddU\xa9=\xcdJx\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93?\x88Q\xf7\xd6\x1d\xa1\xce\x8b\x19\xea\xef\xe3\xab\xb6\xa5$4\xd6\xfe7\x0f\xe7\xd9$\xce \xabN\xae\xc9\xbd\xd3g@\xe1\'s\x0e\x90\xf2\xcdr\xb8(', 0x0) fcntl$setflags(0xffffffffffffffff, 0x2, 0x0) write(r5, &(0x7f00000004c0)="3161d417452c8f6d46edb3b1077f2abaa85e3489c66107ab7d9aeb42aa515f23c9150bfd105fa1be4e0415cb2c2d4a1cdff5ab24d3676cc093ea0ffa364b7ec5a99d58d2267958d4c5320b836f26e80fff0f48", 0x53) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r5, 0x0) sendfile(r5, r5, &(0x7f0000000200), 0xff8) r6 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f0000000180)='Z\x00') 00:54:12 executing program 0: r0 = syz_open_dev$sndseq(&(0x7f0000000000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc0bc5310, &(0x7f0000000040)) 00:54:12 executing program 2: r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) getsockopt$llc_int(r0, 0x10c, 0x9, &(0x7f0000000000), &(0x7f0000000080)=0x4) 00:54:12 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:54:12 executing program 2: r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) getsockopt$llc_int(r0, 0x10c, 0x9, &(0x7f0000000000), &(0x7f0000000080)=0x4) 00:54:12 executing program 1: r0 = syz_open_dev$sndseq(&(0x7f0000000000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc0505350, &(0x7f0000000040)) 00:54:12 executing program 0: r0 = syz_open_dev$sndseq(&(0x7f0000000000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc0bc5310, &(0x7f0000000040)) 00:54:12 executing program 3: r0 = syz_open_dev$sndseq(&(0x7f0000000000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc0a85322, &(0x7f0000000040)) 00:54:12 executing program 2: r0 = syz_open_dev$sndseq(&(0x7f0000000000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc0a85352, &(0x7f0000000040)) 00:54:12 executing program 3: 00:54:12 executing program 0: 00:54:12 executing program 1: 00:54:13 executing program 4: 00:54:13 executing program 3: 00:54:13 executing program 2: 00:54:15 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:54:15 executing program 0: 00:54:15 executing program 1: 00:54:15 executing program 3: 00:54:15 executing program 2: 00:54:15 executing program 4: 00:54:15 executing program 1: 00:54:15 executing program 4: 00:54:15 executing program 0: 00:54:15 executing program 3: 00:54:15 executing program 2: 00:54:15 executing program 4: 00:54:18 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:54:18 executing program 1: 00:54:18 executing program 2: 00:54:18 executing program 3: 00:54:18 executing program 0: 00:54:18 executing program 4: 00:54:18 executing program 3: 00:54:18 executing program 2: 00:54:18 executing program 4: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f00000003c0)='tmpfs\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000480), 0x1000000000000181, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(r0, 0x0, 0x57b, 0x10001) creat(&(0x7f0000000000)='./file1\x00', 0x0) syz_open_procfs(0x0, 0x0) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) clone(0x2a4500, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) chdir(&(0x7f00000000c0)='./file0\x00') r1 = socket(0x11, 0x800000003, 0x0) bind(r1, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) sendmsg$inet6(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)="78a800cff916b89cc7e9f0a093", 0xd}], 0x1}, 0x8000000) getpeername$inet(r1, &(0x7f0000000180)={0x2, 0x0, @broadcast}, &(0x7f0000000200)=0x10) mkdir(&(0x7f0000000040)='./file1\x00', 0x0) ioctl(0xffffffffffffffff, 0x800000000000937e, 0x0) syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x101000) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) openat$full(0xffffffffffffff9c, 0x0, 0xda840, 0x0) prctl$PR_GET_NAME(0x10, 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) 00:54:18 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) getsockopt$inet6_tcp_int(r1, 0x6, 0xa, &(0x7f0000000040), &(0x7f0000000100)=0x4) 00:54:18 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = memfd_create(&(0x7f0000000100)='\vem1\xc1\xf8\xa6\x8dN\xc0\xa3\\\xe2\xcb\xa2\xba\xe5\xf4\x97\xac#*\xff', 0x0) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x0, 0x11, r1, 0x0) flistxattr(r0, &(0x7f0000000080)=""/99, 0x63) 00:54:19 executing program 2: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f364602344324", 0x26}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:54:19 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$cont(0x20, r0, 0x0, 0x0) 00:54:19 executing program 3: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r1, &(0x7f0000000100)={0x2, 0x4e23, @broadcast}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) write$binfmt_elf32(r1, &(0x7f0000000140)=ANY=[@ANYPTR64], 0x8) splice(r1, 0x0, r0, 0x0, 0x2d000, 0x0) 00:54:19 executing program 1: unshare(0x20000000) unshare(0x24000000) [ 229.833345][ T9795] syz-executor.2 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 229.834017][ T9781] overlayfs: conflicting lowerdir path 00:54:19 executing program 2: r0 = creat(&(0x7f0000000380)='./bus\x00', 0x0) io_setup(0x2, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0}]) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) io_getevents(r1, 0x0, 0x1, &(0x7f0000000180)=[{}], 0x0) 00:54:19 executing program 0: capset(&(0x7f0000000180)={0x20071026}, &(0x7f0000001fe8)) capset(&(0x7f0000000280)={0x20071026}, &(0x7f00000002c0)={0x0, 0x0, 0x1b9}) 00:54:19 executing program 3: r0 = open(&(0x7f0000000180)='./bus\x00', 0x153042, 0x0) writev(r0, &(0x7f0000000500)=[{0x0}, {&(0x7f0000000a80)="861860f66a0ef7330fad1b3b6e9cf30a067da2f74399dc7265d434cc1750efa41c22105bf88e03ff1a37a1700871ffa52efe127279869dc6b0277529015891302602575f6a9088a5e3ee777e0cf2f88bb5e68a68bb675be48f41fc50e2696486409ae6ae2d244f0734334fc35769355bc7fb8ccceb760b12e39c63d14d05d2e9f353c3398311118b130e6db576676ea09c89777e4ef1c12b999bc596f68d9708dd59b6415fe9c156d9a843e0b736677e859347879685862e462f11fe1ea46287edd92b19a1e3c23d4b698e0661afb4ef45f797c253fad69f9914fe215e52fa8c5322e335a13b030176bc26927b356acc4907c77e548eb7f18db5ac0d57f2046fc23cd340800276156f51efde4de0e681afed165b6831b4a486044931152fd3e90e4cf0b5c1d420f24e036d7dc27a49c343b737cba97559532b3540922c8798a5f83d97f68914b2c2d63b434f90f334592940f0e4531727b903509c4d12eec01f6a5b0f4fe61200dc0c27b3af9adf3628fe2a2d21fed4151485037309f8509cd5ea5bf0d58535fd58183402766956ba398132127fc706aa3f63b23265a9e48fa7217caddeb7ccf883c4a09fc008cfcdfe4bbdc61c8e105a8ec2858e46bbb54c7be9a920e979f5e5d30882cf2bc520382cfc2188291a7ac19538f49e3d0fabfa7e79c932bc11201a52493628fdc0eaacc3733782a37ec28fbbc8f0b8c4f4e1da1d7d26d7508b1c3dc4cac5f90e85cf589179837f0863ab233b79665b74afe691aefac387934a4d77f556050ad2db63a0663761875f768d7a45e6c2bf8b0ef4e9c14ebf45af4de84a6d83d7dbb1e16aedab20f684d8f0b066ded7446875efa683bb718a375af24a4b36671f8c0be906f8c69c0c5252e9c38466b140f3ca008a84534b0e8526b002d3304b26737b7af8f6cbd4fccd6a5b23fcad808d5e04cffa87e03cd9927c0f4fab8e2ddb303e58a26f448dace4694512b188c5c0f082296c560d99316cf440de178fc21249e5b0f110137675750b608507c86f6c531d31980a2c80bf5a0c3a2b05d4a4a6a915a57d4b9608f04880aed34cb4ee0fcc1e8b58f38a1c2a78e18c3f1968630bd16ffb5b5f60b1c5ad6ed6124b84f4dbc317b3e857466aa59d21ec26e86fa5076cbd2364d5d7a59285db8e21ec100a54276925d5eff4881a96289a7a8ef1020c543bc079c133c9153d993d04dad8222fe532a4e6daafe8f33604db67c6d530c722b655d62833a888e59f8ba7efd23ab150a23abdef07138dc2142609b5d2691ebeb545494ec70a83da2f9b0955ff668cb9a002139eee096bf2577e0ee5d3e9c4ddeef70354b0212cbde5943709aedeca28432c18c1daa09dfccb7b46efbdaf79708b6260955437c6536ac856f39c93351b41354cc7fa6e674bfb415ddd20fd72e3bd73ebd28c5e923f2212e56b6987d60c53f934256d13b6cfff4da75710548dd0d5ee58563e48e34607f1e7cedceef2518c2547d64909d1af2764bce55306c3068838ec145367f3ceb79badbc216343457b681de34fa1d74e97fca97436463352e753d299632b0abd15eb293557e1bbd1481c9b973e59a066c9b67bc8a49d1c3e6a02fc77543367fb9aaffea23f3b8c3bd29de78423f7301c30ec029d45d845832b05db2426689aec39a1a14f9b9529a9ccaa2e0b9c874f322718e676d8d7413d9a0aefbfbee58d44e207e5edbd175139cd957bbfc63b5886b02fe06d71cd6bd6124925de5ee7f2f0e58e00aca0fda3437016e6b3e162bdec036c9c863fc306b1963a2b189bf73cd2a61f3d0b5dae5b76b2b8facc0e65f00e4f71bd739944b81564f56979b31af71f1512fe2f1dd14510fa414466ef70b4d787e6097791ee37d7027e355a4dbe7fdc0fac6b8555c05ae1372142189413c2ff09e2a08260c70d59eaf9b3b4ec40e958fd6b485e62451351dd40465cb58ea4ec4a5404929963b22bcca47cfb4804060f3cdb01ffbc806133f2535942e2f9", 0x581}, {&(0x7f0000000200)="d3", 0x1}, {&(0x7f0000000300)='u', 0x1}], 0x4) 00:54:19 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) creat(&(0x7f0000000140)='./bus\x00', 0x0) r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0) ftruncate(r1, 0x800) r2 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0) sendfile(r1, r2, &(0x7f0000000380), 0x8001) connect(0xffffffffffffffff, 0x0, 0x0) r3 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) r4 = creat(&(0x7f0000000180)='./file0\x00', 0x0) ioctl$EXT4_IOC_MOVE_EXT(r3, 0xc028660f, &(0x7f0000000100)={0x0, r4, 0x0, 0x0, 0x800000000000000}) [ 229.997792][ T9814] capability: warning: `syz-executor.0' uses deprecated v2 capabilities in a way that may be insecure 00:54:19 executing program 0: r0 = creat(&(0x7f0000000380)='./bus\x00', 0x0) io_setup(0x2, &(0x7f0000000040)=0x0) io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0}]) io_getevents(r1, 0x0, 0x1, &(0x7f0000000180)=[{}], 0x0) [ 230.139078][ T9823] overlayfs: conflicting lowerdir path 00:54:19 executing program 4: syz_emit_ethernet(0x7e, &(0x7f00000001c0)={@link_local={0x1, 0x80, 0xc2, 0x40000000, 0x689}, @local, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x48, 0x0, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000]}, {[@srh={0x0, 0x2, 0x4, 0x1, 0x0, 0x0, 0x0, [@loopback]}], @icmpv6=@dest_unreach={0xffffff86, 0x0, 0x0, 0x0, [0x7, 0x608], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}, @ipv4={[], [], @remote}}}}}}}}, 0x0) 00:54:19 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x14e24}, 0x1c) recvmmsg(r0, &(0x7f0000002b00)=[{{&(0x7f00000000c0)=@pptp, 0x80, 0x0}}], 0x1, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x1000000000004e24, 0x0, @ipv4={[], [], @loopback}}, 0x1c) sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0) 00:54:19 executing program 3: capset(&(0x7f0000000180)={0x20071026}, &(0x7f0000000200)) mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x0, 0x0, 0x0) 00:54:19 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x1, 0x53, 0x1, 0x2, 0x0, 0x0}, 0x12) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r0, &(0x7f0000000040)}, 0x20) 00:54:22 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$cont(0x20, r0, 0x0, 0x0) 00:54:22 executing program 0: socket$nl_route(0x10, 0x3, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff}) r1 = socket$inet_udp(0x2, 0x2, 0x0) close(r1) splice(r0, 0x0, r1, 0x0, 0x10005, 0x0) write$P9_RSETATTR(r0, &(0x7f0000000000)={0x7, 0x1b, 0xef8}, 0x7) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 00:54:22 executing program 1: syz_emit_ethernet(0x13e, &(0x7f0000000200)={@link_local={0x1, 0x80, 0xc2, 0x40000000, 0x689}, @local, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x108, 0x0, 0x0, @remote, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000]}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b, 0x52, 0x0, [0x0], "fffec541950a1665f79182fe2a021f8ac0458dbae0a0d1d6a3eb7b6f043f0997fa445ff39f6759c4f8853d59282fbcff015772fb4fafbd67d448c1ca21233faabb7145173ab3136de9754ebfea9024e9230b"}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [], "5d9f47797e64fed70cb001eec27d4e009beee7c6a4799c5830a2f1777d4aca6f1f30d38afb0783ae8a31f988d4b09a2032b4d4643af057b0248aba2fe53edcf47cb9a3b03784047e808ad172"}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd, [0x0], "ee043c32fecc24c2"}, {}, {}, {0x8, 0x6558, 0x0, "b504298dbac906962cd10942116d8c955948733ee481a6c1ed21"}}}}}}}, 0x0) 00:54:22 executing program 3: perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xc}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x37) setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={0x0, {{0x2, 0x0, @multicast1=0xe0000002}}, {{0x2, 0x0, @dev}}}, 0x108) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 00:54:22 executing program 4: pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x0) poll(&(0x7f0000000080)=[{r0}], 0x1, 0x40) r1 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r1, 0x0, 0x91, 0x0, 0x0, 0x800e004e1) r2 = open$dir(&(0x7f0000000180)='./file0\x00', 0x40000400000002c2, 0x0) ppoll(&(0x7f00000000c0)=[{r2}], 0x1, 0x0, 0x0, 0x0) shutdown(r1, 0x0) 00:54:22 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = socket$inet_udplite(0x2, 0x2, 0x88) readv(r0, &(0x7f0000000040)=[{&(0x7f0000000180)=""/141, 0x8d}, {0x0}, {0x0}], 0x3) recvfrom$inet(r1, 0x0, 0xa1a2, 0x0, 0x0, 0x800e00545) shutdown(r0, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) recvmsg(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000080)=""/228, 0xe4}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x6}, 0x2) r3 = dup(r2) r4 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r4, 0x0, 0x73a0b1b, 0x0, 0x0, 0x800e00549) shutdown(r3, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) read(r5, &(0x7f0000000240)=""/183, 0xb7) shutdown(r4, 0x0) shutdown(r1, 0x0) 00:54:22 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) readv(r0, &(0x7f0000001bc0)=[{&(0x7f0000000000)=""/37, 0x25}, {0x0}], 0x2) r1 = dup(r0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r2, 0x0, 0x1014a, 0x0, 0x0, 0x800e00515) shutdown(r1, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) readv(r3, &(0x7f0000000140)=[{&(0x7f00000001c0)=""/159, 0x9f}, {0x0}], 0x2) r4 = dup(r3) r5 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r5, 0x0, 0xccf3, 0x0, 0x0, 0x800e0050e) shutdown(r4, 0x0) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) recvmsg(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000280)=""/92, 0x5c}, {0x0}, {0x0}], 0x3}, 0x0) shutdown(r5, 0x0) shutdown(r2, 0x0) 00:54:22 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) readv(r0, &(0x7f0000001bc0)=[{&(0x7f0000000000)=""/37, 0x25}, {0x0}, {0x0}], 0x3) r1 = dup(r0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r2, 0x0, 0x1014a, 0x0, 0x0, 0x800e00515) shutdown(r1, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) readv(r3, &(0x7f0000000140)=[{&(0x7f00000001c0)=""/159, 0x9f}], 0x1) r4 = dup(r3) r5 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r5, 0x0, 0xccf3, 0x0, 0x0, 0x800e0050e) shutdown(r4, 0x0) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) recvmsg(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000280)=""/92, 0x5c}, {0x0}, {0x0}], 0x3}, 0x0) shutdown(r5, 0x0) shutdown(r2, 0x0) [ 232.891140][ T9858] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 232.908197][ T9858] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 232.990855][ T9858] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 233.020459][ T9876] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 00:54:22 executing program 0: poll(&(0x7f0000000080)=[{}], 0x1, 0x40) r0 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r0, 0x0, 0x91, 0x0, 0x0, 0x800e004e1) r1 = open$dir(&(0x7f0000000180)='./file0\x00', 0x40000400000002c2, 0x0) ppoll(&(0x7f00000000c0)=[{r1}], 0x1, &(0x7f0000000100)={0xd4}, 0x0, 0x0) shutdown(r0, 0x0) [ 233.070859][ T9876] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. 00:54:22 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) close(0xffffffffffffffff) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0xffffff3f, &(0x7f0000000200)={&(0x7f0000000080)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x60210}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 00:54:23 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000180)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) recvmmsg(r0, &(0x7f0000006480)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000001c0)=""/137, 0x89}], 0x1}}, {{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000500)=""/121, 0x79}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x3, 0x0, 0x0) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf9221a7511bf746bec66ba", 0x7ff0, 0x8, 0x0, 0x1c) 00:54:23 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f0000000040)={0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x7f}) 00:54:25 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$cont(0x20, r0, 0x0, 0x0) 00:54:25 executing program 1: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x2000004, 0x100000000000031, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x1, &(0x7f0000000000), 0x4) 00:54:25 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@allocspi={0xf8, 0x16, 0x317, 0x0, 0x0, {{{@in6=@loopback, @in=@dev}, {@in6=@mcast2, 0x0, 0x6c}, @in=@loopback, {}, {}, {}, 0x0, 0x0, 0xa}}}, 0xf8}}, 0x0) 00:54:25 executing program 2: socket$inet6_udplite(0xa, 0x2, 0x88) creat(&(0x7f0000000300)='./file0\x00', 0x0) sched_setattr(0x0, 0x0, 0x0) socket$inet6(0xa, 0x2, 0x0) inotify_init() recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000059, 0x0, 0x0) write$char_usb(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$SEG6(0x0) sendmsg$SEG6_CMD_SET_TUNSRC(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000001740)={{{@in=@multicast1, @in6=@ipv4={[], [], @empty}, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x5}, {}, 0xffff6146, 0x0, 0x2, 0x1}, {{@in=@dev}, 0x8, @in6=@mcast1, 0x3503, 0x0, 0x0, 0x0, 0x0, 0x2}}, 0xe8) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r0, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r2) 00:54:25 executing program 1: r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) r1 = syz_open_dev$dri(0x0, 0x0, 0x0) ioctl$DRM_IOCTL_ADD_CTX(r1, 0xc0086420, &(0x7f0000000080)={0x0}) ioctl$DRM_IOCTL_LOCK(r0, 0x4008642a, &(0x7f0000000000)={r2}) 00:54:25 executing program 0: 00:54:25 executing program 2: 00:54:25 executing program 0: 00:54:25 executing program 1: [ 236.560110][ T9893] bridge0: port 2(bridge_slave_1) entered disabled state [ 236.568519][ T9893] bridge0: port 1(bridge_slave_0) entered disabled state [ 240.808822][ T9894] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 240.824946][ T9894] 8021q: adding VLAN 0 to HW filter on device bond0 [ 240.838021][ T9894] 8021q: adding VLAN 0 to HW filter on device team0 [ 240.890798][ T9894] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. 00:54:32 executing program 4: 00:54:32 executing program 2: 00:54:32 executing program 0: 00:54:32 executing program 1: 00:54:32 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:54:32 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f0000000040)={0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x7f}) 00:54:32 executing program 0: 00:54:32 executing program 1: 00:54:32 executing program 2: 00:54:32 executing program 3: 00:54:32 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x4529c4bc) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e) sendto(r1, &(0x7f0000000200), 0x40900, 0x0, 0x0, 0x0) 00:54:32 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000001280)=[{}], 0x1, 0x0) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e) sendto(r1, &(0x7f0000000200), 0x40900, 0x0, 0x0, 0x0) 00:54:32 executing program 1: r0 = socket(0x2000000000000021, 0x2, 0x10000000000002) connect$rxrpc(r0, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @rand_addr=0xdd}}, 0x24) sendmmsg(r0, &(0x7f0000005c00)=[{{0x0, 0xfffffffffffffd95, 0x0, 0x0, &(0x7f00000014c0)=ANY=[@ANYBLOB="1800000000000000100100000100000005e8000078780000e458c598ba4904c77813ab29fb450a2e834efe3f87695931515781ae36a4d148f269399022f544be4fac9508cce4df4d7015eb590bbfb45e2584f446722053f150259880259dffe3815bdb2281145dd688759944bd09b0f55e7ca54b07bd9189af703ee573aca360f4bca4f5019235efcea227e56f94ddc8d5e02f38fdcdad2e5cc22b1f090ecf60605f3d9129670b0b9e8c56b4acbbd36b212f5886f611593d05faab615257dde5c6399662226d04c913f5633630ec61c6252513711fc5ba13ba917010af72b45ac8f7d0a5bcd51d041d91e14b8102e02279416c97c7a841cdcfaaab2710f3b73cc0b082d87c889667f0112300"], 0x18}}], 0x1, 0x0) recvfrom$rxrpc(r0, 0x0, 0x0, 0x69c97db7e4654f88, 0x0, 0x0) 00:54:32 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e) sendto(r1, &(0x7f0000000200), 0x40900, 0x0, 0x0, 0x0) 00:54:32 executing program 3: r0 = socket$inet(0x2, 0x2000080001, 0x84) poll(&(0x7f0000000000)=[{r0}], 0x1, 0x80000000) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f00000000c0)=@assoc_value={0x0, 0x1ff}, 0x8) sendmsg(r0, &(0x7f000001afc8)={&(0x7f0000006000)=@in={0x2, 0x4e20, @loopback}, 0x80, &(0x7f0000007f80)=[{&(0x7f00000001c0)='*', 0x1a000}], 0x1}, 0x0) 00:54:32 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a4530f92304f242b416ae9eeefc0e9c61abab1c176bf9bb4dde984510c82dc2b9381b72b100d0682fd0a0c4906b29e220dc28dac72599456d4c4e6f3fe2d1dee18f638ac947b5e026a3287c84ccc727d6ef3834293812e927c01c7da1322da44c7f2ed1084aa2f56d1cb398dff1db3df9858837458a4ca03767c69cee1b6be484e4c9507af216bd8ed42f7dd5adb8e49f4a94615e49c08c9a208e4557cd4ed88b37ab8d7674c644dca2f"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0x0, &(0x7f00000000c0)="b9ff03c6630d698cb89e0bf088ca1fffffff0e000000631177fbac14140ce0", 0x0, 0x9}, 0x28) 00:54:35 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000001280)=[{}], 0x1, 0x0) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e) sendto(r1, &(0x7f0000000200), 0x40900, 0x0, 0x0, 0x0) 00:54:35 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:54:35 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x4529c4bc) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e) sendto(r1, &(0x7f0000000200), 0x40900, 0x0, 0x0, 0x0) 00:54:35 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000001280)=[{}], 0x1, 0x0) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e) sendto(r1, &(0x7f0000000200), 0x40900, 0x0, 0x0, 0x0) 00:54:35 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e) sendto(r1, &(0x7f0000000200), 0x40900, 0x0, 0x0, 0x0) 00:54:35 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e) sendto(r1, &(0x7f0000000200), 0x40900, 0x0, 0x0, 0x0) 00:54:35 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e) sendto(r1, &(0x7f0000000200), 0x40900, 0x0, 0x0, 0x0) 00:54:35 executing program 4: mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote, 0x4}, 0x1c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sysinfo(&(0x7f0000000240)=""/143) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$netlink(0x10, 0x3, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCGPKT(r1, 0x80045438, &(0x7f0000000040)) ioctl$TIOCSPTLCK(r1, 0x40045431, &(0x7f0000000100)) wait4(0x0, 0x0, 0x80000000, 0x0) getpid() r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e22, 0x0, @ipv4={[], [], @multicast1}}, 0x1c) sendfile(r0, 0xffffffffffffffff, 0x0, 0xedc0) r3 = accept4$inet(0xffffffffffffffff, 0x0, &(0x7f00000004c0), 0x100000) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r3, 0x8982, &(0x7f0000000500)={0x1, 'ip6tnl0\x00', {}, 0x9380}) r4 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000340)='cgroup.subtree_control\x00', 0x2, 0x0) write$cgroup_subtree(r4, &(0x7f0000000380)=ANY=[], 0x0) 00:54:35 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e) sendto(r1, &(0x7f0000000200), 0x40900, 0x0, 0x0, 0x0) 00:54:35 executing program 1: syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={[{@noacl='noacl'}]}) 00:54:35 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e) sendto(r1, &(0x7f0000000200), 0x40900, 0x0, 0x0, 0x0) [ 246.533562][T10030] gfs2: not a GFS2 filesystem [ 246.625504][T10030] gfs2: not a GFS2 filesystem 00:54:36 executing program 0: openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x48f, &(0x7f0000000000)={0x0, @empty, 0x0, 0x0, 'sh\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x88\x00'}, 0x2c) [ 246.723021][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 246.729008][ C0] protocol 88fb is buggy, dev hsr_slave_1 00:54:36 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = add_key$keyring(&(0x7f0000000240)='keyring\x00', &(0x7f00000004c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffb) keyctl$get_keyring_id(0x0, r2, 0x0) 00:54:38 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:54:38 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ttyS3\x00', 0x0, 0x0) pwritev(r1, &(0x7f0000001280)=[{&(0x7f0000000140)="fc80beb9bf9e13eabbc217e2d98331433506743ff21737167dc1f5171616fcc207c6a698d03b9ba7335c9a1d81d71b2301d908210b9381a53d056a31290116516ccca07838c3d96f8bb8c81642ce79a1ff994187ae53a5854eab8b3bf414d01179e2a9fae5d56de72765e66730c04c967d2cff08c4f30332b8891cd1d1324091ddc4ff751cf643f57c8cb80faf6c4c8bb9358856b9599f069025a557b608012fa695a630f2c08ed6ac17707ba32bb38f1eefa5b8f4f694d7c41119c57b6867cf459066f925df7a1ac405f73a4007254f39989b3bd338ce0e13a6ae9ae1f40e5e05c156dc9bb9a9ce32f880597b7e01ba97bd33e903753fd5cf754c960404631d8ca387beb1fc0af05ae08261a4168c52ba80bea725fbde675412eff385204a2fd04378b20ca8576a54b85b8df3e66000cf1c4417fab603c0734dbb925f9a230423582c9b2eceb52f3d7aefcb401c2724db0e94397fa1e975cf810ce9925b5a080d4774c48be2ea4037016f7d78cb340263491da765e9c6ff1acecc908dba61c2ffda6bbb66b14c2d29b5e961fee90563b6c43f3b2f61eeb852013eaf9a18afc1a8e9631d983b68ebde7d5b68bd074b7935e0bf63594e4ec7a866107235ca55104fd85d2cd6477081a142d6418128bab216ab76d288f476562c2ce73e0dca45bef972d29286db27eaa6a407cc2ced5f107cf08be15ab112d5a22a8d6993b564a11277b52b7be5538df0adcb678205a95f31a2599bb4b1546b275a0c99d61acf646831d205f2ace9929781598272c874b3c103f5b604ef322c16d6f9083f35d5d46a898ef2d8365f28d44e3653aa2fb4df0a8f1fe0a5f52ee0bd5c59769e031323a599c853d7928ca537e664e56dc39f8f0f818767dcc3f968012c198593758e3cc809e1ede30090fa5bb4eb4d67a8de639b07fc774ee8568a3294e61262153b722f573d77ff09d07a701b17817e14b9ae5bea7012703dc1b69769b94f7c8d18c55bdfdaa538c635752d8ece41338261d33c4ee0211fd97a290abe13a874c1b99776162093c9cbe9f2e3e53b96ab5a55fef482c98ceb25e1b80f4cfcbdd42e1d06a622217ea2e987bfed13a6319446448391b730aa2210bc179f0a7246cfead5eeef989b7e7b2ecb18711e944ca0fb6908fc046ca53dc0bbfc39451c3a7780277a7517df906faebe6424962f758740ef6c919e739168170c2f9d21e53b580e4c4082914dd1ddb0e689c03fbdfd8c2b55cea46441ee4fb6f9e0b827dae906b8f370d38734930f332d4d215dba0c6cf4755d580d21dba4e6c0044717464be88aad01bbc8a32b45031894042160272f8a391681c390bc19e87ea0fc7d05aaddd81cc6f5cfaefcf55b7ef8b706e7321bb0907c", 0x3d0}, {&(0x7f0000001200)}], 0x2, 0x4529c4bc) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) r2 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r2, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e) sendto(r2, &(0x7f0000000200), 0x40900, 0x0, 0x0, 0x0) 00:54:38 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e) sendto(r1, &(0x7f0000000200), 0x40900, 0x0, 0x0, 0x0) 00:54:38 executing program 2: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f00000002c0)=0x9, 0x4) syz_emit_ethernet(0x6e, &(0x7f0000000040)={@broadcast, @dev, [], {@ipv6={0x86dd, {0x0, 0x6, "4c310f", 0x38, 0x3a, 0x0, @empty, @mcast2, {[], @icmpv6=@dest_unreach={0x2, 0x0, 0x0, 0x0, [], {0x0, 0x6, "008000", 0x0, 0x3a, 0x0, @empty, @initdev={0xfe, 0x88, [], 0x0, 0x0}, [], "f601929f106531aa"}}}}}}}, 0x0) 00:54:38 executing program 0: openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x48f, &(0x7f0000000000)={0x0, @empty, 0x0, 0x0, 'sh\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x88\x00'}, 0x2c) 00:54:38 executing program 4: mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote, 0x4}, 0x1c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sysinfo(&(0x7f0000000240)=""/143) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$netlink(0x10, 0x3, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCGPKT(r1, 0x80045438, &(0x7f0000000040)) ioctl$TIOCSPTLCK(r1, 0x40045431, &(0x7f0000000100)) wait4(0x0, 0x0, 0x80000000, 0x0) getpid() r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e22, 0x0, @ipv4={[], [], @multicast1}}, 0x1c) sendfile(r0, 0xffffffffffffffff, 0x0, 0xedc0) r3 = accept4$inet(0xffffffffffffffff, 0x0, &(0x7f00000004c0), 0x100000) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r3, 0x8982, &(0x7f0000000500)={0x1, 'ip6tnl0\x00', {}, 0x9380}) r4 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000340)='cgroup.subtree_control\x00', 0x2, 0x0) write$cgroup_subtree(r4, &(0x7f0000000380)=ANY=[], 0x0) 00:54:38 executing program 2: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f00000002c0)=0x9, 0x4) syz_emit_ethernet(0x6e, &(0x7f0000000040)={@broadcast, @dev, [], {@ipv6={0x86dd, {0x0, 0x6, "4c310f", 0x38, 0x3a, 0x0, @empty, @mcast2, {[], @icmpv6=@dest_unreach={0x4, 0x0, 0x0, 0x0, [], {0x0, 0x6, "008000", 0x0, 0x3a, 0x0, @empty, @initdev={0xfe, 0x88, [], 0x0, 0x0}, [], "f601929f106531aa"}}}}}}}, 0x0) 00:54:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:54:38 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e) sendto(r1, &(0x7f0000000200), 0x40900, 0x0, 0x0, 0x0) 00:54:38 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup3(r0, r1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = gettid() ioprio_set$pid(0x1, r3, 0x0) 00:54:38 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ttyS3\x00', 0x0, 0x0) pwritev(r1, &(0x7f0000001280)=[{&(0x7f0000000140)="fc80beb9bf9e13eabbc217e2d98331433506743ff21737167dc1f5171616fcc207c6a698d03b9ba7335c9a1d81d71b2301d908210b9381a53d056a31290116516ccca07838c3d96f8bb8c81642ce79a1ff994187ae53a5854eab8b3bf414d01179e2a9fae5d56de72765e66730c04c967d2cff08c4f30332b8891cd1d1324091ddc4ff751cf643f57c8cb80faf6c4c8bb9358856b9599f069025a557b608012fa695a630f2c08ed6ac17707ba32bb38f1eefa5b8f4f694d7c41119c57b6867cf459066f925df7a1ac405f73a4007254f39989b3bd338ce0e13a6ae9ae1f40e5e05c156dc9bb9a9ce32f880597b7e01ba97bd33e903753fd5cf754c960404631d8ca387beb1fc0af05ae08261a4168c52ba80bea725fbde675412eff385204a2fd04378b20ca8576a54b85b8df3e66000cf1c4417fab603c0734dbb925f9a230423582c9b2eceb52f3d7aefcb401c2724db0e94397fa1e975cf810ce9925b5a080d4774c48be2ea4037016f7d78cb340263491da765e9c6ff1acecc908dba61c2ffda6bbb66b14c2d29b5e961fee90563b6c43f3b2f61eeb852013eaf9a18afc1a8e9631d983b68ebde7d5b68bd074b7935e0bf63594e4ec7a866107235ca55104fd85d2cd6477081a142d6418128bab216ab76d288f476562c2ce73e0dca45bef972d29286db27eaa6a407cc2ced5f107cf08be15ab112d5a22a8d6993b564a11277b52b7be5538df0adcb678205a95f31a2599bb4b1546b275a0c99d61acf646831d205f2ace9929781598272c874b3c103f5b604ef322c16d6f9083f35d5d46a898ef2d8365f28d44e3653aa2fb4df0a8f1fe0a5f52ee0bd5c59769e031323a599c853d7928ca537e664e56dc39f8f0f818767dcc3f968012c198593758e3cc809e1ede30090fa5bb4eb4d67a8de639b07fc774ee8568a3294e61262153b722f573d77ff09d07a701b17817e14b9ae5bea7012703dc1b69769b94f7c8d18c55bdfdaa538c635752d8ece41338261d33c4ee0211fd97a290abe13a874c1b99776162093c9cbe9f2e3e53b96ab5a55fef482c98ceb25e1b80f4cfcbdd42e1d06a622217ea2e987bfed13a6319446448391b730aa2210bc179f0a7246cfead5eeef989b7e7b2ecb18711e944ca0fb6908fc046ca53dc0bbfc39451c3a7780277a7517df906faebe6424962f758740ef6c919e739168170c2f9d21e53b580e4c4082914dd1ddb0e689c03fbdfd8c2b55cea46441ee4fb6f9e0b827dae906b8f370d38734930f332d4d215dba0c6cf4755d580d21dba4e6c0044717464be88aad01bbc8a32b45031894042160272f8a391681c390bc19e87ea0fc7d05aaddd81cc6f5cfaefcf55b7ef8b706e7321bb0907c", 0x3d0}, {&(0x7f0000001200)}], 0x2, 0x4529c4bc) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) r2 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r2, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e) sendto(r2, &(0x7f0000000200), 0x40900, 0x0, 0x0, 0x0) 00:54:38 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup3(r0, r1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000440)='cgroup2\x00', 0x0, 0x0) mkdir(&(0x7f0000000180)='./file0//ile0\x00', 0x0) rmdir(&(0x7f0000000340)='./file0//ile0\x00') 00:54:41 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e) sendto(r1, &(0x7f0000000200), 0x40900, 0x0, 0x0, 0x0) 00:54:41 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:54:41 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca711fcd0cdfa146ec56175037958e271f60d25b7937f02008b5e5a076d83923dd29c034055b67dafe6c8dc3d5d78c07f34e4d5b318e2ec0efd49897a745f801ff110026e6d2efe31ab7ea0c34f17e3ad6ef3bb62203099e90f4580d760551b5b341a2d7cbdb9cd38bdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7eaa49c62ba0fe52fa65f1328d6704902cbe7bc04b82d2789cb132b8667c21476619f28d9961b63e1a9cf6c2a660a17e3c184b751c51160fbcbbf35b1e7be6148ba532e6ea09c346dfebd31a08b32808b802000000000000ea334d83239dd27080e71113610e10d858e8327ef01fb6c86adac12233f9a1fb9c2aec61ce63a3335fce5617b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a6ea0182babc18cae2ed4b4390af9a9ceafd07ed00b000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2b, 0xfffffffffffffe7f, &(0x7f0000000500)="b9ff0300600d698cb89e14f065581fffffff00000057632f77fbac14140ee934a0a662079f4b4d2f87e5feca6aab845013f2325f1a39010108038da1924425181aa5", 0x0, 0x100, 0x60000000, 0x0, 0xfffffffffffffe09}, 0x28) perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) open_by_handle_at(0xffffffffffffffff, 0x0, 0x0) 00:54:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:54:41 executing program 4: 00:54:41 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ttyS3\x00', 0x0, 0x0) pwritev(r1, &(0x7f0000001280)=[{&(0x7f0000000140)="fc80beb9bf9e13eabbc217e2d98331433506743ff21737167dc1f5171616fcc207c6a698d03b9ba7335c9a1d81d71b2301d908210b9381a53d056a31290116516ccca07838c3d96f8bb8c81642ce79a1ff994187ae53a5854eab8b3bf414d01179e2a9fae5d56de72765e66730c04c967d2cff08c4f30332b8891cd1d1324091ddc4ff751cf643f57c8cb80faf6c4c8bb9358856b9599f069025a557b608012fa695a630f2c08ed6ac17707ba32bb38f1eefa5b8f4f694d7c41119c57b6867cf459066f925df7a1ac405f73a4007254f39989b3bd338ce0e13a6ae9ae1f40e5e05c156dc9bb9a9ce32f880597b7e01ba97bd33e903753fd5cf754c960404631d8ca387beb1fc0af05ae08261a4168c52ba80bea725fbde675412eff385204a2fd04378b20ca8576a54b85b8df3e66000cf1c4417fab603c0734dbb925f9a230423582c9b2eceb52f3d7aefcb401c2724db0e94397fa1e975cf810ce9925b5a080d4774c48be2ea4037016f7d78cb340263491da765e9c6ff1acecc908dba61c2ffda6bbb66b14c2d29b5e961fee90563b6c43f3b2f61eeb852013eaf9a18afc1a8e9631d983b68ebde7d5b68bd074b7935e0bf63594e4ec7a866107235ca55104fd85d2cd6477081a142d6418128bab216ab76d288f476562c2ce73e0dca45bef972d29286db27eaa6a407cc2ced5f107cf08be15ab112d5a22a8d6993b564a11277b52b7be5538df0adcb678205a95f31a2599bb4b1546b275a0c99d61acf646831d205f2ace9929781598272c874b3c103f5b604ef322c16d6f9083f35d5d46a898ef2d8365f28d44e3653aa2fb4df0a8f1fe0a5f52ee0bd5c59769e031323a599c853d7928ca537e664e56dc39f8f0f818767dcc3f968012c198593758e3cc809e1ede30090fa5bb4eb4d67a8de639b07fc774ee8568a3294e61262153b722f573d77ff09d07a701b17817e14b9ae5bea7012703dc1b69769b94f7c8d18c55bdfdaa538c635752d8ece41338261d33c4ee0211fd97a290abe13a874c1b99776162093c9cbe9f2e3e53b96ab5a55fef482c98ceb25e1b80f4cfcbdd42e1d06a622217ea2e987bfed13a6319446448391b730aa2210bc179f0a7246cfead5eeef989b7e7b2ecb18711e944ca0fb6908fc046ca53dc0bbfc39451c3a7780277a7517df906faebe6424962f758740ef6c919e739168170c2f9d21e53b580e4c4082914dd1ddb0e689c03fbdfd8c2b55cea46441ee4fb6f9e0b827dae906b8f370d38734930f332d4d215dba0c6cf4755d580d21dba4e6c0044717464be88aad01bbc8a32b45031894042160272f8a391681c390bc19e87ea0fc7d05aaddd81cc6f5cfaefcf55b7ef8b706e7321bb0907c", 0x3d0}, {&(0x7f0000001200)}], 0x2, 0x4529c4bc) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) r2 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r2, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e) sendto(r2, &(0x7f0000000200), 0x40900, 0x0, 0x0, 0x0) 00:54:41 executing program 4: 00:54:41 executing program 3: 00:54:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:54:41 executing program 4: 00:54:41 executing program 3: 00:54:41 executing program 4: 00:54:41 executing program 1: 00:54:44 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:54:44 executing program 2: 00:54:44 executing program 3: 00:54:44 executing program 4: 00:54:44 executing program 1: 00:54:44 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:54:44 executing program 4: 00:54:44 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)='.', 0x1, 0xfffffffffffffffd) 00:54:44 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$RTC_EPOCH_READ(r1, 0x8008700d, &(0x7f0000000000)) prctl$PR_SET_MM(0x23, 0xa, &(0x7f0000ffa000/0x2000)=nil) 00:54:44 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) getgid() 00:54:44 executing program 4: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet(0x2, 0x3, 0x2) semget$private(0x0, 0x0, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x10, 0x3, 0x0) bind$alg(0xffffffffffffffff, 0x0, 0x0) sendmsg(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000440)="4c0000001200ff09fffefd956fa283b7270fd917df226c24a6008000000000000000683540150024001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d0f", 0x4c}], 0x1}, 0xa000) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}, 0x20, 0x0, 0x0, 0x0, 0x100000000000, 0xffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmmsg(r0, &(0x7f0000001380), 0x4000056, 0x0, &(0x7f0000000200)={0x77359400}) recvmmsg(0xffffffffffffffff, &(0x7f00000038c0)=[{{0x0, 0xc0, 0x0, 0x0, 0x0, 0x314}}], 0x400000000000440, 0x0, 0x0) ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000140)={0x4001, 0x1ff, 0x0, 0x806, 0x7, 0x0, 0x40, 0x0, 0x9, 0x5}) write$FUSE_GETXATTR(0xffffffffffffffff, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = creat(&(0x7f00000003c0)='./file1\x00', 0x0) ioctl(r1, 0x6681, 0x0) sendmsg$inet(r1, &(0x7f0000001700)={0x0, 0xfffffe0d, 0x0, 0x1fb3695cce46ee31, &(0x7f00000000c0)=ANY=[@ANYPTR64], 0x519}, 0x44001) syz_emit_ethernet(0x1, &(0x7f0000001640)=ANY=[@ANYRESDEC], 0x0) preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/packet\x00') preadv(r2, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) open(0x0, 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) 00:54:44 executing program 2: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/pfkey\x00', 0x29d6aa7ac780489c, 0x0) [ 255.608415][T10173] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.4'. [ 255.653943][T10173] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.4'. [ 255.804572][T10181] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.4'. [ 255.815354][T10181] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.4'. [ 255.825577][T10181] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.4'. [ 255.835086][T10181] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.4'. [ 255.844633][T10181] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.4'. [ 255.856339][T10181] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.4'. [ 255.865921][T10181] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.4'. [ 255.875555][T10181] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.4'. 00:54:47 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:54:47 executing program 1: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180)={'syz'}, &(0x7f0000000100), 0xca, 0xfffffffffffffffe) 00:54:47 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) r4 = open(&(0x7f0000000400)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x11, r4, 0x0) read(r4, &(0x7f0000000180)=""/19, 0xfffffe47) openat$ppp(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ppp\x00', 0x40, 0x0) ioctl$DRM_IOCTL_ADD_BUFS(r4, 0xc0206416, &(0x7f0000000100)={0x4, 0x3, 0xff7ffffc, 0x1, 0x1c, 0x8000}) mkdir(0x0, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x1004e20}, 0x10) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r5, 0x6, 0x10000000013, &(0x7f00000001c0)=0x1, 0x40e) accept4$packet(r4, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000240)=0x14, 0x80000) connect$inet(r5, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10) setsockopt$inet_tcp_int(r5, 0x6, 0x4000000000014, &(0x7f00000000c0)=0x2, 0x4) sendmmsg(r5, &(0x7f0000007f40)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000400)="9f", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000940)='!', 0x1}], 0x1}}], 0x127ad, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) 00:54:47 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:54:47 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:54:47 executing program 4: r0 = getpid() process_vm_writev(r0, &(0x7f0000002480)=[{&(0x7f0000000000)=""/4096, 0x1000}], 0x1, &(0x7f0000003a40)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, 0x0) 00:54:47 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001640)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet6(0xa, 0x2, 0x0) r4 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'veth0\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f0000000200)={@mcast1, @initdev={0xfe, 0x88, [], 0x0, 0x0}, @remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1400104, r5}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) socketpair$unix(0x1, 0x2, 0x0, 0x0) ioctl$sock_inet6_SIOCDELRT(r3, 0x890c, &(0x7f0000000000)={@mcast1, @rand_addr="e4e19a5c10c9332dc4b500fa97eeb441", @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}) [ 258.367611][T10194] encrypted_key: insufficient parameters specified [ 258.378545][T10190] hfsplus: unable to find HFS+ superblock 00:54:47 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000140)=[{0x200000000006, 0x0, 0x0, 0xfffffffb}]}) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280), 0x4) [ 258.411734][T10194] encrypted_key: insufficient parameters specified 00:54:47 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = creat(&(0x7f00000003c0)='./file1\x00', 0x0) sync_file_range(r2, 0x0, 0x3, 0x1) 00:54:47 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) fchmod(r0, 0xc2482e4dfc1fe8d7) 00:54:47 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) [ 258.559403][ T26] audit: type=1326 audit(1576198487.860:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10209 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d74a code=0xffff0000 00:54:48 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 258.760199][T10226] hfsplus: unable to find HFS+ superblock [ 259.347625][ T26] audit: type=1326 audit(1576198488.650:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10209 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d74a code=0xffff0000 00:54:50 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:54:50 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, @sit={{0x8, 0x1, 'sit\x00'}, {0xc, 0x2, [@tunl_policy=[@IFLA_IPTUN_TOS={0x8}]]}}}]}, 0x38}}, 0x0) 00:54:50 executing program 1: r0 = socket$inet6(0xa, 0x80003, 0x6b) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="080db5055e0bcfe8476071") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x4}, {0x0, [0x0, 0x0]}}, &(0x7f0000000300)=""/250, 0x1c, 0xfa, 0x8}, 0x20) 00:54:50 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:54:50 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:54:50 executing program 3: socket$inet6(0xa, 0x0, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x3}, {0x0, [0x0]}}, &(0x7f0000000300)=""/250, 0x1b, 0xfa, 0x8}, 0x20) [ 261.442000][T10248] netlink: 'syz-executor.4': attribute type 5 has an invalid length. [ 261.446991][T10247] BPF:No type found 00:54:50 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 261.513323][T10258] BPF:No type found 00:54:50 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:54:50 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:54:50 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r3, 0x29, 0x11, &(0x7f0000005ffc)=0x2, 0x4) [ 261.586123][T10260] hfsplus: unable to find HFS+ superblock [ 261.623119][T10271] BPF:No type found 00:54:51 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xfffffffffffffffe, 0x4, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$usbfs(&(0x7f0000000840)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0) migrate_pages(0x0, 0x8, &(0x7f0000000080)=0xe68, &(0x7f00000000c0)=0x81) 00:54:51 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x5aeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000002c0)="2e00000010008108040f80ecdb4cb92e0a480e0528000000e8bd6efb12600c000e000200400000ff050005001202", 0x2e}], 0x1}, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/fib_triestat\x00') getsockopt$EBT_SO_GET_INIT_INFO(r1, 0x0, 0x82, &(0x7f00000000c0)={'broute\x00'}, &(0x7f0000000140)=0x78) 00:54:51 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:54:51 executing program 3: r0 = socket$inet6(0xa, 0x100000000000001, 0x84) getsockopt$bt_hci(r0, 0x84, 0x13, &(0x7f0000000080)=""/4095, &(0x7f0000001140)=0xfff) r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x40000, 0x0) setsockopt$IP_VS_SO_SET_TIMEOUT(r1, 0x0, 0x48a, &(0x7f0000000040)={0x3, 0x3, 0x3}, 0xc) 00:54:51 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:54:51 executing program 3: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x10000000000002, 0x10000) r1 = dup(0xffffffffffffffff) write$cgroup_type(r1, &(0x7f0000000000)='thr\x00', 0x8) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/kvm\x00', 0x0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x6, &(0x7f0000000340), 0x4) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x100, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000380)=""/164) ioctl$UFFDIO_ZEROPAGE(0xffffffffffffffff, 0xc020aa04, &(0x7f0000000080)={{&(0x7f0000ffb000/0x1000)=nil, 0x1000}, 0x2}) ioctl$KVM_ENABLE_CAP(r3, 0x4068aea3, 0x0) syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5) openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/dlm-control\x00', 0x100, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)) r7 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r7, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x3}, 0xb) shutdown(r7, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r7, 0x84, 0x7b, &(0x7f0000000280), &(0x7f00000002c0)=0x18) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x58, &(0x7f0000000180)=[@in6={0xa, 0x4e21, 0x39, @dev={0xfe, 0x80, [], 0xc}, 0x691bd245}, @in={0x2, 0x4e23, @local}, @in6={0xa, 0x4e22, 0xae7b, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x2a}}, 0x8}, @in={0x2, 0x4e21, @local}]}, &(0x7f0000000240)=0x10) r8 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x400000) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x2, 0x0, 0xfffffdac) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000100)="460f300f07c483614804ee08440f20c03506000000440f22c0c402f93473230f09f20f013cb9b805000000b9c00000000f01d90fc728c4c1f9e79f2e000000", 0x3f}], 0x1, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x8642957429963afb, @perf_bp={0x0, 0x8}, 0x10080, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) listen(0xffffffffffffffff, 0x10000) ioctl$KVM_RUN(r8, 0xae80, 0x0) clone(0x0, 0x0, &(0x7f0000000500), &(0x7f0000000540), &(0x7f0000000580)="18f60a2111586ff65f2573aab50febd1d64fbb4158f63355602481443fece7a1f642d7754be2dbbcd0a5afdcf5e5f5fa7bac7fa790a735e74bb290d2ccdd91d9eacb6ed623261827e03be7b7622d9dabee3c4c88") r9 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_ADD(r0, 0x4c80, r9) [ 262.079118][T10301] hfsplus: unable to find HFS+ superblock 00:54:51 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r2) sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB="280200003200190100000000000000000200000008025f002677177fc337a32e57deaa33bfe14c92ba04e8fb528d830b1ad230da8e591380718519c44efe505c9406dd5af72d4e62359da170eefb51ed5136377c7001e63c35aeb99cec7cb2b779cce4334c64c7317bd5d3ec4e53cb62bec81ac701001c0023d6b0ad068def4b5ac26d87edd672ac307739511f7063d9b7ca8e09a6d80daa2f1f43282d60fe17a4a2782b9d60abf46dbb62f0f88e9b73ad671a5047a2c195660bb1c20e2f15a6161e77bfc7d1b538310c6f4755f853acc4caa2cab2cbc753746a8c4c1fad945a55763bc9376f648487cc2670195c75f8975580a73464194ac43f32c5253c263db62d9f554513270a01462d8f2d89744d733178464815452c907ac880fa08004c00", @ANYRES32=r0, @ANYBLOB='\b\x00Z\x00', @ANYRES32=r2, @ANYBLOB="14000b0025443a8170c6bf79ba8e55247492661ed8c89eb65214ec050cfe855d05bde88eab4a786fc749ebc3d8ad5ba4f34edfd1e8bf4d3405af36f369cc6de30c1c1cceae340e3f35c6feadbc6cd64dab090cfde2234b11f1a85eb1602f0472b1bd95ae95a733629ced9e4a94ed8e5da086b929edb934c97d601db2668e122b79d7e9d1243774fe8b3891608d063855a697ec412fee6792ca4e0f5ed84647750b4f3e1d412d092d83b07b9bbacd8e42a946941de7fad1553715a6550d2c1416daa165132000760021736563757269747970726f632d6c6f6d696d655f7479706521000008007e00810000000000000c00010008000300067379e3a0e1941a9060bde285ebf60492092af4ee0968b6cb2add6658341baf0adc6f5db2c59da999a1e0efeeb9f04af93a29d0564e65eb83663daaaaeb28ace2c345d0c67b4525168403bc2453d0103df7f63b3e760116618fa20ef5d08cda19d776bc97576f5a6fbd0a6bb4949ea9ceac6b7a2237a05422ee607c9930307f229d2976c3b3b8662fac95a4525c5864eac29a8af6d0f93a848a553de4f2e9390d87074b005ae1229b39f1387ba29ebe000000000000000000", @ANYRES32], 0x228}}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = syz_genetlink_get_family_id$SEG6(&(0x7f0000001200)='SEG6\x00') r6 = openat$dlm_plock(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$SEG6_CMD_GET_TUNSRC(r6, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r5, 0x0, 0x70bd28, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x81}, 0x0) sendmsg$SEG6_CMD_GET_TUNSRC(r4, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80030}, 0xc, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="08002bbd7000fedbdf25040000001400010000000000000000000000000000000001080004000400000089a276f908bc888d32091502b1979a55d8f2b7535826bf8d4ab64ccc6738da26319b2aaa3a119ab0019541734efe2cdb4a03f73f22638417c73eb937bd2a84d5106b009b14ccedf2b0864ad727f16b1c92e4f2b254f55e5418a15f0db0146c"], 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) getsockopt$inet6_mtu(r8, 0x29, 0x17, &(0x7f00000001c0), &(0x7f0000000200)=0x4) 00:54:51 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) msgget$private(0x0, 0x100) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setxattr$system_posix_acl(&(0x7f0000000580)='./file1\x00', &(0x7f00000005c0)='system.posix_acl_default\x00', &(0x7f0000000300)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="04000000fc11b034d7616086165f87897c00000000080000000b673736ee90b3862747c9069f711176270e530a860900000083b693fc1bdb0cc4559830de36fcf60ebab14b5f8d6d662b99de70a94edbd16f467e45c5d2c1a569b664dd0580652f", @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x34, 0x0) mount$overlay(0x40000f, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65302c776f726b6469723d2e2f66696c65315c00069cc5ada1caeb7e9d5f6a51c7df78161b89067e758badd4267d65ab792963cb"]) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) pipe(0x0) ioctl$EVIOCGVERSION(0xffffffffffffffff, 0x80044501, &(0x7f0000000100)=""/71) r1 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x20000) mknodat(r0, &(0x7f0000000040)='./file0\x00', 0x400, 0xff) ioctl$DRM_IOCTL_GET_CAP(r1, 0xc010640c, &(0x7f0000000200)={0x9, 0x1}) 00:54:51 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$dupfd(r1, 0x0, r0) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:54:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:54:51 executing program 4: r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x20000, 0x1000}, 0x18) setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f00000004c0)=0x80, 0x4) setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000080)=0x2, 0x4) r1 = socket(0x100000000011, 0x2, 0x0) bind(r1, &(0x7f0000000400)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0}, &(0x7f00000002c0)=0x14) setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f00000001c0)=0x400, 0x4) r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dlm_plock\x00', 0x8000, 0x0) ioctl$VIDIOC_G_EXT_CTRLS(r3, 0xc0205647, &(0x7f0000000200)={0x4, 0x7, 0x9, [], &(0x7f0000000180)={0x990966, 0x3, [], @value=0x2}}) bind$xdp(r0, &(0x7f0000000040)={0x2c, 0x0, r2}, 0x10) close(r0) [ 262.516862][T10327] overlayfs: conflicting lowerdir path [ 262.534627][T10332] hfsplus: unable to find HFS+ superblock 00:54:51 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$dupfd(r1, 0x0, r0) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) [ 262.730006][T10338] overlayfs: workdir and upperdir must reside under the same mount 00:54:52 executing program 4: r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x20000, 0x1000}, 0x18) setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f00000004c0)=0x80, 0x4) setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000080)=0x2, 0x4) r1 = socket(0x100000000011, 0x2, 0x0) bind(r1, &(0x7f0000000400)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0}, &(0x7f00000002c0)=0x14) setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f00000001c0)=0x400, 0x4) r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dlm_plock\x00', 0x8000, 0x0) ioctl$VIDIOC_G_EXT_CTRLS(r3, 0xc0205647, &(0x7f0000000200)={0x4, 0x7, 0x9, [], &(0x7f0000000180)={0x990966, 0x3, [], @value=0x2}}) bind$xdp(r0, &(0x7f0000000040)={0x2c, 0x0, r2}, 0x10) close(r0) 00:54:52 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:54:52 executing program 3: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x10000000000002, 0x10000) r1 = dup(0xffffffffffffffff) write$cgroup_type(r1, &(0x7f0000000000)='thr\x00', 0x8) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/kvm\x00', 0x0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x6, &(0x7f0000000340), 0x4) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x100, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000380)=""/164) ioctl$UFFDIO_ZEROPAGE(0xffffffffffffffff, 0xc020aa04, &(0x7f0000000080)={{&(0x7f0000ffb000/0x1000)=nil, 0x1000}, 0x2}) ioctl$KVM_ENABLE_CAP(r3, 0x4068aea3, 0x0) syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5) openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/dlm-control\x00', 