0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ptrace(0x11, r0) ptrace$PTRACE_SECCOMP_GET_METADATA(0x420b, 0x0, 0x0, 0x0) 21:24:04 executing program 1: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174040204010002000270f7", 0x15}], 0x0, 0x0) 21:24:04 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 334.487099] FAT-fs (loop1): invalid media value (0x00) [ 334.509629] FAT-fs (loop1): Can't find a valid FAT filesystem 21:24:04 executing program 1: mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ubi_ctrl\x00', 0x0, 0x0) mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 21:24:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:04 executing program 1: socket$inet6(0xa, 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0xaa4b7c8770d4287b, 0x0) syslog(0x4, &(0x7f0000000080)=""/24, 0x18) 21:24:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 334.845654] audit: type=1400 audit(1567113844.935:58): avc: denied { syslog } for pid=11000 comm="syz-executor.1" capability=34 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=capability2 permissive=1 21:24:07 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x2, 0x2) ioctl$IMCLEAR_L2(0xffffffffffffffff, 0x80044946, 0x0) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x37) ptrace$cont(0x18, r0, 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x3}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ptrace$cont(0x9, r0, 0x0, 0x0) 21:24:07 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:07 executing program 1: perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) sendmsg$unix(0xffffffffffffffff, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) getsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0x8, 0x0, &(0x7f0000001a00)) ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, 0x0) fchdir(r0) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="1cfdfffffe8a0ab7960f0100010000000000fdff993802aa0063b84252b1d85cbf0000faffff37f70f653f0ffb09f0d5362b74797f0acad550fe203534da91b5b9fb501e1a"], 0x45) perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unlink(&(0x7f0000000040)='./bus\x00') getresuid(&(0x7f0000000480)=0x0, &(0x7f00000004c0), 0x0) mount$9p_rdma(&(0x7f0000000300)='127.0.0.1\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x8, &(0x7f00000006c0)=ANY=[@ANYBLOB="7472616e733d72646d612c706f72743d3078303030303030303030303030346532302c73713d3078303030303030303030303030303030302c7375626a5f757365723d76626f786e6574302c657569643d75b9e7cc6a66df12957e0712c5631a6c8ee0a885ab8b3f977ff6b8318c1cdd58cf6f2371bca8acf7e55812ff36f46bd68bc721739c92c48fa130ab3ef4fc1281e4ebdc", @ANYRESDEC=r2, @ANYBLOB=',\x00']) sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe) open(&(0x7f0000000080)='./file0\x00', 0xc4000141041, 0x0) 21:24:07 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:07 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) munlockall() r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) 21:24:07 executing program 2: socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b21546e5e071341bf75c08deeacdb0f8", 0xe1, 0x10000}], 0x0, 0x0) [ 337.552460] BTRFS: device fsid fff6f2a2-2997-48ae-b81e-1b00920efd9a devid 9481174681891822808 transid 15394767792240231233 /dev/loop2 21:24:07 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 337.662325] BTRFS error (device loop2): unsupported checksum algorithm 27691 [ 337.691178] BTRFS error (device loop2): superblock checksum mismatch [ 337.697939] FAT-fs (loop1): error, invalid access to FAT (entry 0x00006500) 21:24:07 executing program 4: lstat(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000680)='/selinux/avc/cache_stats\x00', 0x0, 0x0) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f00000006c0)=r2, 0x4) r3 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x10000, 0x101000) recvfrom$ax25(r3, &(0x7f0000000280)=""/182, 0xb6, 0x2000, &(0x7f00000000c0)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x4}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48) setgid(r0) pause() r4 = openat$dsp(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dsp\x00', 0x0, 0x0) r5 = openat$cgroup_ro(r4, &(0x7f0000000180)='cpuacct.usage_percPu_user\x00\xe5]\xb8\xefh\x8e\r\xf5\x8c3\xebQ\x87\xfa\a\xd2\xa8\x04D\x9b5\xa7zk\xb5!