0x100, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)) r7 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r7, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x3}, 0xb) shutdown(r7, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r7, 0x84, 0x7b, &(0x7f0000000280), &(0x7f00000002c0)=0x18) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x58, &(0x7f0000000180)=[@in6={0xa, 0x4e21, 0x39, @dev={0xfe, 0x80, [], 0xc}, 0x691bd245}, @in={0x2, 0x4e23, @local}, @in6={0xa, 0x4e22, 0xae7b, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x2a}}, 0x8}, @in={0x2, 0x4e21, @local}]}, &(0x7f0000000240)=0x10) r8 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x400000) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x2, 0x0, 0xfffffdac) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000100)="460f300f07c483614804ee08440f20c03506000000440f22c0c402f93473230f09f20f013cb9b805000000b9c00000000f01d90fc728c4c1f9e79f2e000000", 0x3f}], 0x1, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x8642957429963afb, @perf_bp={0x0, 0x8}, 0x10080, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) listen(0xffffffffffffffff, 0x10000) ioctl$KVM_RUN(r8, 0xae80, 0x0) clone(0x0, 0x0, &(0x7f0000000500), &(0x7f0000000540), &(0x7f0000000580)="18f60a2111586ff65f2573aab50febd1d64fbb4158f63355602481443fece7a1f642d7754be2dbbcd0a5afdcf5e5f5fa7bac7fa790a735e74bb290d2ccdd91d9eacb6ed623261827e03be7b7622d9dabee3c4c88") r9 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_ADD(r0, 0x4c80, r9) [ 262.820963][T10347] hfsplus: unable to find HFS+ superblock 00:54:52 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x80, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f0000000040)) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e24, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00000003c0), 0x4) recvmsg$kcm(0xffffffffffffffff, 0x0, 0x1) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) fchmod(0xffffffffffffffff, 0x4a) ioctl$BLKBSZGET(0xffffffffffffffff, 0x80081270, &(0x7f00000002c0)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, 0x0) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0x2bcf) setsockopt$IP_VS_SO_SET_FLUSH(0xffffffffffffffff, 0x0, 0x485, 0x0, 0x0) shutdown(r0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(0xffffffffffffffff, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, &(0x7f0000000580)) setgid(0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$bt_BT_VOICE(0xffffffffffffffff, 0x112, 0xb, &(0x7f00000000c0)=0x60, 0x2) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) write$P9_RSTAT(r6, &(0x7f0000000140)=ANY=[@ANYBLOB="440000007d0200000000280100000004000000000000000000204062f800000500000004000000000000006d3102005e2f000004006574683000000000"], 0x44) recvmsg(r0, &(0x7f0000001440)={0x0, 0xa, &(0x7f00000015c0)=[{&(0x7f0000001600)=""/4096, 0xf99e}], 0x1, 0x0, 0xff96ce4aaaa47475, 0xd909}, 0x100) 00:54:54 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:54:54 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:54:54 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$dupfd(r1, 0x0, r0) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:54:54 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x2, 0x0) getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000000040), &(0x7f0000000080)=0x4) r2 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) poll(&(0x7f0000000840)=[{r3}, {}], 0x2, 0xff) 00:54:54 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$dupfd(r1, 0x0, r0) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:54:54 executing program 3: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x10000000000002, 0x10000) r1 = dup(0xffffffffffffffff) write$cgroup_type(r1, &(0x7f0000000000)='thr\x00', 0x8) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/kvm\x00', 0x0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x6, &(0x7f0000000340), 0x4) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x100, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r4, 0xc008ae05, &(0x7f0000000380)=""/164) ioctl$UFFDIO_ZEROPAGE(0xffffffffffffffff, 0xc020aa04, &(0x7f0000000080)={{&(0x7f0000ffb000/0x1000)=nil, 0x1000}, 0x2}) ioctl$KVM_ENABLE_CAP(r3, 0x4068aea3, 0x0) syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5) openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/dlm-control\x00', 0x100, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)) r7 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r7, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x3}, 0xb) shutdown(r7, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r7, 0x84, 0x7b, &(0x7f0000000280), &(0x7f00000002c0)=0x18) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x58, &(0x7f0000000180)=[@in6={0xa, 0x4e21, 0x39, @dev={0xfe, 0x80, [], 0xc}, 0x691bd245}, @in={0x2, 0x4e23, @local}, @in6={0xa, 0x4e22, 0xae7b, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x2a}}, 0x8}, @in={0x2, 0x4e21, @local}]}, &(0x7f0000000240)=0x10) r8 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x400000) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x2, 0x0, 0xfffffdac) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000100)="460f300f07c483614804ee08440f20c03506000000440f22c0c402f93473230f09f20f013cb9b805000000b9c00000000f01d90fc728c4c1f9e79f2e000000", 0x3f}], 0x1, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x8642957429963afb, @perf_bp={0x0, 0x8}, 0x10080, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) listen(0xffffffffffffffff, 0x10000) ioctl$KVM_RUN(r8, 0xae80, 0x0) clone(0x0, 0x0, &(0x7f0000000500), &(0x7f0000000540), &(0x7f0000000580)="18f60a2111586ff65f2573aab50febd1d64fbb4158f63355602481443fece7a1f642d7754be2dbbcd0a5afdcf5e5f5fa7bac7fa790a735e74bb290d2ccdd91d9eacb6ed623261827e03be7b7622d9dabee3c4c88") r9 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_ADD(r0, 0x4c80, r9) [ 265.065202][T10382] hfsplus: unable to find HFS+ superblock [ 265.081129][T10381] hfsplus: unable to find HFS+ superblock 00:54:54 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:54:54 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:54:54 executing program 4: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_ALM_SET(r0, 0x40247007, &(0x7f0000000040)={0x0, 0x0, 0xd}) 00:54:54 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$packet(0x11, 0x2, 0x300) r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) dup3(r3, r2, 0x80000) [ 265.504629][T10407] hfsplus: unable to find HFS+ superblock 00:54:54 executing program 4: mkdir(&(0x7f0000000340)='./file0\x00', 0x0) creat(&(0x7f00000003c0)='./file1\x00', 0x0) ioctl(0xffffffffffffffff, 0x0, 0x0) ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000180)={0x0, 0x0}) ioctl$DRM_IOCTL_LOCK(0xffffffffffffffff, 0x4008642a, &(0x7f00000001c0)={0x0, 0xf7071979cc2c4d83}) rename(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00') 00:54:54 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:54:55 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clock_getres(0x0, 0x0) [ 265.799223][T10424] hfsplus: unable to find HFS+ superblock 00:54:57 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:54:57 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:54:57 executing program 4: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:54:57 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:54:57 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) msgctl$IPC_RMID(0x0, 0x0) msgctl$IPC_STAT(0x0, 0x2, &(0x7f0000000000)=""/121) 00:54:57 executing program 3: renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x5c636e1d2f8a0d96) 00:54:57 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) [ 268.277138][T10446] hfsplus: unable to find HFS+ superblock 00:54:57 executing program 1: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$inet_buf(r2, 0x0, 0x25, 0x0, 0x0) 00:54:57 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:54:57 executing program 4: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) futex(0x0, 0x8b, 0x0, &(0x7f00000000c0)={0x77359400}, &(0x7f0000000100)=0x2, 0x0) 00:54:57 executing program 1: r0 = socket$vsock_stream(0x28, 0x1, 0x0) io_setup(0x1ff, &(0x7f00000003c0)=0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x4}]) 00:54:57 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 268.598840][T10466] hfsplus: unable to find HFS+ superblock 00:55:00 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:55:00 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f00000000c0)={0x1f, 0x2, {}, 0x8f}, 0xe) 00:55:00 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:55:00 executing program 4: setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000080)={{0x0, @remote, 0x0, 0x0, 'd\x00\x00\x00\x00\x04\x00\x00\x00\x06\x00\x00\x00\x00\x02\x00', 0x0, 0x2bfe1}, {@rand_addr=0x202}}, 0x44) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000080)="eb3c906d6b66732e666174000204010002000270fff8", 0xffffffffffffffe6}], 0x0, 0x0) 00:55:00 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:55:00 executing program 1: 00:55:00 executing program 1: 00:55:00 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = open(0x0, 0x0, 0x0) fcntl$setownex(0xffffffffffffffff, 0xf, 0x0) r2 = creat(&(0x7f0000000300)='./file0\x00', 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='devpts\x00', 0x0, &(0x7f00000001c0)='/selinux/policy\x00') r3 = gettid() tkill(r3, 0x3c) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r5 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r5, &(0x7f0000008880), 0x400000000000059, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r7, 0x407, 0x0) write(r7, &(0x7f0000000540)="522e8daa42740d7daab7a224c048a208537e038ab478dda564b4ae8e501d652c64ff148eefda3bdefd4f55e583095843c004a09d72d4780208e0c0d073da7c13333d3ce0682a6dab0bed4879d0cbcecf20e9ccd92c95b8b03c586e8144eeb0cd99e65838e7ba4f25856bb06d20979d65f2d71357ea9e95c3a31d6382b37fff13ca5ed16ba81a990dc066d7386f3de5e6d5d619cf8163e58b163fac48afb87004f9d6493d1c7863c7d4d8370fc8028dbc3ecf9ceb21f9bbb3", 0x41395558) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x10, 0x0, 0x0, "ad03064d0b090233180173920d2a3836f7d76f992ab41d9fcf9152ba5bd273eea9204e9b0e260d83009a02d5c5097cd5e21de9f73f07d13f44250cf2f92d6466", "7e2bc69a47db702cc8daf96f5e68254ee361331a88dd2965f18d2bee91bd828c9ec7b0c65e30a467c42d17bcaeb953b41590436e8cec4a4a5c7a1bd80aac5025", "b953833c4e60e7cc5d472aed8865f1f4e4ce7123a93bc1cedcd1a16ccf26f3f6", [0x101]}) vmsplice(r6, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r8, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) sendto$inet6(r8, 0x0, 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) ioctl$EVIOCGVERSION(r2, 0x80044501, 0x0) r9 = open(0x0, 0x0, 0x0) fsetxattr$system_posix_acl(r9, &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="020100000000000000010005080000000000b6903dadc9"], 0x1, 0x0) ioctl$BLKDISCARD(r9, 0x1277, &(0x7f0000000200)=0x3) fcntl$setlease(r1, 0x400, 0x0) ioctl$PPPIOCSPASS(r1, 0x40107447, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0xffff, 0x81, 0x0, 0x52}, {0x1000, 0x0, 0x0, 0x2}]}) 00:55:00 executing program 1: perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f00000001c0)={@dev={0xfe, 0x80, [], 0x21}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8000}, 0x20) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000b00)) ioctl$GIO_SCRNMAP(r0, 0x4b40, &(0x7f0000000580)=""/158) [ 271.442256][T10504] devpts: called with bogus options [ 271.447768][T10495] hfsplus: unable to find HFS+ superblock 00:55:00 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:55:01 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:55:01 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:55:01 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:55:01 executing program 1: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'sha384-avx2\x00'}, 0x58) [ 271.808576][T10493] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 271.886729][T10493] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 1, start 02020000) [ 271.902969][T10493] FAT-fs (loop4): Filesystem has been set read-only 00:55:01 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, 0x0, 0x0, 0x0) [ 271.987307][T10535] hfsplus: unable to find HFS+ superblock 00:55:01 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x15, 0x8, &(0x7f0000000380)=ANY=[@ANYBLOB="7a0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000bd120000000000008500000006000000b7000000000000009500000000000000cc300e58392871b75e1a8b66724ec9a6618b638a234f7ac3e98c41667a371bdd3dbfac1a393b8c21563b7e4d3c85cf5cccb484c6c383e7be0ccd4437cc4b3320d5846e14f6f99ebe90bfb5c063ab66cc3e84ed781bd705b21f89b6a9cbe612b0526f154f099225e0a50f45acb837068e30a76e3fa945e6f108a14430ec6a3ccb864528790849caec3c894609cbc71c3e00b237983b21ae2961b3320e195dae7a32d36bcdc9a6da6aed4479869960962eb792b9e8b0f31ed10456962c722656d7a001d36e9f7ef17b2ff043915d4b6281ba7e06121ba8c08554114a2806694dc24c9b8bbc62ad979412a8239011be8fcbb0285235668abd5f6b47140b8d9ab18c18c59f2fa5a2c06ad2151a0bafcf6ad583d892e6c99b99aa3c203a9ef28456e5c2614aba7f4a97bebfec5d4bffefb8e0561946163d1a57dd"], &(0x7f0000000100)='GPL\x00'}, 0x48) 00:55:01 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:55:01 executing program 2: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:55:01 executing program 1: r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000100)='\\vmnet0?\'`@{,vmnet1em0user\x00', 0x4) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0) getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, 0x0, 0x0) socket(0x0, 0x0, 0x0) ftruncate(r1, 0x1000000) syz_genetlink_get_family_id$net_dm(&(0x7f0000000640)='NET_DM\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, &(0x7f00000000c0)=0xf18001, 0xeefffdef) 00:55:01 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, 0x0, 0x0, 0x0) 00:55:01 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = open(0x0, 0x0, 0x0) fcntl$setownex(0xffffffffffffffff, 0xf, 0x0) r2 = creat(&(0x7f0000000300)='./file0\x00', 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='devpts\x00', 0x0, &(0x7f00000001c0)='/selinux/policy\x00') r3 = gettid() tkill(r3, 0x3c) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r5 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r5, &(0x7f0000008880), 0x400000000000059, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r7, 0x407, 0x0) write(r7, &(0x7f0000000540)="522e8daa42740d7daab7a224c048a208537e038ab478dda564b4ae8e501d652c64ff148eefda3bdefd4f55e583095843c004a09d72d4780208e0c0d073da7c13333d3ce0682a6dab0bed4879d0cbcecf20e9ccd92c95b8b03c586e8144eeb0cd99e65838e7ba4f25856bb06d20979d65f2d71357ea9e95c3a31d6382b37fff13ca5ed16ba81a990dc066d7386f3de5e6d5d619cf8163e58b163fac48afb87004f9d6493d1c7863c7d4d8370fc8028dbc3ecf9ceb21f9bbb3", 0x41395558) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x10, 0x0, 0x0, "ad03064d0b090233180173920d2a3836f7d76f992ab41d9fcf9152ba5bd273eea9204e9b0e260d83009a02d5c5097cd5e21de9f73f07d13f44250cf2f92d6466", "7e2bc69a47db702cc8daf96f5e68254ee361331a88dd2965f18d2bee91bd828c9ec7b0c65e30a467c42d17bcaeb953b41590436e8cec4a4a5c7a1bd80aac5025", "b953833c4e60e7cc5d472aed8865f1f4e4ce7123a93bc1cedcd1a16ccf26f3f6", [0x101]}) vmsplice(r6, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r8, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) sendto$inet6(r8, 0x0, 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) ioctl$EVIOCGVERSION(r2, 0x80044501, 0x0) r9 = open(0x0, 0x0, 0x0) fsetxattr$system_posix_acl(r9, &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="020100000000000000010005080000000000b6903dadc9"], 0x1, 0x0) ioctl$BLKDISCARD(r9, 0x1277, &(0x7f0000000200)=0x3) fcntl$setlease(r1, 0x400, 0x0) ioctl$PPPIOCSPASS(r1, 0x40107447, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0xffff, 0x81, 0x0, 0x52}, {0x1000, 0x0, 0x0, 0x2}]}) 00:55:01 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, 0x0, 0x0, 0x0) [ 272.388059][T10558] hfsplus: unable to find HFS+ superblock 00:55:01 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:55:01 executing program 2: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:55:01 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = open(0x0, 0x0, 0x0) fcntl$setownex(0xffffffffffffffff, 0xf, 0x0) r2 = creat(&(0x7f0000000300)='./file0\x00', 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='devpts\x00', 0x0, &(0x7f00000001c0)='/selinux/policy\x00') r3 = gettid() tkill(r3, 0x3c) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r5 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r5, &(0x7f0000008880), 0x400000000000059, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r7, 0x407, 0x0) write(r7, &(0x7f0000000540)="522e8daa42740d7daab7a224c048a208537e038ab478dda564b4ae8e501d652c64ff148eefda3bdefd4f55e583095843c004a09d72d4780208e0c0d073da7c13333d3ce0682a6dab0bed4879d0cbcecf20e9ccd92c95b8b03c586e8144eeb0cd99e65838e7ba4f25856bb06d20979d65f2d71357ea9e95c3a31d6382b37fff13ca5ed16ba81a990dc066d7386f3de5e6d5d619cf8163e58b163fac48afb87004f9d6493d1c7863c7d4d8370fc8028dbc3ecf9ceb21f9bbb3", 0x41395558) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x10, 0x0, 0x0, "ad03064d0b090233180173920d2a3836f7d76f992ab41d9fcf9152ba5bd273eea9204e9b0e260d83009a02d5c5097cd5e21de9f73f07d13f44250cf2f92d6466", "7e2bc69a47db702cc8daf96f5e68254ee361331a88dd2965f18d2bee91bd828c9ec7b0c65e30a467c42d17bcaeb953b41590436e8cec4a4a5c7a1bd80aac5025", "b953833c4e60e7cc5d472aed8865f1f4e4ce7123a93bc1cedcd1a16ccf26f3f6", [0x101]}) vmsplice(r6, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r8, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) sendto$inet6(r8, 0x0, 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) ioctl$EVIOCGVERSION(r2, 0x80044501, 0x0) r9 = open(0x0, 0x0, 0x0) fsetxattr$system_posix_acl(r9, &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="020100000000000000010005080000000000b6903dadc9"], 0x1, 0x0) ioctl$BLKDISCARD(r9, 0x1277, &(0x7f0000000200)=0x3) fcntl$setlease(r1, 0x400, 0x0) ioctl$PPPIOCSPASS(r1, 0x40107447, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0xffff, 0x81, 0x0, 0x52}, {0x1000, 0x0, 0x0, 0x2}]}) [ 272.473534][T10561] devpts: called with bogus options [ 272.484761][T10578] [ 272.502916][T10578] ********************************************************** 00:55:01 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 272.568038][T10578] ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** [ 272.591750][T10578] ** ** [ 272.615080][T10578] ** trace_printk() being used. Allocating extra memory. ** [ 272.633962][T10578] ** ** 00:55:01 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 272.660768][T10578] ** This means that this is a DEBUG kernel and it is ** [ 272.696462][T10578] ** unsafe for production use. ** [ 272.718880][T10587] hfsplus: unable to find HFS+ superblock [ 272.791072][T10578] ** ** [ 272.801751][T10589] devpts: called with bogus options [ 272.849727][T10578] ** If you see this message and you are not debugging ** [ 272.880991][T10578] ** the kernel, report this immediately to your vendor! ** [ 272.924425][T10578] ** ** [ 272.964782][T10578] ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** 00:55:02 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) r2 = dup2(r0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000180)=[@in6={0xa, 0x4e22, 0x0, @ipv4={[0x0, 0x0, 0x0, 0xfec0000000000000], [], @local}}, @in={0x2, 0x0, @remote}], 0x2c) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r3, 0x84, 0x6e, &(0x7f0000000000)=[@in={0x2, 0x4e22, @remote}, @in={0x2, 0x4e22, @dev={0xac, 0xb}}], 0x20) 00:55:02 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:55:02 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 273.030565][T10578] ********************************************************** 00:55:02 executing program 1: r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000100)='\\vmnet0?\'`@{,vmnet1em0user\x00', 0x4) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0) getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, 0x0, 0x0) socket(0x0, 0x0, 0x0) ftruncate(r1, 0x1000000) syz_genetlink_get_family_id$net_dm(&(0x7f0000000640)='NET_DM\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r1, &(0x7f00000000c0)=0xf18001, 0xeefffdef) 00:55:02 executing program 2: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:55:02 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = open(0x0, 0x0, 0x0) fcntl$setownex(0xffffffffffffffff, 0xf, 0x0) r2 = creat(&(0x7f0000000300)='./file0\x00', 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='devpts\x00', 0x0, &(0x7f00000001c0)='/selinux/policy\x00') r3 = gettid() tkill(r3, 0x3c) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r5 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r5, &(0x7f0000008880), 0x400000000000059, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r7, 0x407, 0x0) write(r7, &(0x7f0000000540)="522e8daa42740d7daab7a224c048a208537e038ab478dda564b4ae8e501d652c64ff148eefda3bdefd4f55e583095843c004a09d72d4780208e0c0d073da7c13333d3ce0682a6dab0bed4879d0cbcecf20e9ccd92c95b8b03c586e8144eeb0cd99e65838e7ba4f25856bb06d20979d65f2d71357ea9e95c3a31d6382b37fff13ca5ed16ba81a990dc066d7386f3de5e6d5d619cf8163e58b163fac48afb87004f9d6493d1c7863c7d4d8370fc8028dbc3ecf9ceb21f9bbb3", 0x41395558) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x10, 0x0, 0x0, "ad03064d0b090233180173920d2a3836f7d76f992ab41d9fcf9152ba5bd273eea9204e9b0e260d83009a02d5c5097cd5e21de9f73f07d13f44250cf2f92d6466", "7e2bc69a47db702cc8daf96f5e68254ee361331a88dd2965f18d2bee91bd828c9ec7b0c65e30a467c42d17bcaeb953b41590436e8cec4a4a5c7a1bd80aac5025", "b953833c4e60e7cc5d472aed8865f1f4e4ce7123a93bc1cedcd1a16ccf26f3f6", [0x101]}) vmsplice(r6, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r8, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) sendto$inet6(r8, 0x0, 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) ioctl$EVIOCGVERSION(r2, 0x80044501, 0x0) r9 = open(0x0, 0x0, 0x0) fsetxattr$system_posix_acl(r9, &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="020100000000000000010005080000000000b6903dadc9"], 0x1, 0x0) ioctl$BLKDISCARD(r9, 0x1277, &(0x7f0000000200)=0x3) fcntl$setlease(r1, 0x400, 0x0) ioctl$PPPIOCSPASS(r1, 0x40107447, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0xffff, 0x81, 0x0, 0x52}, {0x1000, 0x0, 0x0, 0x2}]}) 00:55:02 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 273.314076][T10621] hfsplus: unable to find HFS+ superblock [ 273.351183][T10629] ptrace attach of "/root/syz-executor.5"[10626] was attempted by "/root/syz-executor.5"[10629] 00:55:02 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:55:02 executing program 2: socketpair$unix(0x1, 0x2, 0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) [ 273.410210][T10624] devpts: called with bogus options 00:55:02 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 00:55:02 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x8, 0x8, &(0x7f0000000380)=ANY=[@ANYBLOB="7a0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000bd120000000000008500000006000000b7000000000000009500000000000000cc300e58392871b75e1a8b66724ec9a6618b638a234f7ac3e98c41667a371bdd3dbfac1a393b8c21563b7e4d3c85cf5cccb484c6c383e7be0ccd4437cc4b3320d5846e14f6f99ebe90bfb5c063ab66cc3e84ed781bd705b21f89b6a9cbe612b0526f154f099225e0a50f45acb837068e30a76e3fa945e6f108a14430ec6a3ccb864528790849caec3c894609cbc71c3e00b237983b21ae2961b3320e195dae7a32d36bcdc9a6da6aed4479869960962eb792b9e8b0f31ed10456962c722656d7a001d36e9f7ef17b2ff043915d4b6281ba7e06121ba8c08554114a2806694dc24c9b8bbc62ad979412a8239011be8fcbb0285235668abd5f6b47140b8d9ab18c18c59f2fa5a2c06ad2151a0bafcf6ad583d892e6c99b99aa3c203a9ef28456e5c2614aba7f4a97bebfec5d4bffefb8e0561946163d1a57dd"], &(0x7f0000000100)='GPL\x00'}, 0x48) 00:55:02 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 273.503024][T10638] ptrace attach of "/root/syz-executor.5"[10637] was attempted by "/root/syz-executor.5"[10638] [ 273.617084][T10651] ptrace attach of "/root/syz-executor.5"[10650] was attempted by "/root/syz-executor.5"[10651] [ 273.628456][T10643] hfsplus: unable to find HFS+ superblock 00:55:03 executing program 4: ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'vet\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbdh\x00'}) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000012, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="2800000010005fba001000030000000000000000", @ANYRES32=0x0, @ANYBLOB="030000000000000008001b0000000000"], 0x28}}, 0x0) 00:55:03 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xd, 0x8, &(0x7f0000000380)=ANY=[@ANYBLOB="7a0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000bd120000000000008500000006000000b7000000000000009500000000000000cc300e58392871b75e1a8b66724ec9a6618b638a234f7ac3e98c41667a371bdd3dbfac1a393b8c21563b7e4d3c85cf5cccb484c6c383e7be0ccd4437cc4b3320d5846e14f6f99ebe90bfb5c063ab66cc3e84ed781bd705b21f89b6a9cbe612b0526f154f099225e0a50f45acb837068e30a76e3fa945e6f108a14430ec6a3ccb864528790849caec3c894609cbc71c3e00b237983b21ae2961b3320e195dae7a32d36bcdc9a6da6aed4479869960962eb792b9e8b0f31ed10456962c722656d7a001d36e9f7ef17b2ff043915d4b6281ba7e06121ba8c08554114a2806694dc24c9b8bbc62ad979412a8239011be8fcbb0285235668abd5f6b47140b8d9ab18c18c59f2fa5a2c06ad2151a0bafcf6ad583d892e6c99b99aa3c203a9ef28456e5c2614aba7f4a97bebfec5d4bffefb8e0561946163d1a57dd"], &(0x7f0000000100)='GPL\x00'}, 0x48) 00:55:03 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:55:03 executing program 1: mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={{'fd'}, 0x2c, {'rootmode'}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 00:55:03 executing program 2: socketpair$unix(0x1, 0x2, 0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:55:03 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 00:55:03 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0x6b) r1 = socket(0x200000000000011, 0x4000000000080002, 0xdd86) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'ip6_vti0\x00', 0x0}) bind$packet(r1, &(0x7f0000000040)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) sendmmsg$inet(r1, &(0x7f0000002b00)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="96c6322ea684879088175969ec15e10d40e4719016cbc15a36a88c6c843e12b1f5cb6a73613ceec274", 0x33}], 0x1}}], 0x40001c0, 0x0) syz_genetlink_get_family_id$tipc(0x0) sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, 0x0, 0x0) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071") ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) 00:55:03 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 274.208848][T10666] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 274.255020][T10675] hfsplus: unable to find HFS+ superblock [ 274.271936][T10666] 8021q: adding VLAN 0 to HW filter on device bond0 00:55:03 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a4530f92304f242b416ae9eeefc0e9c60ebab1c176bf9bb4dde984510c82dc2b9381b72b100d0682fd0a0c4a06b29e220dc28dac72599456d4c4e6f3fe2d1dee18f638ac947b5e026a3287c84ccc727d6ef3834293812e927c01c7da1322da44c7f2ed1084a12f56d1cb398dff1db3df9858837458a4ca03767c69cee1b6be484e4c9507af216bd8ed42f7dd5adb8e49f4a94615e49c08c9a208e4557cd4ed88b37ab8d7674c644dca2f1b4d745fd95c41f9d441d42f49db6d4a4762e5cc23dfc1adafd1e5a3e7f2e898961cb43e438c4e41ae43ea118e1407a601dae4b8b99bffffb1ac006c67767b03b95151aeb89e6d4a43c625aa2285b6e4afd8c1cc3eb215ba22f43115dbba9dc7beedb130d9f2be90133a0e3ed34258b8c9370634060105baa664953514605fba3973aa021945b985a8a66e9cfa9d9e57033815717b4fdbe55b37cb8d7f41aacfbd4089ea1bd22440f64909a09b5a759a703e71f358e11ac8e13db15d792e604a4f279b3bd6621bdf2c17bcaabd6948537faf9fff8dc4006200607a9a76e5d9656a7154c75773902a1bdf399df3925130312d095e9c1f973d091c198c1a11a767761fe46169b2b5b8cdedb695cc425fe203d2f2655a76865c2cb4e2470fcfb1248c0add5431a7fbcb0ef4f66a09af93a09fab1daae4b518d7a5d9"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0x0, &(0x7f00000000c0)="b9ff03c6630d698cb89e0bf088ca1fffffff0e000000630277fbac14140ce0", 0x0, 0x9}, 0x28) [ 274.331721][T10666] 8021q: adding VLAN 0 to HW filter on device team0 00:55:03 executing program 2: socketpair$unix(0x1, 0x2, 0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:55:03 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) [ 274.401456][T10666] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. 00:55:03 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 274.479347][T10694] hfsplus: unable to find HFS+ superblock [ 274.554850][T10666] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 274.665181][T10666] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. 00:55:04 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$pppoe(0x18, 0x1, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r1, &(0x7f00000001c0)={0x18, 0x0, {0x100003, @local, 'ip6_vti0\x00'}}, 0x1e) connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x3, @local, 'erspan0\x00'}}, 0x1e) ioctl$PPPOEIOCSFWD(r0, 0x4008b100, &(0x7f0000000380)={0x18, 0x0, {0x3, @local, 'ip6_vti0\x00'}}) 00:55:04 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) ptrace$setsig(0x4203, 0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1}) ioctl$VIDIOC_G_CTRL(0xffffffffffffffff, 0xc008561b, &(0x7f0000000500)={0x6, 0x6}) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000740)={0x3, 0x0, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(0xffffffffffffffff, 0xc040564a, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x3ff}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb, 0x0, 0x0, 0x0, 0x400000000000000]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) sendmsg$IPVS_CMD_DEL_DEST(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[]}}, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) stat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:55:04 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:55:04 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) set_mempolicy(0x2, &(0x7f0000000040)=0x5c9, 0x4) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) syz_open_dev$loop(0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) r1 = dup(r0) setsockopt$packet_int(r1, 0x107, 0x10000000000f, &(0x7f0000006ffc)=0x400000000008, 0x26d) ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0x801c581f, 0x0) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'batadv0\x00', 0x0}) bind$packet(r0, &(0x7f0000000640)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @link_local}, 0x14) sendto$inet6(r0, &(0x7f0000000300)="0503000006023e0001a00000c52cf7c25975e697b02f08066b2b2ff0dac8897c6b11876d886b143a301817ccd51cc5471d130a6632a8816107d08f24286a57c3fe257c3314a3974bb654697f", 0xfdfa, 0x0, 0x0, 0x206) socket$inet(0x2, 0x4000000805, 0x0) 00:55:04 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:55:04 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:55:04 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:55:04 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$pppoe(0x18, 0x1, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r1, &(0x7f00000001c0)={0x18, 0x0, {0x100003, @local, 'ip6_vti0\x00'}}, 0x1e) connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x3, @local, 'erspan0\x00'}}, 0x1e) ioctl$PPPOEIOCSFWD(r0, 0x4008b100, &(0x7f0000000380)={0x18, 0x0, {0x3, @local, 'ip6_vti0\x00'}}) [ 274.892870][T10712] hfsplus: unable to find HFS+ superblock 00:55:04 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:55:04 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:55:04 executing program 3: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FUSE_DEV_IOC_CLONE(0xffffffffffffffff, 0x8004e500, 0x0) set_mempolicy(0x2, &(0x7f0000000040)=0x5c9, 0x4) socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$loop(0x0, 0x0, 0x0) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) r1 = dup(r0) setsockopt$packet_int(r1, 0x107, 0x10000000000f, &(0x7f0000006ffc)=0x400000000008, 0x26d) ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0x801c581f, 0x0) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'batadv0\x00', 0x0}) bind$packet(r0, &(0x7f0000000640)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @link_local}, 0x14) sendto$inet6(r0, &(0x7f0000000300)="0503000006023e0001a00000c52cf7c25975e697b02f08066b2b2ff0dac8897c6b11876d886b143a301817ccd51cc5471d130a6632a8816107d08f24286a57c3fe257c3314a3974bb654697f", 0xfdfa, 0x0, 0x0, 0x206) socket$inet(0x2, 0x4000000805, 0x0) 00:55:04 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:55:04 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:55:04 executing program 4: r0 = socket$pppoe(0x18, 0x1, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r1, &(0x7f00000001c0)={0x18, 0x0, {0x100003, @local, 'ip6_vti0\x00'}}, 0x1e) connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x3, @local, 'erspan0\x00'}}, 0x1e) 00:55:04 executing program 4: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) ptrace$setsig(0x4203, 0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1}) ioctl$VIDIOC_G_CTRL(0xffffffffffffffff, 0xc008561b, &(0x7f0000000500)={0x6, 0x6}) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(0xffffffffffffffff, 0xc040564a, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x3ff}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb, 0x0, 0x0, 0x0, 0x400000000000000]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) sendmsg$IPVS_CMD_DEL_DEST(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[]}}, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) stat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 275.377341][T10750] hfsplus: unable to find HFS+ superblock 00:55:04 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:55:04 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:55:04 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:55:04 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:05 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 275.758697][T10776] hfsplus: unable to find HFS+ superblock 00:55:05 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:55:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:55:05 executing program 1: bpf$PROG_LOAD(0x5, 0x0, 0x0) 00:55:05 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) [ 276.250133][T10806] hfsplus: unable to find HFS+ superblock 00:55:07 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:55:07 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:07 executing program 1: bpf$PROG_LOAD(0x5, 0x0, 0x0) 00:55:07 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:55:07 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:55:07 executing program 4: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) ptrace$setsig(0x4203, 0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1}) ioctl$VIDIOC_G_CTRL(0xffffffffffffffff, 0xc008561b, &(0x7f0000000500)={0x6, 0x6}) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(0xffffffffffffffff, 0xc040564a, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x3ff}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb, 0x0, 0x0, 0x0, 0x400000000000000]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) sendmsg$IPVS_CMD_DEL_DEST(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[]}}, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) stat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:55:07 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:07 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:07 executing program 1: bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 278.510281][T10830] hfsplus: unable to find HFS+ superblock 00:55:07 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:55:07 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:55:08 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:55:08 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:08 executing program 4: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) ptrace$setsig(0x4203, 0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1}) ioctl$VIDIOC_G_CTRL(0xffffffffffffffff, 0xc008561b, &(0x7f0000000500)={0x6, 0x6}) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(0xffffffffffffffff, 0xc040564a, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x3ff}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb, 0x0, 0x0, 0x0, 0x400000000000000]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) sendmsg$IPVS_CMD_DEL_DEST(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[]}}, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) stat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:55:08 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:55:08 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:55:08 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:08 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 279.025350][T10874] hfsplus: unable to find HFS+ superblock 00:55:08 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x0, 0x0, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 00:55:08 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, &(0x7f0000000080)="0f01d76766c7442400c70000006766c744240287c900006766c744240600000000670f011c24b93c5f00000f07363e0f01c966b8010000000f01d9d8f767f32665f7abe1bfc6ae2e360f23c30f68689e", 0x50}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11d000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x28, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:55:08 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x0, 0x0, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 00:55:08 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:55:08 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) [ 279.373707][T10897] hfsplus: unable to find HFS+ superblock 00:55:11 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:55:11 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:55:11 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x0, 0x0, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 00:55:11 executing program 3: write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(0xffffffffffffffff, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r0, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:11 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:55:11 executing program 4: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0xa03e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x10006, 0x80011, r0, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000000)='comm\x00') writev(r4, &(0x7f0000000080), 0x5b) 00:55:11 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) [ 281.901218][T10922] hfsplus: unable to find HFS+ superblock 00:55:11 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 00:55:11 executing program 3: write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(0xffffffffffffffff, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r0, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:11 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) ioctl$sock_inet6_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f00000000c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x78}) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/65, 0xffffffffffffff36}], 0x2, 0x0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0) 00:55:11 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:55:11 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) [ 282.204900][T10949] hfsplus: unable to find HFS+ superblock 00:55:14 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:55:14 executing program 3: write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(0xffffffffffffffff, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r0, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:14 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 00:55:14 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:55:14 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r1, 0xae9a) ioctl$KVM_RUN(r1, 0xae80, 0x0) 00:55:14 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:14 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:55:14 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r1, 0xae9a) ioctl$KVM_RUN(r1, 0xae80, 0x0) [ 284.983603][T10965] hfsplus: unable to find HFS+ superblock 00:55:14 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r1, 0xae9a) ioctl$KVM_RUN(r1, 0xae80, 0x0) 00:55:14 executing program 4: msgctl$MSG_STAT(0x0, 0xb, &(0x7f00000002c0)=""/187) 00:55:14 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:55:14 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 285.341062][T10991] hfsplus: unable to find HFS+ superblock 00:55:17 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:55:17 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:17 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:55:17 executing program 4: syz_mount_image$iso9660(&(0x7f0000000400)='iso9660\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB='dmode=0x0000000080000000']) 00:55:17 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:55:17 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:55:17 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, 0x0, 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 00:55:17 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:17 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, 0x0, 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 00:55:17 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 288.229628][T11011] hfsplus: unable to find HFS+ superblock 00:55:17 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:17 executing program 4: syz_mount_image$iso9660(&(0x7f0000000400)='iso9660\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB='dmode=0x0000000080000000']) 00:55:20 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:55:20 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:55:20 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(0x0, &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:55:20 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, 0x0, 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 00:55:20 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:20 executing program 4: syz_mount_image$iso9660(&(0x7f0000000400)='iso9660\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB='dmode=0x0000000080000000']) 00:55:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:55:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:55:20 executing program 4: syz_mount_image$iso9660(&(0x7f0000000400)='iso9660\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB='dmode=0x0000000080000000']) 00:55:20 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x0, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:55:20 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:20 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(0x0, &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:55:23 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:55:23 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x0, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:55:23 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, 0x0, 0x0) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:23 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:55:23 executing program 4: syz_mount_image$iso9660(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB='dmode=0x0000000080000000']) 00:55:23 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(0x0, &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:55:23 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x0, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:55:23 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:55:23 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 00:55:23 executing program 4: syz_mount_image$iso9660(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB='dmode=0x0000000080000000']) 00:55:23 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:55:23 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, 0x0, 0x0) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:26 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:55:26 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:55:26 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 00:55:26 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, 0x0, 0x0) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:26 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:55:26 executing program 4: syz_mount_image$iso9660(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB='dmode=0x0000000080000000']) 00:55:26 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:26 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 00:55:26 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:55:26 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$vcsu(0x0, 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:55:26 executing program 4: syz_mount_image$iso9660(&(0x7f0000000400)='iso9660\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB='dmode=0x0000000080000000']) 00:55:26 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001ac0)={[{@decompose='decompose'}]}) 00:55:29 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:55:29 executing program 1: r0 = memfd_create(&(0x7f00000003c0)='secur.welinu\t\x00\x00\x00\x00', 0x0) fallocate(r0, 0x3, 0x4000000000010, 0x2) 00:55:29 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:29 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$vcsu(0x0, 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:55:29 executing program 4: syz_mount_image$iso9660(&(0x7f0000000400)='iso9660\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB='dmode=0x0000000080000000']) 00:55:29 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:55:29 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:29 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$packet(0x11, 0x2, 0x300) getsockopt$packet_buf(r2, 0x107, 0x6, &(0x7f0000000380)=""/68, &(0x7f0000000080)=0x44) 00:55:29 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$vcsu(0x0, 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:55:29 executing program 4: syz_mount_image$iso9660(&(0x7f0000000400)='iso9660\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB='dmode=0x0000000080000000']) [ 300.591055][T11199] hfsplus: unable to find HFS+ superblock 00:55:29 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:30 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001540)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = eventfd(0x0) ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000040)={0x0, 0x0, 0x0, r4}) ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f00000000c0)={0x0, 0x0, 0x0, r4, 0x4}) 00:55:32 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:55:32 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x20000000, &(0x7f0000000080)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10) 00:55:32 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:32 executing program 4: syz_mount_image$iso9660(&(0x7f0000000400)='iso9660\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:55:32 executing program 1: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x3) openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/pfkey\x00', 0x29d6aa7ac780489c, 0x0) 00:55:32 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:55:32 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:32 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$RTC_EPOCH_READ(r1, 0x8008700d, &(0x7f0000000000)) prctl$PR_SET_MM(0x23, 0x2, &(0x7f0000ffb000/0x2000)=nil) [ 303.610741][T11254] ISOFS: Unable to identify CD-ROM format. 00:55:33 executing program 2: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) shmctl$IPC_INFO(0x0, 0x3, &(0x7f0000000080)=""/135) 00:55:33 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)='%', 0x1) 00:55:33 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:55:33 executing program 4: syz_mount_image$iso9660(&(0x7f0000000400)='iso9660\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 304.039737][T11289] ISOFS: Unable to identify CD-ROM format. 00:55:35 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:55:35 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$vcsu(0x0, 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:55:35 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(0xffffffffffffffff, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:35 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:55:35 executing program 4: syz_mount_image$iso9660(&(0x7f0000000400)='iso9660\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:55:35 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, 0x0, 0x0, 0x0, &(0x7f0000000180), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:55:36 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f3646023443", 0x25}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:55:36 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(0xffffffffffffffff, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) [ 306.731690][T11302] ISOFS: Unable to identify CD-ROM format. 00:55:36 executing program 4: syz_mount_image$iso9660(&(0x7f0000000400)='iso9660\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[]) 00:55:36 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$vcsu(0x0, 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:55:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, 0x0, 0x0, 0x0, &(0x7f0000000180), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:55:36 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x7, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:55:36 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(0xffffffffffffffff, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) [ 307.113531][T11332] ISOFS: Unable to identify CD-ROM format. 00:55:36 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$vcsu(0x0, 0x7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, &(0x7f0000000180), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 00:55:36 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040), 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, 0x0, 0x0) 00:55:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, 0x0, 0x0, 0x0, &(0x7f0000000180), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:55:36 executing program 4: syz_mount_image$iso9660(&(0x7f0000000400)='iso9660\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[]) 00:55:36 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040), 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, 0x0, 0x0) [ 307.669655][T11365] ISOFS: Unable to identify CD-ROM format. 