\x14\x9bAk:', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r5, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) getsockname$inet6(r4, &(0x7f00000003c0)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000400)=0x1c) r8 = syz_open_dev$midi(&(0x7f0000000340)='/dev/midi#\x00', 0x7, 0x100) fcntl$F_GET_RW_HINT(r8, 0x40b, &(0x7f0000000440)) write$cgroup_subtree(r7, &(0x7f0000000000)=ANY=[], 0x20032600) r9 = syz_genetlink_get_family_id$tipc(&(0x7f00000004c0)='TIPC\x00') sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r5, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x30, r9, 0x400, 0x70bd2b, 0x25dfdbfc, {{}, 0x0, 0x5, 0x0, {0x14, 0x19, {0x100000001, 0x0, 0xfe, 0x70a}}}, ["", "", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x40004}, 0x40080) ioctl$EXT4_IOC_MIGRATE(r7, 0x6609) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r7, 0xc0045520, &(0x7f0000000380)=0x7) rename(&(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='./file0\x00') [ 337.714771] FAT-fs (loop1): Filesystem has been set read-only [ 337.735465] FAT-fs (loop1): error, invalid access to FAT (entry 0x00006500) 21:24:07 executing program 1: [ 337.770261] BTRFS error (device loop2): open_ctree failed 21:24:07 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:07 executing program 4: openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000580)='/selinux/enforce\x00', 0x80, 0x0) syz_open_procfs(0x0, &(0x7f0000000640)='net/xfrm_stat\x00') r0 = syz_open_dev$vcsa(&(0x7f0000000680)='/dev/vcsa#\x00', 0x1, 0x10000) r1 = openat$cgroup_ro(r0, &(0x7f00000005c0)='pids.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r1, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) sendmsg$nfc_llcp(r3, &(0x7f0000000480)={&(0x7f0000000180)={0x27, 0x1, 0x2, 0x4, 0x90, 0x5fb0, "5ce9348037b32dcb038fd96b5c410c7c1f3fa28e551a4545e6b9b6b3418a52e54c7ffcd292d089598750f6ce4e88729d2374fb9da33d34efc076e9c1e3942d", 0xc}, 0x60, &(0x7f0000000100)=[{&(0x7f0000000200)="aafe384a71768b26fdd864d5d71b37a26ac174a7a62a0eafe3575540461385e24dd76f88bfef636493283886a017977fd5c0e5df8696c227f6f0827663646b61f8440b2819b54a94f7b81db1baba674b38c83f03487288ca7a35dc74ac453a0cf64f119ef3ad89c6a97798d90f1f9c8b5299d8dbf43273a8439e7cfe8f3b519a58a700607af0cbd2a614c68fbcf852d2d22908e609ae3ac966e926f92de449cc6c50e2330e7518435bf7229dd0ad56de56271b67e7277f20911306f25f71e6062157a80e9c13d806d01205e6", 0xcc}, {&(0x7f0000000300)="a597bdc230ec2ca5b64b3aa1fc7440e1efaf142a3f9c28897106a8744a41dd0d57dc4a81df33dd38af3b948d0d694f9d2acc887317071ae243ce843dca4b4672ad2631879428065b9754b5a56a6ed90d528e166301b101aa9705a5e2e58ee5bcc032c77dda0e25b9", 0x68}], 0x2, &(0x7f0000000380)={0xc8, 0x111, 0x9a84, "465801fd86af646c650a100f7d402fee322a00250c445d90275474bcfa15580e89025d3d2f72c8877b0a83bc1c994725d5727cd9d2b684a9169ee9c057eb38ff6c7a13ef36591d4e8385479b4cb8e1906b5edd9dff42848ee6844a84cde4ce41b396938560594277aaa459d8bbaae722d1082fd5106f3aa0bdb4190433269eb6493e865174ccc5a7a9c9e100c87f6b975078676f2b00595fc22c407662e2ea8a98a932decbd5f710bd46e1351e346095001c563a"}, 0xc8, 0x4000}, 0x1) syz_open_dev$sndmidi(&(0x7f00000000c0)='/dev/snd/midiC#D#\x00', 0x4, 0x40000) write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x20032600) r4 = accept4$inet(r1, &(0x7f0000000040)={0x2, 0x0, @remote}, &(0x7f0000000080)=0x10, 0x800) syz_open_dev$audion(&(0x7f00000004c0)='/dev/audio#\x00', 0x2, 0x3) ioctl$EXT4_IOC_MIGRATE(r3, 0x6609) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f0000000500)={0x0, 0x2, 0x3, [0x4, 0x8, 0xe200000000000]}, &(0x7f0000000540)=0xe) getpeername$inet(r4, &(0x7f0000000600)={0x2, 0x0, @remote}, &(0x7f00000006c0)=0x10) 21:24:08 executing program 2: socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b21546e5e071341bf75c08deeacdb0f8", 0xe1, 0x10000}], 0x0, 0x0) [ 337.992074] BTRFS error (device loop2): unsupported checksum algorithm 27691 [ 338.025969] BTRFS error (device loop2): superblock checksum mismatch [ 338.063024] BTRFS error (device loop2): open_ctree failed 21:24:10 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x2, 0x2) ioctl$IMCLEAR_L2(0xffffffffffffffff, 0x80044946, 0x0) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x37) ptrace$cont(0x18, r0, 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x3}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ptrace$cont(0x9, r0, 0x0, 0x0) 21:24:10 executing program 1: 21:24:10 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) getsockname$llc(r0, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000080)=0x10) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) ioctl$RTC_WKALM_RD(r0, 0x80287010, &(0x7f0000000100)) 21:24:10 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:10 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:10 executing program 2: socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b21546e5e071341bf75c08deeacdb0f8", 0xe1, 0x10000}], 0x0, 0x0) 21:24:10 executing program 1: 21:24:10 executing program 1: [ 340.608068] BTRFS error (device loop2): unsupported checksum algorithm 27691 21:24:10 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 340.652034] BTRFS error (device loop2): superblock checksum mismatch 21:24:10 executing program 1: [ 340.710251] BTRFS error (device loop2): open_ctree failed 21:24:10 executing program 1: 21:24:10 executing program 2: socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b21546e5e071341bf75c08deeacdb0f8", 0xe1, 0x10000}], 0x0, 0x0) [ 340.906561] BTRFS error (device loop2): unsupported checksum algorithm 27691 [ 340.933989] BTRFS error (device loop2): superblock checksum mismatch [ 340.980730] BTRFS error (device loop2): open_ctree failed 21:24:13 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x2, 0x2) ioctl$IMCLEAR_L2(0xffffffffffffffff, 0x80044946, 0x0) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x37) ptrace$cont(0x18, r0, 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x3}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ptrace$cont(0x9, r0, 0x0, 0x0) 21:24:13 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:13 executing program 1: perf_event_open(&(0x7f0000000380)={0x2, 0x70, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f0000000340)={0x2, 'ip6tnl0\x00', 0x3}, 0x18) setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f0000000280)={0x2, 'syz_tun\x00'}, 0x18) 21:24:13 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400208) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(r1, 0x6609) 21:24:13 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:13 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b21546e5e071341bf75c08deeacdb0f8", 0xe1, 0x10000}], 0x0, 0x0) [ 343.603733] IPVS: sync thread started: state = BACKUP, mcast_ifn = syz_tun, syncid = 0, id = 0 [ 343.626734] IPVS: stopping backup sync thread 11121 ... [ 343.637599] BTRFS error (device loop2): unsupported checksum algorithm 27691 21:24:13 executing program 1: syz_open_dev$evdev(&(0x7f0000000100)='/dev/input/event#\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f00000001c0)='lotrusted\x1a\x00', 0x2) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}], 0xffffff76) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f00000000c0)=0x0) getpgrp(r1) [ 343.666808] BTRFS error (device loop2): superblock checksum mismatch [ 343.730207] BTRFS error (device loop2): open_ctree failed 21:24:13 executing program 2: syz_mount_image$btrfs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b21546e5e071341bf75c08deeacdb0f8", 0xe1, 0x10000}], 0x0, 0x0) 21:24:14 executing program 4: socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000040)=0x0) r1 = getpid() tgkill(r0, r1, 0x26) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r2, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$FICLONERANGE(r2, 0x4020940d, &(0x7f0000000240)={r3, 0x0, 0x0, 0x100000000000000, 0x7}) ioctl$VIDIOC_PREPARE_BUF(r2, 0xc058565d, &(0x7f0000000180)={0x81, 0xf, 0x4, 0x40, {}, {0x2, 0x8, 0x64, 0x8, 0x2, 0x2, "47031543"}, 0x1f, 0x3, @userptr=0x3, 0x4}) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4) write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f0000000080)) syz_open_dev$vcsa(&(0x7f0000000200)='/dev/vcsa#\x00', 0x3ff, 0x0) ioctl$EXT4_IOC_MIGRATE(r4, 0x6609) 