00:55:39 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f3646023443", 0x25}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:55:39 executing program 2 (fault-call:3 fault-nth:0): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:55:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, 0x0}], 0x1, 0x0, &(0x7f0000000180), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:55:39 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, 0x0, 0x0, 0x0, &(0x7f0000000180), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:55:39 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040), 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, 0x0, 0x0) 00:55:39 executing program 4: syz_mount_image$iso9660(&(0x7f0000000400)='iso9660\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[]) [ 309.881949][T11381] FAULT_INJECTION: forcing a failure. [ 309.881949][T11381] name failslab, interval 1, probability 0, space 0, times 1 [ 309.897512][T11381] CPU: 1 PID: 11381 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 309.907528][T11381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 309.917592][T11381] Call Trace: [ 309.921019][T11381] dump_stack+0x197/0x210 [ 309.925433][T11381] should_fail.cold+0xa/0x10 [ 309.925453][T11381] ? setup_fault_attr+0x220/0x220 [ 309.935099][T11381] ? ___might_sleep+0x163/0x2c0 [ 309.940008][T11381] __should_failslab+0x121/0x190 [ 309.945022][T11381] should_failslab+0x9/0x14 [ 309.949532][T11381] __kmalloc+0x2e0/0x770 [ 309.953824][T11381] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 309.960315][T11381] ? fput_many+0x12c/0x1a0 [ 309.964739][T11381] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 309.970985][T11381] ? strnlen_user+0x1ed/0x2e0 [ 309.975710][T11381] ? __x64_sys_memfd_create+0x13c/0x470 [ 309.981268][T11381] __x64_sys_memfd_create+0x13c/0x470 [ 309.981285][T11381] ? memfd_fcntl+0x18a0/0x18a0 [ 309.981352][T11381] ? do_syscall_64+0x26/0x790 [ 309.981376][T11381] ? lockdep_hardirqs_on+0x421/0x5e0 [ 309.981448][T11381] ? trace_hardirqs_on+0x67/0x240 [ 309.981470][T11381] do_syscall_64+0xfa/0x790 [ 309.981504][T11381] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 309.991835][T11381] RIP: 0033:0x45a909 00:55:39 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, 0x0, 0x0, 0x0, &(0x7f0000000180), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:55:39 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040), 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) [ 309.991852][T11381] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 309.991860][T11381] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 309.991875][T11381] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045a909 [ 309.991883][T11381] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bf9b2 [ 309.991892][T11381] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000001 [ 309.991900][T11381] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4b315536d4 00:55:39 executing program 2 (fault-call:3 fault-nth:1): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 309.991908][T11381] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:55:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, 0x0}], 0x1, 0x0, &(0x7f0000000180), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:55:39 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040), 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) [ 310.257324][T11387] ISOFS: Unable to identify CD-ROM format. [ 310.298968][T11409] FAULT_INJECTION: forcing a failure. [ 310.298968][T11409] name failslab, interval 1, probability 0, space 0, times 0 [ 310.395413][T11409] CPU: 1 PID: 11409 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 310.405336][T11409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 310.415402][T11409] Call Trace: [ 310.418701][T11409] dump_stack+0x197/0x210 [ 310.423042][T11409] should_fail.cold+0xa/0x10 [ 310.427650][T11409] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 310.433829][T11409] ? setup_fault_attr+0x220/0x220 [ 310.438866][T11409] ? ___might_sleep+0x163/0x2c0 [ 310.443729][T11409] __should_failslab+0x121/0x190 [ 310.448674][T11409] ? shmem_destroy_inode+0x80/0x80 [ 310.453787][T11409] should_failslab+0x9/0x14 [ 310.458286][T11409] kmem_cache_alloc+0x2aa/0x710 [ 310.463242][T11409] ? __alloc_fd+0x487/0x620 [ 310.467754][T11409] ? shmem_destroy_inode+0x80/0x80 [ 310.472874][T11409] shmem_alloc_inode+0x1c/0x50 [ 310.477640][T11409] alloc_inode+0x68/0x1e0 [ 310.481993][T11409] new_inode_pseudo+0x19/0xf0 [ 310.486689][T11409] new_inode+0x1f/0x40 [ 310.490766][T11409] shmem_get_inode+0x84/0x7e0 [ 310.495458][T11409] __shmem_file_setup.part.0+0x7e/0x2b0 [ 310.501114][T11409] shmem_file_setup+0x66/0x90 [ 310.505816][T11409] __x64_sys_memfd_create+0x2a2/0x470 [ 310.511193][T11409] ? memfd_fcntl+0x18a0/0x18a0 [ 310.515955][T11409] ? do_syscall_64+0x26/0x790 [ 310.515973][T11409] ? lockdep_hardirqs_on+0x421/0x5e0 [ 310.515990][T11409] ? trace_hardirqs_on+0x67/0x240 [ 310.516009][T11409] do_syscall_64+0xfa/0x790 [ 310.525932][T11409] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 310.525945][T11409] RIP: 0033:0x45a909 [ 310.525959][T11409] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 310.525971][T11409] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 310.573200][T11409] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045a909 [ 310.581167][T11409] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bf9b2 00:55:39 executing program 1 (fault-call:0 fault-nth:0): bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 310.589132][T11409] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000001 [ 310.597088][T11409] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4b315536d4 [ 310.605043][T11409] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 310.692787][T11423] FAULT_INJECTION: forcing a failure. [ 310.692787][T11423] name failslab, interval 1, probability 0, space 0, times 0 [ 310.752796][T11423] CPU: 1 PID: 11423 Comm: syz-executor.1 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 310.762719][T11423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 310.772784][T11423] Call Trace: [ 310.776087][T11423] dump_stack+0x197/0x210 [ 310.780439][T11423] should_fail.cold+0xa/0x10 [ 310.785047][T11423] ? setup_fault_attr+0x220/0x220 [ 310.790086][T11423] ? ___might_sleep+0x163/0x2c0 [ 310.794949][T11423] __should_failslab+0x121/0x190 [ 310.799899][T11423] should_failslab+0x9/0x14 [ 310.804421][T11423] kmem_cache_alloc_node_trace+0x274/0x750 [ 310.810306][T11423] __get_vm_area_node+0x12f/0x3b0 [ 310.815340][T11423] __vmalloc_node_range+0xce/0x790 [ 310.820505][T11423] ? bpf_prog_alloc_no_stats+0x6b/0x2c0 [ 310.826062][T11423] ? __kasan_check_read+0x11/0x20 [ 310.831106][T11423] __vmalloc+0x44/0x50 [ 310.835177][T11423] ? bpf_prog_alloc_no_stats+0x6b/0x2c0 [ 310.840806][T11423] bpf_prog_alloc_no_stats+0x6b/0x2c0 [ 310.846165][T11423] bpf_prog_alloc+0x31/0x230 [ 310.850820][T11423] ? ns_capable_common+0x93/0x100 [ 310.855837][T11423] bpf_prog_load+0x4d3/0x1960 [ 310.860691][T11423] ? bpf_prog_new_fd+0x60/0x60 [ 310.865441][T11423] ? lock_downgrade+0x920/0x920 [ 310.870297][T11423] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 310.876587][T11423] ? security_bpf+0x8b/0xc0 [ 310.881081][T11423] __do_sys_bpf+0xa48/0x3590 [ 310.885663][T11423] ? bpf_prog_load+0x1960/0x1960 [ 310.890585][T11423] ? __kasan_check_write+0x14/0x20 [ 310.895717][T11423] ? __mutex_unlock_slowpath+0xf0/0x6a0 [ 310.901280][T11423] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 310.906556][T11423] ? wait_for_completion+0x440/0x440 [ 310.911832][T11423] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 310.918065][T11423] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 310.923509][T11423] ? do_syscall_64+0x26/0x790 [ 310.928168][T11423] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 310.934212][T11423] ? do_syscall_64+0x26/0x790 [ 310.938872][T11423] __x64_sys_bpf+0x73/0xb0 [ 310.943272][T11423] do_syscall_64+0xfa/0x790 [ 310.947756][T11423] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 310.953625][T11423] RIP: 0033:0x45a909 [ 310.957502][T11423] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 310.977106][T11423] RSP: 002b:00007f4bba1b6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 310.985512][T11423] RAX: ffffffffffffffda RBX: 00007f4bba1b6c90 RCX: 000000000045a909 [ 310.993472][T11423] RDX: 0000000000000070 RSI: 0000000020000180 RDI: 0000000000000005 [ 311.001426][T11423] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 311.009395][T11423] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4bba1b76d4 [ 311.017358][T11423] R13: 00000000004c0f9d R14: 00000000004d4b68 R15: 0000000000000003 [ 311.033419][T11423] syz-executor.1: vmalloc: allocation failure: 4096 bytes, mode:0x100dc0(GFP_USER|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1 [ 311.049697][T11423] CPU: 0 PID: 11423 Comm: syz-executor.1 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 311.059579][T11423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 311.059585][T11423] Call Trace: [ 311.059605][T11423] dump_stack+0x197/0x210 [ 311.059624][T11423] warn_alloc.cold+0x87/0x164 [ 311.059642][T11423] ? zone_watermark_ok_safe+0x260/0x260 [ 311.077259][T11423] ? kmem_cache_alloc_node_trace+0x398/0x750 [ 311.077288][T11423] ? __get_vm_area_node+0x2e7/0x3b0 [ 311.077308][T11423] __vmalloc_node_range+0x44c/0x790 [ 311.077326][T11423] ? __kasan_check_read+0x11/0x20 [ 311.108849][T11423] __vmalloc+0x44/0x50 [ 311.112914][T11423] ? bpf_prog_alloc_no_stats+0x6b/0x2c0 [ 311.118443][T11423] bpf_prog_alloc_no_stats+0x6b/0x2c0 [ 311.123802][T11423] bpf_prog_alloc+0x31/0x230 [ 311.128377][T11423] ? ns_capable_common+0x93/0x100 [ 311.133388][T11423] bpf_prog_load+0x4d3/0x1960 [ 311.138050][T11423] ? bpf_prog_new_fd+0x60/0x60 [ 311.142800][T11423] ? lock_downgrade+0x920/0x920 [ 311.147646][T11423] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 311.153868][T11423] ? security_bpf+0x8b/0xc0 [ 311.158357][T11423] __do_sys_bpf+0xa48/0x3590 [ 311.162936][T11423] ? bpf_prog_load+0x1960/0x1960 [ 311.167856][T11423] ? __kasan_check_write+0x14/0x20 [ 311.172953][T11423] ? __mutex_unlock_slowpath+0xf0/0x6a0 [ 311.178481][T11423] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 311.183749][T11423] ? wait_for_completion+0x440/0x440 [ 311.189020][T11423] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 311.195254][T11423] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 311.200695][T11423] ? do_syscall_64+0x26/0x790 [ 311.205354][T11423] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 311.211399][T11423] ? do_syscall_64+0x26/0x790 [ 311.216084][T11423] __x64_sys_bpf+0x73/0xb0 [ 311.220486][T11423] do_syscall_64+0xfa/0x790 [ 311.224977][T11423] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 311.230854][T11423] RIP: 0033:0x45a909 [ 311.234732][T11423] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 311.254312][T11423] RSP: 002b:00007f4bba1b6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 311.262703][T11423] RAX: ffffffffffffffda RBX: 00007f4bba1b6c90 RCX: 000000000045a909 [ 311.270655][T11423] RDX: 0000000000000070 RSI: 0000000020000180 RDI: 0000000000000005 [ 311.278606][T11423] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 311.286557][T11423] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4bba1b76d4 [ 311.294511][T11423] R13: 00000000004c0f9d R14: 00000000004d4b68 R15: 0000000000000003 [ 311.309959][T11423] Mem-Info: [ 311.314046][T11423] active_anon:117344 inactive_anon:215 isolated_anon:0 [ 311.314046][T11423] active_file:7749 inactive_file:37611 isolated_file:0 [ 311.314046][T11423] unevictable:0 dirty:183 writeback:0 unstable:0 [ 311.314046][T11423] slab_reclaimable:13928 slab_unreclaimable:90991 [ 311.314046][T11423] mapped:59046 shmem:284 pagetables:1560 bounce:0 [ 311.314046][T11423] free:1245354 free_pcp:534 free_cma:0 [ 311.353139][T11423] Node 0 active_anon:467280kB inactive_anon:860kB active_file:30856kB inactive_file:150444kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:236184kB dirty:732kB writeback:0kB shmem:1136kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 411648kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 311.382658][T11423] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 311.409210][T11423] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 311.438693][T11423] lowmem_reserve[]: 0 2537 2537 2537 2537 [ 311.444779][T11423] Node 0 DMA32 free:1197524kB min:36104kB low:45128kB high:54152kB reserved_highatomic:0KB active_anon:467280kB inactive_anon:860kB active_file:30856kB inactive_file:150444kB unevictable:0kB writepending:732kB present:3129332kB managed:2601076kB mlocked:0kB kernel_stack:8336kB pagetables:6236kB bounce:0kB free_pcp:2284kB local_pcp:1484kB free_cma:0kB [ 311.477678][T11423] lowmem_reserve[]: 0 0 0 0 0 [ 311.482437][T11423] Node 0 Normal free:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 311.510574][T11423] lowmem_reserve[]: 0 0 0 0 0 [ 311.515542][T11423] Node 1 Normal free:3770596kB min:53780kB low:67224kB high:80668kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870200kB mlocked:0kB kernel_stack:16kB pagetables:4kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 311.547320][T11423] lowmem_reserve[]: 0 0 0 0 0 [ 311.552355][T11423] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 311.566981][T11423] Node 0 DMA32: 10181*4kB (UME) 2583*8kB (UME) 2347*16kB (UME) 1007*32kB (UME) 512*64kB (UM) 50*128kB (UM) 11*256kB (UME) 8*512kB (UME) 4*1024kB (UME) 2*2048kB (M) 247*4096kB (UM) = 1197148kB [ 311.586738][T11423] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 311.598674][T11423] Node 1 Normal: 23*4kB (UE) 97*8kB (UE) 172*16kB (UME) 104*32kB (UME) 39*64kB (UM) 16*128kB (U) 10*256kB (UME) 3*512kB (U) 1*1024kB (M) 1*2048kB (M) 916*4096kB (M) = 3770596kB [ 311.616611][T11423] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 311.626497][T11423] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 311.636164][T11423] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 311.646109][T11423] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 311.656111][T11423] 45652 total pagecache pages [ 311.661084][T11423] 0 pages in swap cache [ 311.665239][T11423] Swap cache stats: add 0, delete 0, find 0/0 [ 311.672054][T11423] Free swap = 0kB [ 311.675827][T11423] Total swap = 0kB [ 311.679535][T11423] 1965979 pages RAM [ 311.683369][T11423] 0 pages HighMem/MovableOnly [ 311.688041][T11423] 344183 pages reserved [ 311.692499][T11423] 0 pages cma reserved 00:55:42 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f3646023443", 0x25}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:55:42 executing program 4: syz_mount_image$iso9660(&(0x7f0000000400)='iso9660\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB]) 00:55:42 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040), 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:42 executing program 2 (fault-call:3 fault-nth:2): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:55:42 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, 0x0}], 0x1, 0x0, &(0x7f0000000180), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:55:42 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 313.009842][T11433] FAULT_INJECTION: forcing a failure. [ 313.009842][T11433] name failslab, interval 1, probability 0, space 0, times 0 [ 313.022735][T11433] CPU: 0 PID: 11433 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 313.033070][T11433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 313.043299][T11433] Call Trace: [ 313.046626][T11433] dump_stack+0x197/0x210 [ 313.050960][T11433] should_fail.cold+0xa/0x10 [ 313.055561][T11433] ? setup_fault_attr+0x220/0x220 [ 313.060573][T11433] ? ___might_sleep+0x163/0x2c0 [ 313.065416][T11433] __should_failslab+0x121/0x190 [ 313.070385][T11433] should_failslab+0x9/0x14 [ 313.074872][T11433] kmem_cache_alloc+0x2aa/0x710 [ 313.079703][T11433] ? current_time+0x6b/0x110 [ 313.084378][T11433] ? ktime_get_coarse_real_ts64+0xeb/0x2a0 [ 313.090178][T11433] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 313.096400][T11433] ? timestamp_truncate+0x20f/0x2f0 [ 313.101594][T11433] __d_alloc+0x2e/0x8c0 [ 313.105746][T11433] d_alloc_pseudo+0x1e/0x70 [ 313.110241][T11433] alloc_file_pseudo+0xe2/0x280 [ 313.115080][T11433] ? alloc_file+0x4d0/0x4d0 [ 313.120020][T11433] ? lockdep_annotate_inode_mutex_key+0x5b/0x70 [ 313.126258][T11433] ? __kasan_check_write+0x14/0x20 [ 313.131368][T11433] __shmem_file_setup.part.0+0x108/0x2b0 [ 313.136996][T11433] shmem_file_setup+0x66/0x90 [ 313.141676][T11433] __x64_sys_memfd_create+0x2a2/0x470 [ 313.147122][T11433] ? memfd_fcntl+0x18a0/0x18a0 [ 313.151876][T11433] ? do_syscall_64+0x26/0x790 [ 313.156548][T11433] ? lockdep_hardirqs_on+0x421/0x5e0 [ 313.161826][T11433] ? trace_hardirqs_on+0x67/0x240 [ 313.166904][T11433] do_syscall_64+0xfa/0x790 [ 313.171417][T11433] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 313.177649][T11433] RIP: 0033:0x45a909 [ 313.181534][T11433] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 313.201145][T11433] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 313.209549][T11433] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045a909 [ 313.217500][T11433] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bf9b2 [ 313.225539][T11433] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000001 [ 313.233499][T11433] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4b315536d4 [ 313.241465][T11433] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:55:42 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x0, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:42 executing program 1: bpf$PROG_LOAD(0x2, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:55:42 executing program 2 (fault-call:3 fault-nth:3): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 313.330926][T11439] ISOFS: Unable to identify CD-ROM format. 00:55:42 executing program 4: syz_mount_image$iso9660(&(0x7f0000000400)='iso9660\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB]) 00:55:42 executing program 1: bpf$PROG_LOAD(0x3, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 313.486518][T11454] FAULT_INJECTION: forcing a failure. [ 313.486518][T11454] name failslab, interval 1, probability 0, space 0, times 0 [ 313.537170][T11454] CPU: 1 PID: 11454 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 313.547093][T11454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 313.557155][T11454] Call Trace: [ 313.560455][T11454] dump_stack+0x197/0x210 [ 313.564798][T11454] should_fail.cold+0xa/0x10 [ 313.569396][T11454] ? setup_fault_attr+0x220/0x220 [ 313.574411][T11454] ? ___might_sleep+0x163/0x2c0 [ 313.574433][T11454] __should_failslab+0x121/0x190 [ 313.574450][T11454] should_failslab+0x9/0x14 [ 313.574467][T11454] kmem_cache_alloc+0x2aa/0x710 [ 313.593631][T11454] ? rwlock_bug.part.0+0x90/0x90 [ 313.598579][T11454] ? lock_downgrade+0x920/0x920 [ 313.603438][T11454] __alloc_file+0x27/0x340 [ 313.607863][T11454] alloc_empty_file+0x72/0x170 [ 313.612640][T11454] alloc_file+0x5e/0x4d0 [ 313.616892][T11454] alloc_file_pseudo+0x189/0x280 [ 313.621829][T11454] ? alloc_file+0x4d0/0x4d0 [ 313.626332][T11454] ? lockdep_annotate_inode_mutex_key+0x5b/0x70 [ 313.632695][T11454] ? __kasan_check_write+0x14/0x20 [ 313.637825][T11454] __shmem_file_setup.part.0+0x108/0x2b0 [ 313.643470][T11454] shmem_file_setup+0x66/0x90 [ 313.648157][T11454] __x64_sys_memfd_create+0x2a2/0x470 [ 313.653534][T11454] ? memfd_fcntl+0x18a0/0x18a0 [ 313.653549][T11454] ? do_syscall_64+0x26/0x790 [ 313.653568][T11454] ? lockdep_hardirqs_on+0x421/0x5e0 [ 313.662976][T11454] ? trace_hardirqs_on+0x67/0x240 [ 313.662997][T11454] do_syscall_64+0xfa/0x790 [ 313.663014][T11454] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 313.663031][T11454] RIP: 0033:0x45a909 [ 313.687537][T11454] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 313.707129][T11454] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 313.707143][T11454] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045a909 [ 313.707150][T11454] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bf9b2 00:55:43 executing program 1: bpf$PROG_LOAD(0x4, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 313.707158][T11454] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000001 [ 313.707165][T11454] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4b315536d4 [ 313.707178][T11454] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 313.742053][T11462] ISOFS: Unable to identify CD-ROM format. 00:55:45 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c4", 0x37}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:55:45 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x0, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:45 executing program 1: bpf$PROG_LOAD(0x6, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:55:45 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:55:45 executing program 2 (fault-call:3 fault-nth:4): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:55:45 executing program 4: syz_mount_image$iso9660(&(0x7f0000000400)='iso9660\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB]) 00:55:45 executing program 1: bpf$PROG_LOAD(0x7, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 316.342882][T11481] FAULT_INJECTION: forcing a failure. [ 316.342882][T11481] name failslab, interval 1, probability 0, space 0, times 0 [ 316.383615][T11485] ISOFS: Unable to identify CD-ROM format. [ 316.390830][T11481] CPU: 1 PID: 11481 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 316.390847][T11481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 316.410767][T11481] Call Trace: [ 316.414061][T11481] dump_stack+0x197/0x210 [ 316.418379][T11481] should_fail.cold+0xa/0x10 [ 316.422949][T11481] ? memcg_kmem_put_cache+0xad/0x1a0 [ 316.428216][T11481] ? setup_fault_attr+0x220/0x220 [ 316.433234][T11481] ? ___might_sleep+0x163/0x2c0 [ 316.438077][T11481] __should_failslab+0x121/0x190 [ 316.442995][T11481] should_failslab+0x9/0x14 [ 316.447476][T11481] kmem_cache_alloc+0x2aa/0x710 [ 316.452313][T11481] ? kmem_cache_alloc+0x364/0x710 [ 316.457318][T11481] security_file_alloc+0x39/0x170 [ 316.462381][T11481] __alloc_file+0xde/0x340 [ 316.466778][T11481] alloc_empty_file+0x72/0x170 [ 316.471524][T11481] alloc_file+0x5e/0x4d0 [ 316.475760][T11481] alloc_file_pseudo+0x189/0x280 [ 316.480678][T11481] ? alloc_file+0x4d0/0x4d0 [ 316.485162][T11481] ? lockdep_annotate_inode_mutex_key+0x5b/0x70 [ 316.491380][T11481] ? __kasan_check_write+0x14/0x20 [ 316.496476][T11481] __shmem_file_setup.part.0+0x108/0x2b0 [ 316.502098][T11481] shmem_file_setup+0x66/0x90 [ 316.506779][T11481] __x64_sys_memfd_create+0x2a2/0x470 [ 316.512139][T11481] ? memfd_fcntl+0x18a0/0x18a0 [ 316.516893][T11481] ? do_syscall_64+0x26/0x790 [ 316.521549][T11481] ? lockdep_hardirqs_on+0x421/0x5e0 [ 316.526826][T11481] ? trace_hardirqs_on+0x67/0x240 [ 316.531844][T11481] do_syscall_64+0xfa/0x790 [ 316.536328][T11481] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 316.542242][T11481] RIP: 0033:0x45a909 [ 316.546130][T11481] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 316.565721][T11481] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 316.574125][T11481] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045a909 00:55:45 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x0, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) [ 316.582077][T11481] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bf9b2 [ 316.590040][T11481] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000001 [ 316.598000][T11481] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4b315536d4 [ 316.605967][T11481] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:55:46 executing program 4: syz_mount_image$iso9660(&(0x7f0000000400)='iso9660\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB='dmode=0x0000']) 00:55:46 executing program 2 (fault-call:3 fault-nth:5): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:55:46 executing program 1: bpf$PROG_LOAD(0x8, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:55:46 executing program 3 (fault-call:2 fault-nth:0): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) [ 316.855382][T11503] FAULT_INJECTION: forcing a failure. [ 316.855382][T11503] name failslab, interval 1, probability 0, space 0, times 0 [ 316.925449][T11503] CPU: 1 PID: 11503 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 316.935370][T11503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 316.935395][T11503] Call Trace: [ 316.935416][T11503] dump_stack+0x197/0x210 [ 316.935440][T11503] should_fail.cold+0xa/0x10 [ 316.935460][T11503] ? setup_fault_attr+0x220/0x220 [ 316.962740][T11503] ? ___might_sleep+0x163/0x2c0 [ 316.967607][T11503] __should_failslab+0x121/0x190 [ 316.972666][T11503] should_failslab+0x9/0x14 [ 316.977179][T11503] __kmalloc+0x2e0/0x770 [ 316.981426][T11503] ? mark_held_locks+0xf0/0xf0 [ 316.986192][T11503] ? stack_trace_save+0xac/0xe0 [ 316.991115][T11503] ? tomoyo_realpath_from_path+0xc5/0x660 [ 316.991134][T11503] tomoyo_realpath_from_path+0xc5/0x660 [ 317.002371][T11503] ? tomoyo_path_perm+0x1cb/0x430 [ 317.007505][T11503] tomoyo_path_perm+0x230/0x430 [ 317.012359][T11503] ? tomoyo_path_perm+0x1cb/0x430 [ 317.017393][T11503] ? tomoyo_check_open_permission+0x3e0/0x3e0 [ 317.023476][T11503] ? rcu_read_lock_held+0x9c/0xb0 [ 317.028530][T11503] ? rcu_read_lock_any_held+0xcd/0xf0 [ 317.033909][T11503] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 317.039206][T11503] tomoyo_path_truncate+0x1d/0x30 [ 317.044235][T11503] security_path_truncate+0xf2/0x150 [ 317.049202][T11508] ISOFS: Unable to identify CD-ROM format. [ 317.049523][T11503] do_sys_ftruncate+0x3d9/0x550 [ 317.049545][T11503] __x64_sys_ftruncate+0x59/0x80 [ 317.060176][T11503] do_syscall_64+0xfa/0x790 [ 317.069583][T11503] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 317.075467][T11503] RIP: 0033:0x45a8d7 [ 317.079364][T11503] Code: 24 29 d7 48 69 ff e8 03 00 00 48 89 7c 24 08 48 89 e7 e8 dc e4 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 b8 4d 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 317.100295][T11503] RSP: 002b:00007f4b31552a68 EFLAGS: 00000213 ORIG_RAX: 000000000000004d [ 317.108710][T11503] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045a8d7 [ 317.116680][T11503] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 317.124650][T11503] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000001 [ 317.132604][T11503] R10: 0000000000000000 R11: 0000000000000213 R12: 00007f4b315536d4 [ 317.140571][T11503] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 317.155559][T11503] ERROR: Out of memory at tomoyo_realpath_from_path. [ 317.210403][T11503] hfsplus: unable to find HFS+ superblock 00:55:48 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c4", 0x37}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:55:48 executing program 1: bpf$PROG_LOAD(0x9, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:55:48 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:55:48 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:48 executing program 4: syz_mount_image$iso9660(&(0x7f0000000400)='iso9660\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB='dmode=0x0000']) 00:55:48 executing program 2 (fault-call:3 fault-nth:6): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:55:48 executing program 1: bpf$PROG_LOAD(0xa, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 319.412030][T11533] FAULT_INJECTION: forcing a failure. [ 319.412030][T11533] name failslab, interval 1, probability 0, space 0, times 0 00:55:48 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x16, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) [ 319.482724][T11533] CPU: 1 PID: 11533 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 319.492647][T11533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 319.502703][T11533] Call Trace: [ 319.506005][T11533] dump_stack+0x197/0x210 [ 319.510345][T11533] should_fail.cold+0xa/0x10 [ 319.514948][T11533] ? setup_fault_attr+0x220/0x220 [ 319.519985][T11533] ? ___might_sleep+0x163/0x2c0 [ 319.524841][T11533] __should_failslab+0x121/0x190 [ 319.529789][T11533] should_failslab+0x9/0x14 [ 319.534300][T11533] __kmalloc+0x2e0/0x770 [ 319.536226][T11526] ISOFS: Unable to identify CD-ROM format. [ 319.538548][T11533] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 319.538647][T11533] ? simple_dname+0xd1/0x1f0 [ 319.538671][T11533] ? tomoyo_encode2.part.0+0xf5/0x400 [ 319.560616][T11533] tomoyo_encode2.part.0+0xf5/0x400 [ 319.565824][T11533] tomoyo_encode+0x2b/0x50 [ 319.570247][T11533] tomoyo_realpath_from_path+0x19c/0x660 [ 319.575884][T11533] ? tomoyo_path_perm+0x1cb/0x430 [ 319.580922][T11533] tomoyo_path_perm+0x230/0x430 [ 319.585785][T11533] ? tomoyo_path_perm+0x1cb/0x430 [ 319.591102][T11533] ? tomoyo_check_open_permission+0x3e0/0x3e0 [ 319.597186][T11533] ? rcu_read_lock_held+0x9c/0xb0 [ 319.602238][T11533] ? rcu_read_lock_any_held+0xcd/0xf0 [ 319.607613][T11533] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 319.612919][T11533] tomoyo_path_truncate+0x1d/0x30 [ 319.612936][T11533] security_path_truncate+0xf2/0x150 [ 319.612952][T11533] do_sys_ftruncate+0x3d9/0x550 [ 319.612971][T11533] __x64_sys_ftruncate+0x59/0x80 00:55:48 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 319.612989][T11533] do_syscall_64+0xfa/0x790 [ 319.613009][T11533] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 319.643401][T11533] RIP: 0033:0x45a8d7 [ 319.647299][T11533] Code: 24 29 d7 48 69 ff e8 03 00 00 48 89 7c 24 08 48 89 e7 e8 dc e4 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 b8 4d 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 319.666898][T11533] RSP: 002b:00007f4b31552a68 EFLAGS: 00000213 ORIG_RAX: 000000000000004d [ 319.666913][T11533] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045a8d7 00:55:49 executing program 1: bpf$PROG_LOAD(0xb, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:55:49 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa02, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) [ 319.666920][T11533] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 319.666929][T11533] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000001 [ 319.666938][T11533] R10: 0000000000000000 R11: 0000000000000213 R12: 00007f4b315536d4 [ 319.666946][T11533] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 319.716262][T11533] ERROR: Out of memory at tomoyo_realpath_from_path. 00:55:49 executing program 4: syz_mount_image$iso9660(&(0x7f0000000400)='iso9660\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB='dmode=0x0000']) [ 319.771180][T11533] hfsplus: unable to find HFS+ superblock [ 319.958771][T11565] ISOFS: Unable to identify CD-ROM format. 00:55:51 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c4", 0x37}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:55:51 executing program 1: bpf$PROG_LOAD(0xc, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:55:51 executing program 2 (fault-call:3 fault-nth:7): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:55:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:55:51 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:51 executing program 4: syz_mount_image$iso9660(&(0x7f0000000400)='iso9660\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB='dmode=0x0000000080']) 00:55:51 executing program 1: bpf$PROG_LOAD(0xd, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 322.483046][T11581] ISOFS: Unable to identify CD-ROM format. [ 322.491279][T11583] FAULT_INJECTION: forcing a failure. [ 322.491279][T11583] name failslab, interval 1, probability 0, space 0, times 0 [ 322.504085][T11583] CPU: 0 PID: 11583 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 322.513976][T11583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 322.524028][T11583] Call Trace: [ 322.527303][T11583] dump_stack+0x197/0x210 [ 322.531628][T11583] should_fail.cold+0xa/0x10 [ 322.536222][T11583] ? setup_fault_attr+0x220/0x220 [ 322.541245][T11583] ? ___might_sleep+0x163/0x2c0 [ 322.546129][T11583] __should_failslab+0x121/0x190 [ 322.551052][T11583] should_failslab+0x9/0x14 [ 322.555581][T11583] __kmalloc+0x2e0/0x770 [ 322.559804][T11583] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 322.566032][T11583] ? simple_dname+0xd1/0x1f0 [ 322.570610][T11583] ? tomoyo_encode2.part.0+0xf5/0x400 [ 322.575964][T11583] tomoyo_encode2.part.0+0xf5/0x400 [ 322.581152][T11583] tomoyo_encode+0x2b/0x50 [ 322.585567][T11583] tomoyo_realpath_from_path+0x19c/0x660 [ 322.591189][T11583] ? tomoyo_path_perm+0x1cb/0x430 [ 322.596204][T11583] tomoyo_path_perm+0x230/0x430 [ 322.601048][T11583] ? tomoyo_path_perm+0x1cb/0x430 [ 322.606069][T11583] ? tomoyo_check_open_permission+0x3e0/0x3e0 [ 322.612142][T11583] ? rcu_read_lock_held+0x9c/0xb0 [ 322.617165][T11583] ? rcu_read_lock_any_held+0xcd/0xf0 [ 322.622516][T11583] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 322.627833][T11583] tomoyo_path_truncate+0x1d/0x30 [ 322.632849][T11583] security_path_truncate+0xf2/0x150 [ 322.638113][T11583] do_sys_ftruncate+0x3d9/0x550 [ 322.642944][T11583] __x64_sys_ftruncate+0x59/0x80 [ 322.647867][T11583] do_syscall_64+0xfa/0x790 [ 322.652352][T11583] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 322.658222][T11583] RIP: 0033:0x45a8d7 [ 322.662100][T11583] Code: 24 29 d7 48 69 ff e8 03 00 00 48 89 7c 24 08 48 89 e7 e8 dc e4 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 b8 4d 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 322.681695][T11583] RSP: 002b:00007f4b31552a68 EFLAGS: 00000213 ORIG_RAX: 000000000000004d [ 322.690101][T11583] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045a8d7 [ 322.698107][T11583] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 322.706082][T11583] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000001 [ 322.714044][T11583] R10: 0000000000000000 R11: 0000000000000213 R12: 00007f4b315536d4 [ 322.721995][T11583] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:55:52 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x2, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:52 executing program 1: bpf$PROG_LOAD(0xe, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 322.772064][T11583] ERROR: Out of memory at tomoyo_realpath_from_path. [ 322.809391][T11583] hfsplus: unable to find HFS+ superblock 00:55:52 executing program 1: bpf$PROG_LOAD(0xf, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:55:52 executing program 4: syz_mount_image$iso9660(&(0x7f0000000400)='iso9660\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB='dmode=0x0000000080']) 00:55:52 executing program 2 (fault-call:3 fault-nth:8): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 323.120381][T11617] FAULT_INJECTION: forcing a failure. [ 323.120381][T11617] name failslab, interval 1, probability 0, space 0, times 0 [ 323.172551][T11617] CPU: 0 PID: 11617 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 323.182475][T11617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 323.192533][T11617] Call Trace: [ 323.195832][T11617] dump_stack+0x197/0x210 [ 323.200168][T11617] should_fail.cold+0xa/0x10 [ 323.200188][T11617] ? setup_fault_attr+0x220/0x220 [ 323.209779][T11617] ? ___might_sleep+0x163/0x2c0 [ 323.209804][T11617] __should_failslab+0x121/0x190 [ 323.219559][T11617] should_failslab+0x9/0x14 [ 323.224071][T11617] kmem_cache_alloc+0x2aa/0x710 [ 323.228935][T11617] getname_flags+0xd6/0x5b0 [ 323.233443][T11617] getname+0x1a/0x20 [ 323.237341][T11617] do_sys_openat2+0x4a6/0x840 [ 323.242023][T11617] ? chown_common+0x5c0/0x5c0 [ 323.246713][T11617] ? lock_downgrade+0x920/0x920 [ 323.251566][T11617] do_sys_open+0xfc/0x190 [ 323.252455][T11620] ISOFS: Unable to identify CD-ROM format. [ 323.255901][T11617] ? filp_open+0x80/0x80 [ 323.255918][T11617] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 323.255944][T11617] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 323.277711][T11617] ? do_syscall_64+0x26/0x790 [ 323.282366][T11617] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 323.288410][T11617] ? do_syscall_64+0x26/0x790 [ 323.293089][T11617] __x64_sys_open+0x7e/0xc0 [ 323.297582][T11617] do_syscall_64+0xfa/0x790 [ 323.302080][T11617] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 323.307954][T11617] RIP: 0033:0x4146a1 [ 323.311834][T11617] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 323.331523][T11617] RSP: 002b:00007f4b31552a60 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 323.339922][T11617] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 00000000004146a1 [ 323.347907][T11617] RDX: 00007f4b31552b0a RSI: 0000000000000002 RDI: 00007f4b31552b00 [ 323.355860][T11617] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 323.363818][T11617] R10: 0000000000000075 R11: 0000000000000293 R12: 00007f4b315536d4 [ 323.371770][T11617] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:55:55 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15", 0x40}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:55:55 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x2, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:55 executing program 1: bpf$PROG_LOAD(0x10, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:55:55 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:55:55 executing program 2 (fault-call:3 fault-nth:9): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:55:55 executing program 4: syz_mount_image$iso9660(&(0x7f0000000400)='iso9660\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB='dmode=0x0000000080']) [ 325.820861][T11631] FAULT_INJECTION: forcing a failure. [ 325.820861][T11631] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 325.834100][T11631] CPU: 0 PID: 11631 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 325.834111][T11631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 325.834116][T11631] Call Trace: [ 325.834140][T11631] dump_stack+0x197/0x210 [ 325.834162][T11631] should_fail.cold+0xa/0x10 [ 325.834180][T11631] ? setup_fault_attr+0x220/0x220 [ 325.834201][T11631] ? __kasan_check_read+0x11/0x20 [ 325.866418][T11631] ? __lock_acquire+0x16f2/0x4a00 [ 325.866443][T11631] should_fail_alloc_page+0x50/0x60 [ 325.866457][T11631] __alloc_pages_nodemask+0x1a1/0x910 [ 325.866470][T11631] ? fs_reclaim_release+0xf/0x30 [ 325.866490][T11631] ? __alloc_pages_slowpath+0x2900/0x2900 [ 325.902699][T11631] ? fs_reclaim_release+0xf/0x30 [ 325.907652][T11631] ? shmem_setattr+0x4c7/0xc80 [ 325.911545][T11637] ISOFS: Unable to identify CD-ROM format. 00:55:55 executing program 1: bpf$PROG_LOAD(0x11, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:55:55 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 325.912416][T11631] ? setup_fault_attr+0x220/0x220 [ 325.912437][T11631] cache_grow_begin+0x90/0xc60 [ 325.912452][T11631] ? getname_flags+0xd6/0x5b0 [ 325.912466][T11631] ? trace_hardirqs_off+0x62/0x240 [ 325.912484][T11631] kmem_cache_alloc+0x64e/0x710 [ 325.942612][T11631] getname_flags+0xd6/0x5b0 [ 325.947122][T11631] getname+0x1a/0x20 [ 325.951017][T11631] do_sys_openat2+0x4a6/0x840 [ 325.955699][T11631] ? chown_common+0x5c0/0x5c0 [ 325.960388][T11631] ? lock_downgrade+0x920/0x920 [ 325.965244][T11631] do_sys_open+0xfc/0x190 [ 325.969583][T11631] ? filp_open+0x80/0x80 [ 325.973838][T11631] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 325.980085][T11631] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 325.985547][T11631] ? do_syscall_64+0x26/0x790 [ 325.990228][T11631] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 325.996343][T11631] ? do_syscall_64+0x26/0x790 [ 326.001024][T11631] __x64_sys_open+0x7e/0xc0 [ 326.005534][T11631] do_syscall_64+0xfa/0x790 [ 326.010042][T11631] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 326.016024][T11631] RIP: 0033:0x4146a1 [ 326.019899][T11631] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 326.039544][T11631] RSP: 002b:00007f4b31552a60 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 326.047951][T11631] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 00000000004146a1 [ 326.055925][T11631] RDX: 00007f4b31552b0a RSI: 0000000000000002 RDI: 00007f4b31552b00 [ 326.063884][T11631] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 326.071835][T11631] R10: 0000000000000075 R11: 0000000000000293 R12: 00007f4b315536d4 [ 326.079783][T11631] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:55:55 executing program 4: syz_mount_image$iso9660(&(0x7f0000000400)='iso9660\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB='dmode=0x0000000080000']) 00:55:55 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0xa, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:55 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 326.200557][T11631] hfsplus: unable to find HFS+ superblock 00:55:55 executing program 1: bpf$PROG_LOAD(0x12, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 326.452109][T11659] ISOFS: Unable to identify CD-ROM format. 00:55:58 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15", 0x40}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:55:58 executing program 1: bpf$PROG_LOAD(0x13, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:55:58 executing program 2 (fault-call:3 fault-nth:10): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:55:58 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:58 executing program 4: syz_mount_image$iso9660(&(0x7f0000000400)='iso9660\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB='dmode=0x0000000080000']) 00:55:58 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 328.860486][T11683] FAULT_INJECTION: forcing a failure. [ 328.860486][T11683] name failslab, interval 1, probability 0, space 0, times 0 [ 328.884736][T11683] CPU: 0 PID: 11683 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 328.894678][T11683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 328.904736][T11683] Call Trace: [ 328.908023][T11683] dump_stack+0x197/0x210 [ 328.912353][T11683] should_fail.cold+0xa/0x10 [ 328.912384][T11683] ? setup_fault_attr+0x220/0x220 [ 328.912407][T11683] ? ___might_sleep+0x163/0x2c0 [ 328.912430][T11683] __should_failslab+0x121/0x190 [ 328.931852][T11683] should_failslab+0x9/0x14 [ 328.936370][T11683] __kmalloc+0x2e0/0x770 [ 328.940707][T11683] ? lookup_fast+0x3dc/0xe60 [ 328.945306][T11683] ? tomoyo_realpath_from_path+0xc5/0x660 [ 328.951048][T11683] tomoyo_realpath_from_path+0xc5/0x660 00:55:58 executing program 1: bpf$PROG_LOAD(0x14, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 328.956597][T11683] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 328.960144][T11687] ISOFS: Unable to identify CD-ROM format. [ 328.962840][T11683] ? tomoyo_init_request_info+0x105/0x1d0 [ 328.962863][T11683] tomoyo_check_open_permission+0x2a3/0x3e0 [ 328.962879][T11683] ? __check_heap_object+0x86/0xb3 [ 328.962894][T11683] ? tomoyo_path_number_perm+0x520/0x520 [ 328.962915][T11683] ? __kasan_check_read+0x11/0x20 [ 328.995991][T11683] ? mark_lock+0xc2/0x1220 [ 329.000420][T11683] ? lock_downgrade+0x920/0x920 [ 329.005263][T11683] ? rwlock_bug.part.0+0x90/0x90 [ 329.010184][T11683] tomoyo_file_open+0xa9/0xd0 [ 329.014856][T11683] security_file_open+0x71/0x300 [ 329.019783][T11683] do_dentry_open+0x365/0x1350 [ 329.024526][T11683] ? __kasan_check_read+0x11/0x20 [ 329.029532][T11683] ? do_sys_openat2+0x840/0x840 [ 329.034371][T11683] ? inode_permission+0xb4/0x520 [ 329.039290][T11683] vfs_open+0xa0/0xd0 [ 329.043254][T11683] path_openat+0x12fd/0x34d0 [ 329.047879][T11683] ? path_lookupat.isra.0+0x8c0/0x8c0 [ 329.053231][T11683] ? __alloc_fd+0x487/0x620 [ 329.057714][T11683] do_filp_open+0x192/0x260 [ 329.062196][T11683] ? may_open_dev+0x100/0x100 [ 329.066859][T11683] ? do_raw_spin_unlock+0x181/0x270 [ 329.072048][T11683] ? _raw_spin_unlock+0x28/0x40 [ 329.076898][T11683] do_sys_openat2+0x633/0x840 [ 329.081554][T11683] ? chown_common+0x5c0/0x5c0 [ 329.086264][T11683] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 329.092502][T11683] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 329.098648][T11683] do_sys_open+0xfc/0x190 [ 329.102955][T11683] ? filp_open+0x80/0x80 [ 329.107196][T11683] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 329.112652][T11683] ? do_syscall_64+0x26/0x790 [ 329.117307][T11683] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 329.123362][T11683] ? do_syscall_64+0x26/0x790 [ 329.128076][T11683] __x64_sys_open+0x7e/0xc0 [ 329.132561][T11683] do_syscall_64+0xfa/0x790 [ 329.137047][T11683] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 329.142916][T11683] RIP: 0033:0x4146a1 [ 329.146809][T11683] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 329.166411][T11683] RSP: 002b:00007f4b31552a60 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 329.174941][T11683] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 00000000004146a1 [ 329.182923][T11683] RDX: 00007f4b31552b0a RSI: 0000000000000002 RDI: 00007f4b31552b00 [ 329.190875][T11683] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 329.198823][T11683] R10: 0000000000000075 R11: 0000000000000293 R12: 00007f4b315536d4 [ 329.206771][T11683] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 329.216696][T11683] ERROR: Out of memory at tomoyo_realpath_from_path. 00:55:58 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x2, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:55:58 executing program 4: syz_mount_image$iso9660(&(0x7f0000000400)='iso9660\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB='dmode=0x0000000080000']) [ 329.319817][T11683] hfsplus: unable to find HFS+ superblock 00:55:58 executing program 1: bpf$PROG_LOAD(0x15, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:55:58 executing program 2 (fault-call:3 fault-nth:11): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:55:58 executing program 1: bpf$PROG_LOAD(0x16, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 329.590935][T11708] ISOFS: Unable to identify CD-ROM format. [ 329.678588][T11724] FAULT_INJECTION: forcing a failure. [ 329.678588][T11724] name failslab, interval 1, probability 0, space 0, times 0 [ 329.709009][T11724] CPU: 0 PID: 11724 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 329.718930][T11724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 329.728988][T11724] Call Trace: [ 329.732288][T11724] dump_stack+0x197/0x210 [ 329.736624][T11724] should_fail.cold+0xa/0x10 [ 329.741228][T11724] ? setup_fault_attr+0x220/0x220 [ 329.746265][T11724] ? ___might_sleep+0x163/0x2c0 [ 329.751148][T11724] __should_failslab+0x121/0x190 [ 329.756098][T11724] should_failslab+0x9/0x14 [ 329.760625][T11724] __kmalloc+0x2e0/0x770 [ 329.764979][T11724] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 329.771233][T11724] ? d_absolute_path+0x11b/0x170 [ 329.776177][T11724] ? __d_path+0x140/0x140 [ 329.780517][T11724] ? tomoyo_encode2.part.0+0xf5/0x400 [ 329.785903][T11724] tomoyo_encode2.part.0+0xf5/0x400 [ 329.791116][T11724] tomoyo_encode+0x2b/0x50 [ 329.795546][T11724] tomoyo_realpath_from_path+0x19c/0x660 [ 329.801185][T11724] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 329.807439][T11724] tomoyo_check_open_permission+0x2a3/0x3e0 [ 329.813338][T11724] ? __check_heap_object+0x86/0xb3 [ 329.818457][T11724] ? tomoyo_path_number_perm+0x520/0x520 [ 329.824108][T11724] ? __kasan_check_read+0x11/0x20 [ 329.829142][T11724] ? mark_lock+0xc2/0x1220 [ 329.833582][T11724] ? lock_downgrade+0x920/0x920 [ 329.838433][T11724] ? rwlock_bug.part.0+0x90/0x90 [ 329.843368][T11724] tomoyo_file_open+0xa9/0xd0 [ 329.848129][T11724] security_file_open+0x71/0x300 [ 329.853073][T11724] do_dentry_open+0x365/0x1350 [ 329.857864][T11724] ? __kasan_check_read+0x11/0x20 [ 329.862893][T11724] ? do_sys_openat2+0x840/0x840 [ 329.867745][T11724] ? inode_permission+0xb4/0x520 [ 329.872666][T11724] vfs_open+0xa0/0xd0 [ 329.876639][T11724] path_openat+0x12fd/0x34d0 [ 329.881216][T11724] ? path_lookupat.isra.0+0x8c0/0x8c0 [ 329.886570][T11724] ? __alloc_fd+0x487/0x620 [ 329.891054][T11724] do_filp_open+0x192/0x260 [ 329.895541][T11724] ? may_open_dev+0x100/0x100 [ 329.900242][T11724] ? do_raw_spin_unlock+0x181/0x270 [ 329.905424][T11724] ? _raw_spin_unlock+0x28/0x40 [ 329.910262][T11724] do_sys_openat2+0x633/0x840 [ 329.914925][T11724] ? chown_common+0x5c0/0x5c0 [ 329.919585][T11724] ? lock_downgrade+0x920/0x920 [ 329.924415][T11724] do_sys_open+0xfc/0x190 [ 329.928723][T11724] ? filp_open+0x80/0x80 [ 329.932964][T11724] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 329.939196][T11724] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 329.944634][T11724] ? do_syscall_64+0x26/0x790 [ 329.949294][T11724] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 329.955364][T11724] ? do_syscall_64+0x26/0x790 [ 329.960035][T11724] __x64_sys_open+0x7e/0xc0 [ 329.964523][T11724] do_syscall_64+0xfa/0x790 [ 329.969005][T11724] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 329.974877][T11724] RIP: 0033:0x4146a1 [ 329.978752][T11724] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 329.998335][T11724] RSP: 002b:00007f4b31552a60 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 330.006724][T11724] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 00000000004146a1 [ 330.014673][T11724] RDX: 00007f4b31552b0a RSI: 0000000000000002 RDI: 00007f4b31552b00 [ 330.022652][T11724] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 330.030615][T11724] R10: 0000000000000075 R11: 0000000000000293 R12: 00007f4b315536d4 [ 330.038576][T11724] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 330.048404][T11724] ERROR: Out of memory at tomoyo_realpath_from_path. [ 330.066346][T11724] hfsplus: unable to find HFS+ superblock 00:56:01 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15", 0x40}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:56:01 executing program 1: bpf$PROG_LOAD(0x17, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:01 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:56:01 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:56:01 executing program 4: syz_mount_image$iso9660(&(0x7f0000000400)='iso9660\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB='dmode=0x000000008000000']) 00:56:01 executing program 2 (fault-call:3 fault-nth:12): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 332.310553][T11737] FAULT_INJECTION: forcing a failure. [ 332.310553][T11737] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 332.323784][T11737] CPU: 1 PID: 11737 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 332.333669][T11737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 332.343722][T11737] Call Trace: [ 332.347034][T11737] dump_stack+0x197/0x210 [ 332.351371][T11737] should_fail.cold+0xa/0x10 [ 332.355958][T11737] ? __kasan_check_read+0x11/0x20 [ 332.360988][T11737] ? setup_fault_attr+0x220/0x220 [ 332.366022][T11737] ? is_bpf_text_address+0xac/0x160 [ 332.371482][T11737] ? find_held_lock+0x35/0x130 [ 332.371507][T11737] should_fail_alloc_page+0x50/0x60 [ 332.371526][T11737] __alloc_pages_nodemask+0x1a1/0x910 [ 332.371541][T11737] ? lock_downgrade+0x920/0x920 [ 332.371557][T11737] ? __alloc_pages_slowpath+0x2900/0x2900 [ 332.371571][T11737] ? __kasan_check_read+0x11/0x20 [ 332.371593][T11737] ? setup_fault_attr+0x220/0x220 00:56:01 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:56:01 executing program 1: bpf$PROG_LOAD(0x2b, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 332.371611][T11737] cache_grow_begin+0x90/0xc60 [ 332.371627][T11737] ? tomoyo_realpath_from_path+0xc5/0x660 [ 332.371653][T11737] ? trace_hardirqs_off+0x62/0x240 [ 332.381592][T11737] __kmalloc+0x6b2/0x770 [ 332.381614][T11737] ? tomoyo_realpath_from_path+0xc5/0x660 [ 332.381633][T11737] tomoyo_realpath_from_path+0xc5/0x660 [ 332.381649][T11737] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 332.381665][T11737] ? tomoyo_init_request_info+0x105/0x1d0 [ 332.381689][T11737] tomoyo_check_open_permission+0x2a3/0x3e0 [ 332.381705][T11737] ? __check_heap_object+0x86/0xb3 [ 332.381723][T11737] ? tomoyo_path_number_perm+0x520/0x520 [ 332.444951][T11737] ? __kasan_check_read+0x11/0x20 [ 332.444965][T11737] ? mark_lock+0xc2/0x1220 [ 332.444994][T11737] ? lock_downgrade+0x920/0x920 [ 332.481539][T11737] ? rwlock_bug.part.0+0x90/0x90 [ 332.486489][T11737] tomoyo_file_open+0xa9/0xd0 [ 332.491176][T11737] security_file_open+0x71/0x300 [ 332.496128][T11737] do_dentry_open+0x365/0x1350 [ 332.500896][T11737] ? __kasan_check_read+0x11/0x20 [ 332.506366][T11737] ? do_sys_openat2+0x840/0x840 [ 332.511229][T11737] ? inode_permission+0xb4/0x520 [ 332.516175][T11737] vfs_open+0xa0/0xd0 [ 332.520158][T11737] path_openat+0x12fd/0x34d0 [ 332.524770][T11737] ? path_lookupat.isra.0+0x8c0/0x8c0 [ 332.530151][T11737] ? __alloc_fd+0x487/0x620 [ 332.534661][T11737] do_filp_open+0x192/0x260 [ 332.539170][T11737] ? may_open_dev+0x100/0x100 [ 332.543865][T11737] ? do_raw_spin_unlock+0x181/0x270 [ 332.549070][T11737] ? _raw_spin_unlock+0x28/0x40 [ 332.553940][T11737] do_sys_openat2+0x633/0x840 [ 332.558621][T11737] ? chown_common+0x5c0/0x5c0 [ 332.563293][T11737] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 332.570219][T11737] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 332.576377][T11737] do_sys_open+0xfc/0x190 [ 332.576539][T11738] ISOFS: Unable to identify CD-ROM format. [ 332.580702][T11737] ? filp_open+0x80/0x80 [ 332.580722][T11737] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 332.580737][T11737] ? do_syscall_64+0x26/0x790 [ 332.580751][T11737] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 332.580764][T11737] ? do_syscall_64+0x26/0x790 00:56:01 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 332.580786][T11737] __x64_sys_open+0x7e/0xc0 [ 332.616082][T11737] do_syscall_64+0xfa/0x790 [ 332.620591][T11737] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 332.626484][T11737] RIP: 0033:0x4146a1 [ 332.630358][T11737] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 332.649947][T11737] RSP: 002b:00007f4b31552a60 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 332.658358][T11737] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 00000000004146a1 [ 332.666318][T11737] RDX: 00007f4b31552b0a RSI: 0000000000000002 RDI: 00007f4b31552b00 [ 332.674281][T11737] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 332.682241][T11737] R10: 0000000000000075 R11: 0000000000000293 R12: 00007f4b315536d4 [ 332.690194][T11737] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 332.784777][T11737] hfsplus: unable to find HFS+ superblock 00:56:02 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x2, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:56:02 executing program 4: syz_mount_image$iso9660(&(0x7f0000000400)='iso9660\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB='dmode=0x000000008000000']) 00:56:02 executing program 2 (fault-call:3 fault-nth:13): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 333.099779][T11777] FAULT_INJECTION: forcing a failure. [ 333.099779][T11777] name failslab, interval 1, probability 0, space 0, times 0 [ 333.129607][T11769] ISOFS: Unable to identify CD-ROM format. [ 333.147615][T11777] CPU: 0 PID: 11777 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 333.157517][T11777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 333.167571][T11777] Call Trace: [ 333.170870][T11777] dump_stack+0x197/0x210 [ 333.175235][T11777] should_fail.cold+0xa/0x10 [ 333.179825][T11777] ? setup_fault_attr+0x220/0x220 [ 333.184850][T11777] ? ___might_sleep+0x163/0x2c0 [ 333.189699][T11777] __should_failslab+0x121/0x190 [ 333.194619][T11777] should_failslab+0x9/0x14 [ 333.199110][T11777] __kmalloc+0x2e0/0x770 [ 333.203384][T11777] ? mark_held_locks+0xf0/0xf0 [ 333.208185][T11777] ? debug_check_no_obj_freed+0x20a/0x43f [ 333.213886][T11777] ? tomoyo_realpath_from_path+0xc5/0x660 [ 333.219589][T11777] tomoyo_realpath_from_path+0xc5/0x660 [ 333.225158][T11777] ? tomoyo_path_number_perm+0x193/0x520 [ 