21:24:14 executing program 2: syz_mount_image$btrfs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b21546e5e071341bf75c08deeacdb0f8", 0xe1, 0x10000}], 0x0, 0x0) 21:24:14 executing program 4: r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x400, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r0, 0xc10c5541, &(0x7f0000000180)={0x2, 0x4, 0x6, 0x0, 0x0, [], [], [], 0x9, 0x1}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r1, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(r3, 0x6609) [ 344.135513] Unknown ioctl -1056156351 21:24:14 executing program 2: syz_mount_image$btrfs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b21546e5e071341bf75c08deeacdb0f8", 0xe1, 0x10000}], 0x0, 0x0) [ 344.270443] Unknown ioctl -1056156351 21:24:16 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x2, 0x2) ioctl$IMCLEAR_L2(0xffffffffffffffff, 0x80044946, 0x0) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x37) ptrace$cont(0x18, r0, 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x3}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) ptrace$cont(0x9, r0, 0x0, 0x0) 21:24:16 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:16 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', 0x0, 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b21546e5e071341bf75c08deeacdb0f8", 0xe1, 0x10000}], 0x0, 0x0) 21:24:16 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(r1, 0x6609) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000000)) 21:24:16 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:16 executing program 1: setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) r0 = syz_open_dev$vcsa(&(0x7f0000000300)='/dev/vcsa#\x00', 0x0, 0xa00) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000480)={0x0, @dev, @broadcast}, &(0x7f00000004c0)=0xc) setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f0000000500)={r1, 0x1, 0x6, @random="88549b7cdec5"}, 0x10) ioctl$KDSETKEYCODE(0xffffffffffffffff, 0x4b4d, 0x0) ioctl$PPPIOCSACTIVE(0xffffffffffffffff, 0x40107446, &(0x7f0000000440)={0x6, &(0x7f0000000400)=[{0x3, 0xc1, 0x2, 0x9b03}, {0x0, 0x3}, {0x7ff, 0x2, 0x6}, {0x72, 0x5, 0xea6, 0x7fff}, {0x100000000000, 0x90000000000000, 0x3, 0x5}, {0x0, 0x0, 0xfffffffffffffffe, 0x6}]}) prctl$PR_GET_PDEATHSIG(0x2, &(0x7f0000000540)) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee68, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000) setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, &(0x7f00000001c0)={0xfffffffffffffffc, {{0xa, 0x4e24, 0x1, @dev={0xfe, 0x80, [], 0x22}}}}, 0xfffffffffffffff0) ioctl$TIOCGISO7816(r2, 0x80285442, &(0x7f00000003c0)) socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x1d2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000000c0)={{{@in6=@remote, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@initdev}, 0x0, @in6=@local}}, &(0x7f0000000000)=0xe8) keyctl$chown(0x4, 0x0, r3, 0x0) r4 = creat(&(0x7f0000000700)='./bus\x00', 0x0) syncfs(r4) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r4, 0xc00c642e, &(0x7f0000000280)={0x0, 0x80000}) ioctl$DRM_IOCTL_GEM_FLINK(r4, 0xc008640a, &(0x7f0000000380)) 21:24:16 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x7f) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000040)=ANY=[], 0x0) ioctl$SG_GET_LOW_DMA(r2, 0x227a, &(0x7f0000000040)) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) 21:24:16 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', 0x0, 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b21546e5e071341bf75c08deeacdb0f8", 0xe1, 0x10000}], 0x0, 0x0) 21:24:16 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', 0x0, 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b21546e5e071341bf75c08deeacdb0f8", 0xe1, 0x10000}], 0x0, 0x0) 21:24:16 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) fsync(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) 21:24:17 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:17 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 21:24:19 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x2, 0x2) ioctl$IMCLEAR_L2(0xffffffffffffffff, 0x80044946, 