333.230780][T11777] tomoyo_path_number_perm+0x1dd/0x520 [ 333.236285][T11777] ? tomoyo_path_number_perm+0x193/0x520 [ 333.241897][T11777] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 333.247692][T11777] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 333.253855][T11777] ? __fget+0x37f/0x550 [ 333.257992][T11777] ? do_dup2+0x4f0/0x4f0 [ 333.262236][T11777] tomoyo_file_ioctl+0x23/0x30 [ 333.266991][T11777] security_file_ioctl+0x77/0xc0 [ 333.271910][T11777] ksys_ioctl+0x57/0xd0 [ 333.276047][T11777] __x64_sys_ioctl+0x73/0xb0 [ 333.280625][T11777] do_syscall_64+0xfa/0x790 [ 333.285110][T11777] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 333.290980][T11777] RIP: 0033:0x45a777 [ 333.294863][T11777] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 333.314451][T11777] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 333.322853][T11777] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045a777 [ 333.330813][T11777] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 333.338764][T11777] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 333.346712][T11777] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315536d4 [ 333.354660][T11777] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 333.364021][T11777] ERROR: Out of memory at tomoyo_realpath_from_path. [ 333.429694][T11777] hfsplus: unable to find HFS+ superblock 00:56:04 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x2000000, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:56:04 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9f", 0x45}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:56:04 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x9, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:04 executing program 4: syz_mount_image$iso9660(&(0x7f0000000400)='iso9660\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB='dmode=0x000000008000000']) 00:56:04 executing program 2 (fault-call:3 fault-nth:14): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:56:04 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 335.532865][T11791] FAULT_INJECTION: forcing a failure. [ 335.532865][T11791] name failslab, interval 1, probability 0, space 0, times 0 00:56:04 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 335.582276][T11791] CPU: 1 PID: 11791 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 335.592194][T11791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 335.602254][T11791] Call Trace: [ 335.602279][T11791] dump_stack+0x197/0x210 [ 335.602302][T11791] should_fail.cold+0xa/0x10 [ 335.609884][T11791] ? setup_fault_attr+0x220/0x220 [ 335.609907][T11791] ? ___might_sleep+0x163/0x2c0 [ 335.609929][T11791] __should_failslab+0x121/0x190 [ 335.629275][T11791] should_failslab+0x9/0x14 [ 335.633782][T11791] __kmalloc+0x2e0/0x770 [ 335.638032][T11791] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 335.644285][T11791] ? d_absolute_path+0x11b/0x170 [ 335.647384][T11793] ISOFS: Unable to identify CD-ROM format. [ 335.649220][T11791] ? __d_path+0x140/0x140 [ 335.649238][T11791] ? tomoyo_encode2.part.0+0xf5/0x400 [ 335.649258][T11791] tomoyo_encode2.part.0+0xf5/0x400 [ 335.649276][T11791] tomoyo_encode+0x2b/0x50 [ 335.676539][T11791] tomoyo_realpath_from_path+0x19c/0x660 [ 335.682153][T11791] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 335.688416][T11791] tomoyo_check_open_permission+0x2a3/0x3e0 [ 335.694292][T11791] ? __check_heap_object+0x86/0xb3 [ 335.699395][T11791] ? tomoyo_path_number_perm+0x520/0x520 [ 335.705047][T11791] ? __kasan_check_read+0x11/0x20 [ 335.710054][T11791] ? mark_lock+0xc2/0x1220 [ 335.714462][T11791] ? lock_downgrade+0x920/0x920 [ 335.719291][T11791] ? rwlock_bug.part.0+0x90/0x90 [ 335.724244][T11791] tomoyo_file_open+0xa9/0xd0 [ 335.728904][T11791] security_file_open+0x71/0x300 [ 335.733824][T11791] do_dentry_open+0x365/0x1350 [ 335.738569][T11791] ? __kasan_check_read+0x11/0x20 [ 335.743578][T11791] ? do_sys_openat2+0x840/0x840 [ 335.748418][T11791] ? inode_permission+0xb4/0x520 [ 335.753336][T11791] vfs_open+0xa0/0xd0 [ 335.757301][T11791] path_openat+0x12fd/0x34d0 [ 335.761892][T11791] ? path_lookupat.isra.0+0x8c0/0x8c0 [ 335.767257][T11791] ? __alloc_fd+0x487/0x620 [ 335.771740][T11791] do_filp_open+0x192/0x260 [ 335.776224][T11791] ? may_open_dev+0x100/0x100 [ 335.780914][T11791] ? do_raw_spin_unlock+0x181/0x270 [ 335.786102][T11791] ? _raw_spin_unlock+0x28/0x40 [ 335.790955][T11791] do_sys_openat2+0x633/0x840 [ 335.795616][T11791] ? chown_common+0x5c0/0x5c0 [ 335.800270][T11791] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 335.806499][T11791] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 335.812638][T11791] do_sys_open+0xfc/0x190 [ 335.816946][T11791] ? filp_open+0x80/0x80 [ 335.821200][T11791] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 335.826640][T11791] ? do_syscall_64+0x26/0x790 [ 335.831307][T11791] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 335.837380][T11791] ? do_syscall_64+0x26/0x790 [ 335.842042][T11791] __x64_sys_open+0x7e/0xc0 [ 335.846525][T11791] do_syscall_64+0xfa/0x790 [ 335.851018][T11791] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 335.856895][T11791] RIP: 0033:0x4146a1 [ 335.860784][T11791] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 335.880368][T11791] RSP: 002b:00007f4b31552a60 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 335.888759][T11791] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 00000000004146a1 [ 335.896710][T11791] RDX: 00007f4b31552b0a RSI: 0000000000000002 RDI: 00007f4b31552b00 [ 335.904710][T11791] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 335.912669][T11791] R10: 0000000000000075 R11: 0000000000000293 R12: 00007f4b315536d4 [ 335.920637][T11791] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 335.949832][T11791] ERROR: Out of memory at tomoyo_realpath_from_path. 00:56:05 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x19, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:05 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"02000000000900"}}}}, 0x90) [ 336.030908][T11791] hfsplus: unable to find HFS+ superblock 00:56:05 executing program 4: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) set_mempolicy(0x2, &(0x7f0000000040)=0x5c9, 0x4) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) 00:56:05 executing program 2 (fault-call:3 fault-nth:15): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:56:05 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"00000002000900"}}}}, 0x90) 00:56:05 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1a, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 336.322069][T11825] FAULT_INJECTION: forcing a failure. [ 336.322069][T11825] name failslab, interval 1, probability 0, space 0, times 0 [ 336.426541][T11825] CPU: 1 PID: 11825 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 336.436467][T11825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 336.446520][T11825] Call Trace: [ 336.449819][T11825] dump_stack+0x197/0x210 [ 336.454164][T11825] should_fail.cold+0xa/0x10 [ 336.458765][T11825] ? setup_fault_attr+0x220/0x220 [ 336.463802][T11825] ? ___might_sleep+0x163/0x2c0 [ 336.468670][T11825] __should_failslab+0x121/0x190 [ 336.473615][T11825] should_failslab+0x9/0x14 [ 336.478119][T11825] __kmalloc+0x2e0/0x770 [ 336.482359][T11825] ? mark_held_locks+0xf0/0xf0 [ 336.487127][T11825] ? debug_check_no_obj_freed+0x20a/0x43f [ 336.492855][T11825] ? tomoyo_realpath_from_path+0xc5/0x660 [ 336.498578][T11825] tomoyo_realpath_from_path+0xc5/0x660 [ 336.504112][T11825] ? tomoyo_path_number_perm+0x193/0x520 [ 336.504135][T11825] tomoyo_path_number_perm+0x1dd/0x520 [ 336.504149][T11825] ? tomoyo_path_number_perm+0x193/0x520 [ 336.504166][T11825] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 336.504184][T11825] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 336.504229][T11825] ? __fget+0x37f/0x550 [ 336.504248][T11825] ? do_dup2+0x4f0/0x4f0 [ 336.504274][T11825] tomoyo_file_ioctl+0x23/0x30 [ 336.545990][T11825] security_file_ioctl+0x77/0xc0 [ 336.550945][T11825] ksys_ioctl+0x57/0xd0 [ 336.555105][T11825] __x64_sys_ioctl+0x73/0xb0 [ 336.559700][T11825] do_syscall_64+0xfa/0x790 [ 336.564200][T11825] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 336.570067][T11825] RIP: 0033:0x45a777 [ 336.573942][T11825] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 336.593533][T11825] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 336.601927][T11825] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045a777 [ 336.609991][T11825] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 336.617943][T11825] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 336.625903][T11825] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315536d4 [ 336.633863][T11825] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 336.652321][T11825] ERROR: Out of memory at tomoyo_realpath_from_path. [ 336.663347][T11825] hfsplus: unable to find HFS+ superblock 00:56:08 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9f", 0x45}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:56:08 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:56:08 executing program 4: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) set_mempolicy(0x2, &(0x7f0000000040)=0x5c9, 0x4) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) 00:56:08 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x2b, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:08 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"00020000000900"}}}}, 0x90) 00:56:08 executing program 2 (fault-call:3 fault-nth:16): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 339.011218][T11851] FAULT_INJECTION: forcing a failure. [ 339.011218][T11851] name failslab, interval 1, probability 0, space 0, times 0 [ 339.024210][T11851] CPU: 1 PID: 11851 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 339.034108][T11851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 339.044173][T11851] Call Trace: [ 339.047478][T11851] dump_stack+0x197/0x210 [ 339.051832][T11851] should_fail.cold+0xa/0x10 [ 339.056447][T11851] ? setup_fault_attr+0x220/0x220 [ 339.061575][T11851] ? stack_trace_save+0xac/0xe0 [ 339.066436][T11851] __should_failslab+0x121/0x190 [ 339.071370][T11851] should_failslab+0x9/0x14 [ 339.075859][T11851] kmem_cache_alloc+0x47/0x710 [ 339.080616][T11851] ? save_stack+0x5c/0x90 [ 339.084937][T11851] ? save_stack+0x23/0x90 [ 339.089254][T11851] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 339.095044][T11851] ? kasan_slab_alloc+0xf/0x20 [ 339.099800][T11851] radix_tree_node_alloc.constprop.0+0x1eb/0x340 [ 339.106123][T11851] idr_get_free+0x4a6/0x8d0 [ 339.110639][T11851] idr_alloc_u32+0x19e/0x330 [ 339.115225][T11851] ? __fprop_inc_percpu_max+0x230/0x230 [ 339.120771][T11851] ? mark_held_locks+0xf0/0xf0 [ 339.125537][T11851] idr_alloc_cyclic+0x132/0x270 [ 339.130376][T11851] ? idr_alloc+0x150/0x150 [ 339.134858][T11851] __kernfs_new_node+0x13a/0x6e0 [ 339.139789][T11851] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 339.145241][T11851] ? __kasan_check_read+0x11/0x20 [ 339.150252][T11851] ? __lock_acquire+0x16f2/0x4a00 [ 339.155280][T11851] kernfs_new_node+0x96/0x120 [ 339.159948][T11851] kernfs_create_dir_ns+0x52/0x160 [ 339.165047][T11851] internal_create_group+0x7f4/0xc40 [ 339.170318][T11851] ? lock_downgrade+0x920/0x920 [ 339.175163][T11851] ? remove_files.isra.0+0x190/0x190 [ 339.180439][T11851] ? __kasan_check_write+0x14/0x20 [ 339.185587][T11851] ? up_write+0x150/0x490 [ 339.189904][T11851] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 339.196139][T11851] sysfs_create_group+0x20/0x30 [ 339.201031][T11851] loop_set_fd+0xd5f/0x13c0 [ 339.205533][T11851] lo_ioctl+0x1a3/0x1460 [ 339.209777][T11851] ? loop_set_fd+0x13c0/0x13c0 [ 339.214742][T11851] blkdev_ioctl+0x1302/0x1df0 [ 339.219421][T11851] ? blkpg_ioctl+0xa90/0xa90 [ 339.224011][T11851] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 339.229839][T11851] block_ioctl+0xee/0x130 [ 339.234156][T11851] ? blkdev_fallocate+0x410/0x410 [ 339.239173][T11851] do_vfs_ioctl+0x977/0x14e0 [ 339.243760][T11851] ? compat_ioctl_preallocate+0x220/0x220 [ 339.249465][T11851] ? __fget+0x37f/0x550 [ 339.253615][T11851] ? do_dup2+0x4f0/0x4f0 [ 339.257854][T11851] ? tomoyo_file_ioctl+0x23/0x30 [ 339.262778][T11851] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 339.268999][T11851] ? security_file_ioctl+0x8d/0xc0 [ 339.274098][T11851] ksys_ioctl+0xab/0xd0 [ 339.278247][T11851] __x64_sys_ioctl+0x73/0xb0 [ 339.282827][T11851] do_syscall_64+0xfa/0x790 [ 339.287320][T11851] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 339.293196][T11851] RIP: 0033:0x45a777 [ 339.297082][T11851] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 339.316681][T11851] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 339.325075][T11851] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045a777 [ 339.333042][T11851] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 339.341012][T11851] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 339.348975][T11851] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315536d4 [ 339.356933][T11851] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:56:08 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x7ffff, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 339.389582][T11851] hfsplus: unable to find HFS+ superblock 00:56:08 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"00000000020900"}}}}, 0x90) 00:56:08 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:56:08 executing program 2 (fault-call:3 fault-nth:17): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:56:08 executing program 4: r0 = socket$inet6(0xa, 0x80003, 0x6b) ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071") bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000002000000000000000000000800000000000030bf882a90d41ee0a1ff7e8c1bfd395941d8256941a1852a0524d4b1e96a14c0491519654df5f5b38bb8defd58"], 0x0, 0x26}, 0x20) 00:56:08 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x2, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 339.724525][T11883] FAULT_INJECTION: forcing a failure. [ 339.724525][T11883] name failslab, interval 1, probability 0, space 0, times 0 [ 339.780772][T11883] CPU: 1 PID: 11883 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 339.790693][T11883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 339.800757][T11883] Call Trace: [ 339.804061][T11883] dump_stack+0x197/0x210 [ 339.808408][T11883] should_fail.cold+0xa/0x10 [ 339.813012][T11883] ? setup_fault_attr+0x220/0x220 [ 339.818050][T11883] ? ___might_sleep+0x163/0x2c0 [ 339.822918][T11883] __should_failslab+0x121/0x190 [ 339.827861][T11883] should_failslab+0x9/0x14 [ 339.832351][T11883] __kmalloc+0x2e0/0x770 [ 339.836582][T11883] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 339.842808][T11883] ? d_absolute_path+0x11b/0x170 [ 339.847729][T11883] ? __d_path+0x140/0x140 [ 339.852043][T11883] ? tomoyo_encode2.part.0+0xf5/0x400 [ 339.857402][T11883] tomoyo_encode2.part.0+0xf5/0x400 [ 339.862591][T11883] tomoyo_encode+0x2b/0x50 [ 339.867010][T11883] tomoyo_realpath_from_path+0x19c/0x660 [ 339.872636][T11883] tomoyo_path_number_perm+0x1dd/0x520 [ 339.878074][T11883] ? tomoyo_path_number_perm+0x193/0x520 [ 339.883691][T11883] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 339.889477][T11883] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 339.895632][T11883] ? __fget+0x37f/0x550 [ 339.899788][T11883] ? do_dup2+0x4f0/0x4f0 [ 339.904034][T11883] tomoyo_file_ioctl+0x23/0x30 [ 339.908785][T11883] security_file_ioctl+0x77/0xc0 [ 339.913713][T11883] ksys_ioctl+0x57/0xd0 [ 339.917855][T11883] __x64_sys_ioctl+0x73/0xb0 [ 339.922441][T11883] do_syscall_64+0xfa/0x790 [ 339.926933][T11883] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 339.932811][T11883] RIP: 0033:0x45a777 [ 339.936695][T11883] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 339.956286][T11883] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 339.964686][T11883] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045a777 [ 339.972643][T11883] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 339.980613][T11883] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 339.988582][T11883] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315536d4 [ 339.996547][T11883] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 340.050347][T11883] ERROR: Out of memory at tomoyo_realpath_from_path. [ 340.069025][T11883] hfsplus: unable to find HFS+ superblock 00:56:11 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9f", 0x45}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:56:11 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"00000200000900"}}}}, 0x90) 00:56:11 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:11 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x53adc69e) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f00000000c0)={0x7a, 0x0, [0x4b564d02, 0x3]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:56:11 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:56:11 executing program 2 (fault-call:3 fault-nth:18): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 342.130867][T11902] FAULT_INJECTION: forcing a failure. [ 342.130867][T11902] name failslab, interval 1, probability 0, space 0, times 0 [ 342.159544][T11902] CPU: 0 PID: 11902 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 342.169461][T11902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 00:56:11 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"00000002000900"}}}}, 0x90) 00:56:11 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 342.179527][T11902] Call Trace: [ 342.182831][T11902] dump_stack+0x197/0x210 [ 342.187167][T11902] should_fail.cold+0xa/0x10 [ 342.191760][T11902] ? setup_fault_attr+0x220/0x220 [ 342.196789][T11902] ? ___might_sleep+0x163/0x2c0 [ 342.201644][T11902] __should_failslab+0x121/0x190 [ 342.206596][T11902] should_failslab+0x9/0x14 [ 342.211102][T11902] kmem_cache_alloc+0x2aa/0x710 [ 342.215951][T11902] ? kernfs_activate+0x192/0x1f0 [ 342.220890][T11902] __kernfs_new_node+0xf0/0x6e0 [ 342.225721][T11902] ? kernfs_activate+0x34/0x1f0 [ 342.230565][T11902] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 342.236022][T11902] ? mutex_trylock+0x2f0/0x2f0 [ 342.240782][T11902] ? __kasan_check_write+0x14/0x20 [ 342.245873][T11902] ? __mutex_unlock_slowpath+0xf0/0x6a0 [ 342.251417][T11902] ? wait_for_completion+0x440/0x440 [ 342.256715][T11902] kernfs_new_node+0x96/0x120 [ 342.261400][T11902] __kernfs_create_file+0x51/0x340 [ 342.266495][T11902] sysfs_add_file_mode_ns+0x222/0x560 [ 342.271866][T11902] internal_create_group+0x359/0xc40 [ 342.277162][T11902] ? remove_files.isra.0+0x190/0x190 [ 342.282452][T11902] ? __kasan_check_write+0x14/0x20 [ 342.287545][T11902] ? up_write+0x150/0x490 [ 342.291863][T11902] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 342.298096][T11902] sysfs_create_group+0x20/0x30 [ 342.302933][T11902] loop_set_fd+0xd5f/0x13c0 [ 342.307433][T11902] lo_ioctl+0x1a3/0x1460 [ 342.311699][T11902] ? loop_set_fd+0x13c0/0x13c0 [ 342.316467][T11902] blkdev_ioctl+0x1302/0x1df0 [ 342.321138][T11902] ? blkpg_ioctl+0xa90/0xa90 [ 342.325727][T11902] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 342.331552][T11902] block_ioctl+0xee/0x130 [ 342.335879][T11902] ? blkdev_fallocate+0x410/0x410 [ 342.340896][T11902] do_vfs_ioctl+0x977/0x14e0 [ 342.345469][T11902] ? compat_ioctl_preallocate+0x220/0x220 [ 342.351187][T11902] ? __fget+0x37f/0x550 [ 342.355353][T11902] ? do_dup2+0x4f0/0x4f0 [ 342.359617][T11902] ? tomoyo_file_ioctl+0x23/0x30 [ 342.364545][T11902] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 342.370772][T11902] ? security_file_ioctl+0x8d/0xc0 [ 342.375888][T11902] ksys_ioctl+0xab/0xd0 [ 342.380053][T11902] __x64_sys_ioctl+0x73/0xb0 [ 342.384643][T11902] do_syscall_64+0xfa/0x790 [ 342.389129][T11902] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 342.395017][T11902] RIP: 0033:0x45a777 [ 342.398909][T11902] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 342.418628][T11902] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 342.427018][T11902] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045a777 [ 342.434978][T11902] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 342.442940][T11902] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 342.450898][T11902] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315536d4 [ 342.458857][T11902] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 342.494457][T11902] hfsplus: unable to find HFS+ superblock 00:56:11 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:11 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:56:12 executing program 2 (fault-call:3 fault-nth:19): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:56:12 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"00000000020900"}}}}, 0x90) [ 342.853226][T11936] FAULT_INJECTION: forcing a failure. [ 342.853226][T11936] name failslab, interval 1, probability 0, space 0, times 0 [ 342.866332][T11936] CPU: 1 PID: 11936 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 342.876243][T11936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 342.876250][T11936] Call Trace: [ 342.876273][T11936] dump_stack+0x197/0x210 [ 342.876295][T11936] should_fail.cold+0xa/0x10 [ 342.876321][T11936] ? setup_fault_attr+0x220/0x220 [ 342.903545][T11936] ? ___might_sleep+0x163/0x2c0 [ 342.908403][T11936] __should_failslab+0x121/0x190 [ 342.908427][T11936] should_failslab+0x9/0x14 [ 342.908446][T11936] kmem_cache_alloc+0x2aa/0x710 [ 342.917852][T11936] ? lock_downgrade+0x920/0x920 [ 342.917870][T11936] ? kernfs_activate+0x34/0x1f0 [ 342.917892][T11936] __kernfs_new_node+0xf0/0x6e0 [ 342.917910][T11936] ? __kasan_check_write+0x14/0x20 [ 342.942346][T11936] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 342.947819][T11936] ? wait_for_completion+0x440/0x440 [ 342.953117][T11936] ? mutex_unlock+0x1b/0x30 [ 342.957630][T11936] ? kernfs_activate+0x192/0x1f0 [ 342.962577][T11936] kernfs_new_node+0x96/0x120 [ 342.967263][T11936] __kernfs_create_file+0x51/0x340 [ 342.972380][T11936] sysfs_add_file_mode_ns+0x222/0x560 [ 342.977782][T11936] internal_create_group+0x359/0xc40 [ 342.983064][T11936] ? remove_files.isra.0+0x190/0x190 [ 342.988336][T11936] ? __kasan_check_write+0x14/0x20 [ 342.993434][T11936] ? up_write+0x150/0x490 [ 342.997760][T11936] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 343.003994][T11936] sysfs_create_group+0x20/0x30 [ 343.008825][T11936] loop_set_fd+0xd5f/0x13c0 [ 343.013386][T11936] lo_ioctl+0x1a3/0x1460 [ 343.017642][T11936] ? loop_set_fd+0x13c0/0x13c0 [ 343.022431][T11936] blkdev_ioctl+0x1302/0x1df0 [ 343.027099][T11936] ? blkpg_ioctl+0xa90/0xa90 [ 343.031690][T11936] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 343.037502][T11936] block_ioctl+0xee/0x130 [ 343.041812][T11936] ? blkdev_fallocate+0x410/0x410 [ 343.046819][T11936] do_vfs_ioctl+0x977/0x14e0 [ 343.051393][T11936] ? compat_ioctl_preallocate+0x220/0x220 [ 343.057103][T11936] ? __fget+0x37f/0x550 [ 343.061253][T11936] ? do_dup2+0x4f0/0x4f0 [ 343.065490][T11936] ? tomoyo_file_ioctl+0x23/0x30 [ 343.070423][T11936] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 343.076674][T11936] ? security_file_ioctl+0x8d/0xc0 [ 343.081784][T11936] ksys_ioctl+0xab/0xd0 [ 343.085931][T11936] __x64_sys_ioctl+0x73/0xb0 [ 343.090506][T11936] do_syscall_64+0xfa/0x790 [ 343.095007][T11936] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 343.100879][T11936] RIP: 0033:0x45a777 [ 343.104752][T11936] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 343.124354][T11936] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 343.132750][T11936] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045a777 [ 343.140703][T11936] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 343.148655][T11936] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 343.156613][T11936] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315536d4 [ 343.165792][T11936] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 343.224227][T11936] hfsplus: unable to find HFS+ superblock 00:56:14 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153", 0x47}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:56:14 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0xa, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:14 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:56:14 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = socket$inet(0xa, 0x801, 0x84) connect$inet(r4, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r4, 0x83) r5 = accept4(r4, 0x0, 0x0, 0x0) getsockopt$inet_buf(r5, 0x84, 0x0, &(0x7f0000dcffe8)=""/11, &(0x7f0000000080)=0x19a) 00:56:14 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"0000000000090200"}}}}, 0x90) 00:56:14 executing program 2 (fault-call:3 fault-nth:20): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:56:14 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0xb, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 345.269707][T11961] FAULT_INJECTION: forcing a failure. [ 345.269707][T11961] name failslab, interval 1, probability 0, space 0, times 0 [ 345.328860][T11961] CPU: 1 PID: 11961 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 345.338780][T11961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 345.348841][T11961] Call Trace: [ 345.352140][T11961] dump_stack+0x197/0x210 [ 345.356484][T11961] should_fail.cold+0xa/0x10 [ 345.361193][T11961] ? setup_fault_attr+0x220/0x220 [ 345.366228][T11961] ? ___might_sleep+0x163/0x2c0 [ 345.371095][T11961] __should_failslab+0x121/0x190 [ 345.376044][T11961] should_failslab+0x9/0x14 [ 345.380552][T11961] kmem_cache_alloc+0x2aa/0x710 [ 345.385411][T11961] ? kernfs_activate+0x192/0x1f0 [ 345.390363][T11961] __kernfs_new_node+0xf0/0x6e0 [ 345.395212][T11961] ? kernfs_activate+0x34/0x1f0 [ 345.395233][T11961] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 345.395248][T11961] ? mutex_trylock+0x2f0/0x2f0 [ 345.395267][T11961] ? __kasan_check_write+0x14/0x20 [ 345.395286][T11961] ? __mutex_unlock_slowpath+0xf0/0x6a0 [ 345.410422][T11961] ? wait_for_completion+0x440/0x440 00:56:14 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 345.410446][T11961] kernfs_new_node+0x96/0x120 [ 345.410465][T11961] __kernfs_create_file+0x51/0x340 [ 345.421104][T11961] sysfs_add_file_mode_ns+0x222/0x560 [ 345.421130][T11961] internal_create_group+0x359/0xc40 [ 345.421155][T11961] ? remove_files.isra.0+0x190/0x190 [ 345.421173][T11961] ? __kasan_check_write+0x14/0x20 [ 345.421193][T11961] ? up_write+0x150/0x490 [ 345.421206][T11961] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 345.421227][T11961] sysfs_create_group+0x20/0x30 [ 345.472541][T11961] loop_set_fd+0xd5f/0x13c0 [ 345.477034][T11961] lo_ioctl+0x1a3/0x1460 [ 345.481266][T11961] ? loop_set_fd+0x13c0/0x13c0 [ 345.486015][T11961] blkdev_ioctl+0x1302/0x1df0 [ 345.490672][T11961] ? blkpg_ioctl+0xa90/0xa90 [ 345.495261][T11961] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 345.501086][T11961] block_ioctl+0xee/0x130 [ 345.505407][T11961] ? blkdev_fallocate+0x410/0x410 [ 345.510413][T11961] do_vfs_ioctl+0x977/0x14e0 [ 345.514991][T11961] ? compat_ioctl_preallocate+0x220/0x220 [ 345.520691][T11961] ? __fget+0x37f/0x550 [ 345.524831][T11961] ? do_dup2+0x4f0/0x4f0 [ 345.529061][T11961] ? tomoyo_file_ioctl+0x23/0x30 [ 345.533983][T11961] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 345.540210][T11961] ? security_file_ioctl+0x8d/0xc0 [ 345.545304][T11961] ksys_ioctl+0xab/0xd0 [ 345.549446][T11961] __x64_sys_ioctl+0x73/0xb0 [ 345.554023][T11961] do_syscall_64+0xfa/0x790 [ 345.558514][T11961] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 345.564388][T11961] RIP: 0033:0x45a777 [ 345.568272][T11961] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 345.587855][T11961] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 345.596255][T11961] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045a777 [ 345.604211][T11961] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 345.612161][T11961] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 345.620124][T11961] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315536d4 00:56:14 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"0000000000090000000200"}}}}, 0x90) [ 345.628074][T11961] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:56:15 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x2) ioctl$ASHMEM_SET_SIZE(0xffffffffffffffff, 0x40087703, 0x0) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000469ffc)=0x100000000007fd, 0x4) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000edffc8)={0x0, 0x0, 0x0}, 0x0) getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0xa54751aa6759af06, &(0x7f0000000400)=""/4096, &(0x7f00000001c0)=0x1000) ptrace$peekuser(0x3, 0x0, 0x0) add_key$user(0x0, 0x0, &(0x7f00000000c0), 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00') creat(&(0x7f0000000180)='./bus\x00', 0x0) syz_open_dev$loop(0x0, 0x6, 0xf2480) r0 = socket$inet6(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f00000003c0)='\x00\x00\x00\x00\x00\xe8\xee\xc9\x96\xc2;\xaf\t\xa8M*\xe4;~y\xb2\xb3\xba\b;/\xb6&\xa5\xaa\xcec\x1e\x8a;\xea;P\xb5w_2\f\xe5\xcc`\xa0\xce\xf0+\x19v\xb9I\xdf\xfe\x13\xd9\x1a\xd6;+\x16\x05\x1aul>\x82@\x0f\xdf\xcd\x99\x9a\x13\xe2[F\xf08\xa6D\x97\xb5\x1f\xf3\xe9\xd5\xbf\x13k\xbc)\xa1nbx\x9c\x02\xa6p?\x12\x89\nAr\xe9Q\xb0\x80Q\x8e\xf2\xf0yX\x9b\x96\xa4\x8b\x01f\xe0\x04\xbd\x93K!\xa0D-\xfc\x12\x02\xe2\xb5WQ\xb4\xb1\xf2\x16)\xc8\b\xc2\x99\x9a\xd9\xa6p\xedK\xb5\x8b\xe8\xbf\xa0\xa1\x13\xd78Mt$\x06\xb6c\xd0Y\x05\xd1l\x98|\xff\xb5\v\x930xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"000000000009000000000000000200"}}}}, 0x90) [ 346.076836][T12007] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 347.512918][ T251] tipc: TX() has been purged, node left! 00:56:17 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153", 0x47}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:56:17 executing program 2 (fault-call:3 fault-nth:21): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:56:17 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0xe, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:17 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:56:17 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"000000000009000200"}}}}, 0x90) 00:56:17 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000600)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="700100002400070500"/20, @ANYRES32=r1, @ANYBLOB="00000000ffffffff00000000280008001c0001001000000000000000000000000000ff0f0000000000000000080002c60000020008000100726564001c01020004010200b205a34f0459cc6abb699f4e08e3b1b5f75780560a59a8480dae55818041c02d8471389f5a076eaa787f8246aef232f41fb4fd095e664069035a011afb427b4799dc17338322c9d91968a88f2fbcbba734486e4d3c392ec5c40433021f006b4ddf02645062bacedcbcd61e4be8eea0e577dae0a23161a078fedf38770e055341db2eca0ca565e8c92336422a57f6adad6ed581b27ccc9155e93c542353f1681423161cb1e44cc5b75a30512fff1d3a8f0d2bcb9e9ebfa6290dd5fd8cd5150410922c3f86a3cee1d9e807ad3428f51c99eb16018bf7a6cd83dca6ff4af8a94fab0a1d86fded7a3835a987bd9f53499def9115ff45ce9d94aa00000000000000001400010007000000000000000000000000000000e9cfb7ffbb02f85894683c42a1525d70c4ee0f56245d2284505c555f4c2347e7c655a374fb5e5d65b2a005aa8e247772006318a8118af059bd41a34352a8ab7c39e011c146158ad31322b8f8a2cd30e3c5a51f8bd4e6ba30daac4fdae98f9221600b28a17d09aad748b90dde7e3efd51a7bcc91453368ebc307606b53326ffd174413734b356a64f6a68"], 0x170}}, 0x0) r2 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r2, &(0x7f0000000180), 0x24c, 0x0) [ 348.509855][T12038] FAULT_INJECTION: forcing a failure. [ 348.509855][T12038] name failslab, interval 1, probability 0, space 0, times 0 [ 348.534288][T12038] CPU: 1 PID: 12038 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 348.544202][T12038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 348.554254][T12038] Call Trace: [ 348.557552][T12038] dump_stack+0x197/0x210 [ 348.561892][T12038] should_fail.cold+0xa/0x10 [ 348.566496][T12038] ? setup_fault_attr+0x220/0x220 [ 348.571529][T12038] ? ___might_sleep+0x163/0x2c0 [ 348.576394][T12038] __should_failslab+0x121/0x190 [ 348.581336][T12038] should_failslab+0x9/0x14 [ 348.585842][T12038] kmem_cache_alloc+0x2aa/0x710 [ 348.590696][T12038] ? lock_downgrade+0x920/0x920 [ 348.595551][T12038] ? kernfs_activate+0x34/0x1f0 [ 348.600416][T12038] __kernfs_new_node+0xf0/0x6e0 [ 348.605268][T12038] ? __kasan_check_write+0x14/0x20 [ 348.610383][T12038] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 348.615847][T12038] ? wait_for_completion+0x440/0x440 [ 348.621138][T12038] ? mutex_unlock+0x1b/0x30 [ 348.625640][T12038] ? kernfs_activate+0x192/0x1f0 [ 348.630599][T12038] kernfs_new_node+0x96/0x120 [ 348.635285][T12038] __kernfs_create_file+0x51/0x340 [ 348.640406][T12038] sysfs_add_file_mode_ns+0x222/0x560 [ 348.645787][T12038] internal_create_group+0x359/0xc40 [ 348.651091][T12038] ? remove_files.isra.0+0x190/0x190 [ 348.656441][T12038] ? __kasan_check_write+0x14/0x20 [ 348.661555][T12038] ? up_write+0x150/0x490 [ 348.665890][T12038] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 348.672141][T12038] sysfs_create_group+0x20/0x30 [ 348.676994][T12038] loop_set_fd+0xd5f/0x13c0 [ 348.681513][T12038] lo_ioctl+0x1a3/0x1460 [ 348.685763][T12038] ? loop_set_fd+0x13c0/0x13c0 [ 348.690535][T12038] blkdev_ioctl+0x1302/0x1df0 [ 348.695217][T12038] ? blkpg_ioctl+0xa90/0xa90 [ 348.699812][T12038] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 348.705637][T12038] block_ioctl+0xee/0x130 [ 348.709969][T12038] ? blkdev_fallocate+0x410/0x410 [ 348.715002][T12038] do_vfs_ioctl+0x977/0x14e0 [ 348.719601][T12038] ? compat_ioctl_preallocate+0x220/0x220 [ 348.725322][T12038] ? __fget+0x37f/0x550 [ 348.729488][T12038] ? do_dup2+0x4f0/0x4f0 [ 348.733744][T12038] ? tomoyo_file_ioctl+0x23/0x30 [ 348.738693][T12038] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 348.744946][T12038] ? security_file_ioctl+0x8d/0xc0 [ 348.750067][T12038] ksys_ioctl+0xab/0xd0 [ 348.754228][T12038] __x64_sys_ioctl+0x73/0xb0 [ 348.758827][T12038] do_syscall_64+0xfa/0x790 [ 348.763338][T12038] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 348.769225][T12038] RIP: 0033:0x45a777 [ 348.773120][T12038] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 348.792725][T12038] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 348.801137][T12038] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045a777 00:56:18 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:56:18 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x12, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 348.809105][T12038] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 348.817081][T12038] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 348.825055][T12038] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315536d4 [ 348.833026][T12038] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:56:18 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"000000000009000000000200"}}}}, 0x90) [ 348.964001][T12038] hfsplus: unable to find HFS+ superblock 00:56:18 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x14, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:18 executing program 2 (fault-call:3 fault-nth:22): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:56:18 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"00000000000900000000000000000200"}}}}, 0x90) [ 349.390350][T12082] FAULT_INJECTION: forcing a failure. [ 349.390350][T12082] name failslab, interval 1, probability 0, space 0, times 0 [ 349.408897][T12082] CPU: 1 PID: 12082 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 349.418804][T12082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 349.428864][T12082] Call Trace: [ 349.432166][T12082] dump_stack+0x197/0x210 [ 349.436502][T12082] should_fail.cold+0xa/0x10 [ 349.441187][T12082] ? setup_fault_attr+0x220/0x220 [ 349.446220][T12082] ? ___might_sleep+0x163/0x2c0 [ 349.451084][T12082] __should_failslab+0x121/0x190 [ 349.456028][T12082] should_failslab+0x9/0x14 [ 349.460531][T12082] kmem_cache_alloc+0x2aa/0x710 [ 349.465382][T12082] ? lock_downgrade+0x920/0x920 [ 349.470226][T12082] ? kernfs_activate+0x34/0x1f0 [ 349.475077][T12082] __kernfs_new_node+0xf0/0x6e0 [ 349.479924][T12082] ? __kasan_check_write+0x14/0x20 [ 349.485050][T12082] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 349.490519][T12082] ? wait_for_completion+0x440/0x440 [ 349.495826][T12082] ? mutex_unlock+0x1b/0x30 [ 349.500315][T12082] ? kernfs_activate+0x192/0x1f0 [ 349.505248][T12082] kernfs_new_node+0x96/0x120 [ 349.509926][T12082] __kernfs_create_file+0x51/0x340 [ 349.515039][T12082] sysfs_add_file_mode_ns+0x222/0x560 [ 349.520419][T12082] internal_create_group+0x359/0xc40 [ 349.525709][T12082] ? remove_files.isra.0+0x190/0x190 [ 349.531002][T12082] ? __kasan_check_write+0x14/0x20 [ 349.536127][T12082] ? up_write+0x150/0x490 [ 349.540561][T12082] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 349.546806][T12082] sysfs_create_group+0x20/0x30 [ 349.551661][T12082] loop_set_fd+0xd5f/0x13c0 [ 349.556177][T12082] lo_ioctl+0x1a3/0x1460 [ 349.560427][T12082] ? loop_set_fd+0x13c0/0x13c0 [ 349.565192][T12082] blkdev_ioctl+0x1302/0x1df0 [ 349.569870][T12082] ? blkpg_ioctl+0xa90/0xa90 [ 349.574465][T12082] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 349.580289][T12082] block_ioctl+0xee/0x130 [ 349.584615][T12082] ? blkdev_fallocate+0x410/0x410 [ 349.589638][T12082] do_vfs_ioctl+0x977/0x14e0 [ 349.594236][T12082] ? compat_ioctl_preallocate+0x220/0x220 [ 349.599954][T12082] ? __fget+0x37f/0x550 [ 349.604112][T12082] ? do_dup2+0x4f0/0x4f0 [ 349.608361][T12082] ? tomoyo_file_ioctl+0x23/0x30 [ 349.613304][T12082] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 349.619541][T12082] ? security_file_ioctl+0x8d/0xc0 [ 349.624654][T12082] ksys_ioctl+0xab/0xd0 [ 349.628806][T12082] __x64_sys_ioctl+0x73/0xb0 [ 349.633403][T12082] do_syscall_64+0xfa/0x790 [ 349.637908][T12082] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 349.643791][T12082] RIP: 0033:0x45a777 [ 349.647682][T12082] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 349.667279][T12082] RSP: 002b:00007f4b31531a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 349.675687][T12082] RAX: ffffffffffffffda RBX: 00007f4b31531c90 RCX: 000000000045a777 [ 349.683658][T12082] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 349.691626][T12082] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 000000000000000a [ 349.699599][T12082] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315326d4 [ 349.707568][T12082] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 349.747976][T12082] hfsplus: unable to find HFS+ superblock [ 350.989611][T12093] IPVS: ftp: loaded support on port[0] = 21 [ 351.079842][T12093] chnl_net:caif_netlink_parms(): no params data found [ 351.112047][T12093] bridge0: port 1(bridge_slave_0) entered blocking state [ 351.119271][T12093] bridge0: port 1(bridge_slave_0) entered disabled state [ 351.127372][T12093] device bridge_slave_0 entered promiscuous mode [ 351.216207][T12093] bridge0: port 2(bridge_slave_1) entered blocking state [ 351.223695][T12093] bridge0: port 2(bridge_slave_1) entered disabled state [ 351.232474][T12093] device bridge_slave_1 entered promiscuous mode [ 351.254027][T12093] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 351.265195][T12093] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 351.289474][T12093] team0: Port device team_slave_0 added [ 351.297276][T12093] team0: Port device team_slave_1 added [ 351.353367][T12093] device hsr_slave_0 entered promiscuous mode 00:56:20 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153", 0x47}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:56:20 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x2b, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:20 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"00000000000900000200"}}}}, 0x90) 00:56:20 executing program 2 (fault-call:3 fault-nth:23): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:56:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 351.401102][T12093] device hsr_slave_1 entered promiscuous mode [ 351.454518][T12093] debugfs: Directory 'hsr0' with parent '/' already present! [ 351.597706][T12108] FAULT_INJECTION: forcing a failure. [ 351.597706][T12108] name failslab, interval 1, probability 0, space 0, times 0 [ 351.640763][T12108] CPU: 1 PID: 12108 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 351.650683][T12108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 351.660745][T12108] Call Trace: [ 351.664061][T12108] dump_stack+0x197/0x210 [ 351.668430][T12108] should_fail.cold+0xa/0x10 [ 351.673030][T12108] ? setup_fault_attr+0x220/0x220 [ 351.678056][T12108] ? ___might_sleep+0x163/0x2c0 [ 351.682913][T12108] __should_failslab+0x121/0x190 [ 351.687850][T12108] should_failslab+0x9/0x14 [ 351.692345][T12108] kmem_cache_alloc+0x2aa/0x710 [ 351.697186][T12108] ? lock_downgrade+0x920/0x920 [ 351.702035][T12108] ? kernfs_activate+0x34/0x1f0 [ 351.706886][T12108] __kernfs_new_node+0xf0/0x6e0 [ 351.711732][T12108] ? __kasan_check_write+0x14/0x20 [ 351.716846][T12108] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 351.722306][T12108] ? wait_for_completion+0x440/0x440 [ 351.727602][T12108] ? mutex_unlock+0x1b/0x30 [ 351.732104][T12108] ? kernfs_activate+0x192/0x1f0 [ 351.737041][T12108] kernfs_new_node+0x96/0x120 [ 351.741728][T12108] __kernfs_create_file+0x51/0x340 [ 351.746847][T12108] sysfs_add_file_mode_ns+0x222/0x560 [ 351.752231][T12108] internal_create_group+0x359/0xc40 [ 351.757527][T12108] ? remove_files.isra.0+0x190/0x190 [ 351.762817][T12108] ? __kasan_check_write+0x14/0x20 [ 351.767933][T12108] ? up_write+0x150/0x490 [ 351.772437][T12108] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 351.778674][T12108] sysfs_create_group+0x20/0x30 [ 351.783521][T12108] loop_set_fd+0xd5f/0x13c0 [ 351.788020][T12108] lo_ioctl+0x1a3/0x1460 [ 351.792369][T12108] ? loop_set_fd+0x13c0/0x13c0 [ 351.797124][T12108] blkdev_ioctl+0x1302/0x1df0 [ 351.801794][T12108] ? blkpg_ioctl+0xa90/0xa90 [ 351.806377][T12108] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 351.812200][T12108] block_ioctl+0xee/0x130 [ 351.816530][T12108] ? blkdev_fallocate+0x410/0x410 [ 351.821545][T12108] do_vfs_ioctl+0x977/0x14e0 [ 351.826197][T12108] ? compat_ioctl_preallocate+0x220/0x220 [ 351.831906][T12108] ? __fget+0x37f/0x550 [ 351.836109][T12108] ? do_dup2+0x4f0/0x4f0 [ 351.840338][T12108] ? tomoyo_file_ioctl+0x23/0x30 [ 351.845257][T12108] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 351.851488][T12108] ? security_file_ioctl+0x8d/0xc0 [ 351.856606][T12108] ksys_ioctl+0xab/0xd0 [ 351.860764][T12108] __x64_sys_ioctl+0x73/0xb0 [ 351.865357][T12108] do_syscall_64+0xfa/0x790 [ 351.869842][T12108] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 351.875713][T12108] RIP: 0033:0x45a777 [ 351.879590][T12108] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 351.899174][T12108] RSP: 002b:00007f4b31531a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 351.907564][T12108] RAX: ffffffffffffffda RBX: 00007f4b31531c90 RCX: 000000000045a777 [ 351.915513][T12108] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 351.923495][T12108] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 000000000000000a [ 351.931463][T12108] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315326d4 [ 351.939433][T12108] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 351.988710][T12108] hfsplus: unable to find HFS+ superblock [ 352.009245][T12093] bridge0: port 2(bridge_slave_1) entered blocking state [ 352.016404][T12093] bridge0: port 2(bridge_slave_1) entered forwarding state [ 352.023824][T12093] bridge0: port 1(bridge_slave_0) entered blocking state [ 352.030964][T12093] bridge0: port 1(bridge_slave_0) entered forwarding state [ 352.082153][ T8989] bridge0: port 1(bridge_slave_0) entered disabled state [ 352.091114][ T8989] bridge0: port 2(bridge_slave_1) entered disabled state [ 352.159985][T12093] 8021q: adding VLAN 0 to HW filter on device bond0 [ 352.178570][ T8994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 352.186473][ T8994] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 352.270453][T12093] 8021q: adding VLAN 0 to HW filter on device team0 [ 352.283101][ T8989] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 352.292079][ T8989] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 352.300364][ T8989] bridge0: port 1(bridge_slave_0) entered blocking state [ 352.307457][ T8989] bridge0: port 1(bridge_slave_0) entered forwarding state [ 352.332143][ T8994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 352.340835][ T8994] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 352.349126][ T8994] bridge0: port 2(bridge_slave_1) entered blocking state [ 352.356227][ T8994] bridge0: port 2(bridge_slave_1) entered forwarding state [ 352.363973][ T8994] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 352.373148][ T8994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 352.381988][ T8994] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 352.390442][ T8994] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 352.398852][ T8994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 352.407471][ T8994] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 352.417371][ T8994] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 352.425188][ T8994] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 352.433548][ T8994] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 352.448040][T12093] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 352.463160][T12093] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 352.475644][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 352.484959][ T8980] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 352.495280][ T251] device bridge_slave_1 left promiscuous mode [ 352.502645][ T251] bridge0: port 2(bridge_slave_1) entered disabled state [ 352.558250][ T251] device bridge_slave_0 left promiscuous mode [ 352.564620][ T251] bridge0: port 1(bridge_slave_0) entered disabled state [ 353.171094][ T251] device hsr_slave_0 left promiscuous mode [ 353.220841][ T251] device hsr_slave_1 left promiscuous mode [ 353.296472][ T251] team0 (unregistering): Port device team_slave_1 removed [ 353.311341][ T251] team0 (unregistering): Port device team_slave_0 removed [ 353.325290][ T251] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 353.379464][ T251] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 353.496508][ T251] bond0 (unregistering): Released all slaves [ 353.650868][ T8994] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 353.658279][ T8994] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 353.671487][T12093] 8021q: adding VLAN 0 to HW filter on device batadv0 00:56:23 executing program 4: perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000013c0)={{{@in6=@remote, @in6=@mcast2}}, {{@in=@multicast2}, 0x0, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff}}, 0xe8) connect$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0xffffffffffffffff, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x18}}}, 0x1c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="0207000902000000a8a989000000007ba79554354c9ddb4e667263a7192ff58eb16f88b9663da5668b145e6313f3ee41e2f28204de687a25340b61976cae3a9a9e90785afd31885d362411ef23cd8fef4aa6dac6acb5ded04e5435e7a3bfaab8d904916ee79d501a3aa4f0972e376bb9f94c5268f7ff158864d444d4bf66e8d85cc74a0000000000000000000000781f1a3ea4c057bfc8af28e2b90e1d3dd7de6e38d2d29be9a5adffffff7f00000000428958b132e07900662534424c73fe058b39544d62c92644dcc50e03afacd89bcaf22368c1eb0959ec3d8498b5b200c4935d97f4ab"], 0x10}}, 0x0) 00:56:23 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x158, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:23 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"00000000000900000000000200"}}}}, 0x90) 00:56:23 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:56:23 executing program 2 (fault-call:3 fault-nth:24): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 353.879989][T12133] FAULT_INJECTION: forcing a failure. [ 353.879989][T12133] name failslab, interval 1, probability 0, space 0, times 0 [ 353.901056][T12133] CPU: 0 PID: 12133 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 353.910974][T12133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 353.921035][T12133] Call Trace: [ 353.924330][T12133] dump_stack+0x197/0x210 00:56:23 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x450, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 353.928672][T12133] should_fail.cold+0xa/0x10 [ 353.933274][T12133] ? setup_fault_attr+0x220/0x220 [ 353.938310][T12133] ? ___might_sleep+0x163/0x2c0 [ 353.943173][T12133] __should_failslab+0x121/0x190 [ 353.948110][T12133] should_failslab+0x9/0x14 [ 353.952602][T12133] kmem_cache_alloc+0x2aa/0x710 [ 353.957456][T12133] ? lock_downgrade+0x920/0x920 [ 353.962314][T12133] ? kernfs_activate+0x34/0x1f0 [ 353.967159][T12133] __kernfs_new_node+0xf0/0x6e0 [ 353.972002][T12133] ? __kasan_check_write+0x14/0x20 [ 353.977175][T12133] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 353.982629][T12133] ? wait_for_completion+0x440/0x440 [ 353.987909][T12133] ? mutex_unlock+0x1b/0x30 [ 353.992409][T12133] ? kernfs_activate+0x192/0x1f0 [ 353.997341][T12133] kernfs_new_node+0x96/0x120 [ 354.002013][T12133] __kernfs_create_file+0x51/0x340 [ 354.007115][T12133] sysfs_add_file_mode_ns+0x222/0x560 [ 354.012489][T12133] internal_create_group+0x359/0xc40 [ 354.017807][T12133] ? remove_files.isra.0+0x190/0x190 [ 354.023111][T12133] ? __kasan_check_write+0x14/0x20 [ 354.028225][T12133] ? up_write+0x150/0x490 [ 354.032561][T12133] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 354.038797][T12133] sysfs_create_group+0x20/0x30 [ 354.043641][T12133] loop_set_fd+0xd5f/0x13c0 [ 354.048155][T12133] lo_ioctl+0x1a3/0x1460 [ 354.052394][T12133] ? loop_set_fd+0x13c0/0x13c0 [ 354.057160][T12133] blkdev_ioctl+0x1302/0x1df0 [ 354.061831][T12133] ? blkpg_ioctl+0xa90/0xa90 [ 354.066419][T12133] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 354.072236][T12133] block_ioctl+0xee/0x130 [ 354.076557][T12133] ? blkdev_fallocate+0x410/0x410 [ 354.081572][T12133] do_vfs_ioctl+0x977/0x14e0 [ 354.086160][T12133] ? compat_ioctl_preallocate+0x220/0x220 [ 354.091878][T12133] ? __fget+0x37f/0x550 [ 354.096042][T12133] ? do_dup2+0x4f0/0x4f0 [ 354.100283][T12133] ? tomoyo_file_ioctl+0x23/0x30 [ 354.105215][T12133] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 354.111455][T12133] ? security_file_ioctl+0x8d/0xc0 [ 354.116564][T12133] ksys_ioctl+0xab/0xd0 [ 354.120722][T12133] __x64_sys_ioctl+0x73/0xb0 [ 354.125322][T12133] do_syscall_64+0xfa/0x790 [ 354.129840][T12133] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 354.135728][T12133] RIP: 0033:0x45a777 [ 354.139602][T12133] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 354.159201][T12133] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 354.167613][T12133] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045a777 [ 354.175569][T12133] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 354.183530][T12133] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 354.191501][T12133] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315536d4 [ 354.199495][T12133] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:56:23 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"00000000000900000000000000000002"}}}}, 0x90) [ 354.251144][T12133] hfsplus: unable to find HFS+ superblock 00:56:23 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:56:23 executing program 2 (fault-call:3 fault-nth:25): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:56:23 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0xa00, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:23 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:56:23 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"0000000000090000000200"}}}}, 0x90) [ 354.634646][T12169] FAULT_INJECTION: forcing a failure. [ 354.634646][T12169] name failslab, interval 1, probability 0, space 0, times 0 [ 354.680557][T12169] CPU: 1 PID: 12169 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 354.690490][T12169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 354.700612][T12169] Call Trace: [ 354.703895][T12169] dump_stack+0x197/0x210 [ 354.708213][T12169] should_fail.cold+0xa/0x10 [ 354.712786][T12169] ? setup_fault_attr+0x220/0x220 [ 354.717797][T12169] ? ___might_sleep+0x163/0x2c0 [ 354.722632][T12169] __should_failslab+0x121/0x190 [ 354.727580][T12169] should_failslab+0x9/0x14 [ 354.732071][T12169] kmem_cache_alloc_node+0x268/0x740 [ 354.737339][T12169] ? find_held_lock+0x35/0x130 [ 354.742196][T12169] ? netlink_has_listeners+0x23b/0x3e0 [ 354.747745][T12169] __alloc_skb+0xd5/0x5e0 [ 354.752060][T12169] ? __kmalloc_reserve.isra.0+0xf0/0xf0 [ 354.757587][T12169] ? __kasan_check_read+0x11/0x20 [ 354.762595][T12169] alloc_uevent_skb+0x83/0x1e2 [ 354.767366][T12169] kobject_uevent_env+0xaa3/0x10a6 [ 354.772463][T12169] kobject_uevent+0x20/0x26 [ 354.776946][T12169] loop_set_fd+0xdec/0x13c0 [ 354.781432][T12169] lo_ioctl+0x1a3/0x1460 [ 354.785658][T12169] ? loop_set_fd+0x13c0/0x13c0 [ 354.790407][T12169] blkdev_ioctl+0x1302/0x1df0 [ 354.795064][T12169] ? blkpg_ioctl+0xa90/0xa90 [ 354.799648][T12169] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 354.805486][T12169] block_ioctl+0xee/0x130 [ 354.809794][T12169] ? blkdev_fallocate+0x410/0x410 [ 354.814798][T12169] do_vfs_ioctl+0x977/0x14e0 [ 354.819373][T12169] ? compat_ioctl_preallocate+0x220/0x220 [ 354.825074][T12169] ? __fget+0x37f/0x550 [ 354.829214][T12169] ? do_dup2+0x4f0/0x4f0 [ 354.833441][T12169] ? tomoyo_file_ioctl+0x23/0x30 [ 354.838373][T12169] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 354.844592][T12169] ? security_file_ioctl+0x8d/0xc0 [ 354.849685][T12169] ksys_ioctl+0xab/0xd0 [ 354.853824][T12169] __x64_sys_ioctl+0x73/0xb0 [ 354.858396][T12169] do_syscall_64+0xfa/0x790 [ 354.862881][T12169] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 354.868766][T12169] RIP: 0033:0x45a777 [ 354.872643][T12169] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 354.892228][T12169] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 354.900623][T12169] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045a777 [ 354.908581][T12169] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 354.916535][T12169] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 354.924495][T12169] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315536d4 [ 354.932588][T12169] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 354.975836][T12169] hfsplus: unable to find HFS+ superblock 00:56:24 executing program 4: write$P9_RMKNOD(0xffffffffffffffff, 0x0, 0x0) setresuid(0x0, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) syz_mount_image$hfsplus(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) getdents(r0, 0x0, 0x0) close(r0) 00:56:24 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0xc00, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:24 executing program 2 (fault-call:3 fault-nth:26): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:56:24 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"0000000000090000000000000200"}}}}, 0x90) 00:56:24 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x1200, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 355.511883][T12276] FAULT_INJECTION: forcing a failure. [ 355.511883][T12276] name failslab, interval 1, probability 0, space 0, times 0 [ 355.536402][T12276] CPU: 0 PID: 12276 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 355.546318][T12276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 355.556386][T12276] Call Trace: [ 355.559685][T12276] dump_stack+0x197/0x210 [ 355.564028][T12276] should_fail.cold+0xa/0x10 [ 355.568634][T12276] ? setup_fault_attr+0x220/0x220 [ 355.573667][T12276] ? ___might_sleep+0x163/0x2c0 [ 355.578513][T12276] __should_failslab+0x121/0x190 [ 355.583448][T12276] should_failslab+0x9/0x14 [ 355.587949][T12276] kmem_cache_alloc_trace+0x2d3/0x790 [ 355.593329][T12276] kobject_uevent_env+0x387/0x10a6 [ 355.598452][T12276] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 355.604709][T12276] kobject_uevent+0x20/0x26 00:56:24 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) [ 355.609224][T12276] loop_set_fd+0xdec/0x13c0 [ 355.613739][T12276] lo_ioctl+0x1a3/0x1460 [ 355.617999][T12276] ? loop_set_fd+0x13c0/0x13c0 [ 355.622773][T12276] blkdev_ioctl+0x1302/0x1df0 [ 355.627568][T12276] ? blkpg_ioctl+0xa90/0xa90 [ 355.632166][T12276] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 355.637999][T12276] block_ioctl+0xee/0x130 [ 355.642336][T12276] ? blkdev_fallocate+0x410/0x410 [ 355.647371][T12276] do_vfs_ioctl+0x977/0x14e0 [ 355.651997][T12276] ? compat_ioctl_preallocate+0x220/0x220 [ 355.657721][T12276] ? __fget+0x37f/0x550 [ 355.661886][T12276] ? do_dup2+0x4f0/0x4f0 [ 355.666138][T12276] ? tomoyo_file_ioctl+0x23/0x30 [ 355.671072][T12276] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 355.677320][T12276] ? security_file_ioctl+0x8d/0xc0 [ 355.682442][T12276] ksys_ioctl+0xab/0xd0 [ 355.686591][T12276] __x64_sys_ioctl+0x73/0xb0 [ 355.691180][T12276] do_syscall_64+0xfa/0x790 [ 355.695687][T12276] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 355.701574][T12276] RIP: 0033:0x45a777 [ 355.705515][T12276] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 355.725099][T12276] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 355.733500][T12276] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045a777 [ 355.741466][T12276] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 355.749426][T12276] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a 00:56:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 355.757375][T12276] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315536d4 [ 355.765326][T12276] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 355.814471][T12276] hfsplus: unable to find HFS+ superblock 00:56:26 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:56:26 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:56:26 executing program 2 (fault-call:3 fault-nth:27): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:56:26 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x1c00, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:26 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"000000000009000000000200"}}}}, 0x90) 00:56:26 executing program 4: r0 = socket$kcm(0x10, 0x400000002, 0x0) sendmsg$kcm(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000003c0)="160000001a0081aee4050c00000f00fe078bc36f1600", 0x16}], 0x1}, 0x0) [ 357.681874][T12314] FAULT_INJECTION: forcing a failure. [ 357.681874][T12314] name failslab, interval 1, probability 0, space 0, times 0 [ 357.694673][T12314] CPU: 0 PID: 12314 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 357.704570][T12314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 357.714630][T12314] Call Trace: [ 357.717917][T12314] dump_stack+0x197/0x210 [ 357.722239][T12314] should_fail.cold+0xa/0x10 [ 357.726836][T12314] ? setup_fault_attr+0x220/0x220 [ 357.731869][T12314] ? ___might_sleep+0x163/0x2c0 [ 357.736729][T12314] __should_failslab+0x121/0x190 [ 357.741668][T12314] should_failslab+0x9/0x14 [ 357.746162][T12314] kmem_cache_alloc_trace+0x2d3/0x790 [ 357.751536][T12314] kobject_uevent_env+0x387/0x10a6 [ 357.756663][T12314] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 357.762924][T12314] kobject_uevent+0x20/0x26 [ 357.767430][T12314] loop_set_fd+0xdec/0x13c0 [ 357.771942][T12314] lo_ioctl+0x1a3/0x1460 [ 357.776193][T12314] ? loop_set_fd+0x13c0/0x13c0 [ 357.780961][T12314] blkdev_ioctl+0x1302/0x1df0 [ 357.785642][T12314] ? blkpg_ioctl+0xa90/0xa90 [ 357.790245][T12314] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 357.796062][T12314] block_ioctl+0xee/0x130 [ 357.800472][T12314] ? blkdev_fallocate+0x410/0x410 [ 357.805496][T12314] do_vfs_ioctl+0x977/0x14e0 [ 357.810121][T12314] ? compat_ioctl_preallocate+0x220/0x220 [ 357.815829][T12314] ? __fget+0x37f/0x550 [ 357.820000][T12314] ? do_dup2+0x4f0/0x4f0 [ 357.824243][T12314] ? tomoyo_file_ioctl+0x23/0x30 [ 357.829165][T12314] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 357.835573][T12314] ? security_file_ioctl+0x8d/0xc0 [ 357.840689][T12314] ksys_ioctl+0xab/0xd0 [ 357.844844][T12314] __x64_sys_ioctl+0x73/0xb0 [ 357.849426][T12314] do_syscall_64+0xfa/0x790 [ 357.853925][T12314] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 357.859810][T12314] RIP: 0033:0x45a777 [ 357.863686][T12314] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 357.883268][T12314] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 357.899388][T12314] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045a777 [ 357.907339][T12314] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 357.915298][T12314] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 357.923262][T12314] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315536d4 [ 357.931223][T12314] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:56:27 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x6100, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:27 executing program 4: syz_mount_image$vfat(0x0, 0x0, 0xc00000000e003, 0x0, 0x0, 0x0, 0x0) ioctl$VHOST_SET_LOG_BASE(0xffffffffffffffff, 0x4008af04, 0x0) perf_event_open(0x0, 0x0, 0x4, 0xffffffffffffffff, 0x2) gettid() r0 = getpid() sched_setattr(r0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='attr/fscreate\x00') preadv(r1, &(0x7f00000017c0), 0x315, 0x0) write$P9_RLOCK(r1, &(0x7f0000000080)={0x8, 0x35, 0x1, 0x2}, 0x8) ptrace$setopts(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_ifreq(r2, 0x8923, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x05', @ifru_mtu=0x1}) r3 = syz_open_procfs(0x0, &(0x7f00000003c0)='attr/fscreate\x00') preadv(r3, &(0x7f00000017c0), 0x315, 0x0) ioctl$SNDCTL_DSP_RESET(r3, 0x5000, 0x0) r4 = syz_open_procfs(0x0, &(0x7f00000003c0)='attr/fscreate\x00') preadv(r4, &(0x7f00000017c0), 0x315, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000003c0)='attr/fscreate\x00') socket$can_raw(0x1d, 0x3, 0x1) preadv(r5, &(0x7f00000017c0), 0x315, 0x0) r6 = socket(0x22, 0x2, 0x24) close(r6) socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp_SCTP_CONTEXT(r6, 0x84, 0xd, &(0x7f0000000040), 0x8) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r5, 0x84, 0x77, &(0x7f0000000100)={0x0, 0x55ad, 0x3, [0x5, 0x2, 0x3]}, &(0x7f0000000140)=0xe) setsockopt$inet_sctp6_SCTP_CONTEXT(r4, 0x84, 0x11, &(0x7f0000000180)={r7, 0x8}, 0x8) r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000040)={'eql\x00\x00\x04\x00\x00\x00\x03\x00\x00\x00\xf2\a\x00', 0x10005812}) 00:56:27 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 357.996483][T12314] hfsplus: unable to find HFS+ superblock 00:56:27 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"000000000009000000000000000200"}}}}, 0x90) 00:56:27 executing program 2 (fault-call:3 fault-nth:28): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:56:27 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) [ 358.299491][T12350] FAULT_INJECTION: forcing a failure. [ 358.299491][T12350] name failslab, interval 1, probability 0, space 0, times 0 [ 358.377369][T12350] CPU: 1 PID: 12350 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 358.387389][T12350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 358.397443][T12350] Call Trace: [ 358.400734][T12350] dump_stack+0x197/0x210 [ 358.405069][T12350] should_fail.cold+0xa/0x10 [ 358.409670][T12350] ? setup_fault_attr+0x220/0x220 [ 358.415140][T12350] ? ___might_sleep+0x163/0x2c0 [ 358.419987][T12350] __should_failslab+0x121/0x190 [ 358.424935][T12350] should_failslab+0x9/0x14 [ 358.429446][T12350] __kmalloc+0x2e0/0x770 [ 358.433686][T12350] ? kobject_get_path+0xc4/0x1b0 [ 358.438605][T12350] kobject_get_path+0xc4/0x1b0 [ 358.443353][T12350] kobject_uevent_env+0x3ab/0x10a6 [ 358.448487][T12350] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 358.454708][T12350] kobject_uevent+0x20/0x26 [ 358.459207][T12350] loop_set_fd+0xdec/0x13c0 [ 358.463719][T12350] lo_ioctl+0x1a3/0x1460 [ 358.467954][T12350] ? loop_set_fd+0x13c0/0x13c0 [ 358.472709][T12350] blkdev_ioctl+0x1302/0x1df0 [ 358.477374][T12350] ? blkpg_ioctl+0xa90/0xa90 [ 358.481945][T12350] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 358.487747][T12350] block_ioctl+0xee/0x130 [ 358.492060][T12350] ? blkdev_fallocate+0x410/0x410 [ 358.497106][T12350] do_vfs_ioctl+0x977/0x14e0 [ 358.501706][T12350] ? compat_ioctl_preallocate+0x220/0x220 [ 358.507408][T12350] ? __fget+0x37f/0x550 [ 358.511558][T12350] ? do_dup2+0x4f0/0x4f0 [ 358.515786][T12350] ? tomoyo_file_ioctl+0x23/0x30 [ 358.520703][T12350] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 358.526925][T12350] ? security_file_ioctl+0x8d/0xc0 [ 358.532028][T12350] ksys_ioctl+0xab/0xd0 [ 358.536175][T12350] __x64_sys_ioctl+0x73/0xb0 [ 358.540746][T12350] do_syscall_64+0xfa/0x790 [ 358.545232][T12350] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 358.551099][T12350] RIP: 0033:0x45a777 [ 358.555002][T12350] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 358.575548][T12350] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 358.583938][T12350] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045a777 [ 358.591890][T12350] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 358.599838][T12350] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 358.607874][T12350] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315536d4 [ 358.615823][T12350] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 358.665115][T12350] hfsplus: unable to find HFS+ superblock [ 358.672099][T12359] delete_channel: no stack [ 359.510892][T12337] delete_channel: no stack 00:56:29 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:56:29 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0xf4240, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:29 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:56:29 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"00000000000900000000000200"}}}}, 0x90) 00:56:29 executing program 2 (fault-call:3 fault-nth:29): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 360.815891][T12378] FAULT_INJECTION: forcing a failure. [ 360.815891][T12378] name failslab, interval 1, probability 0, space 0, times 0 [ 360.840735][T12378] CPU: 0 PID: 12378 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 360.850675][T12378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 360.860732][T12378] Call Trace: [ 360.864031][T12378] dump_stack+0x197/0x210 [ 360.868371][T12378] should_fail.cold+0xa/0x10 [ 360.872969][T12378] ? setup_fault_attr+0x220/0x220 [ 360.877999][T12378] ? ___might_sleep+0x163/0x2c0 [ 360.882856][T12378] __should_failslab+0x121/0x190 [ 360.887795][T12378] should_failslab+0x9/0x14 [ 360.892296][T12378] kmem_cache_alloc_node_trace+0x274/0x750 [ 360.898108][T12378] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 360.904095][T12378] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 360.909909][T12378] __kmalloc_node_track_caller+0x3d/0x70 [ 360.911812][T12392] ptrace attach of "/root/syz-executor.5"[12391] was attempted by "/root/syz-executor.5"[12392] [ 360.915543][T12378] __kmalloc_reserve.isra.0+0x40/0xf0 [ 360.931340][T12378] __alloc_skb+0x10b/0x5e0 [ 360.935764][T12378] ? __kmalloc_reserve.isra.0+0xf0/0xf0 [ 360.941321][T12378] ? __kasan_check_read+0x11/0x20 [ 360.946354][T12378] alloc_uevent_skb+0x83/0x1e2 [ 360.951125][T12378] kobject_uevent_env+0xaa3/0x10a6 [ 360.956246][T12378] kobject_uevent+0x20/0x26 [ 360.960755][T12378] loop_set_fd+0xdec/0x13c0 [ 360.965278][T12378] lo_ioctl+0x1a3/0x1460 [ 360.969535][T12378] ? loop_set_fd+0x13c0/0x13c0 [ 360.974304][T12378] blkdev_ioctl+0x1302/0x1df0 [ 360.978989][T12378] ? blkpg_ioctl+0xa90/0xa90 [ 360.983590][T12378] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 360.989422][T12378] block_ioctl+0xee/0x130 [ 360.993756][T12378] ? blkdev_fallocate+0x410/0x410 [ 360.998786][T12378] do_vfs_ioctl+0x977/0x14e0 [ 361.003393][T12378] ? compat_ioctl_preallocate+0x220/0x220 [ 361.009120][T12378] ? __fget+0x37f/0x550 [ 361.013288][T12378] ? do_dup2+0x4f0/0x4f0 [ 361.017543][T12378] ? tomoyo_file_ioctl+0x23/0x30 [ 361.022488][T12378] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 361.028730][T12378] ? security_file_ioctl+0x8d/0xc0 [ 361.033851][T12378] ksys_ioctl+0xab/0xd0 [ 361.038008][T12378] __x64_sys_ioctl+0x73/0xb0 [ 361.042607][T12378] do_syscall_64+0xfa/0x790 [ 361.047122][T12378] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 361.053008][T12378] RIP: 0033:0x45a777 [ 361.056899][T12378] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 361.076500][T12378] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 361.084908][T12378] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045a777 [ 361.092880][T12378] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 361.100851][T12378] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 361.108822][T12378] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315536d4 00:56:30 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"00000000000900000000000000000200"}}}}, 0x90) 00:56:30 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 361.116786][T12378] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 361.151464][T12378] hfsplus: unable to find HFS+ superblock 00:56:31 executing program 4: syz_mount_image$vfat(0x0, 0x0, 0xc00000000e003, 0x0, 0x0, 0x0, 0x0) ioctl$VHOST_SET_LOG_BASE(0xffffffffffffffff, 0x4008af04, 0x0) perf_event_open(0x0, 0x0, 0x4, 0xffffffffffffffff, 0x2) gettid() r0 = getpid() sched_setattr(r0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='attr/fscreate\x00') preadv(r1, &(0x7f00000017c0), 0x315, 0x0) write$P9_RLOCK(r1, &(0x7f0000000080)={0x8, 0x35, 0x1, 0x2}, 0x8) ptrace$setopts(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_ifreq(r2, 0x8923, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x05', @ifru_mtu=0x1}) r3 = syz_open_procfs(0x0, &(0x7f00000003c0)='attr/fscreate\x00') preadv(r3, &(0x7f00000017c0), 0x315, 0x0) ioctl$SNDCTL_DSP_RESET(r3, 0x5000, 0x0) r4 = syz_open_procfs(0x0, &(0x7f00000003c0)='attr/fscreate\x00') preadv(r4, &(0x7f00000017c0), 0x315, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000003c0)='attr/fscreate\x00') socket$can_raw(0x1d, 0x3, 0x1) preadv(r5, &(0x7f00000017c0), 0x315, 0x0) r6 = socket(0x22, 0x2, 0x24) close(r6) socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp_SCTP_CONTEXT(r6, 0x84, 0xd, &(0x7f0000000040), 0x8) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r5, 0x84, 0x77, &(0x7f0000000100)={0x0, 0x55ad, 0x3, [0x5, 0x2, 0x3]}, &(0x7f0000000140)=0xe) setsockopt$inet_sctp6_SCTP_CONTEXT(r4, 0x84, 0x11, &(0x7f0000000180)={r7, 0x8}, 0x8) r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000040)={'eql\x00\x00\x04\x00\x00\x00\x03\x00\x00\x00\xf2\a\x00', 0x10005812}) 00:56:31 executing program 2 (fault-call:3 fault-nth:30): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:56:31 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:56:31 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:56:31 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x2b, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:31 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x2f, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:31 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"0000000000090000000000000200"}}}}, 0x90) [ 362.393897][T12411] FAULT_INJECTION: forcing a failure. [ 362.393897][T12411] name failslab, interval 1, probability 0, space 0, times 0 [ 362.407174][T12411] CPU: 1 PID: 12411 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 362.417078][T12411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 362.427129][T12411] Call Trace: [ 362.430424][T12411] dump_stack+0x197/0x210 [ 362.434770][T12411] should_fail.cold+0xa/0x10 [ 362.439365][T12411] ? setup_fault_attr+0x220/0x220 [ 362.444386][T12411] ? ___might_sleep+0x163/0x2c0 [ 362.449224][T12411] __should_failslab+0x121/0x190 [ 362.454151][T12411] should_failslab+0x9/0x14 [ 362.458635][T12411] kmem_cache_alloc_node+0x268/0x740 [ 362.463910][T12411] ? find_held_lock+0x35/0x130 [ 362.468664][T12411] ? netlink_has_listeners+0x23b/0x3e0 [ 362.474106][T12411] __alloc_skb+0xd5/0x5e0 [ 362.478415][T12411] ? __kmalloc_reserve.isra.0+0xf0/0xf0 [ 362.483956][T12411] ? __kasan_check_read+0x11/0x20 [ 362.489001][T12411] alloc_uevent_skb+0x83/0x1e2 [ 362.493753][T12411] kobject_uevent_env+0xaa3/0x10a6 [ 362.498895][T12411] kobject_uevent+0x20/0x26 [ 362.503394][T12411] loop_set_fd+0xdec/0x13c0 [ 362.507958][T12411] lo_ioctl+0x1a3/0x1460 [ 362.512373][T12411] ? loop_set_fd+0x13c0/0x13c0 [ 362.517127][T12411] blkdev_ioctl+0x1302/0x1df0 [ 362.521795][T12411] ? blkpg_ioctl+0xa90/0xa90 [ 362.526390][T12411] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 362.532218][T12411] block_ioctl+0xee/0x130 [ 362.536589][T12411] ? blkdev_fallocate+0x410/0x410 [ 362.541607][T12411] do_vfs_ioctl+0x977/0x14e0 [ 362.546190][T12411] ? compat_ioctl_preallocate+0x220/0x220 [ 362.551990][T12411] ? __fget+0x37f/0x550 [ 362.556142][T12411] ? do_dup2+0x4f0/0x4f0 [ 362.560428][T12411] ? tomoyo_file_ioctl+0x23/0x30 [ 362.565372][T12411] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 362.571961][T12411] ? security_file_ioctl+0x8d/0xc0 [ 362.577068][T12411] ksys_ioctl+0xab/0xd0 [ 362.581222][T12411] __x64_sys_ioctl+0x73/0xb0 [ 362.585819][T12411] do_syscall_64+0xfa/0x790 [ 362.590355][T12411] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 362.596232][T12411] RIP: 0033:0x45a777 [ 362.600156][T12411] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 362.619748][T12411] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 362.628140][T12411] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045a777 [ 362.636103][T12411] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 362.644104][T12411] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 362.652083][T12411] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315536d4 [ 362.660048][T12411] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000005 [ 362.676300][T12411] hfsplus: unable to find HFS+ superblock 00:56:32 executing program 2 (fault-call:3 fault-nth:31): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:56:32 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:32 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"00000000000900000000000000000002"}}}}, 0x90) 00:56:32 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 362.995982][T12442] FAULT_INJECTION: forcing a failure. [ 362.995982][T12442] name failslab, interval 1, probability 0, space 0, times 0 [ 363.096436][T12442] CPU: 1 PID: 12442 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 363.103467][T12426] delete_channel: no stack [ 363.106365][T12442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 363.106372][T12442] Call Trace: [ 363.106405][T12442] dump_stack+0x197/0x210 [ 363.106427][T12442] should_fail.cold+0xa/0x10 [ 363.133255][T12442] ? setup_fault_attr+0x220/0x220 [ 363.138287][T12442] ? ___might_sleep+0x163/0x2c0 [ 363.143151][T12442] __should_failslab+0x121/0x190 [ 363.148098][T12442] should_failslab+0x9/0x14 [ 363.152603][T12442] kmem_cache_alloc+0x2aa/0x710 [ 363.157454][T12442] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 363.163688][T12442] ? debug_smp_processor_id+0x33/0x18a [ 363.163705][T12442] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 363.163722][T12442] getname_flags+0xd6/0x5b0 [ 363.163735][T12442] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 363.163752][T12442] do_mkdirat+0xa0/0x2a0 [ 363.163767][T12442] ? __ia32_sys_mknod+0xb0/0xb0 [ 363.163800][T12442] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 363.199881][T12442] ? do_syscall_64+0x26/0x790 [ 363.204559][T12442] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 363.210621][T12442] ? do_syscall_64+0x26/0x790 [ 363.215312][T12442] ? lockdep_hardirqs_on+0x421/0x5e0 [ 363.220602][T12442] __x64_sys_mkdir+0x5c/0x80 [ 363.225198][T12442] do_syscall_64+0xfa/0x790 [ 363.229714][T12442] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 363.235693][T12442] RIP: 0033:0x459d27 [ 363.239581][T12442] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 363.259172][T12442] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 363.267562][T12442] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 0000000000459d27 [ 363.275562][T12442] RDX: 0000000000000007 RSI: 00000000000001ff RDI: 0000000020000400 [ 363.283525][T12442] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 363.291493][T12442] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315536d4 [ 363.299453][T12442] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:56:33 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:56:33 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x3}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:33 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:56:33 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:56:33 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x6) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) dup2(r1, r0) 00:56:33 executing program 2 (fault-call:3 fault-nth:32): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:56:33 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x4}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 364.235244][T12467] FAULT_INJECTION: forcing a failure. [ 364.235244][T12467] name failslab, interval 1, probability 0, space 0, times 0 [ 364.261813][T12467] CPU: 1 PID: 12467 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 364.271723][T12467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 364.281776][T12467] Call Trace: [ 364.281818][T12467] dump_stack+0x197/0x210 [ 364.281846][T12467] should_fail.cold+0xa/0x10 [ 364.294019][T12467] ? setup_fault_attr+0x220/0x220 [ 364.299053][T12467] ? ___might_sleep+0x163/0x2c0 [ 364.303946][T12467] __should_failslab+0x121/0x190 [ 364.308869][T12467] should_failslab+0x9/0x14 [ 364.313353][T12467] kmem_cache_alloc+0x2aa/0x710 [ 364.318195][T12467] ? __d_lookup+0x42a/0x750 [ 364.322689][T12467] ? lookup_dcache+0x23/0x140 [ 364.327346][T12467] ? d_lookup+0xf4/0x260 [ 364.331571][T12467] ? lockdep_hardirqs_on+0x421/0x5e0 [ 364.336881][T12467] __d_alloc+0x2e/0x8c0 [ 364.341026][T12467] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 364.346726][T12467] d_alloc+0x4d/0x280 [ 364.350710][T12467] __lookup_hash+0xcd/0x190 [ 364.355208][T12467] filename_create+0x1a7/0x4f0 [ 364.359970][T12467] ? kern_path_mountpoint+0x40/0x40 [ 364.365147][T12467] ? strncpy_from_user+0x2b4/0x400 [ 364.370294][T12467] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 364.376514][T12467] ? getname_flags+0x277/0x5b0 [ 364.381258][T12467] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 364.386781][T12467] do_mkdirat+0xb5/0x2a0 [ 364.391019][T12467] ? __ia32_sys_mknod+0xb0/0xb0 [ 364.395850][T12467] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 364.401320][T12467] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 364.407369][T12467] ? do_syscall_64+0x26/0x790 [ 364.412028][T12467] ? lockdep_hardirqs_on+0x421/0x5e0 [ 364.417292][T12467] __x64_sys_mkdir+0x5c/0x80 [ 364.421881][T12467] do_syscall_64+0xfa/0x790 [ 364.426557][T12467] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 364.432427][T12467] RIP: 0033:0x459d27 [ 364.436301][T12467] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 364.455910][T12467] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 364.464335][T12467] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 0000000000459d27 [ 364.472332][T12467] RDX: 0000000000000007 RSI: 00000000000001ff RDI: 0000000020000400 [ 364.480287][T12467] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 364.488474][T12467] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315536d4 [ 364.496475][T12467] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:56:33 executing program 4: syz_mount_image$vfat(0x0, 0x0, 0xc00000000e003, 0x0, 0x0, 0x0, 0x0) ioctl$VHOST_SET_LOG_BASE(0xffffffffffffffff, 0x4008af04, 0x0) gettid() r0 = getpid() sched_setattr(r0, 0x0, 0x0) get_robust_list(r0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='attr/fscreate\x00') preadv(r1, &(0x7f00000017c0), 0x315, 0x0) write$P9_RLOCK(0xffffffffffffffff, &(0x7f0000000080)={0x8, 0x35, 0x1, 0x2}, 0x8) ptrace$setopts(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_ifreq(r2, 0x8923, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x05', @ifru_mtu=0x1}) r3 = syz_open_procfs(0x0, &(0x7f00000003c0)='attr/fscreate\x00') preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x315, 0x0) ioctl$SNDCTL_DSP_RESET(r3, 0x5000, 0x0) preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x315, 0x0) r4 = syz_open_procfs(0x0, &(0x7f00000003c0)='attr/fscreate\x00') socket$can_raw(0x1d, 0x3, 0x1) preadv(r4, &(0x7f00000017c0), 0x315, 0x0) r5 = socket(0x22, 0x2, 0x24) socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp_SCTP_CONTEXT(r5, 0x84, 0xd, &(0x7f0000000040), 0x8) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f0000000100)={0x0, 0x55ad, 0x3, [0x5, 0x2, 0x3]}, &(0x7f0000000140)=0xe) setsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000180)={r6, 0x8}, 0x8) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000040)={'eql\x00\x00\x04\x00\x00\x00\x03\x00\x00\x00\xf2\a\x00', 0x10005812}) 00:56:33 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"000000000009000000000000000200"}}}}, 0x90) 00:56:33 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x5}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:33 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:56:34 executing program 2 (fault-call:3 fault-nth:33): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 364.874645][T12511] FAULT_INJECTION: forcing a failure. [ 364.874645][T12511] name failslab, interval 1, probability 0, space 0, times 0 [ 364.918069][T12511] CPU: 0 PID: 12511 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 364.927989][T12511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 364.938045][T12511] Call Trace: [ 364.941353][T12511] dump_stack+0x197/0x210 [ 364.945696][T12511] should_fail.cold+0xa/0x10 [ 364.950312][T12511] ? setup_fault_attr+0x220/0x220 [ 364.955357][T12511] ? ___might_sleep+0x163/0x2c0 [ 364.960210][T12511] __should_failslab+0x121/0x190 [ 364.965155][T12511] should_failslab+0x9/0x14 [ 364.969665][T12511] kmem_cache_alloc+0x2aa/0x710 [ 364.974524][T12511] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 364.980774][T12511] ? debug_smp_processor_id+0x33/0x18a [ 364.980793][T12511] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 364.980810][T12511] getname_flags+0xd6/0x5b0 [ 364.980822][T12511] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 364.980838][T12511] do_mkdirat+0xa0/0x2a0 [ 364.980855][T12511] ? __ia32_sys_mknod+0xb0/0xb0 [ 364.980871][T12511] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 364.980890][T12511] ? do_syscall_64+0x26/0x790 [ 364.992477][T12511] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 364.992490][T12511] ? do_syscall_64+0x26/0x790 [ 364.992505][T12511] ? lockdep_hardirqs_on+0x421/0x5e0 [ 364.992521][T12511] __x64_sys_mkdir+0x5c/0x80 [ 364.992539][T12511] do_syscall_64+0xfa/0x790 [ 365.004579][T12493] : renamed from eql [ 365.006781][T12511] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 365.006799][T12511] RIP: 0033:0x459d27 [ 365.057406][T12511] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 365.057415][T12511] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 365.057430][T12511] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 0000000000459d27 [ 365.057439][T12511] RDX: 0000000000000007 RSI: 00000000000001ff RDI: 0000000020000400 [ 365.057447][T12511] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 365.057455][T12511] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315536d4 [ 365.057470][T12511] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 365.222335][T12490] delete_channel: no stack [ 365.513745][T12490] delete_channel: no stack 00:56:36 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:56:36 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:56:36 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:36 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:56:36 executing program 2 (fault-call:3 fault-nth:34): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:56:36 executing program 4: syz_mount_image$vfat(0x0, 0x0, 0xc00000000e003, 0x0, 0x0, 0x0, 0x0) ioctl$VHOST_SET_LOG_BASE(0xffffffffffffffff, 0x4008af04, 0x0) gettid() r0 = getpid() sched_setattr(r0, 0x0, 0x0) get_robust_list(r0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='attr/fscreate\x00') preadv(r1, &(0x7f00000017c0), 0x315, 0x0) write$P9_RLOCK(0xffffffffffffffff, &(0x7f0000000080)={0x8, 0x35, 0x1, 0x2}, 0x8) ptrace$setopts(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_ifreq(r2, 0x8923, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x05', @ifru_mtu=0x1}) r3 = syz_open_procfs(0x0, &(0x7f00000003c0)='attr/fscreate\x00') preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x315, 0x0) ioctl$SNDCTL_DSP_RESET(r3, 0x5000, 0x0) preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x315, 0x0) r4 = syz_open_procfs(0x0, &(0x7f00000003c0)='attr/fscreate\x00') socket$can_raw(0x1d, 0x3, 0x1) preadv(r4, &(0x7f00000017c0), 0x315, 0x0) r5 = socket(0x22, 0x2, 0x24) socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp_SCTP_CONTEXT(r5, 0x84, 0xd, &(0x7f0000000040), 0x8) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f0000000100)={0x0, 0x55ad, 0x3, [0x5, 0x2, 0x3]}, &(0x7f0000000140)=0xe) setsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000180)={r6, 0x8}, 0x8) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000040)={'eql\x00\x00\x04\x00\x00\x00\x03\x00\x00\x00\xf2\a\x00', 0x10005812}) [ 367.271729][T12531] FAULT_INJECTION: forcing a failure. [ 367.271729][T12531] name failslab, interval 1, probability 0, space 0, times 0 [ 367.284769][T12531] CPU: 1 PID: 12531 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 367.294652][T12531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 367.294718][T12531] Call Trace: [ 367.294739][T12531] dump_stack+0x197/0x210 [ 367.294760][T12531] should_fail.cold+0xa/0x10 [ 367.294776][T12531] ? setup_fault_attr+0x220/0x220 [ 367.294806][T12531] __should_failslab+0x121/0x190 [ 367.326931][T12531] should_failslab+0x9/0x14 [ 367.331424][T12531] kmem_cache_alloc+0x47/0x710 [ 367.336177][T12531] ? __kasan_check_write+0x14/0x20 [ 367.341286][T12531] ? do_raw_write_lock+0x124/0x290 [ 367.346482][T12531] __es_insert_extent+0x2cc/0xf20 [ 367.351518][T12531] ext4_es_insert_extent+0x2d2/0xa70 [ 367.356812][T12531] ? ext4_es_scan_clu+0xe0/0xe0 [ 367.361669][T12531] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 367.367658][T12531] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 367.373911][T12531] ? ext4_es_find_extent_range+0x131/0x660 [ 367.379713][T12531] ext4_ext_put_gap_in_cache+0xfe/0x150 [ 367.385244][T12531] ? ext4_rereserve_cluster+0x240/0x240 [ 367.390792][T12531] ? ext4_find_extent+0x76e/0x9d0 [ 367.395830][T12531] ? ext4_find_extent+0x6a6/0x9d0 [ 367.400873][T12531] ext4_ext_map_blocks+0x1930/0x3ac0 [ 367.406174][T12531] ? ext4_ext_release+0x10/0x10 [ 367.411032][T12531] ? __kasan_check_write+0x14/0x20 [ 367.416144][T12531] ? down_read+0x109/0x440 [ 367.420588][T12531] ? down_read_killable+0x490/0x490 [ 367.425834][T12531] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 367.432072][T12531] ? ext4_es_lookup_extent+0x426/0xd40 [ 367.437615][T12531] ext4_map_blocks+0xdc7/0x17e0 [ 367.442468][T12531] ? ext4_issue_zeroout+0x190/0x190 [ 367.447661][T12531] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 367.453216][T12531] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 367.459204][T12531] ? __kasan_check_write+0x14/0x20 [ 367.464307][T12531] ? __brelse+0x95/0xb0 [ 367.468460][T12531] ext4_getblk+0xc4/0x580 [ 367.472792][T12531] ? ext4_iomap_begin+0x720/0x720 [ 367.477831][T12531] ext4_bread+0x8f/0x390 [ 367.482054][T12531] ? ext4_getblk+0x580/0x580 [ 367.486636][T12531] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 367.492277][T12531] ext4_append+0x155/0x370 [ 367.496746][T12531] ext4_mkdir+0x61e/0xe20 [ 367.501077][T12531] ? ext4_rmdir+0xd20/0xd20 [ 367.505586][T12531] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 367.511820][T12531] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 367.518108][T12531] ? security_inode_permission+0xcb/0x100 [ 367.523810][T12531] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 367.530080][T12531] ? security_inode_mkdir+0xe4/0x120 [ 367.535379][T12531] vfs_mkdir+0x42e/0x670 [ 367.539617][T12531] do_mkdirat+0x234/0x2a0 [ 367.543930][T12531] ? __ia32_sys_mknod+0xb0/0xb0 [ 367.548758][T12531] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 367.554210][T12531] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 367.560266][T12531] ? do_syscall_64+0x26/0x790 [ 367.564932][T12531] ? lockdep_hardirqs_on+0x421/0x5e0 [ 367.570213][T12531] __x64_sys_mkdir+0x5c/0x80 [ 367.574798][T12531] do_syscall_64+0xfa/0x790 [ 367.579304][T12531] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 367.585224][T12531] RIP: 0033:0x459d27 [ 367.589099][T12531] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 367.608681][T12531] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 367.617080][T12531] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 0000000000459d27 [ 367.625030][T12531] RDX: 0000000000000007 RSI: 00000000000001ff RDI: 0000000020000400 [ 367.632987][T12531] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 367.640956][T12531] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315536d4 [ 367.648922][T12531] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 367.662550][T12531] hfsplus: unable to find HFS+ superblock 00:56:37 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x9}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:37 executing program 2 (fault-call:3 fault-nth:35): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:56:37 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:56:37 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 00:56:37 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0xa}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 368.032320][T12557] FAULT_INJECTION: forcing a failure. [ 368.032320][T12557] name failslab, interval 1, probability 0, space 0, times 0 [ 368.045583][T12557] CPU: 1 PID: 12557 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 368.055482][T12557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 368.065536][T12557] Call Trace: [ 368.068836][T12557] dump_stack+0x197/0x210 [ 368.073177][T12557] should_fail.cold+0xa/0x10 [ 368.077773][T12557] ? setup_fault_attr+0x220/0x220 [ 368.082805][T12557] ? ___might_sleep+0x163/0x2c0 [ 368.087666][T12557] __should_failslab+0x121/0x190 [ 368.092673][T12557] ? ratelimit_state_init+0xb0/0xb0 [ 368.097874][T12557] should_failslab+0x9/0x14 [ 368.102380][T12557] kmem_cache_alloc+0x2aa/0x710 [ 368.107241][T12557] ? ratelimit_state_init+0xb0/0xb0 [ 368.112444][T12557] ext4_alloc_inode+0x1f/0x640 [ 368.117211][T12557] ? ratelimit_state_init+0xb0/0xb0 [ 368.122408][T12557] alloc_inode+0x68/0x1e0 [ 368.126741][T12557] new_inode_pseudo+0x19/0xf0 [ 368.131423][T12557] new_inode+0x1f/0x40 [ 368.135490][T12557] __ext4_new_inode+0x3db/0x4f20 [ 368.140434][T12557] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 368.146249][T12557] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 368.152579][T12557] ? __dquot_initialize+0x525/0xd80 [ 368.157783][T12557] ? ext4_free_inode+0x14d0/0x14d0 [ 368.162908][T12557] ? dquot_get_next_dqblk+0x180/0x180 [ 368.168277][T12557] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 368.173916][T12557] ? putname+0xef/0x130 [ 368.178081][T12557] ext4_mkdir+0x3d5/0xe20 00:56:37 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) [ 368.182454][T12557] ? ext4_rmdir+0xd20/0xd20 [ 368.186968][T12557] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 368.193217][T12557] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 368.199458][T12557] ? security_inode_permission+0xcb/0x100 [ 368.205181][T12557] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 368.211418][T12557] ? security_inode_mkdir+0xe4/0x120 [ 368.211439][T12557] vfs_mkdir+0x42e/0x670 [ 368.211458][T12557] do_mkdirat+0x234/0x2a0 [ 368.211475][T12557] ? __ia32_sys_mknod+0xb0/0xb0 [ 368.211492][T12557] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 368.211508][T12557] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 368.211522][T12557] ? do_syscall_64+0x26/0x790 [ 368.211538][T12557] ? lockdep_hardirqs_on+0x421/0x5e0 [ 368.211555][T12557] __x64_sys_mkdir+0x5c/0x80 [ 368.211572][T12557] do_syscall_64+0xfa/0x790 [ 368.211589][T12557] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 368.211602][T12557] RIP: 0033:0x459d27 [ 368.211617][T12557] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 368.211625][T12557] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 368.211639][T12557] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 0000000000459d27 [ 368.211648][T12557] RDX: 0000000000000007 RSI: 00000000000001ff RDI: 0000000020000400 [ 368.211656][T12557] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 368.211665][T12557] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315536d4 [ 368.211674][T12557] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 368.345173][T12525] delete_channel: no stack 00:56:40 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:56:40 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"00000000000900000000000000000200"}}}}, 0x90) 00:56:40 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0xb}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:40 executing program 2 (fault-call:3 fault-nth:36): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:56:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 00:56:40 executing program 4: syz_mount_image$vfat(0x0, 0x0, 0xc00000000e003, 0x0, 0x0, 0x0, 0x0) ioctl$VHOST_SET_LOG_BASE(0xffffffffffffffff, 0x4008af04, 0x0) gettid() r0 = getpid() sched_setattr(r0, 0x0, 0x0) get_robust_list(r0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='attr/fscreate\x00') preadv(r1, &(0x7f00000017c0), 0x315, 0x0) write$P9_RLOCK(0xffffffffffffffff, &(0x7f0000000080)={0x8, 0x35, 0x1, 0x2}, 0x8) ptrace$setopts(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_ifreq(r2, 0x8923, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x05', @ifru_mtu=0x1}) r3 = syz_open_procfs(0x0, &(0x7f00000003c0)='attr/fscreate\x00') preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x315, 0x0) ioctl$SNDCTL_DSP_RESET(r3, 0x5000, 0x0) preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x315, 0x0) r4 = syz_open_procfs(0x0, &(0x7f00000003c0)='attr/fscreate\x00') socket$can_raw(0x1d, 0x3, 0x1) preadv(r4, &(0x7f00000017c0), 0x315, 0x0) r5 = socket(0x22, 0x2, 0x24) socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp_SCTP_CONTEXT(r5, 0x84, 0xd, &(0x7f0000000040), 0x8) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f0000000100)={0x0, 0x55ad, 0x3, [0x5, 0x2, 0x3]}, &(0x7f0000000140)=0xe) setsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000180)={r6, 0x8}, 0x8) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000040)={'eql\x00\x00\x04\x00\x00\x00\x03\x00\x00\x00\xf2\a\x00', 0x10005812}) 00:56:40 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) [ 370.887725][T12596] FAULT_INJECTION: forcing a failure. [ 370.887725][T12596] name failslab, interval 1, probability 0, space 0, times 0 [ 370.918500][T12596] CPU: 1 PID: 12596 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 370.928411][T12596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 370.938469][T12596] Call Trace: [ 370.941771][T12596] dump_stack+0x197/0x210 [ 370.946103][T12596] should_fail.cold+0xa/0x10 [ 370.950697][T12596] ? setup_fault_attr+0x220/0x220 [ 370.955731][T12596] ? ___might_sleep+0x163/0x2c0 [ 370.960581][T12596] __should_failslab+0x121/0x190 [ 370.965627][T12596] ? ratelimit_state_init+0xb0/0xb0 [ 370.970829][T12596] should_failslab+0x9/0x14 [ 370.975338][T12596] kmem_cache_alloc+0x2aa/0x710 [ 370.980204][T12596] ? ratelimit_state_init+0xb0/0xb0 00:56:40 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) [ 370.985408][T12596] ext4_alloc_inode+0x1f/0x640 [ 370.990166][T12596] ? ratelimit_state_init+0xb0/0xb0 [ 370.995358][T12596] alloc_inode+0x68/0x1e0 [ 370.999688][T12596] new_inode_pseudo+0x19/0xf0 [ 371.004365][T12596] new_inode+0x1f/0x40 [ 371.008433][T12596] __ext4_new_inode+0x3db/0x4f20 [ 371.013373][T12596] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 371.019192][T12596] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 371.025524][T12596] ? __dquot_initialize+0x525/0xd80 [ 371.030833][T12596] ? ext4_free_inode+0x14d0/0x14d0 [ 371.035948][T12596] ? dquot_get_next_dqblk+0x180/0x180 [ 371.041321][T12596] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 371.046956][T12596] ? putname+0xef/0x130 [ 371.051117][T12596] ext4_mkdir+0x3d5/0xe20 [ 371.055459][T12596] ? ext4_rmdir+0xd20/0xd20 [ 371.059964][T12596] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 371.066203][T12596] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 371.072439][T12596] ? security_inode_permission+0xcb/0x100 [ 371.078158][T12596] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 371.084398][T12596] ? security_inode_mkdir+0xe4/0x120 [ 371.089677][T12596] vfs_mkdir+0x42e/0x670 [ 371.093911][T12596] do_mkdirat+0x234/0x2a0 [ 371.098224][T12596] ? __ia32_sys_mknod+0xb0/0xb0 [ 371.103058][T12596] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 371.108503][T12596] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 371.114558][T12596] ? do_syscall_64+0x26/0x790 [ 371.119218][T12596] ? lockdep_hardirqs_on+0x421/0x5e0 [ 371.124490][T12596] __x64_sys_mkdir+0x5c/0x80 [ 371.129065][T12596] do_syscall_64+0xfa/0x790 [ 371.133557][T12596] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 371.139430][T12596] RIP: 0033:0x459d27 [ 371.143307][T12596] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 371.162891][T12596] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 371.171296][T12596] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 0000000000459d27 [ 371.179247][T12596] RDX: 0000000000000007 RSI: 00000000000001ff RDI: 0000000020000400 00:56:40 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0xc}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 371.187230][T12596] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 371.195180][T12596] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315536d4 [ 371.203142][T12596] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:56:40 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"00000000000900000000000000000002"}}}}, 0x90) [ 371.354696][T12593] : renamed from eql 00:56:40 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:40 executing program 2 (fault-call:3 fault-nth:37): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 371.503873][T12586] delete_channel: no stack [ 371.595710][T12636] FAULT_INJECTION: forcing a failure. [ 371.595710][T12636] name failslab, interval 1, probability 0, space 0, times 0 [ 371.634074][T12636] CPU: 1 PID: 12636 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 371.643998][T12636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 371.654155][T12636] Call Trace: [ 371.657461][T12636] dump_stack+0x197/0x210 [ 371.661806][T12636] should_fail.cold+0xa/0x10 [ 371.666422][T12636] ? setup_fault_attr+0x220/0x220 [ 371.671460][T12636] ? ___might_sleep+0x163/0x2c0 [ 371.676325][T12636] __should_failslab+0x121/0x190 [ 371.681383][T12636] should_failslab+0x9/0x14 [ 371.685882][T12636] __kmalloc+0x2e0/0x770 [ 371.690114][T12636] ? mark_held_locks+0xf0/0xf0 [ 371.694859][T12636] ? stack_trace_save+0xac/0xe0 [ 371.699692][T12636] ? tomoyo_realpath_from_path+0xc5/0x660 [ 371.705404][T12636] tomoyo_realpath_from_path+0xc5/0x660 [ 371.710992][T12636] ? tomoyo_path_number_perm+0x193/0x520 [ 371.716625][T12636] tomoyo_path_number_perm+0x1dd/0x520 [ 371.722070][T12636] ? tomoyo_path_number_perm+0x193/0x520 [ 371.727696][T12636] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 371.733480][T12636] ? find_held_lock+0x35/0x130 [ 371.738233][T12636] ? putname+0xef/0x130 [ 371.742383][T12636] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 371.747921][T12636] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 371.753914][T12636] ? trace_hardirqs_on+0x67/0x240 [ 371.758920][T12636] ? kmem_cache_free+0x26b/0x320 [ 371.763861][T12636] tomoyo_path_mkdir+0xaa/0xf0 [ 371.768618][T12636] ? tomoyo_file_ioctl+0x30/0x30 [ 371.773535][T12636] ? kern_path_mountpoint+0x40/0x40 [ 371.778723][T12636] ? strncpy_from_user+0x2b4/0x400 [ 371.783848][T12636] security_path_mkdir+0x113/0x170 [ 371.788962][T12636] do_mkdirat+0x160/0x2a0 [ 371.793285][T12636] ? __ia32_sys_mknod+0xb0/0xb0 [ 371.798129][T12636] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 371.803592][T12636] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 371.809647][T12636] ? do_syscall_64+0x26/0x790 [ 371.814306][T12636] ? lockdep_hardirqs_on+0x421/0x5e0 [ 371.819570][T12636] __x64_sys_mkdir+0x5c/0x80 [ 371.824154][T12636] do_syscall_64+0xfa/0x790 [ 371.828650][T12636] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 371.834524][T12636] RIP: 0033:0x459d27 [ 371.838485][T12636] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 371.858070][T12636] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 371.866470][T12636] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 0000000000459d27 [ 371.874433][T12636] RDX: 0000000000000007 RSI: 00000000000001ff RDI: 0000000020000400 [ 371.882393][T12636] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 371.890355][T12636] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315536d4 [ 371.898304][T12636] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 371.912592][T12636] ERROR: Out of memory at tomoyo_realpath_from_path. [ 371.923280][T12636] hfsplus: unable to find HFS+ superblock 00:56:43 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:56:43 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:56:43 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:56:43 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x2}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:43 executing program 2 (fault-call:3 fault-nth:38): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:56:43 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:56:43 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x3}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 373.833622][T12649] FAULT_INJECTION: forcing a failure. [ 373.833622][T12649] name failslab, interval 1, probability 0, space 0, times 0 [ 373.865764][T12649] CPU: 0 PID: 12649 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 373.875684][T12649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 373.885749][T12649] Call Trace: [ 373.885843][T12649] dump_stack+0x197/0x210 [ 373.885865][T12649] should_fail.cold+0xa/0x10 [ 373.898040][T12649] ? setup_fault_attr+0x220/0x220 [ 373.903073][T12649] ? ___might_sleep+0x163/0x2c0 [ 373.907939][T12649] __should_failslab+0x121/0x190 [ 373.912892][T12649] should_failslab+0x9/0x14 [ 373.917414][T12649] __kmalloc+0x2e0/0x770 [ 373.921671][T12649] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 373.927829][T12649] ? ext4_find_extent+0x76e/0x9d0 00:56:43 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) [ 373.932864][T12649] ext4_find_extent+0x76e/0x9d0 [ 373.937733][T12649] ext4_ext_map_blocks+0x1dc/0x3ac0 [ 373.942939][T12649] ? mark_held_locks+0xf0/0xf0 [ 373.947710][T12649] ? ext4_ext_release+0x10/0x10 [ 373.952575][T12649] ? __kasan_check_write+0x14/0x20 [ 373.957688][T12649] ? down_read+0x109/0x440 [ 373.962112][T12649] ? down_read_killable+0x490/0x490 [ 373.967313][T12649] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 373.973571][T12649] ? ext4_es_lookup_extent+0x426/0xd40 [ 373.979044][T12649] ext4_map_blocks+0xdc7/0x17e0 [ 373.983914][T12649] ? ext4_issue_zeroout+0x190/0x190 [ 373.989125][T12649] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 373.994679][T12649] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 374.000653][T12649] ? __kasan_check_write+0x14/0x20 [ 374.000667][T12649] ? __brelse+0x95/0xb0 [ 374.000685][T12649] ext4_getblk+0xc4/0x580 [ 374.000704][T12649] ? ext4_iomap_begin+0x720/0x720 [ 374.019276][T12649] ext4_bread+0x8f/0x390 [ 374.023525][T12649] ? ext4_getblk+0x580/0x580 [ 374.028121][T12649] ? debug_lockdep_rcu_enabled+0x71/0xa0 00:56:43 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x4}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 374.033763][T12649] ext4_append+0x155/0x370 [ 374.038182][T12649] ext4_mkdir+0x61e/0xe20 [ 374.038207][T12649] ? ext4_rmdir+0xd20/0xd20 [ 374.038223][T12649] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 374.038241][T12649] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 374.053260][T12649] ? security_inode_permission+0xcb/0x100 [ 374.053281][T12649] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 374.053296][T12649] ? security_inode_mkdir+0xe4/0x120 [ 374.053316][T12649] vfs_mkdir+0x42e/0x670 [ 374.071481][T12649] do_mkdirat+0x234/0x2a0 [ 374.071499][T12649] ? __ia32_sys_mknod+0xb0/0xb0 [ 374.071515][T12649] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 374.071532][T12649] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 374.071544][T12649] ? do_syscall_64+0x26/0x790 [ 374.071558][T12649] ? lockdep_hardirqs_on+0x421/0x5e0 [ 374.071575][T12649] __x64_sys_mkdir+0x5c/0x80 [ 374.116212][T12649] do_syscall_64+0xfa/0x790 [ 374.116232][T12649] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 374.116247][T12649] RIP: 0033:0x459d27 [ 374.130742][T12649] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 374.150346][T12649] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 374.158763][T12649] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 0000000000459d27 [ 374.166736][T12649] RDX: 0000000000000007 