0x0) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x37) ptrace$cont(0x18, r0, 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x3}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) ptrace$cont(0x9, r0, 0x0, 0x0) 21:24:19 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 21:24:19 executing program 4: r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f00000000c0)='memo\x8fy.events\x00', 0x26e1, 0x0) setsockopt$bt_BT_FLUSHABLE(r1, 0x112, 0x8, &(0x7f0000000440)=0x20, 0x4) clone(0x20200000, &(0x7f0000000200)="5989174d63290e79d72d7ef476e5287570fd35e77544f42c42b063ff9d8a56d446643472f9b56670e8681de6cca002e40037c1c2fc40f978c60c74ef455d112bd838886d81c9fe7ca3ea4dc32aa879ff7a75733d287acbb5e43321fa3d33cd6d88b3d7fa9a642ab5b7a62076f31d36761c393de4223a675b44e113d31b3843076cf1f2ae05d3c492b71772d23ef6375dffedb9035b2c386e11db60012a6590845e9278f68a184983cfd703", &(0x7f0000000100), &(0x7f00000002c0), &(0x7f0000000300)="dbaf866d2ad066268618c406c12449e14c167d9a1792dfaeb7f49bfbc266a8ba30c1bb0f979916882bbb2dfaa1c103829f7ea9eecce5542708f55af265cda4da8a3edf7def9d9346ede4ac88a47f6371913f8fac0791d5d2a45ff31dc099fe8b7ea86945414289f5811b3039f902303030e833d079ce8db8e93a7bfa21cadbbd4a8db6bd792a1e6274550b309579f1f22044") ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r1, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) write$cgroup_subtree(r0, &(0x7f0000000080), 0x0) accept4$nfc_llcp(r2, &(0x7f0000000180), &(0x7f0000000080)=0x60, 0x6a9c5c8d602a0743) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(r3, 0x6609) ioctl$KVM_S390_VCPU_FAULT(r3, 0x4008ae52, &(0x7f0000000000)=0x7) ioctl$DRM_IOCTL_FREE_BUFS(r3, 0x4010641a, &(0x7f0000000400)={0x4, &(0x7f00000003c0)=[0x6, 0x7ed, 0x2, 0x2]}) 21:24:19 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:19 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:19 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(0xffffffffffffffff, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:19 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 21:24:19 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_GET_CPUID2(r0, 0xc008ae91, &(0x7f0000000180)={0x7, 0x0, [{}, {}, {}, {}, {}, {}, {}]}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(0xffffffffffffffff, 0x6609) 21:24:19 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:19 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(0xffffffffffffffff, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:19 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0) 21:24:20 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x6) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$P9_RVERSION(r0, &(0x7f0000000240)={0x13, 0x65, 0xffff, 0xffffffff, 0x6, '9P2000'}, 0x13) ioctl$KIOCSOUND(r0, 0x4b2f, 0x400) fsetxattr$trusted_overlay_origin(r2, &(0x7f0000000280)='trusted.overlay.origin\x00', &(0x7f00000002c0)='y\x00', 0x2, 0x3) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x3ff) ioctl$VHOST_SET_VRING_NUM(r2, 0x4008af10, &(0x7f0000000040)={0x3, 0x3ff}) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f0000000080)={0x0}, &(0x7f0000000100)=0x8) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000400)={0x0, 0x4, 0x353, 0x3}) setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, &(0x7f0000000180)={r3, @in={{0x2, 0x4e23, @broadcast}}}, 0x84) getsockopt$inet_tcp_buf(r0, 0x6, 0x1c, &(0x7f0000000300)=""/157, &(0x7f00000003c0)=0x9d) 21:24:22 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x2, 0x2) ioctl$IMCLEAR_L2(0xffffffffffffffff, 0x80044946, 0x0) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x37) ptrace$cont(0x18, r0, 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x3}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) ptrace$cont(0x9, r0, 0x0, 0x0) 21:24:22 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0) 21:24:22 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:22 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(0xffffffffffffffff, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:22 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 21:24:22 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='Me\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd4\xaf\xe7\xfbFs\xf2A#\xee/\xed`\xb7\x10\xed\xc0/\xc8\xb9$-\x9e\x81\xf5\x8799\x06\xc34\x15\xc3\xcb\x8f]\xba\xf6\xb6%%\xb3\x922\xc4\xc95\xb8\xd7\x8d\xc01\xab\xbb\x00\x94J\xfdK\xa8\xaa\x9c3F\x16\xf5\xf4\f\xd5\x05,\x9bf\x82\rtF.