RSI: 00000000000001ff RDI: 0000000020000400 [ 374.174706][T12649] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a 00:56:43 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:56:43 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}, 0x2}}}, 0x90) [ 374.174714][T12649] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315536d4 [ 374.174722][T12649] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 374.217766][T12649] hfsplus: unable to find HFS+ superblock 00:56:43 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x5}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:46 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:56:46 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x6}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:46 executing program 2 (fault-call:3 fault-nth:39): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:56:46 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$vcsu(&(0x7f0000000040)='/dev/vcsu#\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="0f01c964db460b0f01c5baf80c66b888ea788d66efbafc0c66b8cc00000066ef36650f78655ed9f00f004900baf80c66b8d8219a8966efbafc0c66b808c0000066ef801881bad004ed", 0x49}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 00:56:46 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}, 0x2000000}}}, 0x90) 00:56:46 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:56:46 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x7}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 376.928662][T12711] FAULT_INJECTION: forcing a failure. [ 376.928662][T12711] name failslab, interval 1, probability 0, space 0, times 0 [ 376.997769][T12711] CPU: 1 PID: 12711 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 377.007703][T12711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 377.017766][T12711] Call Trace: [ 377.021067][T12711] dump_stack+0x197/0x210 [ 377.025413][T12711] should_fail.cold+0xa/0x10 [ 377.030016][T12711] ? setup_fault_attr+0x220/0x220 [ 377.035834][T12711] ? ___might_sleep+0x163/0x2c0 [ 377.040694][T12711] __should_failslab+0x121/0x190 [ 377.045637][T12711] should_failslab+0x9/0x14 [ 377.050144][T12711] __kmalloc+0x2e0/0x770 [ 377.054395][T12711] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 377.060760][T12711] ? d_absolute_path+0x11b/0x170 [ 377.065699][T12711] ? __d_path+0x140/0x140 [ 377.070018][T12711] ? tomoyo_encode2.part.0+0xf5/0x400 [ 377.075378][T12711] tomoyo_encode2.part.0+0xf5/0x400 [ 377.080579][T12711] tomoyo_encode+0x2b/0x50 [ 377.084988][T12711] tomoyo_realpath_from_path+0x19c/0x660 [ 377.090618][T12711] tomoyo_path_number_perm+0x1dd/0x520 [ 377.096064][T12711] ? tomoyo_path_number_perm+0x193/0x520 [ 377.101704][T12711] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 377.107514][T12711] ? find_held_lock+0x35/0x130 [ 377.112280][T12711] ? putname+0xef/0x130 [ 377.116434][T12711] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 377.122035][T12711] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 377.128087][T12711] ? trace_hardirqs_on+0x67/0x240 [ 377.133115][T12711] ? kmem_cache_free+0x26b/0x320 [ 377.138048][T12711] tomoyo_path_mkdir+0xaa/0xf0 [ 377.142812][T12711] ? tomoyo_file_ioctl+0x30/0x30 [ 377.147733][T12711] ? kern_path_mountpoint+0x40/0x40 [ 377.152911][T12711] ? strncpy_from_user+0x2b4/0x400 [ 377.158007][T12711] security_path_mkdir+0x113/0x170 [ 377.163271][T12711] do_mkdirat+0x160/0x2a0 [ 377.167590][T12711] ? __ia32_sys_mknod+0xb0/0xb0 [ 377.172427][T12711] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 377.177868][T12711] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 377.183917][T12711] ? do_syscall_64+0x26/0x790 [ 377.188585][T12711] ? lockdep_hardirqs_on+0x421/0x5e0 [ 377.193858][T12711] __x64_sys_mkdir+0x5c/0x80 [ 377.198432][T12711] do_syscall_64+0xfa/0x790 [ 377.202922][T12711] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 377.208797][T12711] RIP: 0033:0x459d27 [ 377.212681][T12711] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 377.232355][T12711] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 377.240760][T12711] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 0000000000459d27 00:56:46 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}, 0x200000000000000}}}, 0x90) [ 377.248714][T12711] RDX: 0000000000000007 RSI: 00000000000001ff RDI: 0000000020000400 [ 377.256677][T12711] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 377.264628][T12711] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315536d4 [ 377.272581][T12711] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:56:46 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0xa}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 377.305219][T12711] ERROR: Out of memory at tomoyo_realpath_from_path. [ 377.333376][T12711] hfsplus: unable to find HFS+ superblock 00:56:46 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}, 0x0, 0x2}}}, 0x90) 00:56:46 executing program 2 (fault-call:3 fault-nth:40): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:56:46 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 377.611347][T12739] FAULT_INJECTION: forcing a failure. [ 377.611347][T12739] name failslab, interval 1, probability 0, space 0, times 0 [ 377.707339][T12739] CPU: 0 PID: 12739 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 377.717261][T12739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 377.727421][T12739] Call Trace: [ 377.730702][T12739] dump_stack+0x197/0x210 [ 377.735067][T12739] should_fail.cold+0xa/0x10 [ 377.739638][T12739] ? setup_fault_attr+0x220/0x220 [ 377.744651][T12739] ? ___might_sleep+0x163/0x2c0 [ 377.749491][T12739] __should_failslab+0x121/0x190 [ 377.754413][T12739] should_failslab+0x9/0x14 [ 377.758897][T12739] __kmalloc+0x2e0/0x770 [ 377.763130][T12739] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 377.769297][T12739] ? ext4_find_extent+0x76e/0x9d0 [ 377.774308][T12739] ext4_find_extent+0x76e/0x9d0 [ 377.779148][T12739] ext4_ext_map_blocks+0x1dc/0x3ac0 [ 377.784329][T12739] ? mark_held_locks+0xf0/0xf0 [ 377.789079][T12739] ? ext4_ext_release+0x10/0x10 [ 377.793937][T12739] ? __kasan_check_write+0x14/0x20 [ 377.799030][T12739] ? down_read+0x109/0x440 [ 377.803430][T12739] ? down_read_killable+0x490/0x490 [ 377.808610][T12739] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 377.814831][T12739] ? ext4_es_lookup_extent+0x426/0xd40 [ 377.820280][T12739] ext4_map_blocks+0xdc7/0x17e0 [ 377.825119][T12739] ? ext4_issue_zeroout+0x190/0x190 [ 377.830300][T12739] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 377.835844][T12739] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 377.841846][T12739] ? __kasan_check_write+0x14/0x20 [ 377.846965][T12739] ? __brelse+0x95/0xb0 [ 377.851117][T12739] ext4_getblk+0xc4/0x580 [ 377.855438][T12739] ? ext4_iomap_begin+0x720/0x720 [ 377.860460][T12739] ext4_bread+0x8f/0x390 [ 377.864695][T12739] ? ext4_getblk+0x580/0x580 [ 377.869290][T12739] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 377.874913][T12739] ext4_append+0x155/0x370 [ 377.879319][T12739] ext4_mkdir+0x61e/0xe20 [ 377.883639][T12739] ? ext4_rmdir+0xd20/0xd20 [ 377.888122][T12739] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 377.894353][T12739] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 377.900578][T12739] ? security_inode_permission+0xcb/0x100 [ 377.906287][T12739] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 377.912528][T12739] ? security_inode_mkdir+0xe4/0x120 [ 377.917817][T12739] vfs_mkdir+0x42e/0x670 [ 377.922064][T12739] do_mkdirat+0x234/0x2a0 [ 377.926382][T12739] ? __ia32_sys_mknod+0xb0/0xb0 [ 377.931222][T12739] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 377.936665][T12739] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 377.942725][T12739] ? do_syscall_64+0x26/0x790 [ 377.947385][T12739] ? lockdep_hardirqs_on+0x421/0x5e0 [ 377.952667][T12739] __x64_sys_mkdir+0x5c/0x80 [ 377.957257][T12739] do_syscall_64+0xfa/0x790 [ 377.961760][T12739] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 377.967635][T12739] RIP: 0033:0x459d27 [ 377.971518][T12739] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 377.991101][T12739] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 377.999494][T12739] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 0000000000459d27 [ 378.007444][T12739] RDX: 0000000000000007 RSI: 00000000000001ff RDI: 0000000020000400 [ 378.015395][T12739] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 378.023361][T12739] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315536d4 [ 378.031320][T12739] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 378.111000][T12739] hfsplus: unable to find HFS+ superblock 00:56:49 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:56:49 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}, 0x0, 0x2000000}}}, 0x90) 00:56:49 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x2}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:49 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:49 executing program 2 (fault-call:3 fault-nth:41): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:56:49 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 379.949489][T12760] FAULT_INJECTION: forcing a failure. [ 379.949489][T12760] name failslab, interval 1, probability 0, space 0, times 0 [ 379.969771][T12760] CPU: 1 PID: 12760 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 379.979692][T12760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 379.989769][T12760] Call Trace: [ 379.993067][T12760] dump_stack+0x197/0x210 00:56:49 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:49 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x3}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 379.997405][T12760] should_fail.cold+0xa/0x10 [ 380.002001][T12760] ? setup_fault_attr+0x220/0x220 [ 380.007034][T12760] ? ___might_sleep+0x163/0x2c0 [ 380.011890][T12760] __should_failslab+0x121/0x190 [ 380.016840][T12760] should_failslab+0x9/0x14 [ 380.021465][T12760] __kmalloc+0x2e0/0x770 [ 380.025714][T12760] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 380.031871][T12760] ? ext4_find_extent+0x76e/0x9d0 [ 380.036896][T12760] ext4_find_extent+0x76e/0x9d0 [ 380.041761][T12760] ext4_ext_map_blocks+0x1dc/0x3ac0 [ 380.041779][T12760] ? mark_held_locks+0xf0/0xf0 [ 380.041803][T12760] ? ext4_ext_release+0x10/0x10 [ 380.056603][T12760] ? __kasan_check_write+0x14/0x20 [ 380.061729][T12760] ? down_read+0x109/0x440 [ 380.066146][T12760] ? down_read_killable+0x490/0x490 [ 380.071347][T12760] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 380.077598][T12760] ? ext4_es_lookup_extent+0x426/0xd40 [ 380.083070][T12760] ext4_map_blocks+0xdc7/0x17e0 [ 380.087924][T12760] ? ext4_issue_zeroout+0x190/0x190 [ 380.093115][T12760] ? rcu_read_lock_sched_held+0x9c/0xd0 00:56:49 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}, 0x0, 0x200000000000000}}}, 0x90) [ 380.093130][T12760] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 380.093147][T12760] ? __kasan_check_write+0x14/0x20 [ 380.093159][T12760] ? __brelse+0x95/0xb0 [ 380.093176][T12760] ext4_getblk+0xc4/0x580 [ 380.118247][T12760] ? ext4_iomap_begin+0x720/0x720 [ 380.123284][T12760] ext4_bread+0x8f/0x390 [ 380.127527][T12760] ? ext4_getblk+0x580/0x580 [ 380.132119][T12760] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 380.137762][T12760] ext4_append+0x155/0x370 [ 380.142189][T12760] ext4_mkdir+0x61e/0xe20 [ 380.146529][T12760] ? ext4_rmdir+0xd20/0xd20 [ 380.151035][T12760] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 380.157281][T12760] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 380.163516][T12760] ? security_inode_permission+0xcb/0x100 [ 380.163534][T12760] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 380.163550][T12760] ? security_inode_mkdir+0xe4/0x120 [ 380.163575][T12760] vfs_mkdir+0x42e/0x670 [ 380.185090][T12760] do_mkdirat+0x234/0x2a0 [ 380.189438][T12760] ? __ia32_sys_mknod+0xb0/0xb0 [ 380.194298][T12760] ? trace_hardirqs_on_thunk+0x1a/0x1c 00:56:49 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x4}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:49 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 380.199757][T12760] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 380.205833][T12760] ? do_syscall_64+0x26/0x790 [ 380.210514][T12760] ? lockdep_hardirqs_on+0x421/0x5e0 [ 380.215805][T12760] __x64_sys_mkdir+0x5c/0x80 [ 380.220408][T12760] do_syscall_64+0xfa/0x790 [ 380.224912][T12760] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 380.224923][T12760] RIP: 0033:0x459d27 [ 380.224940][T12760] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 380.254278][T12760] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 380.262834][T12760] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 0000000000459d27 [ 380.270816][T12760] RDX: 0000000000000007 RSI: 00000000000001ff RDI: 0000000020000400 [ 380.270825][T12760] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 380.270834][T12760] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315536d4 [ 380.270843][T12760] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:56:49 executing program 4: bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 380.379552][T12760] hfsplus: unable to find HFS+ superblock 00:56:52 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:56:52 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}, 0x0, 0x0, 0x2}}}, 0x90) 00:56:52 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x5}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:52 executing program 4: bpf$PROG_LOAD(0x5, 0x0, 0x0) 00:56:52 executing program 2 (fault-call:3 fault-nth:42): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:56:52 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$cont(0x20, r0, 0x0, 0x0) 00:56:52 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x6}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:52 executing program 4: bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 383.033462][T12805] FAULT_INJECTION: forcing a failure. [ 383.033462][T12805] name failslab, interval 1, probability 0, space 0, times 0 [ 383.046200][T12805] CPU: 1 PID: 12805 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 383.056083][T12805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 383.056089][T12805] Call Trace: [ 383.056110][T12805] dump_stack+0x197/0x210 [ 383.056131][T12805] should_fail.cold+0xa/0x10 [ 383.056148][T12805] ? setup_fault_attr+0x220/0x220 [ 383.056175][T12805] __should_failslab+0x121/0x190 [ 383.056193][T12805] should_failslab+0x9/0x14 [ 383.056205][T12805] kmem_cache_alloc+0x47/0x710 [ 383.056219][T12805] ? __kasan_check_write+0x14/0x20 [ 383.056235][T12805] ? do_raw_write_lock+0x124/0x290 [ 383.056255][T12805] __es_insert_extent+0x2cc/0xf20 [ 383.056278][T12805] ext4_es_insert_extent+0x2d2/0xa70 [ 383.056300][T12805] ? ext4_es_scan_clu+0xe0/0xe0 [ 383.056317][T12805] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 383.056340][T12805] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 383.056359][T12805] ? ext4_es_find_extent_range+0x131/0x660 [ 383.118217][T12805] ext4_ext_put_gap_in_cache+0xfe/0x150 [ 383.146564][T12805] ? ext4_rereserve_cluster+0x240/0x240 [ 383.152113][T12805] ? ext4_find_extent+0x76e/0x9d0 [ 383.157133][T12805] ? ext4_find_extent+0x6a6/0x9d0 [ 383.157159][T12805] ext4_ext_map_blocks+0x1930/0x3ac0 [ 383.157182][T12805] ? ext4_ext_release+0x10/0x10 [ 383.172306][T12805] ? __kasan_check_write+0x14/0x20 [ 383.177424][T12805] ? down_read+0x109/0x440 00:56:52 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x7}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 383.181845][T12805] ? down_read_killable+0x490/0x490 [ 383.187050][T12805] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 383.193294][T12805] ? ext4_es_lookup_extent+0x426/0xd40 [ 383.198767][T12805] ext4_map_blocks+0xdc7/0x17e0 [ 383.203632][T12805] ? ext4_issue_zeroout+0x190/0x190 [ 383.208837][T12805] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 383.214390][T12805] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 383.220372][T12805] ? __kasan_check_write+0x14/0x20 [ 383.225477][T12805] ? __brelse+0x95/0xb0 [ 383.225498][T12805] ext4_getblk+0xc4/0x580 00:56:52 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 383.225520][T12805] ? ext4_iomap_begin+0x720/0x720 [ 383.238994][T12805] ext4_bread+0x8f/0x390 [ 383.243233][T12805] ? ext4_getblk+0x580/0x580 [ 383.243251][T12805] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 383.243273][T12805] ext4_append+0x155/0x370 [ 383.243293][T12805] ext4_mkdir+0x61e/0xe20 [ 383.243314][T12805] ? ext4_rmdir+0xd20/0xd20 [ 383.266711][T12805] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 383.272959][T12805] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 383.279205][T12805] ? security_inode_permission+0xcb/0x100 [ 383.284936][T12805] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 383.291186][T12805] ? security_inode_mkdir+0xe4/0x120 [ 383.296488][T12805] vfs_mkdir+0x42e/0x670 [ 383.300742][T12805] do_mkdirat+0x234/0x2a0 [ 383.305078][T12805] ? __ia32_sys_mknod+0xb0/0xb0 [ 383.309930][T12805] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 383.315396][T12805] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 383.321464][T12805] ? do_syscall_64+0x26/0x790 [ 383.326144][T12805] ? lockdep_hardirqs_on+0x421/0x5e0 00:56:52 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0xa}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 383.331444][T12805] __x64_sys_mkdir+0x5c/0x80 [ 383.336049][T12805] do_syscall_64+0xfa/0x790 [ 383.340573][T12805] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 383.346462][T12805] RIP: 0033:0x459d27 [ 383.350361][T12805] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 383.369973][T12805] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 00:56:52 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 383.378373][T12805] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 0000000000459d27 [ 383.378381][T12805] RDX: 0000000000000007 RSI: 00000000000001ff RDI: 0000000020000400 [ 383.378388][T12805] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 383.378396][T12805] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315536d4 [ 383.378403][T12805] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 383.433287][T12805] hfsplus: unable to find HFS+ superblock 00:56:55 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:56:55 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}, 0x0, 0x0, 0x2000000}}}, 0x90) 00:56:55 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x10}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:55 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:55 executing program 2 (fault-call:3 fault-nth:43): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:56:55 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$cont(0x20, r0, 0x0, 0x0) 00:56:55 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x18}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 386.079814][T12844] FAULT_INJECTION: forcing a failure. [ 386.079814][T12844] name failslab, interval 1, probability 0, space 0, times 0 [ 386.098148][T12844] CPU: 1 PID: 12844 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 386.108038][T12844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 386.118101][T12844] Call Trace: [ 386.121401][T12844] dump_stack+0x197/0x210 00:56:55 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x0, 0x0, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) [ 386.125742][T12844] should_fail.cold+0xa/0x10 [ 386.130341][T12844] ? setup_fault_attr+0x220/0x220 [ 386.135379][T12844] ? ___might_sleep+0x163/0x2c0 [ 386.140235][T12844] __should_failslab+0x121/0x190 [ 386.145168][T12844] should_failslab+0x9/0x14 [ 386.145181][T12844] kmem_cache_alloc+0x2aa/0x710 [ 386.145198][T12844] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 386.145212][T12844] ? __mark_inode_dirty+0x3d1/0x1390 [ 386.145231][T12844] ext4_mb_new_blocks+0x5b9/0x3af0 [ 386.145253][T12844] ? ext4_find_extent+0x76e/0x9d0 00:56:55 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}, 0x0, 0x0, 0x200000000000000}}}, 0x90) [ 386.176186][T12844] ext4_ext_map_blocks+0x23c9/0x3ac0 [ 386.181492][T12844] ? ext4_ext_release+0x10/0x10 [ 386.186352][T12844] ? lock_acquire+0x190/0x410 [ 386.191035][T12844] ? ext4_map_blocks+0x4b3/0x17e0 [ 386.196080][T12844] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 386.202332][T12844] ? ext4_es_lookup_extent+0x426/0xd40 [ 386.207801][T12844] ext4_map_blocks+0x52b/0x17e0 [ 386.212663][T12844] ? ext4_issue_zeroout+0x190/0x190 [ 386.217873][T12844] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 386.223420][T12844] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 386.229408][T12844] ? __kasan_check_write+0x14/0x20 [ 386.234609][T12844] ? __brelse+0x95/0xb0 [ 386.238781][T12844] ext4_getblk+0xc4/0x580 [ 386.243117][T12844] ? ext4_iomap_begin+0x720/0x720 [ 386.248151][T12844] ext4_bread+0x8f/0x390 [ 386.252383][T12844] ? ext4_getblk+0x580/0x580 [ 386.252400][T12844] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 386.252419][T12844] ext4_append+0x155/0x370 [ 386.252439][T12844] ext4_mkdir+0x61e/0xe20 [ 386.252460][T12844] ? ext4_rmdir+0xd20/0xd20 [ 386.275850][T12844] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 386.282096][T12844] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 386.288341][T12844] ? security_inode_permission+0xcb/0x100 [ 386.294067][T12844] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 386.300313][T12844] ? security_inode_mkdir+0xe4/0x120 [ 386.305611][T12844] vfs_mkdir+0x42e/0x670 [ 386.309871][T12844] do_mkdirat+0x234/0x2a0 [ 386.314204][T12844] ? __ia32_sys_mknod+0xb0/0xb0 [ 386.319060][T12844] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 386.324525][T12844] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe 00:56:55 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x0, 0x0, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) [ 386.330596][T12844] ? do_syscall_64+0x26/0x790 [ 386.335282][T12844] ? lockdep_hardirqs_on+0x421/0x5e0 [ 386.340579][T12844] __x64_sys_mkdir+0x5c/0x80 [ 386.345177][T12844] do_syscall_64+0xfa/0x790 [ 386.349694][T12844] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 386.355585][T12844] RIP: 0033:0x459d27 [ 386.359484][T12844] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00:56:55 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x1a}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 386.379089][T12844] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 386.387504][T12844] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 0000000000459d27 [ 386.395467][T12844] RDX: 0000000000000007 RSI: 00000000000001ff RDI: 0000000020000400 [ 386.395476][T12844] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 386.395484][T12844] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315536d4 [ 386.395493][T12844] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:56:55 executing program 2 (fault-call:3 fault-nth:44): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 386.633146][T12877] FAULT_INJECTION: forcing a failure. [ 386.633146][T12877] name failslab, interval 1, probability 0, space 0, times 0 [ 386.646119][T12877] CPU: 1 PID: 12877 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 386.656008][T12877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 386.666065][T12877] Call Trace: [ 386.669368][T12877] dump_stack+0x197/0x210 [ 386.673717][T12877] should_fail.cold+0xa/0x10 [ 386.678324][T12877] ? setup_fault_attr+0x220/0x220 [ 386.683359][T12877] ? find_held_lock+0x35/0x130 [ 386.688138][T12877] ? __sigqueue_alloc+0x1d0/0x560 [ 386.693172][T12877] __should_failslab+0x121/0x190 [ 386.698241][T12877] should_failslab+0x9/0x14 [ 386.702751][T12877] kmem_cache_alloc+0x47/0x710 [ 386.707528][T12877] ? __kasan_check_read+0x11/0x20 [ 386.712562][T12877] __sigqueue_alloc+0x2c0/0x560 [ 386.717422][T12877] __send_signal+0x863/0x1080 [ 386.722114][T12877] send_signal+0x4b7/0x7d0 [ 386.726546][T12877] force_sig_info_to_task+0x278/0x340 [ 386.731929][T12877] force_sig_fault+0xbe/0x100 [ 386.736606][T12877] ? force_sig_fault_to_task+0xf0/0xf0 [ 386.742070][T12877] ? __kasan_check_write+0x14/0x20 [ 386.747191][T12877] ? trace_hardirqs_on+0x67/0x240 [ 386.752318][T12877] __bad_area_nosemaphore+0x32e/0x420 [ 386.757698][T12877] ? vmacache_find+0x65/0x310 [ 386.762388][T12877] bad_area+0x69/0x80 [ 386.766396][T12877] __do_page_fault+0x9eb/0xd80 [ 386.771162][T12877] ? page_fault+0x16/0x40 [ 386.775487][T12877] do_page_fault+0x38/0x590 [ 386.779969][T12877] page_fault+0x39/0x40 [ 386.784108][T12877] RIP: 0033:0x45450f [ 386.787992][T12877] Code: bc d1 f3 0f 7f 27 f3 0f 7f 6f 10 f3 0f 7f 77 20 f3 0f 7f 7f 30 49 83 c0 0f 49 29 d0 48 8d 7c 17 31 e9 95 0b 00 00 66 0f ef c0 0f 6f 0e f3 0f 6f 56 10 66 0f 74 c1 66 0f d7 d0 49 83 f8 11 0f [ 386.807578][T12877] RSP: 002b:00007f4b31552a68 EFLAGS: 00010283 [ 386.813763][T12877] RAX: 00007f4b31552b40 RBX: 00007f4b31552c90 RCX: 0000000000000000 [ 386.821751][T12877] RDX: 00000000000000e0 RSI: 0000000000000000 RDI: 00007f4b31552b40 [ 386.829720][T12877] RBP: 000000000075bf20 R08: 00000000000000e0 R09: 000000000000000a [ 386.837670][T12877] R10: 0000000000000075 R11: 00000000004e9ec0 R12: 00007f4b315536d4 [ 386.845629][T12877] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 386.857298][T12877] hfsplus: unable to find HFS+ superblock 00:56:58 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:56:58 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x0, 0x0, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 00:56:58 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x7) 00:56:58 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x48}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:56:58 executing program 2 (fault-call:3 fault-nth:45): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:56:58 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$cont(0x20, r0, 0x0, 0x0) 00:56:58 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 389.148713][T12889] FAULT_INJECTION: forcing a failure. [ 389.148713][T12889] name failslab, interval 1, probability 0, space 0, times 0 00:56:58 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x20000150) 00:56:58 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:56:58 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x4c}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 389.216006][T12889] CPU: 1 PID: 12889 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 389.225936][T12889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 389.235997][T12889] Call Trace: [ 389.239293][T12889] dump_stack+0x197/0x210 [ 389.243637][T12889] should_fail.cold+0xa/0x10 [ 389.248237][T12889] ? setup_fault_attr+0x220/0x220 [ 389.253279][T12889] ? ___might_sleep+0x163/0x2c0 [ 389.258225][T12889] __should_failslab+0x121/0x190 [ 389.263164][T12889] should_failslab+0x9/0x14 [ 389.267671][T12889] kmem_cache_alloc+0x2aa/0x710 [ 389.272529][T12889] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 389.278774][T12889] ? __mark_inode_dirty+0x3d1/0x1390 [ 389.284071][T12889] ext4_mb_new_blocks+0x5b9/0x3af0 [ 389.289195][T12889] ? ext4_find_extent+0x76e/0x9d0 [ 389.294246][T12889] ext4_ext_map_blocks+0x23c9/0x3ac0 [ 389.299536][T12889] ? ext4_ext_release+0x10/0x10 [ 389.304389][T12889] ? lock_acquire+0x190/0x410 [ 389.309077][T12889] ? ext4_map_blocks+0x4b3/0x17e0 00:56:58 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:56:58 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x68}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 389.314120][T12889] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 389.320379][T12889] ? ext4_es_lookup_extent+0x426/0xd40 [ 389.325853][T12889] ext4_map_blocks+0x52b/0x17e0 [ 389.330716][T12889] ? ext4_issue_zeroout+0x190/0x190 [ 389.335922][T12889] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 389.341471][T12889] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 389.347461][T12889] ? __kasan_check_write+0x14/0x20 [ 389.352573][T12889] ? __brelse+0x95/0xb0 [ 389.356741][T12889] ext4_getblk+0xc4/0x580 [ 389.361085][T12889] ? ext4_iomap_begin+0x720/0x720 [ 389.366124][T12889] ext4_bread+0x8f/0x390 [ 389.370367][T12889] ? ext4_getblk+0x580/0x580 [ 389.374966][T12889] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 389.380605][T12889] ext4_append+0x155/0x370 [ 389.385025][T12889] ext4_mkdir+0x61e/0xe20 [ 389.389364][T12889] ? ext4_rmdir+0xd20/0xd20 [ 389.393868][T12889] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 389.400113][T12889] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 389.406360][T12889] ? security_inode_permission+0xcb/0x100 00:56:58 executing program 3: ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) socket$can_bcm(0x1d, 0x2, 0x2) r3 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$inet_int(r3, 0x11, 0x66, &(0x7f00006ed000), &(0x7f0000000080)=0x1) r4 = syz_open_dev$vbi(&(0x7f0000000280)='/dev/vbi#\x00', 0x1, 0x2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r6, 0x404c534a, &(0x7f0000000340)={0x40, 0x6ed33fe0, 0x8000}) r7 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$UI_SET_LEDBIT(r7, 0x40045569, 0x0) r8 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) setsockopt$X25_QBITINCL(r8, 0x106, 0x1, &(0x7f0000000000)=0x1, 0x4) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) r9 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCSIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r9, 0x8983, &(0x7f0000000200)) r10 = syz_open_dev$media(&(0x7f00000002c0)='/dev/media#\x00', 0x6, 0x101000) write$cgroup_int(r10, &(0x7f0000000300)=0x7ff, 0x12) [ 389.412086][T12889] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 389.418331][T12889] ? security_inode_mkdir+0xe4/0x120 [ 389.423625][T12889] vfs_mkdir+0x42e/0x670 [ 389.427873][T12889] do_mkdirat+0x234/0x2a0 [ 389.432210][T12889] ? __ia32_sys_mknod+0xb0/0xb0 [ 389.437071][T12889] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 389.442536][T12889] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 389.448609][T12889] ? do_syscall_64+0x26/0x790 [ 389.453291][T12889] ? lockdep_hardirqs_on+0x421/0x5e0 [ 389.458591][T12889] __x64_sys_mkdir+0x5c/0x80 [ 389.463198][T12889] do_syscall_64+0xfa/0x790 [ 389.467711][T12889] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 389.473609][T12889] RIP: 0033:0x459d27 [ 389.477511][T12889] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 389.497214][T12889] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 389.497228][T12889] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 0000000000459d27 00:56:58 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 00:56:58 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:56:58 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x6c}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 389.497236][T12889] RDX: 0000000000000007 RSI: 00000000000001ff RDI: 0000000020000400 [ 389.497244][T12889] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 389.497252][T12889] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315536d4 [ 389.497260][T12889] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:56:58 executing program 2 (fault-call:3 fault-nth:46): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 389.746104][T12936] FAULT_INJECTION: forcing a failure. [ 389.746104][T12936] name failslab, interval 1, probability 0, space 0, times 0 [ 389.780820][T12936] CPU: 0 PID: 12936 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 389.790746][T12936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 389.800803][T12936] Call Trace: [ 389.804114][T12936] dump_stack+0x197/0x210 [ 389.808467][T12936] should_fail.cold+0xa/0x10 [ 389.813071][T12936] ? setup_fault_attr+0x220/0x220 [ 389.818115][T12936] ? ___might_sleep+0x163/0x2c0 [ 389.822981][T12936] __should_failslab+0x121/0x190 [ 389.827927][T12936] should_failslab+0x9/0x14 [ 389.832442][T12936] __kmalloc_track_caller+0x2dc/0x760 [ 389.837880][T12936] ? setup_sigcontext+0x7d0/0x7d0 [ 389.842919][T12936] ? __bad_area_nosemaphore+0xb3/0x420 [ 389.848386][T12936] ? strndup_user+0x77/0xd0 [ 389.852900][T12936] memdup_user+0x26/0xd0 [ 389.857157][T12936] strndup_user+0x77/0xd0 [ 389.861496][T12936] ksys_mount+0x3c/0x150 [ 389.865749][T12936] __x64_sys_mount+0xbe/0x150 [ 389.870434][T12936] do_syscall_64+0xfa/0x790 [ 389.874940][T12936] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 389.880835][T12936] RIP: 0033:0x45d35a [ 389.884730][T12936] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 389.904332][T12936] RSP: 002b:00007f4b31552a68 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 389.912747][T12936] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045d35a [ 389.920721][T12936] RDX: 00007f4b31552ae0 RSI: 0000000020000400 RDI: 00007f4b31552b00 [ 389.928696][T12936] RBP: 000000000075bf20 R08: 00007f4b31552b40 R09: 00007f4b31552ae0 [ 389.936671][T12936] R10: 0000000000000000 R11: 0000000000000202 R12: 00007f4b315536d4 [ 389.944642][T12936] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:57:01 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:01 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:01 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x74}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:01 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 00:57:01 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000002c0)={0x14, 0x223, 0xfa00, {r1, 0x30, 0x0, @in6={0xa, 0x4e23, 0xfffffff9, @remote, 0xf35e}}}, 0x90) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/l2cap\x00') ioctl$KVM_PPC_GET_SMMU_INFO(r2, 0x8250aea6, &(0x7f0000000200)=""/190) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket(0xa, 0x3, 0x8) r6 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) sendmsg$key(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[], 0x1de}}, 0x0) r8 = gettid() waitid(0x83b895581628fca4, r8, &(0x7f0000000040), 0x2, &(0x7f0000000480)) sendmsg$key(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r7, @ANYRESDEC=r8]], 0xfffffffffffffe56}}, 0x20004850) write$RDMA_USER_CM_CMD_DESTROY_ID(r4, &(0x7f0000000100)={0x1, 0x10, 0xfa00, {&(0x7f00000000c0), r7}}, 0x18) 00:57:01 executing program 2 (fault-call:3 fault-nth:47): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:57:01 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(0x0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 392.199193][T12962] FAULT_INJECTION: forcing a failure. [ 392.199193][T12962] name failslab, interval 1, probability 0, space 0, times 0 [ 392.211998][T12962] CPU: 1 PID: 12962 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 392.221886][T12962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 392.231938][T12962] Call Trace: [ 392.235235][T12962] dump_stack+0x197/0x210 [ 392.239574][T12962] should_fail.cold+0xa/0x10 [ 392.244175][T12962] ? setup_fault_attr+0x220/0x220 [ 392.249218][T12962] __should_failslab+0x121/0x190 [ 392.254165][T12962] should_failslab+0x9/0x14 [ 392.258671][T12962] kmem_cache_alloc+0x47/0x710 [ 392.263443][T12962] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 392.269169][T12962] ? ext4_es_can_be_merged+0x1a3/0x2a0 [ 392.274631][T12962] ? do_raw_write_lock+0x124/0x290 [ 392.279752][T12962] __es_insert_extent+0x2cc/0xf20 [ 392.284788][T12962] ext4_es_insert_extent+0x2d2/0xa70 [ 392.290084][T12962] ? ext4_es_scan_clu+0xe0/0xe0 [ 392.294943][T12962] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 392.294960][T12962] ? ext4_es_lookup_extent+0x426/0xd40 [ 392.294984][T12962] ext4_map_blocks+0x7ed/0x17e0 [ 392.311490][T12962] ? ext4_issue_zeroout+0x190/0x190 [ 392.316690][T12962] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 392.316707][T12962] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 392.316721][T12962] ? __kasan_check_write+0x14/0x20 [ 392.316738][T12962] ? __brelse+0x95/0xb0 [ 392.328489][T12962] ext4_getblk+0xc4/0x580 [ 392.328509][T12962] ? ext4_iomap_begin+0x720/0x720 00:57:01 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x7a}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:01 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 00:57:01 executing program 3: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x1, 0x0) connect$pptp(r0, &(0x7f0000000180)={0x18, 0x2, {0x3, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x1e) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r1, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r2, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) [ 392.328535][T12962] ext4_bread+0x8f/0x390 [ 392.328552][T12962] ? ext4_getblk+0x580/0x580 [ 392.337774][T12962] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 392.337796][T12962] ext4_append+0x155/0x370 [ 392.337816][T12962] ext4_mkdir+0x61e/0xe20 [ 392.337838][T12962] ? ext4_rmdir+0xd20/0xd20 [ 392.347147][T12962] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 392.347163][T12962] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 392.347179][T12962] ? security_inode_permission+0xcb/0x100 [ 392.347194][T12962] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 392.347213][T12962] ? security_inode_mkdir+0xe4/0x120 [ 392.355999][T12962] vfs_mkdir+0x42e/0x670 [ 392.356019][T12962] do_mkdirat+0x234/0x2a0 [ 392.356036][T12962] ? __ia32_sys_mknod+0xb0/0xb0 [ 392.356057][T12962] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 392.366056][T12962] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 392.366073][T12962] ? do_syscall_64+0x26/0x790 [ 392.366089][T12962] ? lockdep_hardirqs_on+0x421/0x5e0 [ 392.366109][T12962] __x64_sys_mkdir+0x5c/0x80 [ 392.374909][T12962] do_syscall_64+0xfa/0x790 [ 392.374929][T12962] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 392.374941][T12962] RIP: 0033:0x459d27 [ 392.374956][T12962] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 392.374964][T12962] RSP: 002b:00007f4b31552a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 392.374978][T12962] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 0000000000459d27 00:57:01 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:01 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0xf0}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 392.374987][T12962] RDX: 0000000000000007 RSI: 00000000000001ff RDI: 0000000020000400 [ 392.374994][T12962] RBP: 000000000075bf20 R08: 0000000000000000 R09: 000000000000000a [ 392.375032][T12962] R10: 0000000000000075 R11: 0000000000000246 R12: 00007f4b315536d4 [ 392.375043][T12962] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 392.454064][T12962] hfsplus: unable to find HFS+ superblock 00:57:04 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:04 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call]}, 0x0, 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 00:57:04 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) r2 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0xc78fba5137ab2d34, 0x0) ioctl$SOUND_MIXER_READ_VOLUME(r2, 0x80044d0d, &(0x7f0000000180)) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:57:04 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x15c}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:04 executing program 2 (fault-call:3 fault-nth:48): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 395.204767][T12998] FAULT_INJECTION: forcing a failure. [ 395.204767][T12998] name failslab, interval 1, probability 0, space 0, times 0 [ 395.235016][T12998] CPU: 1 PID: 12998 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 395.244943][T12998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 395.255002][T12998] Call Trace: [ 395.258308][T12998] dump_stack+0x197/0x210 [ 395.262653][T12998] should_fail.cold+0xa/0x10 [ 395.267256][T12998] ? setup_fault_attr+0x220/0x220 [ 395.272292][T12998] ? ___might_sleep+0x163/0x2c0 [ 395.277157][T12998] __should_failslab+0x121/0x190 [ 395.282105][T12998] should_failslab+0x9/0x14 [ 395.286609][T12998] __kmalloc_track_caller+0x2dc/0x760 [ 395.291987][T12998] ? setup_sigcontext+0x7d0/0x7d0 [ 395.297020][T12998] ? __bad_area_nosemaphore+0xb3/0x420 [ 395.302483][T12998] ? strndup_user+0x77/0xd0 [ 395.306988][T12998] memdup_user+0x26/0xd0 [ 395.311235][T12998] strndup_user+0x77/0xd0 [ 395.315577][T12998] ksys_mount+0x3c/0x150 [ 395.319828][T12998] __x64_sys_mount+0xbe/0x150 [ 395.324515][T12998] do_syscall_64+0xfa/0x790 [ 395.329030][T12998] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 395.334922][T12998] RIP: 0033:0x45d35a 00:57:04 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) [ 395.338814][T12998] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 395.358404][T12998] RSP: 002b:00007f4b31552a68 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 395.358418][T12998] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045d35a [ 395.358425][T12998] RDX: 00007f4b31552ae0 RSI: 0000000020000400 RDI: 00007f4b31552b00 [ 395.358433][T12998] RBP: 000000000075bf20 R08: 00007f4b31552b40 R09: 00007f4b31552ae0 [ 395.358441][T12998] R10: 0000000000000000 R11: 0000000000000202 R12: 00007f4b315536d4 00:57:04 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(0x0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:04 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call]}, 0x0, 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 00:57:04 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x1e4}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 395.358449][T12998] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:57:04 executing program 2 (fault-call:3 fault-nth:49): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:57:04 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x300}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:04 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call]}, 0x0, 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) [ 395.698617][T13033] FAULT_INJECTION: forcing a failure. [ 395.698617][T13033] name failslab, interval 1, probability 0, space 0, times 0 [ 395.745918][T13033] CPU: 1 PID: 13033 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 395.755840][T13033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 395.765898][T13033] Call Trace: [ 395.769186][T13033] dump_stack+0x197/0x210 [ 395.773512][T13033] should_fail.cold+0xa/0x10 [ 395.773530][T13033] ? setup_fault_attr+0x220/0x220 [ 395.773550][T13033] ? ___might_sleep+0x163/0x2c0 [ 395.773569][T13033] __should_failslab+0x121/0x190 [ 395.773587][T13033] should_failslab+0x9/0x14 [ 395.773604][T13033] __kmalloc+0x2e0/0x770 [ 395.801659][T13033] ? __kmalloc+0x608/0x770 [ 395.806076][T13033] ? tomoyo_realpath_from_path+0xc5/0x660 [ 395.811777][T13033] tomoyo_realpath_from_path+0xc5/0x660 [ 395.817367][T13033] tomoyo_mount_acl+0x149/0x840 [ 395.822197][T13033] ? __kasan_check_read+0x11/0x20 [ 395.827197][T13033] ? mark_lock+0xc2/0x1220 [ 395.831588][T13033] ? lock_downgrade+0x920/0x920 [ 395.836433][T13033] ? tomoyo_check_mount_acl+0x1b0/0x1b0 [ 395.841997][T13033] ? __kasan_check_read+0x11/0x20 [ 395.847009][T13033] ? debug_smp_processor_id+0x33/0x18a [ 395.852456][T13033] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 395.858597][T13033] ? lock_acquire+0x190/0x410 [ 395.863252][T13033] ? tomoyo_mount_permission+0x10a/0x400 [ 395.868865][T13033] tomoyo_mount_permission+0x16a/0x400 [ 395.874323][T13033] ? tomoyo_mount_permission+0x10a/0x400 [ 395.879948][T13033] ? tomoyo_mount_acl+0x840/0x840 [ 395.884964][T13033] ? strncpy_from_user+0x2b4/0x400 [ 395.890057][T13033] tomoyo_sb_mount+0x35/0x40 [ 395.894628][T13033] security_sb_mount+0x87/0xd0 [ 395.899384][T13033] do_mount+0x1d4/0x1b50 [ 395.903609][T13033] ? copy_mount_string+0x40/0x40 [ 395.908539][T13033] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 395.914760][T13033] ? copy_mount_options+0x2e8/0x3f0 [ 395.919938][T13033] ksys_mount+0xdb/0x150 [ 395.924160][T13033] __x64_sys_mount+0xbe/0x150 [ 395.928828][T13033] do_syscall_64+0xfa/0x790 [ 395.933331][T13033] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 395.939200][T13033] RIP: 0033:0x45d35a [ 395.943072][T13033] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 395.962651][T13033] RSP: 002b:00007f4b31552a68 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 395.971037][T13033] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045d35a [ 395.979015][T13033] RDX: 00007f4b31552ae0 RSI: 0000000020000400 RDI: 00007f4b31552b00 [ 395.988279][T13033] RBP: 000000000075bf20 R08: 00007f4b31552b40 R09: 00007f4b31552ae0 [ 395.996232][T13033] R10: 0000000000000000 R11: 0000000000000202 R12: 00007f4b315536d4 [ 396.004182][T13033] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 396.023029][T13033] ERROR: Out of memory at tomoyo_realpath_from_path. 00:57:07 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:07 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000200)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}, 0x0, 0x200000000}}}, 0x90) 00:57:07 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x500}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:07 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call]}, &(0x7f00000000c0)='GOL\x00', 0x0, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:07 executing program 2 (fault-call:3 fault-nth:50): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 398.317616][T13047] FAULT_INJECTION: forcing a failure. [ 398.317616][T13047] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 398.331178][T13047] CPU: 0 PID: 13047 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 398.341076][T13047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 398.351148][T13047] Call Trace: [ 398.354461][T13047] dump_stack+0x197/0x210 [ 398.358818][T13047] should_fail.cold+0xa/0x10 00:57:07 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call]}, &(0x7f00000000c0)='GOL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) [ 398.363430][T13047] ? setup_fault_attr+0x220/0x220 [ 398.368477][T13047] ? __kasan_check_read+0x11/0x20 [ 398.373524][T13047] ? __lock_acquire+0x16f2/0x4a00 [ 398.378711][T13047] should_fail_alloc_page+0x50/0x60 [ 398.383929][T13047] __alloc_pages_nodemask+0x1a1/0x910 [ 398.389669][T13047] ? fs_reclaim_release+0xf/0x30 [ 398.394626][T13047] ? __alloc_pages_slowpath+0x2900/0x2900 [ 398.400360][T13047] ? fs_reclaim_release+0xf/0x30 [ 398.405482][T13047] ? setup_fault_attr+0x220/0x220 [ 398.410566][T13047] cache_grow_begin+0x90/0xc60 [ 398.415345][T13047] ? copy_mount_options+0x5c/0x3f0 [ 398.420471][T13047] ? trace_hardirqs_off+0x62/0x240 [ 398.425620][T13047] kmem_cache_alloc_trace+0x6b3/0x790 [ 398.431132][T13047] copy_mount_options+0x5c/0x3f0 [ 398.436110][T13047] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 398.442509][T13047] ksys_mount+0xa7/0x150 [ 398.446964][T13047] __x64_sys_mount+0xbe/0x150 [ 398.451837][T13047] do_syscall_64+0xfa/0x790 [ 398.451856][T13047] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 398.451873][T13047] RIP: 0033:0x45d35a [ 398.466174][T13047] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 398.485917][T13047] RSP: 002b:00007f4b31552a68 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 398.485931][T13047] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045d35a [ 398.485938][T13047] RDX: 00007f4b31552ae0 RSI: 0000000020000400 RDI: 00007f4b31552b00 00:57:07 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(0x0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:07 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) link(&(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='./file0\x00') 00:57:07 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call]}, &(0x7f00000000c0)='GOL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 00:57:07 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x600}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 398.485945][T13047] RBP: 000000000075bf20 R08: 00007f4b31552b40 R09: 00007f4b31552ae0 [ 398.485953][T13047] R10: 0000000000000000 R11: 0000000000000202 R12: 00007f4b315536d4 [ 398.485960][T13047] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 398.546557][T13047] hfsplus: unable to find HFS+ superblock 00:57:08 executing program 2 (fault-call:3 fault-nth:51): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:57:08 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x700}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 398.884849][T13086] FAULT_INJECTION: forcing a failure. [ 398.884849][T13086] name failslab, interval 1, probability 0, space 0, times 0 [ 398.911953][T13086] CPU: 0 PID: 13086 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 398.921878][T13086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 398.931935][T13086] Call Trace: [ 398.935237][T13086] dump_stack+0x197/0x210 [ 398.939580][T13086] should_fail.cold+0xa/0x10 [ 398.944203][T13086] ? setup_fault_attr+0x220/0x220 [ 398.949229][T13086] ? ___might_sleep+0x163/0x2c0 [ 398.954158][T13086] __should_failslab+0x121/0x190 [ 398.959096][T13086] should_failslab+0x9/0x14 [ 398.963729][T13086] __kmalloc+0x2e0/0x770 [ 398.967967][T13086] ? save_stack+0x5c/0x90 [ 398.972297][T13086] ? save_stack+0x23/0x90 [ 398.976965][T13086] ? tomoyo_encode2.part.0+0xf5/0x400 [ 398.982345][T13086] tomoyo_encode2.part.0+0xf5/0x400 [ 398.987660][T13086] ? do_syscall_64+0xfa/0x790 [ 398.992335][T13086] tomoyo_encode+0x2b/0x50 [ 398.996753][T13086] tomoyo_mount_acl+0xe0/0x840 [ 399.001533][T13086] ? __kasan_check_read+0x11/0x20 [ 399.006675][T13086] ? mark_lock+0xc2/0x1220 [ 399.011231][T13086] ? lock_downgrade+0x920/0x920 [ 399.016101][T13086] ? tomoyo_check_mount_acl+0x1b0/0x1b0 [ 399.021734][T13086] ? __kasan_check_read+0x11/0x20 [ 399.026884][T13086] ? __lock_acquire+0x8a0/0x4a00 [ 399.031955][T13086] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 399.038191][T13086] ? debug_smp_processor_id+0x33/0x18a [ 399.043895][T13086] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 399.050052][T13086] ? lock_acquire+0x190/0x410 [ 399.054723][T13086] ? tomoyo_mount_permission+0x10a/0x400 [ 399.060351][T13086] tomoyo_mount_permission+0x16a/0x400 [ 399.065804][T13086] ? tomoyo_mount_permission+0x10a/0x400 [ 399.071434][T13086] ? tomoyo_mount_acl+0x840/0x840 [ 399.076472][T13086] ? strncpy_from_user+0x2b4/0x400 [ 399.081574][T13086] tomoyo_sb_mount+0x35/0x40 [ 399.086157][T13086] security_sb_mount+0x87/0xd0 [ 399.090918][T13086] do_mount+0x1d4/0x1b50 [ 399.095157][T13086] ? copy_mount_string+0x40/0x40 [ 399.100089][T13086] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 399.106395][T13086] ? _copy_from_user+0x12c/0x1a0 [ 399.111334][T13086] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 399.117569][T13086] ? copy_mount_options+0x2e8/0x3f0 [ 399.122760][T13086] ksys_mount+0xdb/0x150 [ 399.126997][T13086] __x64_sys_mount+0xbe/0x150 [ 399.131671][T13086] do_syscall_64+0xfa/0x790 [ 399.136188][T13086] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 399.142377][T13086] RIP: 0033:0x45d35a [ 399.146282][T13086] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 399.166339][T13086] RSP: 002b:00007f4b31552a68 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 399.174838][T13086] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045d35a [ 399.182815][T13086] RDX: 00007f4b31552ae0 RSI: 0000000020000400 RDI: 00007f4b31552b00 [ 399.190793][T13086] RBP: 000000000075bf20 R08: 00007f4b31552b40 R09: 00007f4b31552ae0 [ 399.198756][T13086] R10: 0000000000000000 R11: 0000000000000202 R12: 00007f4b315536d4 [ 399.206809][T13086] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:57:10 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:10 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call]}, &(0x7f00000000c0)='GOL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 00:57:10 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}, 0x0, 0x0, 0xbc5}}}, 0x90) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f0000000200)={0x0, 0xf6f8}, 0x8) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$bt_BT_FLUSHABLE(r3, 0x112, 0x8, &(0x7f0000000000)=0x1000, &(0x7f0000000180)=0x4) 00:57:10 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0xa00}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:10 executing program 2 (fault-call:3 fault-nth:52): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 401.392876][T13097] FAULT_INJECTION: forcing a failure. [ 401.392876][T13097] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 401.406254][T13097] CPU: 1 PID: 13097 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 401.416150][T13097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 401.426208][T13097] Call Trace: [ 401.429515][T13097] dump_stack+0x197/0x210 [ 401.433866][T13097] should_fail.cold+0xa/0x10 [ 401.438475][T13097] ? setup_fault_attr+0x220/0x220 [ 401.443528][T13097] ? __kasan_check_read+0x11/0x20 [ 401.443543][T13097] ? __lock_acquire+0x16f2/0x4a00 [ 401.443558][T13097] ? stack_trace_consume_entry+0x190/0x190 [ 401.443578][T13097] should_fail_alloc_page+0x50/0x60 [ 401.464695][T13097] __alloc_pages_nodemask+0x1a1/0x910 [ 401.470085][T13097] ? fs_reclaim_release+0xf/0x30 [ 401.475355][T13097] ? __alloc_pages_slowpath+0x2900/0x2900 [ 401.481098][T13097] ? fs_reclaim_release+0xf/0x30 [ 