\xde\xbd\xe0\xc9@*\x04\x91\xeczU\x8f\xa5\xb8/\x81\xd5\xe6R\xc2\xc4\xa9\xe0\xe5\xd2-J\x18\xf6\x12\"\xdd\x17\xeeO\x1b\xab}\xb2\xd5\v00\x7fWBmpp\xd9\xdb0\xb3\xacH\x83\x1e\xa4:\xd0\xc5PI\xf1\xfd\xb7\xb9k\x12\xed3\xde8P\x84\x9f\x02\xe7S\xae\x9cPQ\xfa\xa8\'\x86\x1f\x9b\xb5\xeb\x17\xfc(\x82\xd2\x13\t\x88\\\xca!!\xf0?\xa5\ny\xcc\xb9\xb0\x91\xb5\\\x879\xb5\xf7\x8b', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) 21:24:22 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(r0, 0xc008551c, &(0x7f0000000080)={0x2, 0x4, [0x4afcc385]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$SG_GET_COMMAND_Q(r0, 0x2270, &(0x7f00000000c0)) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) 21:24:22 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 21:24:22 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0) 21:24:22 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:22 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:23 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:25 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:25 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 21:24:25 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, 0x0) 21:24:25 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x2, 0x2) ioctl$IMCLEAR_L2(0xffffffffffffffff, 0x80044946, 0x0) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x37) ptrace$cont(0x18, r0, 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x3}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0) 21:24:25 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0xa0000, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) prctl$PR_MCE_KILL(0x21, 0x1, 0x2) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) 21:24:25 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:25 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") ioctl$EVIOCGPROP(0xffffffffffffffff, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(0xffffffffffffffff, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:25 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, 0x0) 21:24:25 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:25 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:26 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") ioctl$EVIOCGPROP(0xffffffffffffffff, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(0xffffffffffffffff, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:26 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, 0x0) 21:24:26 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") ioctl$EVIOCGPROP(0xffffffffffffffff, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(0xffffffffffffffff, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:26 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:26 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:28 executing program 4: syz_open_dev$cec(&(0x7f0000000040)='/dev/cec#\x00', 0x1, 0x2) syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x4, 0x210101) openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/status\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0xb806c5b7a9cd5ce9, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r1, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(r3, 0x6609) 21:24:28 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600), 0x0, 0x10000}], 0x0, 0x0) 21:24:28 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:28 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x2, 0x2) ioctl$IMCLEAR_L2(0xffffffffffffffff, 0x80044946, 0x0) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x37) ptrace$cont(0x18, r0, 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x3}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0) 21:24:28 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:28 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:28 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) fchmod(r0, 0x4) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[], 