401.486209][T13097] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe 00:57:10 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x1800}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 401.492287][T13097] ? setup_fault_attr+0x220/0x220 [ 401.497320][T13097] cache_grow_begin+0x90/0xc60 [ 401.502092][T13097] ? getname_flags+0xd6/0x5b0 [ 401.506925][T13097] ? trace_hardirqs_off+0x62/0x240 [ 401.512053][T13097] kmem_cache_alloc+0x64e/0x710 [ 401.516931][T13097] getname_flags+0xd6/0x5b0 [ 401.521453][T13097] user_path_at_empty+0x2f/0x50 [ 401.526319][T13097] do_mount+0x150/0x1b50 [ 401.530701][T13097] ? copy_mount_string+0x40/0x40 [ 401.535654][T13097] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 401.541904][T13097] ? copy_mount_options+0x2e8/0x3f0 [ 401.547113][T13097] ksys_mount+0xdb/0x150 [ 401.551366][T13097] __x64_sys_mount+0xbe/0x150 [ 401.551387][T13097] do_syscall_64+0xfa/0x790 [ 401.551405][T13097] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 401.551421][T13097] RIP: 0033:0x45d35a [ 401.570366][T13097] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 401.590166][T13097] RSP: 002b:00007f4b31552a68 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 401.598705][T13097] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045d35a [ 401.606694][T13097] RDX: 00007f4b31552ae0 RSI: 0000000020000400 RDI: 00007f4b31552b00 [ 401.614854][T13097] RBP: 000000000075bf20 R08: 00007f4b31552b40 R09: 00007f4b31552ae0 [ 401.622836][T13097] R10: 0000000000000000 R11: 0000000000000202 R12: 00007f4b315536d4 [ 401.630819][T13097] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 401.660541][T13097] hfsplus: unable to find HFS+ superblock 00:57:11 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:11 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x1a00}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:11 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) creat(&(0x7f0000000300)='./file0\x00', 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000000)={'syz_tun\x00', &(0x7f0000000080)=ANY=[@ANYRES64=r2]}) 00:57:11 executing program 3: socket$isdn(0x22, 0x3, 0x23) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000200)='/dev/qat_adf_ctl\x00', 0x200, 0x0) ioctl$SIOCX25SENDCALLACCPT(r2, 0x89e9) r3 = accept(r1, &(0x7f0000000a00)=@pppoe={0x18, 0x0, {0x0, @link_local}}, &(0x7f0000000000)=0x3) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000300)=@mangle={'mangle\x00', 0x1f, 0x6, 0x568, 0x150, 0x150, 0x4d0, 0x210, 0x0, 0x4d0, 0x4d0, 0x4d0, 0x4d0, 0x4d0, 0x6, &(0x7f0000000280), {[{{@ip={@dev={0xac, 0x14, 0x14, 0x20}, @multicast1, 0xff, 0x0, '\x00', 'veth0\x00', {0x7f}, {0x8a6f5ccb2997629f}, 0x89, 0x4, 0x20}, 0x0, 0x128, 0x150, 0x0, {}, [@common=@unspec=@rateest={0x68, 'rateest\x00', 0x0, {'irlan0\x00', 'veth1_to_hsr\x00', 0x8, 0x0, 0xf5b, 0x401, 0x2, 0x6, 0x75e, 0x20}}, @inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x2}}]}, @ECN={0x28, 'ECN\x00', 0x0, {0x70, 0xff, 0x1}}}, {{@uncond, 0x0, 0x98, 0xc0}, @ECN={0x28, 'ECN\x00', 0x0, {0x10, 0x81}}}, {{@uncond, 0x0, 0x98, 0xc8}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0xf4d, 0x100, @dev={0xac, 0x14, 0x14, 0xb}, 0x4e24}}}, {{@ip={@local, @loopback, 0xff000000, 0xff, 'yam0\x00', 'lo\x00', {}, {0xff}, 0x5c, 0xa9f0e31f7d7ab776, 0x1}, 0x0, 0xc0, 0xe8, 0x0, {}, [@inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x4}}]}, @ECN={0x28, 'ECN\x00', 0x0, {0x3, 0x8}}}, {{@ip={@broadcast, @empty, 0xffffffff, 0xff000000, 'rose0\x00', 'ip6gretap0\x00', {0x7f}, {0x7f}, 0x0, 0x2, 0x10}, 0x0, 0xe8, 0x110, 0x0, {}, [@common=@inet=@multiport={0x50, 'multiport\x00', 0x1, {0x0, 0xf, [0x4e24, 0x4e23, 0x4e24, 0x4e22, 0x4e21, 0x4e23, 0x4e20, 0x4e20, 0x4e24, 0x4e23, 0x4e24, 0x4e21, 0x4e20, 0x4e24, 0x4e24], [0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1]}}]}, @inet=@DSCP={0x28, 'DSCP\x00', 0x0, {0x37}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x5c8) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/hnRinibaa_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r4, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r5, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$SNDRV_TIMER_IOCTL_STOP(r7, 0x54a1) 00:57:11 executing program 2 (fault-call:3 fault-nth:53): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:57:11 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x2000}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 401.796779][T13118] QAT: Invalid ioctl [ 401.862672][T13118] QAT: Invalid ioctl [ 401.968160][T13134] FAULT_INJECTION: forcing a failure. [ 401.968160][T13134] name failslab, interval 1, probability 0, space 0, times 0 [ 401.995739][T13134] CPU: 1 PID: 13134 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 402.005670][T13134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 402.015855][T13134] Call Trace: [ 402.019454][T13134] dump_stack+0x197/0x210 [ 402.024039][T13134] should_fail.cold+0xa/0x10 [ 402.028651][T13134] ? setup_fault_attr+0x220/0x220 [ 402.033740][T13134] ? ___might_sleep+0x163/0x2c0 [ 402.038609][T13134] __should_failslab+0x121/0x190 [ 402.043672][T13134] should_failslab+0x9/0x14 [ 402.043687][T13134] __kmalloc+0x2e0/0x770 [ 402.043705][T13134] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 402.043723][T13134] ? d_absolute_path+0x11b/0x170 [ 402.043735][T13134] ? __d_path+0x140/0x140 [ 402.043754][T13134] ? tomoyo_encode2.part.0+0xf5/0x400 [ 402.073617][T13134] tomoyo_encode2.part.0+0xf5/0x400 [ 402.078845][T13134] tomoyo_encode+0x2b/0x50 [ 402.083267][T13134] tomoyo_realpath_from_path+0x19c/0x660 [ 402.088886][T13134] tomoyo_mount_acl+0x149/0x840 [ 402.093732][T13134] ? __kasan_check_read+0x11/0x20 [ 402.098745][T13134] ? mark_lock+0xc2/0x1220 [ 402.103264][T13134] ? lock_downgrade+0x920/0x920 [ 402.108271][T13134] ? tomoyo_check_mount_acl+0x1b0/0x1b0 [ 402.113823][T13134] ? __kasan_check_read+0x11/0x20 [ 402.118995][T13134] ? debug_smp_processor_id+0x33/0x18a [ 402.124452][T13134] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 402.130726][T13134] ? lock_acquire+0x190/0x410 [ 402.135409][T13134] ? tomoyo_mount_permission+0x10a/0x400 [ 402.141066][T13134] tomoyo_mount_permission+0x16a/0x400 [ 402.146525][T13134] ? tomoyo_mount_permission+0x10a/0x400 [ 402.152235][T13134] ? tomoyo_mount_acl+0x840/0x840 [ 402.157268][T13134] ? strncpy_from_user+0x2b4/0x400 [ 402.162375][T13134] tomoyo_sb_mount+0x35/0x40 [ 402.166968][T13134] security_sb_mount+0x87/0xd0 [ 402.171866][T13134] do_mount+0x1d4/0x1b50 [ 402.176129][T13134] ? copy_mount_string+0x40/0x40 [ 402.181197][T13134] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 402.187432][T13134] ? copy_mount_options+0x2e8/0x3f0 [ 402.192628][T13134] ksys_mount+0xdb/0x150 [ 402.196864][T13134] __x64_sys_mount+0xbe/0x150 [ 402.201535][T13134] do_syscall_64+0xfa/0x790 [ 402.206033][T13134] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 402.212112][T13134] RIP: 0033:0x45d35a [ 402.216000][T13134] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 402.235595][T13134] RSP: 002b:00007f4b31552a68 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 402.244114][T13134] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045d35a [ 402.252079][T13134] RDX: 00007f4b31552ae0 RSI: 0000000020000400 RDI: 00007f4b31552b00 [ 402.260056][T13134] RBP: 000000000075bf20 R08: 00007f4b31552b40 R09: 00007f4b31552ae0 [ 402.268291][T13134] R10: 0000000000000000 R11: 0000000000000202 R12: 00007f4b315536d4 [ 402.277035][T13134] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 402.301393][T13134] ERROR: Out of memory at tomoyo_realpath_from_path. 00:57:13 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:13 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x3f00}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:13 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) mount$9p_rdma(&(0x7f0000000000)='127.0.0.1\x00', &(0x7f0000000180)='./file0\x00', &(0x7f0000000200)='9p\x00', 0x20410e0, &(0x7f0000000240)={'trans=rdma,', {'port', 0x3d, 0x4e24}, 0x2c, {[{@common=@access_any='access=any'}, {@rq={'rq', 0x3d, 0x8}}, {@timeout={'timeout', 0x3d, 0x4a6}}, {@common=@loose='loose'}, {@common=@access_any='access=any'}, {@rq={'rq', 0x3d, 0xbb}}, {@rq={'rq', 0x3d, 0x7ff}}], [{@dont_hash='dont_hash'}, {@mask={'mask', 0x3d, '^MAY_APPEND'}}, {@appraise='appraise'}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}, {@obj_role={'obj_role', 0x3d, '/eth1'}}, {@fsmagic={'fsmagic', 0x3d, 0x1ff}}, {@rootcontext={'rootcontext', 0x3d, 'root'}}, {@seclabel='seclabel'}]}}) 00:57:13 executing program 4: write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x0) write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0) pipe2$9p(0x0, 0x0) write$P9_RGETATTR(0xffffffffffffffff, 0x0, 0x0) r0 = creat(0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) ioctl$TUNGETFEATURES(r0, 0x800454cf, &(0x7f0000000040)) syz_init_net_socket$ax25(0x3, 0x2, 0x0) bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x3}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x0, 0x0) write$input_event(r1, &(0x7f00000000c0)={{0x0, 0x7530}, 0x14}, 0x18) r2 = getpid() tkill(r2, 0x9) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=@newlink={0x40, 0x10, 0xe3b, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, 0x6}, @IFLA_LINKINFO={0x18, 0x12, @gre={{0x8, 0x1, 'gre\x00'}, {0xc, 0x2, [@IFLA_GRE_LOCAL={0x8, 0x6, @broadcast}]}}}]}, 0x40}}, 0x0) 00:57:13 executing program 2 (fault-call:3 fault-nth:54): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:57:13 executing program 3: prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) [ 404.465375][T13148] FAULT_INJECTION: forcing a failure. [ 404.465375][T13148] name failslab, interval 1, probability 0, space 0, times 0 [ 404.514869][T13148] CPU: 0 PID: 13148 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 404.524809][T13148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 404.535020][T13148] Call Trace: [ 404.538336][T13148] dump_stack+0x197/0x210 [ 404.542690][T13148] should_fail.cold+0xa/0x10 [ 404.547306][T13148] ? setup_fault_attr+0x220/0x220 [ 404.552360][T13148] ? ___might_sleep+0x163/0x2c0 [ 404.557294][T13148] __should_failslab+0x121/0x190 [ 404.562253][T13148] should_failslab+0x9/0x14 [ 404.566774][T13148] __kmalloc+0x2e0/0x770 [ 404.571034][T13148] ? save_stack+0x5c/0x90 [ 404.575379][T13148] ? save_stack+0x23/0x90 [ 404.579722][T13148] ? tomoyo_encode2.part.0+0xf5/0x400 [ 404.585107][T13148] tomoyo_encode2.part.0+0xf5/0x400 [ 404.590524][T13148] ? do_syscall_64+0xfa/0x790 [ 404.595218][T13148] tomoyo_encode+0x2b/0x50 [ 404.599692][T13148] tomoyo_mount_acl+0xe0/0x840 [ 404.604486][T13148] ? __kasan_check_read+0x11/0x20 [ 404.609523][T13148] ? mark_lock+0xc2/0x1220 [ 404.613948][T13148] ? lock_downgrade+0x920/0x920 [ 404.618812][T13148] ? tomoyo_check_mount_acl+0x1b0/0x1b0 [ 404.624369][T13148] ? __kasan_check_read+0x11/0x20 [ 404.629488][T13148] ? __lock_acquire+0x8a0/0x4a00 [ 404.634435][T13148] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 404.640692][T13148] ? debug_smp_processor_id+0x33/0x18a [ 404.646162][T13148] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 404.652478][T13148] ? lock_acquire+0x190/0x410 [ 404.657168][T13148] ? tomoyo_mount_permission+0x10a/0x400 [ 404.662816][T13148] tomoyo_mount_permission+0x16a/0x400 [ 404.668282][T13148] ? tomoyo_mount_permission+0x10a/0x400 [ 404.673927][T13148] ? tomoyo_mount_acl+0x840/0x840 [ 404.678979][T13148] ? strncpy_from_user+0x2b4/0x400 [ 404.684102][T13148] tomoyo_sb_mount+0x35/0x40 [ 404.688708][T13148] security_sb_mount+0x87/0xd0 [ 404.693495][T13148] do_mount+0x1d4/0x1b50 [ 404.697743][T13148] ? retint_kernel+0x2b/0x2b [ 404.702351][T13148] ? copy_mount_string+0x40/0x40 [ 404.707306][T13148] ? copy_mount_options+0x252/0x3f0 [ 404.712516][T13148] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 404.718073][T13148] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 404.724531][T13148] ? copy_mount_options+0x2e8/0x3f0 [ 404.729888][T13148] ksys_mount+0xdb/0x150 [ 404.734149][T13148] __x64_sys_mount+0xbe/0x150 [ 404.738847][T13148] do_syscall_64+0xfa/0x790 [ 404.743368][T13148] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 404.749389][T13148] RIP: 0033:0x45d35a [ 404.753300][T13148] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 404.773073][T13148] RSP: 002b:00007f4b31552a68 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 404.781629][T13148] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045d35a [ 404.789614][T13148] RDX: 00007f4b31552ae0 RSI: 0000000020000400 RDI: 00007f4b31552b00 [ 404.797594][T13148] RBP: 000000000075bf20 R08: 00007f4b31552b40 R09: 00007f4b31552ae0 [ 404.805576][T13148] R10: 0000000000000000 R11: 0000000000000202 R12: 00007f4b315536d4 [ 404.813562][T13148] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:57:14 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:14 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x4000}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:14 executing program 4: write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x0) write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0) pipe2$9p(0x0, 0x0) write$P9_RGETATTR(0xffffffffffffffff, 0x0, 0x0) r0 = creat(0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) ioctl$TUNGETFEATURES(r0, 0x800454cf, &(0x7f0000000040)) syz_init_net_socket$ax25(0x3, 0x2, 0x0) bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x3}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x0, 0x0) write$input_event(r1, &(0x7f00000000c0)={{0x0, 0x7530}, 0x14}, 0x18) r2 = getpid() tkill(r2, 0x9) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=@newlink={0x40, 0x10, 0xe3b, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, 0x6}, @IFLA_LINKINFO={0x18, 0x12, @gre={{0x8, 0x1, 'gre\x00'}, {0xc, 0x2, [@IFLA_GRE_LOCAL={0x8, 0x6, @broadcast}]}}}]}, 0x40}}, 0x0) 00:57:14 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000340)}, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000300)=0x80, 0x4) bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000003c0), 0x4) fsetxattr$security_ima(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f00000000c0)) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0x2bcf) shutdown(r1, 0x1) recvmsg(r1, &(0x7f0000001440)={0x0, 0xa, &(0x7f00000015c0)=[{&(0x7f0000001600)=""/4096, 0xf99e}], 0x1, 0x0, 0xff96ce4aaaa47475, 0xd909}, 0x100) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/qat_adf_ctl\x00', 0x212003, 0x0) ioctl$VHOST_SET_VRING_NUM(r3, 0x4008af10, &(0x7f0000000200)={0x3, 0x6f9}) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r2, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:57:14 executing program 2 (fault-call:3 fault-nth:55): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:57:14 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x4800}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 405.105102][T13184] FAULT_INJECTION: forcing a failure. [ 405.105102][T13184] name failslab, interval 1, probability 0, space 0, times 0 [ 405.129278][T13184] CPU: 0 PID: 13184 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 405.139193][T13184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 405.149258][T13184] Call Trace: [ 405.152567][T13184] dump_stack+0x197/0x210 [ 405.156920][T13184] should_fail.cold+0xa/0x10 [ 405.161622][T13184] ? setup_fault_attr+0x220/0x220 [ 405.166664][T13184] ? ___might_sleep+0x163/0x2c0 [ 405.171541][T13184] __should_failslab+0x121/0x190 [ 405.176497][T13184] should_failslab+0x9/0x14 [ 405.181014][T13184] __kmalloc+0x2e0/0x770 [ 405.185277][T13184] ? tomoyo_realpath_from_path+0xc5/0x660 [ 405.191022][T13184] tomoyo_realpath_from_path+0xc5/0x660 [ 405.196592][T13184] tomoyo_mount_acl+0x2cc/0x840 [ 405.201636][T13184] ? mark_lock+0xc2/0x1220 [ 405.206077][T13184] ? tomoyo_check_mount_acl+0x1b0/0x1b0 [ 405.211755][T13184] ? __kasan_check_read+0x11/0x20 [ 405.216795][T13184] ? debug_smp_processor_id+0x33/0x18a [ 405.222267][T13184] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 405.228538][T13184] ? lock_acquire+0x190/0x410 [ 405.233230][T13184] ? tomoyo_mount_permission+0x10a/0x400 [ 405.238886][T13184] tomoyo_mount_permission+0x16a/0x400 [ 405.244358][T13184] ? tomoyo_mount_permission+0x10a/0x400 [ 405.250160][T13184] ? tomoyo_mount_acl+0x840/0x840 [ 405.255230][T13184] ? strncpy_from_user+0x2b4/0x400 [ 405.260400][T13184] tomoyo_sb_mount+0x35/0x40 [ 405.265009][T13184] security_sb_mount+0x87/0xd0 [ 405.269798][T13184] do_mount+0x1d4/0x1b50 [ 405.274075][T13184] ? copy_mount_string+0x40/0x40 [ 405.279036][T13184] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 405.285286][T13184] ? copy_mount_options+0x2e8/0x3f0 [ 405.290506][T13184] ksys_mount+0xdb/0x150 [ 405.294767][T13184] __x64_sys_mount+0xbe/0x150 [ 405.299463][T13184] do_syscall_64+0xfa/0x790 [ 405.303986][T13184] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 405.309886][T13184] RIP: 0033:0x45d35a [ 405.313793][T13184] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 405.333406][T13184] RSP: 002b:00007f4b31552a68 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 405.341839][T13184] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045d35a [ 405.349818][T13184] RDX: 00007f4b31552ae0 RSI: 0000000020000400 RDI: 00007f4b31552b00 [ 405.357799][T13184] RBP: 000000000075bf20 R08: 00007f4b31552b40 R09: 00007f4b31552ae0 [ 405.365781][T13184] R10: 0000000000000000 R11: 0000000000000202 R12: 00007f4b315536d4 [ 405.373762][T13184] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 405.411494][T13184] ERROR: Out of memory at tomoyo_realpath_from_path. 00:57:16 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:16 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x4c00}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:16 executing program 2 (fault-call:3 fault-nth:56): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:57:16 executing program 4: write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x0) write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0) pipe2$9p(0x0, 0x0) write$P9_RGETATTR(0xffffffffffffffff, 0x0, 0x0) r0 = creat(0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) ioctl$TUNGETFEATURES(r0, 0x800454cf, &(0x7f0000000040)) syz_init_net_socket$ax25(0x3, 0x2, 0x0) bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x3}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x0, 0x0) write$input_event(r1, &(0x7f00000000c0)={{0x0, 0x7530}, 0x14}, 0x18) r2 = getpid() tkill(r2, 0x9) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=@newlink={0x40, 0x10, 0xe3b, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, 0x6}, @IFLA_LINKINFO={0x18, 0x12, @gre={{0x8, 0x1, 'gre\x00'}, {0xc, 0x2, [@IFLA_GRE_LOCAL={0x8, 0x6, @broadcast}]}}}]}, 0x40}}, 0x0) 00:57:16 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f, 0x9}}, 0xffffffed) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) shutdown(r3, 0x2) 00:57:16 executing program 4: write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x10000, 0x2, 0x0, 0x0, 0x0, 0xffff0001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000240), 0x0) write$P9_RGETATTR(0xffffffffffffffff, 0x0, 0x0) r0 = creat(0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) ioctl$TUNGETFEATURES(r0, 0x800454cf, &(0x7f0000000040)) r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) syz_init_net_socket$ax25(0x3, 0x2, 0x0) r2 = dup3(r1, 0xffffffffffffffff, 0x0) bind$vsock_stream(r2, &(0x7f0000000000)={0x3, 0x0, 0x2710}, 0x10) r3 = openat$cgroup_ro(r2, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x0, 0x0) write$input_event(r3, &(0x7f00000000c0)={{0x0, 0x7530}, 0x0, 0x7, 0xfffffffb}, 0x18) getpid() r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=@newlink={0x48, 0x10, 0xe3b, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, 0x6}, @IFLA_LINKINFO={0x20, 0x12, @gre={{0x8, 0x1, 'gre\x00'}, {0x14, 0x2, [@IFLA_GRE_LOCAL={0x8, 0x6, @broadcast}, @IFLA_GRE_LOCAL={0x8, 0x6, @rand_addr=0xfff}]}}}]}, 0x48}}, 0x0) [ 407.555444][T13205] FAULT_INJECTION: forcing a failure. [ 407.555444][T13205] name failslab, interval 1, probability 0, space 0, times 0 [ 407.664138][T13205] CPU: 1 PID: 13205 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 407.674071][T13205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 407.684130][T13205] Call Trace: [ 407.687427][T13205] dump_stack+0x197/0x210 [ 407.691779][T13205] should_fail.cold+0xa/0x10 [ 407.696387][T13205] ? setup_fault_attr+0x220/0x220 [ 407.701425][T13205] ? ___might_sleep+0x163/0x2c0 [ 407.701447][T13205] __should_failslab+0x121/0x190 [ 407.701465][T13205] should_failslab+0x9/0x14 [ 407.701480][T13205] kmem_cache_alloc_trace+0x2d3/0x790 [ 407.701507][T13205] alloc_fs_context+0x5a/0x810 [ 407.701523][T13205] ? _raw_read_unlock+0x28/0x40 [ 407.701551][T13205] fs_context_for_mount+0x25/0x30 [ 407.735729][T13205] do_mount+0x11b2/0x1b50 [ 407.740070][T13205] ? copy_mount_string+0x40/0x40 [ 407.745012][T13205] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 407.751255][T13205] ? _copy_from_user+0x12c/0x1a0 [ 407.756206][T13205] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 407.762461][T13205] ? copy_mount_options+0x2e8/0x3f0 [ 407.767663][T13205] ksys_mount+0xdb/0x150 [ 407.771914][T13205] __x64_sys_mount+0xbe/0x150 [ 407.771936][T13205] do_syscall_64+0xfa/0x790 [ 407.771955][T13205] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 407.771966][T13205] RIP: 0033:0x45d35a [ 407.771982][T13205] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 407.771989][T13205] RSP: 002b:00007f4b31552a68 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 407.772003][T13205] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045d35a [ 407.772013][T13205] RDX: 00007f4b31552ae0 RSI: 0000000020000400 RDI: 00007f4b31552b00 [ 407.772021][T13205] RBP: 000000000075bf20 R08: 00007f4b31552b40 R09: 00007f4b31552ae0 [ 407.772029][T13205] R10: 0000000000000000 R11: 0000000000000202 R12: 00007f4b315536d4 [ 407.772038][T13205] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:57:17 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x5c01}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:17 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:17 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) r2 = socket$rxrpc(0x21, 0x2, 0x2052b16f7434df2d) setsockopt$RXRPC_SECURITY_KEY(r2, 0x110, 0x1, &(0x7f0000000000)='/dev/infiniband/rdma_cm\x00', 0x18) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$SNDRV_RAWMIDI_IOCTL_DRAIN(r4, 0x40045731, &(0x7f0000000180)=0x2) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:57:17 executing program 2 (fault-call:3 fault-nth:57): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:57:17 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x6800}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 408.096133][T13228] FAULT_INJECTION: forcing a failure. [ 408.096133][T13228] name failslab, interval 1, probability 0, space 0, times 0 00:57:17 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x6c00}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 408.243354][T13228] CPU: 1 PID: 13228 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 408.253284][T13228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 408.263340][T13228] Call Trace: [ 408.266642][T13228] dump_stack+0x197/0x210 [ 408.270986][T13228] should_fail.cold+0xa/0x10 [ 408.275589][T13228] ? setup_fault_attr+0x220/0x220 [ 408.280622][T13228] ? ___might_sleep+0x163/0x2c0 [ 408.285486][T13228] __should_failslab+0x121/0x190 [ 408.290441][T13228] should_failslab+0x9/0x14 [ 408.294960][T13228] __kmalloc+0x2e0/0x770 [ 408.299204][T13228] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 408.305454][T13228] ? d_absolute_path+0x11b/0x170 [ 408.310388][T13228] ? __d_path+0x140/0x140 [ 408.314713][T13228] ? tomoyo_encode2.part.0+0xf5/0x400 [ 408.320089][T13228] tomoyo_encode2.part.0+0xf5/0x400 [ 408.325291][T13228] tomoyo_encode+0x2b/0x50 [ 408.329701][T13228] tomoyo_realpath_from_path+0x19c/0x660 [ 408.335348][T13228] tomoyo_mount_acl+0x149/0x840 [ 408.340199][T13228] ? __kasan_check_read+0x11/0x20 [ 408.340214][T13228] ? mark_lock+0xc2/0x1220 [ 408.340227][T13228] ? lock_downgrade+0x920/0x920 [ 408.340243][T13228] ? tomoyo_check_mount_acl+0x1b0/0x1b0 [ 408.340260][T13228] ? __kasan_check_read+0x11/0x20 [ 408.340283][T13228] ? debug_smp_processor_id+0x33/0x18a [ 408.349688][T13228] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 408.349724][T13228] ? lock_acquire+0x190/0x410 [ 408.349739][T13228] ? tomoyo_mount_permission+0x10a/0x400 [ 408.349761][T13228] tomoyo_mount_permission+0x16a/0x400 [ 408.349779][T13228] ? tomoyo_mount_permission+0x10a/0x400 [ 408.398023][T13228] ? tomoyo_mount_acl+0x840/0x840 [ 408.403066][T13228] ? strncpy_from_user+0x2b4/0x400 [ 408.408189][T13228] tomoyo_sb_mount+0x35/0x40 [ 408.412793][T13228] security_sb_mount+0x87/0xd0 [ 408.417572][T13228] do_mount+0x1d4/0x1b50 [ 408.421834][T13228] ? copy_mount_string+0x40/0x40 [ 408.426792][T13228] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 408.433040][T13228] ? copy_mount_options+0x2e8/0x3f0 [ 408.438249][T13228] ksys_mount+0xdb/0x150 [ 408.442504][T13228] __x64_sys_mount+0xbe/0x150 [ 408.447193][T13228] do_syscall_64+0xfa/0x790 [ 408.451703][T13228] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 408.457594][T13228] RIP: 0033:0x45d35a [ 408.461493][T13228] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 408.481095][T13228] RSP: 002b:00007f4b31552a68 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 408.489502][T13228] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045d35a [ 408.497471][T13228] RDX: 00007f4b31552ae0 RSI: 0000000020000400 RDI: 00007f4b31552b00 [ 408.505443][T13228] RBP: 000000000075bf20 R08: 00007f4b31552b40 R09: 00007f4b31552ae0 [ 408.513413][T13228] R10: 0000000000000000 R11: 0000000000000202 R12: 00007f4b315536d4 [ 408.513422][T13228] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 408.519730][T13228] ERROR: Out of memory at tomoyo_realpath_from_path. 00:57:19 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:19 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) r2 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000) ioctl$KDDISABIO(r2, 0x4b37) r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x200, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000180)=[@mss={0x2, 0x1}, @mss={0x2, 0x2}, @window={0x3, 0x2, 0x1}, @mss={0x2, 0x10001}, @mss={0x2, 0xffffffff}, @window={0x3, 0xad8b, 0x401}, @window={0x3, 0x4, 0x6}, @window={0x3, 0x6, 0x8}], 0x8) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) io_setup(0x8, &(0x7f0000000100)=0x0) close(r4) io_submit(r5, 0x1, &(0x7f0000000600)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0}]) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r6) r7 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000280)='/proc/capi/capi20ncci\x00', 0x90900, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r9 = dup(r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) pipe2$9p(&(0x7f00000003c0)={0xffffffffffffffff}, 0x80000) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r12 = dup(r11) ioctl$PERF_EVENT_IOC_ENABLE(r12, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r14 = dup(r13) ioctl$PERF_EVENT_IOC_ENABLE(r14, 0x8912, 0x400200) r15 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x2, 0x1, &(0x7f00000005c0)=@raw=[@call={0x85, 0x0, 0x0, 0x57}], &(0x7f0000000600)='GPL\x00', 0xb84, 0x38, &(0x7f0000000640)=""/56, 0x41000, 0x0, [], 0x0, 0xd, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x2, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0x5, 0x9, 0x80}, 0x10, 0xffffffffffffffff, r14}, 0x78) io_submit(r5, 0x6, &(0x7f00000008c0)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x2, 0xe0a3, r6, &(0x7f0000000200)="62e19560d7f2f500fa358849fe55f2c48c091050f950df234e55b287577d3cc692cb993e3878e9e0b48f9e14ee3f9d", 0x2f, 0x800, 0x0, 0xed82a8ad8209e430}, &(0x7f0000000300)={0x0, 0x0, 0x0, 0xf, 0x0, r7, &(0x7f00000002c0)="4aa51e8deed69ef0547eb4e9bf54758a233e968d4f7381d353c8735ee161273f74dc569efbdcfdabcad916246c8a85ad4263", 0x32, 0xfffffffffffffffa, 0x0, 0x2}, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x100, r3, &(0x7f0000000340)="e79e5951d1fc5b9c3a78e4ab2fe36f78081956a0286e524846c5346a", 0x1c, 0x8000, 0x0, 0x3, r9}, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x8, 0x20, r10, &(0x7f0000000400)="5c7a903bdcd0131b0858c66f64790316e0c9f2e6fe0272729aba8350", 0x1c, 0x70, 0x0, 0x1}, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x6, 0x0, r3, &(0x7f0000000480)="f9cb38e60dc64e65280f6b32a467db8aed0dbe41a6fd912cc5e2024d92f92fcf9fba0fe65cf56abb449b25189b775470f11f84dbcc21b44c9c283a8909c92edf9e7fd7f339ce3a57ce76a95374720ac7061379488ddf01c8717bf62d19db8d854ac61e549518732c4c8779773c6fc2e89ec6a142f7b70b943b6a4da63da34293c84d75eee38f6173f14bdbcbd5c03d4bf4301ba4b4ce0b0fa8df7f1fc5d26dccc90726af5e4bf49a99f52a4ee985ca2e712eb59b427ad009580de7d5374689fb3f998d9db20fd32dae87e621d5a2b232269dffdb0bd5760e9991b4491d55f3f6aa", 0xe1, 0x4, 0x0, 0x0, r12}, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x2, r15, &(0x7f0000000780)="01098c887a7912716ec7bfd1ce94a468cd702d3ddefbb4e5bc8dc16a49697c72ef8c19b8576542a5250b8414156aea25d243a7febeb9fb5b7c5086e82a54bd36f8b4ad6fb1085dbab4174a941190963dacce6bd88f3858a63b87ca3dd222ea00ed88b516a151066c53052616d1c7bd27bb30ade22d02f2210c03e6543878f7bce237b6877347194d94cae184331efbf52ef7eca94fe211f1ae3548bc445f5833c8b8a99f5970f6f88be70f5f3128d81bdf4f4d448254d1a1523afa9f16b7aa8ccd27d6d1674590c119c0579d62a6b8fe73f942af40fded02e4bc8251580f7442be1b85c28419f11b34b310413d43772cbbb63d9fa054bae31b4826e3", 0xfc, 0x7, 0x0, 0x2}]) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:57:19 executing program 4: write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x10000, 0x2, 0x0, 0x0, 0x0, 0xffff0001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000240), 0x0) write$P9_RGETATTR(0xffffffffffffffff, 0x0, 0x0) r0 = creat(0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) ioctl$TUNGETFEATURES(r0, 0x800454cf, &(0x7f0000000040)) r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) syz_init_net_socket$ax25(0x3, 0x2, 0x0) r2 = dup3(r1, 0xffffffffffffffff, 0x0) bind$vsock_stream(r2, &(0x7f0000000000)={0x3, 0x0, 0x2710}, 0x10) r3 = openat$cgroup_ro(r2, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x0, 0x0) write$input_event(r3, &(0x7f00000000c0)={{0x0, 0x7530}, 0x0, 0x7, 0xfffffffb}, 0x18) getpid() r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=@newlink={0x48, 0x10, 0xe3b, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, 0x6}, @IFLA_LINKINFO={0x20, 0x12, @gre={{0x8, 0x1, 'gre\x00'}, {0x14, 0x2, [@IFLA_GRE_LOCAL={0x8, 0x6, @broadcast}, @IFLA_GRE_LOCAL={0x8, 0x6, @rand_addr=0xfff}]}}}]}, 0x48}}, 0x0) 00:57:19 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x7400}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:19 executing program 2 (fault-call:3 fault-nth:58): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 410.582989][T13258] FAULT_INJECTION: forcing a failure. [ 410.582989][T13258] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 410.596240][T13258] CPU: 0 PID: 13258 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 410.606122][T13258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 410.616180][T13258] Call Trace: [ 410.619480][T13258] dump_stack+0x197/0x210 [ 410.623854][T13258] should_fail.cold+0xa/0x10 00:57:19 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x7a00}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:19 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 410.628463][T13258] ? setup_fault_attr+0x220/0x220 [ 410.633497][T13258] ? __kasan_check_read+0x11/0x20 [ 410.638526][T13258] ? __lock_acquire+0x16f2/0x4a00 [ 410.643563][T13258] should_fail_alloc_page+0x50/0x60 [ 410.648761][T13258] __alloc_pages_nodemask+0x1a1/0x910 [ 410.648784][T13258] ? fs_reclaim_release+0xf/0x30 [ 410.648803][T13258] ? __alloc_pages_slowpath+0x2900/0x2900 [ 410.664790][T13258] ? fs_reclaim_release+0xf/0x30 [ 410.669740][T13258] ? setup_fault_attr+0x220/0x220 [ 410.674823][T13258] cache_grow_begin+0x90/0xc60 [ 410.679590][T13258] ? getname_kernel+0x53/0x370 [ 410.684359][T13258] ? trace_hardirqs_off+0x62/0x240 [ 410.689469][T13258] kmem_cache_alloc+0x64e/0x710 [ 410.694321][T13258] getname_kernel+0x53/0x370 [ 410.694337][T13258] kern_path+0x20/0x40 [ 410.694356][T13258] tomoyo_mount_acl+0x28c/0x840 [ 410.694376][T13258] ? mark_lock+0xc2/0x1220 [ 410.694393][T13258] ? tomoyo_check_mount_acl+0x1b0/0x1b0 [ 410.694410][T13258] ? __kasan_check_read+0x11/0x20 [ 410.694428][T13258] ? debug_smp_processor_id+0x33/0x18a [ 410.694448][T13258] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 410.728291][T13258] ? lock_acquire+0x190/0x410 [ 410.739075][T13258] ? tomoyo_mount_permission+0x10a/0x400 [ 410.744721][T13258] tomoyo_mount_permission+0x16a/0x400 [ 410.750182][T13258] ? tomoyo_mount_permission+0x10a/0x400 [ 410.755818][T13258] ? tomoyo_mount_acl+0x840/0x840 [ 410.760862][T13258] ? strncpy_from_user+0x2b4/0x400 [ 410.765977][T13258] tomoyo_sb_mount+0x35/0x40 [ 410.765999][T13258] security_sb_mount+0x87/0xd0 [ 410.775326][T13258] do_mount+0x1d4/0x1b50 [ 410.779572][T13258] ? retint_kernel+0x2b/0x2b [ 410.784171][T13258] ? copy_mount_string+0x40/0x40 [ 410.789121][T13258] ? copy_mount_options+0x26b/0x3f0 [ 410.794319][T13258] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 410.794334][T13258] ? copy_mount_options+0x2e8/0x3f0 [ 410.794354][T13258] ksys_mount+0xdb/0x150 [ 410.809991][T13258] __x64_sys_mount+0xbe/0x150 [ 410.814687][T13258] do_syscall_64+0xfa/0x790 [ 410.819204][T13258] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 410.825094][T13258] RIP: 0033:0x45d35a [ 410.828990][T13258] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 410.848696][T13258] RSP: 002b:00007f4b31552a68 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 410.857099][T13258] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045d35a [ 410.865057][T13258] RDX: 00007f4b31552ae0 RSI: 0000000020000400 RDI: 00007f4b31552b00 [ 410.865066][T13258] RBP: 000000000075bf20 R08: 00007f4b31552b40 R09: 00007f4b31552ae0 [ 410.865073][T13258] R10: 0000000000000000 R11: 0000000000000202 R12: 00007f4b315536d4 [ 410.865080][T13258] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 410.896478][T13258] hfsplus: unable to find HFS+ superblock 00:57:20 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:20 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:20 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0xe401}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:20 executing program 2 (fault-call:3 fault-nth:59): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:57:20 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KDGKBTYPE(r3, 0x4b33, &(0x7f0000000000)) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0xfffffffffffffe06, 0xfa00, {r1, 0x30, 0x0, @in6={0xa, 0x6e24, 0x800, @mcast1, 0xffffff00}}}, 0x1f7) 00:57:20 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:20 executing program 4: write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x10000, 0x2, 0x0, 0x0, 0x0, 0xffff0001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000240), 0x0) write$P9_RGETATTR(0xffffffffffffffff, 0x0, 0x0) r0 = creat(0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) ioctl$TUNGETFEATURES(r0, 0x800454cf, &(0x7f0000000040)) r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) syz_init_net_socket$ax25(0x3, 0x2, 0x0) r2 = dup3(r1, 0xffffffffffffffff, 0x0) bind$vsock_stream(r2, &(0x7f0000000000)={0x3, 0x0, 0x2710}, 0x10) r3 = openat$cgroup_ro(r2, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x0, 0x0) write$input_event(r3, &(0x7f00000000c0)={{0x0, 0x7530}, 0x0, 0x7, 0xfffffffb}, 0x18) getpid() r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=@newlink={0x48, 0x10, 0xe3b, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, 0x6}, @IFLA_LINKINFO={0x20, 0x12, @gre={{0x8, 0x1, 'gre\x00'}, {0x14, 0x2, [@IFLA_GRE_LOCAL={0x8, 0x6, @broadcast}, @IFLA_GRE_LOCAL={0x8, 0x6, @rand_addr=0xfff}]}}}]}, 0x48}}, 0x0) [ 411.224336][T13286] FAULT_INJECTION: forcing a failure. [ 411.224336][T13286] name failslab, interval 1, probability 0, space 0, times 0 [ 411.252608][T13286] CPU: 0 PID: 13286 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 411.262521][T13286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 411.262528][T13286] Call Trace: [ 411.262552][T13286] dump_stack+0x197/0x210 [ 411.262575][T13286] should_fail.cold+0xa/0x10 [ 411.262594][T13286] ? setup_fault_attr+0x220/0x220 [ 411.262614][T13286] ? ___might_sleep+0x163/0x2c0 [ 411.262636][T13286] __should_failslab+0x121/0x190 [ 411.299607][T13286] should_failslab+0x9/0x14 [ 411.304115][T13286] __kmalloc+0x2e0/0x770 [ 411.308362][T13286] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 411.314602][T13286] ? d_absolute_path+0x11b/0x170 [ 411.319531][T13286] ? __d_path+0x140/0x140 00:57:20 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000200)={0x0, 0x0}) ptrace$setopts(0x4200, r4, 0xd2, 0x100021) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) [ 411.319547][T13286] ? tomoyo_encode2.part.0+0xf5/0x400 [ 411.319566][T13286] tomoyo_encode2.part.0+0xf5/0x400 [ 411.334424][T13286] tomoyo_encode+0x2b/0x50 [ 411.338953][T13286] tomoyo_realpath_from_path+0x19c/0x660 [ 411.344598][T13286] tomoyo_mount_acl+0x2cc/0x840 [ 411.349454][T13286] ? mark_lock+0xc2/0x1220 [ 411.353871][T13286] ? tomoyo_check_mount_acl+0x1b0/0x1b0 [ 411.359426][T13286] ? __kasan_check_read+0x11/0x20 [ 411.364456][T13286] ? debug_smp_processor_id+0x33/0x18a 00:57:20 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0xf000}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 411.369916][T13286] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 411.376091][T13286] ? lock_acquire+0x190/0x410 [ 411.380773][T13286] ? tomoyo_mount_permission+0x10a/0x400 [ 411.386417][T13286] tomoyo_mount_permission+0x16a/0x400 [ 411.391884][T13286] ? tomoyo_mount_permission+0x10a/0x400 [ 411.391903][T13286] ? tomoyo_mount_acl+0x840/0x840 [ 411.391935][T13286] ? strncpy_from_user+0x2b4/0x400 [ 411.391954][T13286] tomoyo_sb_mount+0x35/0x40 [ 411.391972][T13286] security_sb_mount+0x87/0xd0 [ 411.391994][T13286] do_mount+0x1d4/0x1b50 [ 411.392020][T13286] ? copy_mount_string+0x40/0x40 [ 411.421316][T13286] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 411.421333][T13286] ? copy_mount_options+0x2e8/0x3f0 [ 411.421354][T13286] ksys_mount+0xdb/0x150 [ 411.421374][T13286] __x64_sys_mount+0xbe/0x150 [ 411.421394][T13286] do_syscall_64+0xfa/0x790 [ 411.421413][T13286] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 411.421424][T13286] RIP: 0033:0x45d35a [ 411.421440][T13286] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 411.421452][T13286] RSP: 002b:00007f4b31552a68 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 411.446649][T13286] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045d35a [ 411.446659][T13286] RDX: 00007f4b31552ae0 RSI: 0000000020000400 RDI: 00007f4b31552b00 [ 411.446669][T13286] RBP: 000000000075bf20 R08: 00007f4b31552b40 R09: 00007f4b31552ae0 [ 411.446678][T13286] R10: 0000000000000000 R11: 0000000000000202 R12: 00007f4b315536d4 00:57:20 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0xff00}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 411.446692][T13286] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 [ 411.519269][T13286] ERROR: Out of memory at tomoyo_realpath_from_path. 00:57:20 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0xfeb2, 0xfa00, {0xfffffffffffffffc, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f, 0x3}}, 0xffffffffffffffad) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x4, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) ioctl$SIOCRSGL2CALL(0xffffffffffffffff, 0x89e5, &(0x7f0000000000)=@netrom) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0xffffffffffffffff) r4 = socket(0xa, 0x3, 0x8) r5 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) r6 = openat$nullb(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/nullb0\x00', 0x200, 0x0) ioctl$NBD_DISCONNECT(r6, 0xab08) write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)}}, 0x20) sendmsg$key(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[], 0x1de}}, 0x0) r7 = gettid() waitid(0x83b895581628fca4, r7, &(0x7f0000000040), 0x2, &(0x7f0000000480)) socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$inet_int(r0, 0x11, 0x66, &(0x7f0000000600), &(0x7f0000000080)=0x4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r9) r10 = dup2(r8, r9) ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r12 = dup(r11) ioctl$PERF_EVENT_IOC_ENABLE(r12, 0x8912, 0x400200) r13 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$inet_int(r13, 0x11, 0x66, &(0x7f00006ed000), &(0x7f0000000080)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) r14 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r14, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r16 = dup(r15) ioctl$PERF_EVENT_IOC_ENABLE(r16, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR=&(0x7f00000005c0)=ANY=[@ANYRES32, @ANYRES16, @ANYRES64=0x0, @ANYRES32=r12, @ANYRES64, @ANYPTR=&(0x7f0000000400)=ANY=[@ANYPTR, @ANYRES16=r13, @ANYRES32=0x0, @ANYRESHEX=r14, @ANYRES16=r5, @ANYRESHEX]], @ANYRESHEX=r16], 0xc6}}, 0x20004850) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) r17 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$inet_int(r17, 0x11, 0x66, &(0x7f00006ed000), &(0x7f0000000080)=0x1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r18) r19 = dup(r14) ioctl$PERF_EVENT_IOC_ENABLE(r19, 0x8912, 0x400200) ioctl$GIO_UNISCRNMAP(r19, 0x4b69, &(0x7f0000000700)=""/200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r21 = dup(r20) ioctl$PERF_EVENT_IOC_ENABLE(r21, 0x8912, 0x400200) write$RDMA_USER_CM_CMD_CREATE_ID(r10, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0xffffffffffffffff, &(0x7f0000000580)={0xffffffffffffffff}, 0x13f, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000200)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000180), r22, 0x0, 0x2, 0x4}}, 0x20) 00:57:21 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0xff0f}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 411.669868][T13315] bridge0: port 3(gretap0) entered blocking state [ 411.691876][T13315] bridge0: port 3(gretap0) entered disabled state [ 411.711863][T13315] device gretap0 entered promiscuous mode [ 411.724282][T13315] bridge0: port 3(gretap0) entered blocking state [ 411.730843][T13315] bridge0: port 3(gretap0) entered forwarding state 00:57:23 executing program 2 (fault-call:3 fault-nth:60): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:57:23 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:23 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0xffff}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:23 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xf, 0x8, &(0x7f0000000380)=ANY=[@ANYBLOB="620af8ff00000000bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b7000000000000009500000000000000cc300e58392871b75e1a8b66724ec9a6618b638a234f7ac3e98c41667a371bdd3dbfac1a393b8c21563b7e4d3c85cf5cccb484c6c383e7be0ccd4437cc4b3320d5846e14f6f99ebe90bfb5c063ab66cc3e84ed781bd705b21f89b6a9cbe612b0526f154f099225e0a50f45acb837068e30a76e3fa945e6f108a14430ec6a3ccb864528790849caec3c894609cbc71c3e00b237983b21ae2961b3320e195dae7a32d36bcdc9a6da6aed4479869960962eb792b9e8b0f31ed10456962c722656d7a001d36e9f7ef17b2ff043915d4b6281ba7e06121ba8c08554114a2806694dc24c9b8bbc62ad979412a8239011be8fcbb0285235668abd5f6b47140b8d9ab18c18c59f2fa5a2c06ad2151a0bafcf6ad583d892e6c99b99aa3c203a9ef28456e5c2614aba7f4a97bebfec5d4bffefb8e0561946163d1a57dd"], &(0x7f0000000100)='GPL\x00'}, 0x48) 00:57:23 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) read$FUSE(r1, &(0x7f0000000280), 0x1000) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r2, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r3, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) r6 = openat$full(0xffffffffffffff9c, &(0x7f0000001280)='/dev/full\x00', 0x0, 0x0) ioctl$DRM_IOCTL_MODE_SETCRTC(r6, 0xc06864a2, &(0x7f0000001300)={&(0x7f00000012c0)=[0x4, 0x21, 0x0, 0x401, 0xffff, 0x2, 0x3, 0x9, 0x3f], 0x9, 0x8, 0x1, 0x6, 0x8, 0x8, {0x4, 0x9, 0x401, 0x6, 0x5, 0x1, 0x6, 0x0, 0x1622, 0x6, 0xfff, 0x1, 0x3ff, 0xfffffffb, "99665806c4a7e9aaab49616de128ec481470c34662661946c53aca7a2fa8d36f"}}) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) recvfrom$ax25(r5, &(0x7f0000000000)=""/37, 0x25, 0x2, &(0x7f0000000200)={{0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x6}, [@null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48) 00:57:23 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 414.288237][T13338] FAULT_INJECTION: forcing a failure. [ 414.288237][T13338] name failslab, interval 1, probability 0, space 0, times 0 [ 414.355893][T13338] CPU: 1 PID: 13338 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 414.365815][T13338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 414.375876][T13338] Call Trace: [ 414.379176][T13338] dump_stack+0x197/0x210 [ 414.383521][T13338] should_fail.cold+0xa/0x10 [ 414.388124][T13338] ? setup_fault_attr+0x220/0x220 [ 414.393162][T13338] ? ___might_sleep+0x163/0x2c0 [ 414.398027][T13338] __should_failslab+0x121/0x190 [ 414.402979][T13338] should_failslab+0x9/0x14 [ 414.407485][T13338] kmem_cache_alloc_trace+0x2d3/0x790 [ 414.412861][T13338] ? lock_downgrade+0x920/0x920 [ 414.417719][T13338] ? rwlock_bug.part.0+0x90/0x90 [ 414.422670][T13338] alloc_super+0x55/0x910 [ 414.427005][T13338] ? test_bdev_super_fc+0x80/0x80 [ 414.432029][T13338] sget+0x117/0x560 [ 414.435843][T13338] ? set_anon_super_fc+0x20/0x20 [ 414.440789][T13338] mount_bdev+0xff/0x3c0 [ 414.445100][T13338] ? hfsplus_iget+0x7b0/0x7b0 [ 414.449800][T13338] hfsplus_mount+0x35/0x40 [ 414.454224][T13338] ? hfsplus_statfs+0x410/0x410 [ 414.459090][T13338] legacy_get_tree+0x108/0x220 [ 414.463855][T13338] vfs_get_tree+0x8e/0x300 [ 414.468261][T13338] do_mount+0x135a/0x1b50 [ 414.472586][T13338] ? copy_mount_string+0x40/0x40 [ 414.477532][T13338] ? copy_mount_options+0x260/0x3f0 [ 414.482730][T13338] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 414.488949][T13338] ? copy_mount_options+0x2e8/0x3f0 [ 414.494132][T13338] ksys_mount+0xdb/0x150 [ 414.498360][T13338] __x64_sys_mount+0xbe/0x150 [ 414.503027][T13338] do_syscall_64+0xfa/0x790 [ 414.507517][T13338] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 414.513394][T13338] RIP: 0033:0x45d35a [ 414.517280][T13338] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 414.536865][T13338] RSP: 002b:00007f4b31552a68 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 414.545263][T13338] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045d35a 00:57:23 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:23 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xf, 0x8, &(0x7f0000000380)=ANY=[@ANYBLOB="620af8ff00000000bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b7000000000000009500000000000000cc300e58392871b75e1a8b66724ec9a6618b638a234f7ac3e98c41667a371bdd3dbfac1a393b8c21563b7e4d3c85cf5cccb484c6c383e7be0ccd4437cc4b3320d5846e14f6f99ebe90bfb5c063ab66cc3e84ed781bd705b21f89b6a9cbe612b0526f154f099225e0a50f45acb837068e30a76e3fa945e6f108a14430ec6a3ccb864528790849caec3c894609cbc71c3e00b237983b21ae2961b3320e195dae7a32d36bcdc9a6da6aed4479869960962eb792b9e8b0f31ed10456962c722656d7a001d36e9f7ef17b2ff043915d4b6281ba7e06121ba8c08554114a2806694dc24c9b8bbc62ad979412a8239011be8fcbb0285235668abd5f6b47140b8d9ab18c18c59f2fa5a2c06ad2151a0bafcf6ad583d892e6c99b99aa3c203a9ef28456e5c2614aba7f4a97bebfec5d4bffefb8e0561946163d1a57dd"], &(0x7f0000000100)='GPL\x00'}, 0x48) 00:57:23 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x0, 0x2}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 414.553224][T13338] RDX: 00007f4b31552ae0 RSI: 0000000020000400 RDI: 00007f4b31552b00 [ 414.561182][T13338] RBP: 000000000075bf20 R08: 00007f4b31552b40 R09: 00007f4b31552ae0 [ 414.569134][T13338] R10: 0000000000000000 R11: 0000000000000202 R12: 00007f4b315536d4 [ 414.577091][T13338] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:57:23 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:23 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xf, 0x8, &(0x7f0000000380)=ANY=[@ANYBLOB="620af8ff00000000bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b7000000000000009500000000000000cc300e58392871b75e1a8b66724ec9a6618b638a234f7ac3e98c41667a371bdd3dbfac1a393b8c21563b7e4d3c85cf5cccb484c6c383e7be0ccd4437cc4b3320d5846e14f6f99ebe90bfb5c063ab66cc3e84ed781bd705b21f89b6a9cbe612b0526f154f099225e0a50f45acb837068e30a76e3fa945e6f108a14430ec6a3ccb864528790849caec3c894609cbc71c3e00b237983b21ae2961b3320e195dae7a32d36bcdc9a6da6aed4479869960962eb792b9e8b0f31ed10456962c722656d7a001d36e9f7ef17b2ff043915d4b6281ba7e06121ba8c08554114a2806694dc24c9b8bbc62ad979412a8239011be8fcbb0285235668abd5f6b47140b8d9ab18c18c59f2fa5a2c06ad2151a0bafcf6ad583d892e6c99b99aa3c203a9ef28456e5c2614aba7f4a97bebfec5d4bffefb8e0561946163d1a57dd"], &(0x7f0000000100)='GPL\x00'}, 0x48) 00:57:24 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x0, 0x3}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:24 executing program 2 (fault-call:3 fault-nth:61): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:57:24 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x0, 0x4}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:24 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xf, 0x8, &(0x7f0000000380)=ANY=[@ANYBLOB="620af8ff00000000bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b7000000000000009500000000000000cc300e58392871b75e1a8b66724ec9a6618b638a234f7ac3e98c41667a371bdd3dbfac1a393b8c21563b7e4d3c85cf5cccb484c6c383e7be0ccd4437cc4b3320d5846e14f6f99ebe90bfb5c063ab66cc3e84ed781bd705b21f89b6a9cbe612b0526f154f099225e0a50f45acb837068e30a76e3fa945e6f108a14430ec6a3ccb864528790849caec3c894609cbc71c3e00b237983b21ae2961b3320e195dae7a32d36bcdc9a6da6aed4479869960962eb792b9e8b0f31ed10456962c722656d7a001d36e9f7ef17b2ff043915d4b6281ba7e06121ba8c08554114a2806694dc24c9b8bbc62ad979412a8239011be8fcbb0285235668abd5f6b47140b8d9ab18c18c59f2fa5a2c06ad2151a0bafcf6ad583d892e6c99b99aa3c203a9ef28456e5c2614aba7f4a97bebfec5d4bffefb8e0561946163d1a57dd"], &(0x7f0000000100)='GPL\x00'}, 0x48) [ 414.905147][T13372] FAULT_INJECTION: forcing a failure. [ 414.905147][T13372] name failslab, interval 1, probability 0, space 0, times 0 [ 414.945084][T13372] CPU: 1 PID: 13372 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 414.955009][T13372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 414.965070][T13372] Call Trace: [ 414.968365][T13372] dump_stack+0x197/0x210 [ 414.972691][T13372] should_fail.cold+0xa/0x10 [ 414.977272][T13372] ? setup_fault_attr+0x220/0x220 [ 414.982289][T13372] ? ___might_sleep+0x163/0x2c0 [ 414.987127][T13372] __should_failslab+0x121/0x190 [ 414.992050][T13372] should_failslab+0x9/0x14 [ 414.996562][T13372] kmem_cache_alloc+0x2aa/0x710 [ 415.001403][T13372] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 415.007648][T13372] ? debug_smp_processor_id+0x33/0x18a [ 415.013091][T13372] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 415.019227][T13372] getname_kernel+0x53/0x370 [ 415.023803][T13372] kern_path+0x20/0x40 [ 415.027873][T13372] lookup_bdev.part.0+0x7b/0x1b0 [ 415.032798][T13372] ? blkdev_open+0x290/0x290 [ 415.037372][T13372] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 415.043652][T13372] ? apparmor_capable+0x4df/0x910 [ 415.048656][T13372] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 415.054626][T13372] ? security_fs_context_parse_param+0x81/0xb0 [ 415.060764][T13372] blkdev_get_by_path+0x81/0x130 [ 415.065689][T13372] mount_bdev+0x5d/0x3c0 [ 415.069924][T13372] ? hfsplus_iget+0x7b0/0x7b0 [ 415.074588][T13372] hfsplus_mount+0x35/0x40 [ 415.078997][T13372] ? hfsplus_statfs+0x410/0x410 [ 415.083831][T13372] legacy_get_tree+0x108/0x220 [ 415.088591][T13372] vfs_get_tree+0x8e/0x300 [ 415.092997][T13372] do_mount+0x135a/0x1b50 [ 415.097331][T13372] ? copy_mount_string+0x40/0x40 [ 415.102272][T13372] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 415.108503][T13372] ? copy_mount_options+0x2e8/0x3f0 [ 415.113689][T13372] ksys_mount+0xdb/0x150 [ 415.117915][T13372] __x64_sys_mount+0xbe/0x150 [ 415.122592][T13372] do_syscall_64+0xfa/0x790 [ 415.127084][T13372] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 415.132964][T13372] RIP: 0033:0x45d35a [ 415.136848][T13372] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 415.156442][T13372] RSP: 002b:00007f4b31552a68 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 415.164839][T13372] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045d35a [ 415.172803][T13372] RDX: 00007f4b31552ae0 RSI: 0000000020000400 RDI: 00007f4b31552b00 [ 415.180764][T13372] RBP: 000000000075bf20 R08: 00007f4b31552b40 R09: 00007f4b31552ae0 [ 415.188725][T13372] R10: 0000000000000000 R11: 0000000000000202 R12: 00007f4b315536d4 [ 415.196681][T13372] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:57:24 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x0, 0x5}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:24 executing program 4: bpf$PROG_LOAD(0x5, 