0x0) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) 21:24:28 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:29 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600), 0x0, 0x10000}], 0x0, 0x0) 21:24:29 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:29 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(0xffffffffffffffff, 0xae47, 0xd000) ioctl$KVM_RUN(r0, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r0, 0xae80, 0x0) 21:24:29 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(r0, &(0x7f0000000080)='cpuacct.usage_user\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) 21:24:29 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600), 0x0, 0x10000}], 0x0, 0x0) 21:24:29 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:29 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:31 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x2, 0x2) ioctl$IMCLEAR_L2(0xffffffffffffffff, 0x80044946, 0x0) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x37) ptrace$cont(0x18, r0, 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x3}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0) 21:24:31 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(0xffffffffffffffff, 0xae47, 0xd000) ioctl$KVM_RUN(r0, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r0, 0xae80, 0x0) 21:24:31 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) openat$audio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0x101000, 0x0) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(r1, 0x6609) accept4$bt_l2cap(r0, &(0x7f0000000040), &(0x7f0000000080)=0xe, 0x80000) 21:24:31 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b", 0x71, 0x10000}], 0x0, 0x0) 21:24:31 executing program 1: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:31 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:31 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(0xffffffffffffffff, 0xae47, 0xd000) ioctl$KVM_RUN(r0, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r0, 0xae80, 0x0) 21:24:32 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:32 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:32 executing program 1: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:32 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b", 0x71, 0x10000}], 0x0, 0x0) 21:24:32 executing program 1: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:34 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000040)=ANY=[], 0x0) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) 21:24:34 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:34 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x2, 0x2) ioctl$IMCLEAR_L2(0xffffffffffffffff, 0x80044946, 0x0) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x37) ptrace$cont(0x18, r0, 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x3}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$cont(0x9, 0x0, 0x0, 0x0) 21:24:34 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b", 0x71, 0x10000}], 0x0, 0x0) 21:24:34 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:34 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:35 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x20032600) setsockopt$ALG_SET_AEAD_AUTHSIZE(r0, 0x117, 0x5, 0x0, 0x42) setsockopt$netlink_NETLINK_PKTINFO(r2, 0x10e, 0x3, &(0x7f0000000040)=0x40, 0x4) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) 21:24:35 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:35 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:35 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2d", 0xa9, 0x10000}], 0x0, 0x0) 21:24:35 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:35 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:35 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2d", 0xa9, 0x10000}], 0x0, 0x0) 21:24:35 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:37 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x2, 0x2) ioctl$IMCLEAR_L2(0xffffffffffffffff, 0x80044946, 0x0) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x37) ptrace$cont(0x18, r0, 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x3}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$cont(0x9, 