0x0, 0x0) 00:57:26 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:26 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) setsockopt$inet6_tcp_buf(r1, 0x6, 0x1f, &(0x7f0000000200)="beb38f70173ac720c54cc4c81697567e517df7e21459828e24b9669da7bf5a2053b7ce99ffc8711687f5f077cf69d7a35b5556c788134deb32b66ed2107e222a6cf40ca1a862c6e3640b4ad8a411870f555a544fe4afdcdda595d3bd998f74ea9324287c3f1bf5219cce197aca6c7d6ce400972fdeee3bcbd552b1d9a7908f0ab07734d55ad8f6f32239675049ac06a4c4b69fcd9991f9264f2a630a7948eb59f1d079b0d9a0f31dd4b0f3ac47f1236e77299c5cf9016d49035aa01b753764cb37ea9fe2064b831278b776e2", 0xcc) r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x40, 0x0) epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r2) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) r5 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/dlm_plock\x00', 0x49400, 0x0) ioctl$SIOCX25SDTEFACILITIES(r5, 0x89eb, &(0x7f0000000640)={0x3, 0x2, 0x100, 0x0, 0x7, 0x16, 0xf, "52cae4ca733bee67291ada740a43e01c4b039bd1", "3f24104088d851278f4248fd785b3b15f990cc5b"}) r6 = socket(0xa, 0x3, 0x8) r7 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) creat(&(0x7f0000000600)='./file0\x00', 0xff9577392178721c) sendmsg$key(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[], 0x1de}}, 0x0) r9 = gettid() waitid(0x83b895581628fca4, r9, &(0x7f0000000040), 0x2, &(0x7f0000000480)) msgget$private(0x0, 0x400) sendmsg$key(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[]}}, 0x20004850) write$RDMA_USER_CM_CMD_SET_OPTION(r5, &(0x7f00000005c0)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000380)=[{0x0, 0x0, [0x6, 0x2, 0x20, 0x6, 0x401, 0x80, 0x6, 0x401, 0x6, 0x80000000, 0x5, 0x80000000, 0x80000001, 0x5, 0x2, 0xd0]}, {0x28, 0x0, [0x40, 0xfffffff9, 0x4, 0x100, 0x1, 0xedb, 0x1, 0x1b4000, 0x5, 0x7, 0x1000, 0x8, 0x80000000, 0x80000001, 0x1ff]}, {0x8, 0x0, [0x1, 0xfffffffc, 0x6, 0x4, 0x1f, 0x6f, 0x7fff, 0x9, 0x8, 0x1, 0x10001, 0xab, 0x2, 0x2c, 0x8, 0x2]}, {0x8, 0x0, [0x4, 0x2, 0xff, 0x80, 0x659, 0x8, 0x80000000, 0x9, 0x8, 0x2, 0x0, 0x8, 0x8, 0x9000000, 0x1ab, 0x4]}, {0x5, 0x0, [0x91, 0x7fffffff, 0x8, 0x0, 0x1, 0xda, 0x3f, 0xffffffff, 0xf13, 0x8, 0x9, 0xffffffff, 0x8, 0x0, 0x7ff, 0x8]}, {0x2, 0x0, [0xc6, 0x9, 0xffffff57, 0x32bb, 0x5, 0x5b, 0x1, 0x80000001, 0x80, 0x20c, 0xffff, 0x5, 0x9, 0xc4, 0x523f1a25, 0x21cf]}, {0x5d, 0x0, [0x2, 0x7fffffff, 0x7, 0x3, 0x9, 0x8, 0x2f, 0x1, 0x0, 0x1f, 0x1, 0x8, 0x5, 0x3f, 0x4, 0x5]}, {0x1, 0x0, [0x10000, 0x401, 0xffff1f77, 0x9, 0x0, 0x47, 0x8001, 0x7fff, 0x5, 0x5, 0x3, 0x5, 0x8, 0x0, 0xf, 0x80000001]}], r8, 0x1, 0x1, 0x240}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r3, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r4, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r11 = dup(r10) ioctl$PERF_EVENT_IOC_ENABLE(r11, 0x8912, 0x400200) r12 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000700)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r11, &(0x7f00000007c0)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x38, r12, 0x400, 0x70bd28, 0x25dfdbff, {}, [@TIPC_NLA_BEARER={0x24, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'dummy0\x00'}}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x20040800}, 0x800) ioctl$SIOCSIFMTU(r2, 0x8922, &(0x7f0000000300)={'veth1_to_bond\x00', 0x8001}) 00:57:26 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x0, 0x6}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:26 executing program 2 (fault-call:3 fault-nth:62): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 417.377639][T13397] FAULT_INJECTION: forcing a failure. [ 417.377639][T13397] name failslab, interval 1, probability 0, space 0, times 0 [ 417.399361][T13397] CPU: 1 PID: 13397 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 417.409275][T13397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 417.419332][T13397] Call Trace: [ 417.422631][T13397] dump_stack+0x197/0x210 [ 417.426979][T13397] should_fail.cold+0xa/0x10 [ 417.431583][T13397] ? setup_fault_attr+0x220/0x220 [ 417.436618][T13397] ? ___might_sleep+0x163/0x2c0 [ 417.441475][T13397] __should_failslab+0x121/0x190 [ 417.446424][T13397] should_failslab+0x9/0x14 [ 417.450928][T13397] kmem_cache_alloc_trace+0x2d3/0x790 [ 417.456292][T13397] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 417.462080][T13397] __memcg_init_list_lru_node+0x8a/0x1e0 [ 417.467691][T13397] __list_lru_init+0x3fe/0x710 [ 417.472452][T13397] alloc_super+0x7cc/0x910 [ 417.476859][T13397] ? test_bdev_super_fc+0x80/0x80 [ 417.481874][T13397] sget+0x117/0x560 [ 417.485668][T13397] ? set_anon_super_fc+0x20/0x20 [ 417.490589][T13397] mount_bdev+0xff/0x3c0 [ 417.494828][T13397] ? hfsplus_iget+0x7b0/0x7b0 [ 417.499543][T13397] hfsplus_mount+0x35/0x40 [ 417.503981][T13397] ? hfsplus_statfs+0x410/0x410 [ 417.508811][T13397] legacy_get_tree+0x108/0x220 [ 417.513574][T13397] vfs_get_tree+0x8e/0x300 [ 417.517984][T13397] do_mount+0x135a/0x1b50 [ 417.522299][T13397] ? copy_mount_string+0x40/0x40 [ 417.527236][T13397] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 417.533473][T13397] ? copy_mount_options+0x2e8/0x3f0 [ 417.538665][T13397] ksys_mount+0xdb/0x150 [ 417.542891][T13397] __x64_sys_mount+0xbe/0x150 [ 417.547551][T13397] do_syscall_64+0xfa/0x790 [ 417.552047][T13397] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 417.557941][T13397] RIP: 0033:0x45d35a [ 417.561818][T13397] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 417.581409][T13397] RSP: 002b:00007f4b31552a68 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 417.589827][T13397] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045d35a [ 417.597778][T13397] RDX: 00007f4b31552ae0 RSI: 0000000020000400 RDI: 00007f4b31552b00 [ 417.605728][T13397] RBP: 000000000075bf20 R08: 00007f4b31552b40 R09: 00007f4b31552ae0 [ 417.613691][T13397] R10: 0000000000000000 R11: 0000000000000202 R12: 00007f4b315536d4 [ 417.621650][T13397] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:57:27 executing program 4: bpf$PROG_LOAD(0x5, 0x0, 0x0) 00:57:27 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x0, 0x7}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:27 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:27 executing program 3: r0 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000080)={'syz', 0x0}, &(0x7f00000000c0)="8a", 0x1, 0xfffffffffffffffb) r1 = add_key(&(0x7f0000000180)='rxrpc\x00', &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) keyctl$dh_compute(0x17, &(0x7f00000001c0)={0x0, r0, r1}, 0x0, 0x0, 0x0) r2 = add_key(&(0x7f0000000180)='.dead\x00', &(0x7f0000000200)={'syz', 0x3}, &(0x7f0000000240)="f3b921b1c04be78990eea50300e07127e411b88da45cffc6a84265a311479faa5a9a2e38875f6a6b1577f34e072c0e1dc3ee42148acc71aeade15ec94b318cfedc1a2d6ded71a3383e081adb0b7785e28108c5", 0x53, r1) keyctl$describe(0x6, r2, &(0x7f00000002c0)=""/50, 0x32) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r3, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r4, 0x30, 0x0, @in6={0xa, 0x4e22, 0x3, @dev={0xfe, 0x80, [], 0x14}, 0x9}}}, 0x90) r5 = open(&(0x7f0000000000)='./file0\x00', 0x41, 0x114) ioctl$KVM_GET_TSC_KHZ(r5, 0xaea3) 00:57:27 executing program 2 (fault-call:3 fault-nth:63): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:57:27 executing program 4: bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 417.855958][T13420] FAULT_INJECTION: forcing a failure. [ 417.855958][T13420] name failslab, interval 1, probability 0, space 0, times 0 [ 417.868804][T13420] CPU: 0 PID: 13420 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 417.878779][T13420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 417.888835][T13420] Call Trace: [ 417.892131][T13420] dump_stack+0x197/0x210 [ 417.896458][T13420] should_fail.cold+0xa/0x10 [ 417.901046][T13420] ? fs_reclaim_release+0xf/0x30 00:57:27 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x0, 0xa}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 417.905995][T13420] ? setup_fault_attr+0x220/0x220 [ 417.911039][T13420] ? ___might_sleep+0x163/0x2c0 [ 417.915901][T13420] __should_failslab+0x121/0x190 [ 417.920847][T13420] should_failslab+0x9/0x14 [ 417.925353][T13420] __kmalloc_track_caller+0x2dc/0x760 [ 417.930730][T13420] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 417.936719][T13420] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 417.942536][T13420] ? vfs_parse_fs_string+0xe8/0x170 [ 417.947740][T13420] kmemdup_nul+0x31/0xa0 [ 417.951995][T13420] vfs_parse_fs_string+0xe8/0x170 [ 417.957023][T13420] ? vfs_parse_fs_param+0x540/0x540 [ 417.962222][T13420] ? legacy_init_fs_context+0x9d/0xe0 [ 417.967599][T13420] do_mount+0x6b4/0x1b50 [ 417.971854][T13420] ? copy_mount_string+0x40/0x40 [ 417.976804][T13420] ? copy_mount_options+0x258/0x3f0 [ 417.982004][T13420] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 417.988250][T13420] ? copy_mount_options+0x2e8/0x3f0 [ 417.993460][T13420] ksys_mount+0xdb/0x150 [ 417.997713][T13420] __x64_sys_mount+0xbe/0x150 [ 418.002409][T13420] do_syscall_64+0xfa/0x790 [ 418.006926][T13420] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 418.012819][T13420] RIP: 0033:0x45d35a [ 418.016717][T13420] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 418.036319][T13420] RSP: 002b:00007f4b31552a68 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 418.044737][T13420] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045d35a 00:57:27 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, &(0x7f0000000380)=ANY=[@ANYBLOB="620af8ff00000000bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b7000000000000009500000000000000cc300e58392871b75e1a8b66724ec9a6618b638a234f7ac3e98c41667a371bdd3dbfac1a393b8c21563b7e4d3c85cf5cccb484c6c383e7be0ccd4437cc4b3320d5846e14f6f99ebe90bfb5c063ab66cc3e84ed781bd705b21f89b6a9cbe612b0526f154f099225e0a50f45acb837068e30a76e3fa945e6f108a14430ec6a3ccb864528790849caec3c894609cbc71c3e00b237983b21ae2961b3320e195dae7a32d36bcdc9a6da6aed4479869960962eb792b9e8b0f31ed10456962c722656d7a001d36e9f7ef17b2ff043915d4b6281ba7e06121ba8c08554114a2806694dc24c9b8bbc62ad979412a8239011be8fcbb0285235668abd5f6b47140b8d9ab18c18c59f2fa5a2c06ad2151a0bafcf6ad583d892e6c99b99aa3c203a9ef28456e5c2614aba7f4a97bebfec5d4bffefb8e0561946163d1a57dd"], &(0x7f0000000100)='GPL\x00'}, 0x48) [ 418.052717][T13420] RDX: 00007f4b31552ae0 RSI: 0000000020000400 RDI: 00007f4b31552b00 [ 418.060685][T13420] RBP: 000000000075bf20 R08: 00007f4b31552b40 R09: 00007f4b31552ae0 [ 418.068743][T13420] R10: 0000000000000000 R11: 0000000000000202 R12: 00007f4b315536d4 [ 418.076711][T13420] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:57:29 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) r2 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x0, 0x414100) ioctl$KVM_GET_DEBUGREGS(r2, 0x8080aea1, &(0x7f0000000200)) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:57:29 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x0, 0x10}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:29 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:29 executing program 2 (fault-call:3 fault-nth:64): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:57:29 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, &(0x7f0000000380)=ANY=[@ANYBLOB="620af8ff00000000bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b7000000000000009500000000000000cc300e58392871b75e1a8b66724ec9a6618b638a234f7ac3e98c41667a371bdd3dbfac1a393b8c21563b7e4d3c85cf5cccb484c6c383e7be0ccd4437cc4b3320d5846e14f6f99ebe90bfb5c063ab66cc3e84ed781bd705b21f89b6a9cbe612b0526f154f099225e0a50f45acb837068e30a76e3fa945e6f108a14430ec6a3ccb864528790849caec3c894609cbc71c3e00b237983b21ae2961b3320e195dae7a32d36bcdc9a6da6aed4479869960962eb792b9e8b0f31ed10456962c722656d7a001d36e9f7ef17b2ff043915d4b6281ba7e06121ba8c08554114a2806694dc24c9b8bbc62ad979412a8239011be8fcbb0285235668abd5f6b47140b8d9ab18c18c59f2fa5a2c06ad2151a0bafcf6ad583d892e6c99b99aa3c203a9ef28456e5c2614aba7f4a97bebfec5d4bffefb8e0561946163d1a57dd"], &(0x7f0000000100)='GPL\x00'}, 0x48) 00:57:29 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x0, 0x18}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 420.449766][T13445] FAULT_INJECTION: forcing a failure. [ 420.449766][T13445] name failslab, interval 1, probability 0, space 0, times 0 [ 420.548844][T13445] CPU: 1 PID: 13445 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 420.558770][T13445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 420.568823][T13445] Call Trace: [ 420.572122][T13445] dump_stack+0x197/0x210 [ 420.576464][T13445] should_fail.cold+0xa/0x10 [ 420.581073][T13445] ? setup_fault_attr+0x220/0x220 [ 420.586103][T13445] ? ___might_sleep+0x163/0x2c0 [ 420.590953][T13445] __should_failslab+0x121/0x190 [ 420.591033][T13445] should_failslab+0x9/0x14 [ 420.591047][T13445] kmem_cache_alloc_trace+0x2d3/0x790 [ 420.591062][T13445] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 420.591083][T13445] __memcg_init_list_lru_node+0x8a/0x1e0 [ 420.591101][T13445] __list_lru_init+0x3fe/0x710 [ 420.622016][T13445] alloc_super+0x7cc/0x910 [ 420.626442][T13445] ? test_bdev_super_fc+0x80/0x80 [ 420.631471][T13445] sget+0x117/0x560 [ 420.635282][T13445] ? set_anon_super_fc+0x20/0x20 [ 420.640215][T13445] mount_bdev+0xff/0x3c0 [ 420.644438][T13445] ? hfsplus_iget+0x7b0/0x7b0 [ 420.649103][T13445] hfsplus_mount+0x35/0x40 [ 420.653497][T13445] ? hfsplus_statfs+0x410/0x410 [ 420.658326][T13445] legacy_get_tree+0x108/0x220 [ 420.663086][T13445] vfs_get_tree+0x8e/0x300 [ 420.667496][T13445] do_mount+0x135a/0x1b50 [ 420.671823][T13445] ? copy_mount_string+0x40/0x40 [ 420.676773][T13445] ? copy_mount_options+0x258/0x3f0 [ 420.681974][T13445] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 420.688211][T13445] ? copy_mount_options+0x2e8/0x3f0 [ 420.693414][T13445] ksys_mount+0xdb/0x150 [ 420.697651][T13445] __x64_sys_mount+0xbe/0x150 [ 420.702322][T13445] do_syscall_64+0xfa/0x790 [ 420.706816][T13445] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 420.712785][T13445] RIP: 0033:0x45d35a [ 420.716655][T13445] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 420.736238][T13445] RSP: 002b:00007f4b31552a68 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 420.744634][T13445] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045d35a [ 420.752593][T13445] RDX: 00007f4b31552ae0 RSI: 0000000020000400 RDI: 00007f4b31552b00 [ 420.760542][T13445] RBP: 000000000075bf20 R08: 00007f4b31552b40 R09: 00007f4b31552ae0 [ 420.768489][T13445] R10: 0000000000000000 R11: 0000000000000202 R12: 00007f4b315536d4 [ 420.776799][T13445] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:57:30 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:30 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:30 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, &(0x7f0000000380)=ANY=[@ANYBLOB="620af8ff00000000bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b7000000000000009500000000000000cc300e58392871b75e1a8b66724ec9a6618b638a234f7ac3e98c41667a371bdd3dbfac1a393b8c21563b7e4d3c85cf5cccb484c6c383e7be0ccd4437cc4b3320d5846e14f6f99ebe90bfb5c063ab66cc3e84ed781bd705b21f89b6a9cbe612b0526f154f099225e0a50f45acb837068e30a76e3fa945e6f108a14430ec6a3ccb864528790849caec3c894609cbc71c3e00b237983b21ae2961b3320e195dae7a32d36bcdc9a6da6aed4479869960962eb792b9e8b0f31ed10456962c722656d7a001d36e9f7ef17b2ff043915d4b6281ba7e06121ba8c08554114a2806694dc24c9b8bbc62ad979412a8239011be8fcbb0285235668abd5f6b47140b8d9ab18c18c59f2fa5a2c06ad2151a0bafcf6ad583d892e6c99b99aa3c203a9ef28456e5c2614aba7f4a97bebfec5d4bffefb8e0561946163d1a57dd"], &(0x7f0000000100)='GPL\x00'}, 0x48) 00:57:30 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x84b00f681d61ab9d, 0xfa00, {0x10000000000, &(0x7f0000000040)={0xffffffffffffffff}, 0x0, 0x8}}, 0xffffffffffffff7f) tee(r0, 0xffffffffffffffff, 0x1000, 0x0) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x10400, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) connect$caif(r4, &(0x7f0000000180), 0x18) ioctl$RTC_PIE_OFF(r2, 0x7006) 00:57:30 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x0, 0x1a}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:30 executing program 2 (fault-call:3 fault-nth:65): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:57:30 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:30 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xf, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) 00:57:30 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x0, 0x48}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:30 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = accept4$bt_l2cap(r3, &(0x7f0000000200), &(0x7f0000000240)=0xe, 0x800) setsockopt$bt_BT_VOICE(r4, 0x112, 0xb, &(0x7f0000000280)=0x3, 0x2) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) r6 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) r7 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r7, 0x84, 0x1d, &(0x7f0000000180)=ANY=[@ANYBLOB="f714c144a24919ee222193746bf6847f4c5bf7e9", @ANYRES32=0x0], &(0x7f000095dffc)=0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r6, 0x84, 0x75, &(0x7f0000000000)={r8}, 0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000580)={r8, @in6={{0xa, 0x4e21, 0x689f, @mcast2, 0x7d5}}, 0x400, 0xbe, 0x1d, 0x7f, 0xa}, &(0x7f0000000640)=0x98) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r5, 0x84, 0x6, &(0x7f0000000680)={r9, @in={{0x2, 0x4e20, @local}}}, &(0x7f0000000740)=0x84) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) [ 421.059813][T13481] FAULT_INJECTION: forcing a failure. [ 421.059813][T13481] name failslab, interval 1, probability 0, space 0, times 0 [ 421.085631][T13481] CPU: 1 PID: 13481 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 421.095542][T13481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 421.105590][T13481] Call Trace: [ 421.108891][T13481] dump_stack+0x197/0x210 [ 421.113239][T13481] should_fail.cold+0xa/0x10 [ 421.117844][T13481] ? setup_fault_attr+0x220/0x220 [ 421.122874][T13481] ? ___might_sleep+0x163/0x2c0 [ 421.127732][T13481] __should_failslab+0x121/0x190 [ 421.127750][T13481] should_failslab+0x9/0x14 [ 421.127763][T13481] kmem_cache_alloc_trace+0x2d3/0x790 [ 421.127782][T13481] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 421.148344][T13481] __memcg_init_list_lru_node+0x8a/0x1e0 [ 421.153991][T13481] __list_lru_init+0x3fe/0x710 [ 421.158771][T13481] alloc_super+0x7cc/0x910 [ 421.163199][T13481] ? test_bdev_super_fc+0x80/0x80 [ 421.168231][T13481] sget+0x117/0x560 [ 421.172051][T13481] ? set_anon_super_fc+0x20/0x20 [ 421.176990][T13481] mount_bdev+0xff/0x3c0 [ 421.177005][T13481] ? hfsplus_iget+0x7b0/0x7b0 [ 421.177025][T13481] hfsplus_mount+0x35/0x40 [ 421.177044][T13481] ? hfsplus_statfs+0x410/0x410 [ 421.195172][T13481] legacy_get_tree+0x108/0x220 [ 421.199945][T13481] vfs_get_tree+0x8e/0x300 [ 421.204363][T13481] do_mount+0x135a/0x1b50 [ 421.208696][T13481] ? retint_kernel+0x2b/0x2b [ 421.213289][T13481] ? copy_mount_string+0x40/0x40 [ 421.213309][T13481] ? copy_mount_options+0x252/0x3f0 [ 421.213326][T13481] ? __sanitizer_cov_trace_pc+0x3b/0x50 [ 421.213342][T13481] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 421.213357][T13481] ? copy_mount_options+0x2e8/0x3f0 [ 421.213376][T13481] ksys_mount+0xdb/0x150 [ 421.213392][T13481] __x64_sys_mount+0xbe/0x150 [ 421.213417][T13481] do_syscall_64+0xfa/0x790 [ 421.240439][T13481] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 421.240452][T13481] RIP: 0033:0x45d35a [ 421.240468][T13481] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 421.240481][T13481] RSP: 002b:00007f4b31552a68 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 421.291583][T13481] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045d35a [ 421.299670][T13481] RDX: 00007f4b31552ae0 RSI: 0000000020000400 RDI: 00007f4b31552b00 00:57:30 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x0, 0x4c}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 421.307644][T13481] RBP: 000000000075bf20 R08: 00007f4b31552b40 R09: 00007f4b31552ae0 [ 421.315620][T13481] R10: 0000000000000000 R11: 0000000000000202 R12: 00007f4b315536d4 [ 421.323593][T13481] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:57:30 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, 0x0, 0x0, 0x0) 00:57:33 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:33 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x0, 0x68}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:33 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xf, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) 00:57:33 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x80000, 0x0) ioctl$KDADDIO(r2, 0x4b34, 0x1ab4) 00:57:33 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, 0x0, 0x0, 0x0) 00:57:33 executing program 2 (fault-call:3 fault-nth:66): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:57:33 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, 0x0, 0x0, 0x0) 00:57:33 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xf, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) [ 423.963343][T13508] FAULT_INJECTION: forcing a failure. [ 423.963343][T13508] name failslab, interval 1, probability 0, space 0, times 0 00:57:33 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x0, 0x6c}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 424.068148][T13508] CPU: 1 PID: 13508 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 424.078076][T13508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 424.088146][T13508] Call Trace: [ 424.091435][T13508] dump_stack+0x197/0x210 [ 424.091459][T13508] should_fail.cold+0xa/0x10 [ 424.091477][T13508] ? setup_fault_attr+0x220/0x220 [ 424.091497][T13508] ? ___might_sleep+0x163/0x2c0 [ 424.110347][T13508] __should_failslab+0x121/0x190 [ 424.115298][T13508] should_failslab+0x9/0x14 [ 424.119818][T13508] kmem_cache_alloc_trace+0x2d3/0x790 [ 424.125206][T13508] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 424.131025][T13508] __memcg_init_list_lru_node+0x8a/0x1e0 [ 424.136669][T13508] __list_lru_init+0x3fe/0x710 [ 424.141450][T13508] alloc_super+0x7cc/0x910 [ 424.145880][T13508] ? test_bdev_super_fc+0x80/0x80 [ 424.150912][T13508] sget+0x117/0x560 [ 424.154731][T13508] ? set_anon_super_fc+0x20/0x20 [ 424.159680][T13508] mount_bdev+0xff/0x3c0 [ 424.163926][T13508] ? hfsplus_iget+0x7b0/0x7b0 [ 424.168618][T13508] hfsplus_mount+0x35/0x40 [ 424.173134][T13508] ? hfsplus_statfs+0x410/0x410 [ 424.177994][T13508] legacy_get_tree+0x108/0x220 [ 424.182765][T13508] vfs_get_tree+0x8e/0x300 [ 424.182784][T13508] do_mount+0x135a/0x1b50 [ 424.182805][T13508] ? copy_mount_string+0x40/0x40 [ 424.182821][T13508] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 424.182840][T13508] ? _copy_from_user+0x12c/0x1a0 [ 424.191564][T13508] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 00:57:33 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x0, 0x74}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:33 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x0, 0x7a}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 424.191580][T13508] ? copy_mount_options+0x2e8/0x3f0 [ 424.191602][T13508] ksys_mount+0xdb/0x150 [ 424.191626][T13508] __x64_sys_mount+0xbe/0x150 [ 424.191647][T13508] do_syscall_64+0xfa/0x790 [ 424.191666][T13508] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 424.191677][T13508] RIP: 0033:0x45d35a [ 424.191692][T13508] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 424.191699][T13508] RSP: 002b:00007f4b31552a68 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 424.270405][T13508] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045d35a [ 424.278372][T13508] RDX: 00007f4b31552ae0 RSI: 0000000020000400 RDI: 00007f4b31552b00 [ 424.278386][T13508] RBP: 000000000075bf20 R08: 00007f4b31552b40 R09: 00007f4b31552ae0 [ 424.294296][T13508] R10: 0000000000000000 R11: 0000000000000202 R12: 00007f4b315536d4 [ 424.302266][T13508] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:57:33 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) r2 = msgget(0x0, 0x1c8) msgctl$IPC_INFO(r2, 0x3, &(0x7f0000000000)) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0xc, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = openat$cgroup_ro(r4, &(0x7f0000000000)='memory.stat\x00', 0x0, 0x0) getsockopt$inet_mreqsrc(r5, 0x0, 0x26, &(0x7f0000000180)={@rand_addr, @loopback, @local}, &(0x7f0000000200)=0xc) 00:57:36 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:36 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x0, 0xf0}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:36 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xf, 0x0, &(0x7f0000000380)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) 00:57:36 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:36 executing program 2 (fault-call:3 fault-nth:67): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:57:36 executing program 3: r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ttynull\x00', 0x804c1, 0x0) ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f0000000240)={0x5671a713, 0x40000, 0x15910fc4, 0x0, 0x16, 0x80, 0xbe, 0x3f, 0xfffffffd, 0x101, 0x1bf, 0x5}) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x3040, 0x0) connect$netlink(r3, &(0x7f0000000180)=@kern={0x10, 0x0, 0x0, 0x8}, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) getsockopt$inet6_IPV6_IPSEC_POLICY(r3, 0x29, 0x22, &(0x7f0000000400)={{{@in=@broadcast, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @multicast2}}}, &(0x7f0000000380)=0xffffffffffffffd3) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'gre0\x00', r6}) write$RDMA_USER_CM_CMD_BIND(r1, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r2, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"00000010003f3d00"}, 0x100}}}, 0x90) 00:57:36 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x0, 0x15c}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:36 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 427.140831][T13562] FAULT_INJECTION: forcing a failure. [ 427.140831][T13562] name failslab, interval 1, probability 0, space 0, times 0 00:57:36 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:36 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xf, 0x0, &(0x7f0000000380)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) [ 427.253202][T13562] CPU: 1 PID: 13562 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 427.263131][T13562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 427.273187][T13562] Call Trace: [ 427.276490][T13562] dump_stack+0x197/0x210 [ 427.280835][T13562] should_fail.cold+0xa/0x10 [ 427.285450][T13562] ? setup_fault_attr+0x220/0x220 [ 427.290495][T13562] ? ___might_sleep+0x163/0x2c0 [ 427.295364][T13562] __should_failslab+0x121/0x190 [ 427.300313][T13562] should_failslab+0x9/0x14 [ 427.304824][T13562] __kmalloc+0x2e0/0x770 [ 427.309072][T13562] ? lockdep_init_map+0x1be/0x6d0 [ 427.314108][T13562] ? prealloc_shrinker+0xa6/0x350 [ 427.319145][T13562] prealloc_shrinker+0xa6/0x350 [ 427.324011][T13562] alloc_super+0x77a/0x910 [ 427.328438][T13562] ? test_bdev_super_fc+0x80/0x80 [ 427.333469][T13562] sget+0x117/0x560 [ 427.337285][T13562] ? set_anon_super_fc+0x20/0x20 [ 427.342228][T13562] mount_bdev+0xff/0x3c0 [ 427.346471][T13562] ? hfsplus_iget+0x7b0/0x7b0 [ 427.351158][T13562] hfsplus_mount+0x35/0x40 [ 427.355577][T13562] ? hfsplus_statfs+0x410/0x410 [ 427.360446][T13562] legacy_get_tree+0x108/0x220 [ 427.365223][T13562] vfs_get_tree+0x8e/0x300 [ 427.369655][T13562] do_mount+0x135a/0x1b50 [ 427.374004][T13562] ? copy_mount_string+0x40/0x40 [ 427.374244][T13586] ptrace attach of "/root/syz-executor.0"[13585] was attempted by "/root/syz-executor.0"[13586] [ 427.378946][T13562] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 427.378975][T13562] ? copy_mount_options+0x2e8/0x3f0 [ 427.378994][T13562] ksys_mount+0xdb/0x150 [ 427.405015][T13562] __x64_sys_mount+0xbe/0x150 [ 427.409688][T13562] do_syscall_64+0xfa/0x790 [ 427.414198][T13562] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 427.420092][T13562] RIP: 0033:0x45d35a [ 427.423989][T13562] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 427.443591][T13562] RSP: 002b:00007f4b31552a68 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 00:57:36 executing program 0: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:36 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = getpid() sched_setscheduler(r4, 0x5, &(0x7f0000000380)) write$cgroup_pid(r3, &(0x7f0000000000)=r4, 0x12) [ 427.452006][T13562] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045d35a [ 427.459976][T13562] RDX: 00007f4b31552ae0 RSI: 0000000020000400 RDI: 00007f4b31552b00 [ 427.467941][T13562] RBP: 000000000075bf20 R08: 00007f4b31552b40 R09: 00007f4b31552ae0 [ 427.467949][T13562] R10: 0000000000000000 R11: 0000000000000202 R12: 00007f4b315536d4 [ 427.467957][T13562] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:57:39 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:39 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xf, 0x0, &(0x7f0000000380)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) 00:57:39 executing program 0: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:39 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0xfffffe99, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x111, 0x4}}, 0xffffffffffffffc3) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) futimesat(r2, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)={{0x0, 0x2710}}) getsockopt$sock_int(r4, 0x1, 0x4, &(0x7f0000000000), &(0x7f0000000180)=0x4) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:57:39 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x0, 0x1e4}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:39 executing program 2 (fault-call:3 fault-nth:68): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:57:39 executing program 0: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:39 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xf, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) [ 430.147590][T13604] ptrace attach of "/root/syz-executor.0"[13603] was attempted by "/root/syz-executor.0"[13604] 00:57:39 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x0, 0x300}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:39 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 430.232092][T13616] ptrace attach of "/root/syz-executor.0"[13615] was attempted by "/root/syz-executor.0"[13616] 00:57:39 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x0, 0x500}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 430.287427][T13605] FAULT_INJECTION: forcing a failure. [ 430.287427][T13605] name failslab, interval 1, probability 0, space 0, times 0 [ 430.376455][T13605] CPU: 1 PID: 13605 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 430.386388][T13605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 430.396549][T13605] Call Trace: [ 430.399873][T13605] dump_stack+0x197/0x210 [ 430.404214][T13605] should_fail.cold+0xa/0x10 [ 430.408819][T13605] ? setup_fault_attr+0x220/0x220 [ 430.413859][T13605] ? ___might_sleep+0x163/0x2c0 [ 430.418722][T13605] __should_failslab+0x121/0x190 [ 430.423661][T13605] should_failslab+0x9/0x14 [ 430.428166][T13605] kmem_cache_alloc_trace+0x2d3/0x790 [ 430.433545][T13605] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 430.439364][T13605] __memcg_init_list_lru_node+0x8a/0x1e0 [ 430.445007][T13605] __list_lru_init+0x3fe/0x710 [ 430.449788][T13605] alloc_super+0x7cc/0x910 [ 430.454215][T13605] ? test_bdev_super_fc+0x80/0x80 [ 430.459249][T13605] sget+0x117/0x560 [ 430.463068][T13605] ? set_anon_super_fc+0x20/0x20 [ 430.468016][T13605] mount_bdev+0xff/0x3c0 [ 430.472262][T13605] ? hfsplus_iget+0x7b0/0x7b0 [ 430.476949][T13605] hfsplus_mount+0x35/0x40 [ 430.481379][T13605] ? hfsplus_statfs+0x410/0x410 [ 430.486236][T13605] legacy_get_tree+0x108/0x220 [ 430.491006][T13605] vfs_get_tree+0x8e/0x300 [ 430.491025][T13605] do_mount+0x135a/0x1b50 [ 430.491048][T13605] ? copy_mount_string+0x40/0x40 [ 430.499787][T13605] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 430.510919][T13605] ? copy_mount_options+0x2e8/0x3f0 [ 430.516134][T13605] ksys_mount+0xdb/0x150 [ 430.520389][T13605] __x64_sys_mount+0xbe/0x150 00:57:39 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x0, 0x600}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 430.525074][T13605] do_syscall_64+0xfa/0x790 [ 430.529589][T13605] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 430.535489][T13605] RIP: 0033:0x45d35a [ 430.539396][T13605] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 430.558990][T13605] RSP: 002b:00007f4b31552a68 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 430.567399][T13605] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045d35a [ 430.567409][T13605] RDX: 00007f4b31552ae0 RSI: 0000000020000400 RDI: 00007f4b31552b00 [ 430.567417][T13605] RBP: 000000000075bf20 R08: 00007f4b31552b40 R09: 00007f4b31552ae0 [ 430.567424][T13605] R10: 0000000000000000 R11: 0000000000000202 R12: 00007f4b315536d4 [ 430.567432][T13605] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:57:42 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x0, 0x700}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:42 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:42 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:42 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xf, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) 00:57:42 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dlm-monitor\x00', 0x21180, 0x0) recvfrom$unix(r3, &(0x7f0000000240)=""/184, 0xb8, 0x1, &(0x7f0000000300)=@abs={0x2, 0x0, 0x4e22}, 0x6e) getsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000000), &(0x7f0000000180)=0x4) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r4, 0x1c, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:57:42 executing program 2 (fault-call:3 fault-nth:69): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:57:42 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x0, 0xa00}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:42 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xf, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) 00:57:42 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:42 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xf, 0x17, &(0x7f0000000380)=ANY=[@ANYBLOB="620af8ff00000000bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b7000000000000009500000000000000cc300e58392871b75e1a8b66724ec9a6618b638a234f7ac3e98c41667a371bdd3dbfac1a393b8c21563b7e4d3c85cf5cccb484c6c383e7be0ccd4437cc4b3320d5846e14f6f99ebe90bfb5c063ab66cc3e84ed781bd705b21f89b6a9cbe612b0526f154f099225e0a50f45acb837068e30a76e3fa945e6f108a14430"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) [ 433.360992][T13647] FAULT_INJECTION: forcing a failure. [ 433.360992][T13647] name failslab, interval 1, probability 0, space 0, times 0 00:57:42 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x80080, 0x0) ioctl$IMGETVERSION(r2, 0x80044942, &(0x7f0000000180)) [ 433.444390][T13647] CPU: 0 PID: 13647 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 433.454318][T13647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 433.464385][T13647] Call Trace: [ 433.467686][T13647] dump_stack+0x197/0x210 [ 433.472036][T13647] should_fail.cold+0xa/0x10 [ 433.476637][T13647] ? setup_fault_attr+0x220/0x220 [ 433.481662][T13647] ? ___might_sleep+0x163/0x2c0 [ 433.481685][T13647] __should_failslab+0x121/0x190 [ 433.481714][T13647] should_failslab+0x9/0x14 [ 433.495960][T13647] kmem_cache_alloc_trace+0x2d3/0x790 [ 433.501337][T13647] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 433.507156][T13647] __memcg_init_list_lru_node+0x8a/0x1e0 [ 433.512795][T13647] __list_lru_init+0x3fe/0x710 [ 433.517571][T13647] alloc_super+0x7cc/0x910 [ 433.521994][T13647] ? test_bdev_super_fc+0x80/0x80 [ 433.527028][T13647] sget+0x117/0x560 [ 433.530845][T13647] ? set_anon_super_fc+0x20/0x20 [ 433.535786][T13647] mount_bdev+0xff/0x3c0 [ 433.540034][T13647] ? hfsplus_iget+0x7b0/0x7b0 00:57:42 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xf, 0x17, &(0x7f0000000380)=ANY=[@ANYBLOB="620af8ff00000000bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b7000000000000009500000000000000cc300e58392871b75e1a8b66724ec9a6618b638a234f7ac3e98c41667a371bdd3dbfac1a393b8c21563b7e4d3c85cf5cccb484c6c383e7be0ccd4437cc4b3320d5846e14f6f99ebe90bfb5c063ab66cc3e84ed781bd705b21f89b6a9cbe612b0526f154f099225e0a50f45acb837068e30a76e3fa945e6f108a14430"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) [ 433.544724][T13647] hfsplus_mount+0x35/0x40 [ 433.549157][T13647] ? hfsplus_statfs+0x410/0x410 [ 433.554033][T13647] legacy_get_tree+0x108/0x220 [ 433.558841][T13647] vfs_get_tree+0x8e/0x300 [ 433.563257][T13647] do_mount+0x135a/0x1b50 [ 433.567593][T13647] ? copy_mount_string+0x40/0x40 [ 433.572533][T13647] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 433.578782][T13647] ? _copy_from_user+0x12c/0x1a0 [ 433.583712][T13647] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 433.583728][T13647] ? copy_mount_options+0x2e8/0x3f0 [ 433.583747][T13647] ksys_mount+0xdb/0x150 [ 433.599387][T13647] __x64_sys_mount+0xbe/0x150 [ 433.599409][T13647] do_syscall_64+0xfa/0x790 [ 433.599429][T13647] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 433.599442][T13647] RIP: 0033:0x45d35a [ 433.599458][T13647] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 00:57:42 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 433.599466][T13647] RSP: 002b:00007f4b31552a68 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 433.599485][T13647] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045d35a [ 433.654490][T13647] RDX: 00007f4b31552ae0 RSI: 0000000020000400 RDI: 00007f4b31552b00 [ 433.662464][T13647] RBP: 000000000075bf20 R08: 00007f4b31552b40 R09: 00007f4b31552ae0 [ 433.670537][T13647] R10: 0000000000000000 R11: 0000000000000202 R12: 00007f4b315536d4 [ 433.678513][T13647] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:57:45 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:45 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x0, 0x1800}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:45 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xf, 0x17, &(0x7f0000000380)=ANY=[@ANYBLOB="620af8ff00000000bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b7000000000000009500000000000000cc300e58392871b75e1a8b66724ec9a6618b638a234f7ac3e98c41667a371bdd3dbfac1a393b8c21563b7e4d3c85cf5cccb484c6c383e7be0ccd4437cc4b3320d5846e14f6f99ebe90bfb5c063ab66cc3e84ed781bd705b21f89b6a9cbe612b0526f154f099225e0a50f45acb837068e30a76e3fa945e6f108a14430"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) 00:57:45 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:45 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(0xffffffffffffffff, &(0x7f00000000c0)={0x14, 0x3e1, 0xfa00, {r1, 0x8, 0x0, @in6={0xa, 0x4e22, 0x2, @rand_addr="e0aca75a730c0656f8450c2eebb2c084", 0x1f}}}, 0x90) 00:57:45 executing program 2 (fault-call:3 fault-nth:70): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:57:45 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc", 0x48}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:45 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xf, 0x23, &(0x7f0000000380)=ANY=[@ANYBLOB="620af8ff00000000bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b7000000000000009500000000000000cc300e58392871b75e1a8b66724ec9a6618b638a234f7ac3e98c41667a371bdd3dbfac1a393b8c21563b7e4d3c85cf5cccb484c6c383e7be0ccd4437cc4b3320d5846e14f6f99ebe90bfb5c063ab66cc3e84ed781bd705b21f89b6a9cbe612b0526f154f099225e0a50f45acb837068e30a76e3fa945e6f108a14430ec6a3ccb864528790849caec3c894609cbc71c3e00b237983b21ae2961b3320e195dae7a32d36bcdc9a6da6aed4479869960962eb792b9e8b0f31ed10456962c722656d7a001d36e9f7ef17b2ff043915d4b6281ba7e06121ba8c0855411"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) 00:57:45 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) setsockopt$netrom_NETROM_N2(r1, 0x103, 0x3, &(0x7f0000000000), 0x4) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r2, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r3, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:57:45 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x0, 0x1a00}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 436.432324][T13704] FAULT_INJECTION: forcing a failure. [ 436.432324][T13704] name failslab, interval 1, probability 0, space 0, times 0 00:57:45 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) [ 436.490743][T13704] CPU: 0 PID: 13704 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 436.500672][T13704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 436.510731][T13704] Call Trace: [ 436.514032][T13704] dump_stack+0x197/0x210 [ 436.518380][T13704] should_fail.cold+0xa/0x10 [ 436.522988][T13704] ? setup_fault_attr+0x220/0x220 [ 436.528058][T13704] ? ___might_sleep+0x163/0x2c0 [ 436.532930][T13704] __should_failslab+0x121/0x190 [ 436.537873][T13704] should_failslab+0x9/0x14 [ 436.542382][T13704] kmem_cache_alloc_node_trace+0x274/0x750 [ 436.548191][T13704] ? kmem_cache_alloc_trace+0x397/0x790 [ 436.553741][T13704] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 436.559552][T13704] __kmalloc_node+0x3d/0x70 [ 436.564062][T13704] kvmalloc_node+0x68/0x100 [ 436.568573][T13704] __list_lru_init+0x4d5/0x710 [ 436.573347][T13704] alloc_super+0x7cc/0x910 [ 436.577773][T13704] ? test_bdev_super_fc+0x80/0x80 [ 436.582807][T13704] sget+0x117/0x560 00:57:45 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x0, 0x2000}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 436.586618][T13704] ? set_anon_super_fc+0x20/0x20 [ 436.591564][T13704] mount_bdev+0xff/0x3c0 [ 436.595811][T13704] ? hfsplus_iget+0x7b0/0x7b0 [ 436.600495][T13704] hfsplus_mount+0x35/0x40 [ 436.604918][T13704] ? hfsplus_statfs+0x410/0x410 [ 436.609776][T13704] legacy_get_tree+0x108/0x220 [ 436.614553][T13704] vfs_get_tree+0x8e/0x300 [ 436.618985][T13704] do_mount+0x135a/0x1b50 [ 436.623325][T13704] ? copy_mount_string+0x40/0x40 [ 436.628268][T13704] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 436.634513][T13704] ? _copy_from_user+0x12c/0x1a0 [ 436.639455][T13704] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 436.645702][T13704] ? copy_mount_options+0x2e8/0x3f0 [ 436.650905][T13704] ksys_mount+0xdb/0x150 [ 436.655159][T13704] __x64_sys_mount+0xbe/0x150 [ 436.659843][T13704] do_syscall_64+0xfa/0x790 [ 436.664359][T13704] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 436.670248][T13704] RIP: 0033:0x45d35a [ 436.674145][T13704] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 436.693741][T13704] RSP: 002b:00007f4b31552a68 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 436.702154][T13704] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045d35a [ 436.710124][T13704] RDX: 00007f4b31552ae0 RSI: 0000000020000400 RDI: 00007f4b31552b00 [ 436.718100][T13704] RBP: 000000000075bf20 R08: 00007f4b31552b40 R09: 00007f4b31552ae0 [ 436.726066][T13704] R10: 0000000000000000 R11: 0000000000000202 R12: 00007f4b315536d4 [ 436.734033][T13704] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:57:48 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000280)="6653070000053c07bc3376003639405cb4aed12f00cff47d010000805ae64f8f36460234432479aed75d092b41fd983f79e6519961f6c44f3c69e9365539cd15aa7f062b9ff153cc04", 0x49}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:48 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xf, 0x23, &(0x7f0000000380)=ANY=[@ANYBLOB="620af8ff00000000bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b7000000000000009500000000000000cc300e58392871b75e1a8b66724ec9a6618b638a234f7ac3e98c41667a371bdd3dbfac1a393b8c21563b7e4d3c85cf5cccb484c6c383e7be0ccd4437cc4b3320d5846e14f6f99ebe90bfb5c063ab66cc3e84ed781bd705b21f89b6a9cbe612b0526f154f099225e0a50f45acb837068e30a76e3fa945e6f108a14430ec6a3ccb864528790849caec3c894609cbc71c3e00b237983b21ae2961b3320e195dae7a32d36bcdc9a6da6aed4479869960962eb792b9e8b0f31ed10456962c722656d7a001d36e9f7ef17b2ff043915d4b6281ba7e06121ba8c0855411"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) 00:57:48 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x0, 0x3f00}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:48 executing program 2 (fault-call:3 fault-nth:71): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f00000003c0)='hfsplus\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:57:48 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='memory.events\x00', 0x0, 0x0) ioctl$USBDEVFS_RELEASEINTERFACE(r2, 0x80045510, &(0x7f0000000180)=0x7ff) eventfd2(0x6, 0x180800) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:57:48 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x0, 0x4000}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 00:57:48 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xf, 0x23, &(0x7f0000000380)=ANY=[@ANYBLOB="620af8ff00000000bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b7000000000000009500000000000000cc300e58392871b75e1a8b66724ec9a6618b638a234f7ac3e98c41667a371bdd3dbfac1a393b8c21563b7e4d3c85cf5cccb484c6c383e7be0ccd4437cc4b3320d5846e14f6f99ebe90bfb5c063ab66cc3e84ed781bd705b21f89b6a9cbe612b0526f154f099225e0a50f45acb837068e30a76e3fa945e6f108a14430ec6a3ccb864528790849caec3c894609cbc71c3e00b237983b21ae2961b3320e195dae7a32d36bcdc9a6da6aed4479869960962eb792b9e8b0f31ed10456962c722656d7a001d36e9f7ef17b2ff043915d4b6281ba7e06121ba8c0855411"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) 00:57:48 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) [ 439.481512][T13743] FAULT_INJECTION: forcing a failure. [ 439.481512][T13743] name failslab, interval 1, probability 0, space 0, times 0 [ 439.538606][T13743] CPU: 0 PID: 13743 Comm: syz-executor.2 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 439.548524][T13743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 439.548533][T13743] Call Trace: [ 439.548557][T13743] dump_stack+0x197/0x210 [ 439.548581][T13743] should_fail.cold+0xa/0x10 [ 439.548600][T13743] ? setup_fault_attr+0x220/0x220 [ 439.548622][T13743] ? ___might_sleep+0x163/0x2c0 [ 439.548642][T13743] __should_failslab+0x121/0x190 [ 439.548659][T13743] should_failslab+0x9/0x14 [ 439.548672][T13743] kmem_cache_alloc_trace+0x2d3/0x790 [ 439.548687][T13743] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 439.548705][T13743] __memcg_init_list_lru_node+0x8a/0x1e0 [ 439.548722][T13743] __list_lru_init+0x3fe/0x710 [ 439.548745][T13743] alloc_super+0x7cc/0x910 [ 439.548762][T13743] ? test_bdev_super_fc+0x80/0x80 [ 439.548779][T13743] sget+0x117/0x560 [ 439.548794][T13743] ? set_anon_super_fc+0x20/0x20 [ 439.548812][T13743] mount_bdev+0xff/0x3c0 [ 439.548825][T13743] ? hfsplus_iget+0x7b0/0x7b0 [ 439.548843][T13743] hfsplus_mount+0x35/0x40 [ 439.634167][T13743] ? hfsplus_statfs+0x410/0x410 [ 439.634187][T13743] legacy_get_tree+0x108/0x220 [ 439.634205][T13743] vfs_get_tree+0x8e/0x300 [ 439.634224][T13743] do_mount+0x135a/0x1b50 [ 439.661608][T13743] ? copy_mount_string+0x40/0x40 [ 439.666562][T13743] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 439.672816][T13743] ? copy_mount_options+0x2e8/0x3f0 [ 439.678023][T13743] ksys_mount+0xdb/0x150 [ 439.682271][T13743] __x64_sys_mount+0xbe/0x150 00:57:49 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2062b041, 0x0, 0x0, 0x4800}, [@call={0x85, 0x0, 0x0, 0x1c}]}, &(0x7f00000000c0)='GOL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 439.682293][T13743] do_syscall_64+0xfa/0x790 [ 439.682313][T13743] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 439.697323][T13743] RIP: 0033:0x45d35a [ 439.697339][T13743] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 4d 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 2a 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 439.697348][T13743] RSP: 002b:00007f4b31552a68 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 439.697366][T13743] RAX: ffffffffffffffda RBX: 00007f4b31552c90 RCX: 000000000045d35a [ 439.737195][T13743] RDX: 00007f4b31552ae0 RSI: 0000000020000400 RDI: 00007f4b31552b00 [ 439.745165][T13743] RBP: 000000000075bf20 R08: 00007f4b31552b40 R09: 00007f4b31552ae0 [ 439.753140][T13743] R10: 0000000000000000 R11: 0000000000000202 R12: 00007f4b315536d4 [ 439.761112][T13743] R13: 00000000004cad98 R14: 00000000004e4288 R15: 0000000000000006 00:57:49 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 00:57:49 executing program 3: r0 = openat$watch_queue(0xffffffffffffff9c, &(0x7f0000000000)='/dev/watch_queue\x00', 0x100, 0x0) watch_devices(r0, 0x4, 0x0) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r1, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r2, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {'\x00\x00\x00\x00\x00\t\x00'}}}}, 0x90) 00:57:49 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xf, 0x29, &(0x7f0000000380)=ANY=[@ANYBLOB="620af8ff00000000bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b7000000000000009500000000000000cc300e58392871b75e1a8b66724ec9a6618b638a234f7ac3e98c41667a371bdd3dbfac1a393b8c21563b7e4d3c85cf5cccb484c6c383e7be0ccd4437cc4b3320d5846e14f6f99ebe90bfb5c063ab66cc3e84ed781bd705b21f89b6a9cbe612b0526f154f099225e0a50f45acb837068e30a76e3fa945e6f108a14430ec6a3ccb864528790849caec3c894609cbc71c3e00b237983b21ae2961b3320e195dae7a32d36bcdc9a6da6aed4479869960962eb792b9e8b0f31ed10456962c722656d7a001d36e9f7ef17b2ff043915d4b6281ba7e06121ba8c08554114a2806694dc24c9b8bbc62ad979412a8239011be8fcbb0285235668abd5f6b47140b8d9ab18c18c59f2fa5a2c06ad2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78) [ 439.979839][T13772] ------------[ cut here ]------------ [ 440.008446][T13772] refcount_t: underflow; use-after-free. [ 440.021067][T13772] WARNING: CPU: 1 PID: 13772 at lib/refcount.c:28 refcount_warn_saturate+0x1dc/0x1f0 [ 440.030542][T13772] Kernel panic - not syncing: panic_on_warn set ... [ 440.037143][T13772] CPU: 1 PID: 13772 Comm: syz-executor.3 Not tainted 5.5.0-rc1-next-20191212-syzkaller #0 [ 440.047026][T13772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 440.053796][ T4094] kobject: 'loop4' (00000000dd1a2fd7): kobject_uevent_env [ 440.057084][T13772] Call Trace: [ 440.064340][ T4094] kobject: 'loop4' (00000000dd1a2fd7): fill_kobj_path: path = '/devices/virtual/block/loop4' [ 440.067469][T13772] dump_stack+0x197/0x210 [ 440.067491][T13772] ? refcount_warn_saturate+0x1c0/0x1f0 [ 440.067511][T13772] panic+0x2e3/0x75c [ 440.091368][T13772] ? add_taint.cold+0x16/0x16 [ 440.096056][T13772] ? __kasan_check_write+0x14/0x20 [ 440.101169][T13772] ? __warn.cold+0x14/0x3e [ 440.105584][T13772] ? __warn+0xd9/0x1cf [ 440.109656][T13772] ? refcount_warn_saturate+0x1dc/0x1f0 [ 440.115266][T13772] __warn.cold+0x2f/0x3e [ 440.119504][T13772] ? refcount_warn_saturate+0x1dc/0x1f0 [ 440.125048][T13772] report_bug+0x289/0x300 [ 440.129449][T13772] do_error_trap+0x11b/0x200 [ 440.134044][T13772] do_invalid_op+0x37/0x50 [ 440.135886][ T4094] kobject: 'loop2' (00000000b9aabbae): kobject_uevent_env [ 440.138462][T13772] ? refcount_warn_saturate+0x1dc/0x1f0 [ 440.148515][ T4094] kobject: 'loop2' (00000000b9aabbae): fill_kobj_path: path = '/devices/virtual/block/loop2' [ 440.151069][T13772] invalid_op+0x23/0x30 [ 440.151087][T13772] RIP: 0010:refcount_warn_saturate+0x1dc/0x1f0 [ 440.151102][T13772] Code: e9 d8 fe ff ff 48 89 df e8 b1 2f 23 fe e9 85 fe ff ff e8 27 4e e5 fd 48 c7 c7 20 d8 6f 88 c6 05 76 9e ec 06 01 e8 f3 dd b5 fd <0f> 0b e9 ac fe ff ff 0f 1f 00 66 2e 0f 1f 84 00 00 00 00 00 55 48 [ 440.151109][T13772] RSP: 0018:ffffc90004867d40 EFLAGS: 00010282 [ 440.151124][T13772] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 440.205091][T13772] RDX: 0000000000000000 RSI: ffffffff815e8b66 RDI: fffff5200090cf9a [ 440.213064][T13772] RBP: ffffc90004867d50 R08: ffff8880a5264440 R09: ffffed1015d26659 [ 440.221013][T13772] R10: ffffed1015d26658 R11: ffff8880ae9332c7 R12: 0000000000000003 [ 440.228964][T13772] R13: ffff888090f941d8 R14: ffff888090f94180 R15: ffffffff8a0244a0 [ 440.236987][T13772] ? vprintk_func+0x86/0x189 [ 440.241577][T13772] put_watch+0xa2/0xb0 [ 440.245628][T13772] watch_queue_release+0x34b/0xc40 [ 440.250727][T13772] __fput+0x2ff/0x890 [ 440.254692][T13772] ? __post_watch_notification+0x840/0x840 [ 440.260473][T13772] ____fput+0x16/0x20 [ 440.264504][T13772] task_work_run+0x145/0x1c0 [ 440.269082][T13772] exit_to_usermode_loop+0x316/0x380 [ 440.274354][T13772] do_syscall_64+0x676/0x790 [ 440.278932][T13772] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 440.284801][T13772] RIP: 0033:0x4144a1 [ 440.288681][T13772] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 440.308268][T13772] RSP: 002b:00007fff58c35020 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 440.316657][T13772] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00000000004144a1 [ 440.324604][T13772] RDX: 0000001b2cd20000 RSI: 0000000000000000 RDI: 0000000000000003 [ 440.332551][T13772] RBP: 0000000000000001 R08: 00000000c207758c R09: 00000000c2077590 [ 440.340499][T13772] R10: 00007fff58c35100 R11: 0000000000000293 R12: 000000000075bf20 [ 440.348455][T13772] R13: 000000000006b69a R14: 00000000007606f8 R15: 000000000075bf2c [ 440.357985][T13772] Kernel Offset: disabled [ 440.362445][T13772] Rebooting in 86400 seconds..