0x0, 0x0, 0x0) 21:24:37 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:37 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r3, &(0x7f0000000340)=ANY=[@ANYPTR, @ANYPTR=&(0x7f0000000080)=ANY=[@ANYRES64=r0], @ANYPTR=&(0x7f0000000100)=ANY=[@ANYRESHEX=r2, @ANYRESHEX=r3], @ANYPTR=&(0x7f0000000300)=ANY=[@ANYRESDEC=r1, @ANYRES64=0x0, @ANYRES16=r2, @ANYPTR64=&(0x7f0000000180)=ANY=[@ANYRES16=r2, @ANYRESDEC=r1, @ANYBLOB="0226c541373e983fd0f0c3a18fdbdbb2f1686194c4a085b47be8ab576ba74a6d6353b21402642c0ecb450ab4129681426d6e5b798188399bcba10e97983ffcee1629ee8da3c44e14b64392682cc5efa21b2e4d8b7cadd095cf9f10e8b71ebe4316586b", @ANYRESHEX=r0, @ANYBLOB="738a44e4aee253d383a4ce1ce5782896a70429aacb93c42a70f139455718814aefd89af0c487420854da06f6f31716227794ffcda6892571700b990dd7dab25cfecbf9db3b6fcd234e52c4d516db53be3b13e8926a3ac917354110a1b03cfcb33cd3280e27a90ff355dfa4477feccef6796f4fa3f16af44422b56e1e4a50c6f1575dac77ef9ad78c0237796a7b263642ffdbfa66ec4b3795ec92d5c4377ab6bc0876c73e7508ce7aa67644a654966e33ec615f43b0d013df0ef0193269715fd4e01738c736f02f3a00"/215], @ANYRES16], @ANYRESOCT, @ANYRESDEC=r2, @ANYRESDEC=r0, @ANYBLOB="a755cc0de557dc115f7b01bac827164f3bdd2370f9f08603dd18b22ffbd8bb24969b1fcf75a5c723f353e6619e890a098bd525915bc6551473e76ccdc3a9d9a73101f83706a59d1472882cd68ae560875723edbbfc53fdfa48a9d8ed55593dfd7311156173eaa45bbb104c911619de4f135348ede20106a512daaf4bd73d684de009bf4cf2487f8ccb0ef475806aaca0084e1b03f2877530170ec6552a60f3ac2e933c62a1f0353af1758068f3b5274012a87a714144e0e34fb070a73fe5531d8123cd1f3d257a8a8e363788d60f5ed504fce72a5135d226d108c4247c7548acb51a35db8fae49a9fc89faaf11df50064b018aca7682152ec58bc9ab7e777c4fbb3d9870aeffa2dd20a53c04d42f9988e3de94644db548a0b2ee56dd6db99077e4ff7ea82474d8325a48bffc9c5f2c6e3898004bdd40ead1d806ea68a30bf765830d5d5e2d276863ac0b2769bbdad2c734d5c5474cbce8307d9e4e1c79a513ae12d4d1be50cbf20de3ffc797306cb1a805f887057c9cc117e600f4fa7469ed62f4e26f2d650a98aea93c857ade9b68d83e194e166573926e6466ffb9fdc373017a0f440f1a09aaecc416dc6cdf4fd163b8c8a1143d534d3405ea51bbd6c1d87592d77d914d95021cf63742dae108fc885e91c57e5b39d8b75eb7455e31e503b4b4a9445e16202b4c9621acb58f70b96a618e04713a84c67fa3e3c788b282ff37746a4cda9067d973da3c7b63830a7ab4c926b9bfa6f0ff7dd88692873c691b2b5ea8160e1a09bebe67f1645eace75f06bb8b541416586139919ef990107c6e1c886b0271abb121020a9f3cdb97dea3969ee59346c9bdb85757747c54dc7e7c791c00e2aa9f28cd47ab7f5916448ff54e8b3644caaed7cfd026952ec370ec90484424c7fdaa44c0b56bcc6192837e7278381974cbf4ba1f0b9516094924b7429ad9365054bb038804f7913d899e5e4aca2468ca41621804f2959d0431c61c4d4575ce2a14fee1af0845517b67d5b511ecc9dbc45f93533a14f7a5821a184a56dc921ddeb8c7dac5a4c5522dc5c8de850c03d0ac37e58c50425a5c77d615821de8fe9ef0a56170beb7f5234bbb3dd9c312dfefdc8d1e714a29234ae4ba49d628fcd89745f6e4217b8eb40f0f68969b3f202845d26843ed3090c72b16e0d3f4941421f066e3c35f025dc38b4d0b6f6182ba1e123578f3c1e0e68dd34bba53142e5ed4375641466b9ad8fc9379518375065f58b1653060e7c88036015cc6cfd406da4e09de683e860a2918e691cb239c5ac9e04470a43d951698bb5634059e7be4f6859678a1f25c1dcb16bd80c423f77f776f9f7e9c11a43306a345adb62fb10d5d9ef5271b0d5525e7f25d35349d77c5533dfcd3a6b1c0f995093a4bf0d0c21705cf3908296a2b02e4517c2061b5812294f5e033442b59492a0ac40b2b883bdf001b47dfc7419078155936c95625e7e6d5b09fb22ef9aea5c4a146df217d164f55e95d812922208e41606625c6c3455f878e9e16a030bdd9d945f96e404e9a4ff4c96da4e8896f3ac7b273e1a5518d5ef5a32561a16889dea5408a14008e6e98f7256aecc6e0cc34ba230937cec5cdc9f7858df6fd3145e9735f8e1ab5bb9fa165076fbf80391fa630719b6008ae2edac265a31ef4c1a0bf9bc81276a24791b8e334e2b51c565f972038f831cce4411283db19dc415eaab3754093115c429f719b7852491dc5deecde85fc5cf14524009893e2c0d6f2dc254b7c2021a5212ebf0a7805fa7eea727564626bcdcf6f433b4f1f4304fde3893798fa5bc64519f81bfccb4635ef47b45e41bc474eaa8ad3060369e68941df45820eb35d688f73732c5ba4dab4b110a9b7ea151dadb4d68e031931adbd147d5c3585e7e3813e101922f1a46c56dd7bf6619e2c73bf361ed4a652c475a48a74d9b194242949f7286f755c9393cac3112740d4c98c4552da518078e701f70b382bf6580507c480a5edc9a28eca84db1eadd49d836ef7b150fabfc9abd9d7036d6ab06d5b887b34fc4243fcb2cc86e154c3fe8227161de503c94cd6f56a5ba9dd374525f384b384e112a0e6ba315a22acf983b008b9e594d149fec94ddd82aa048e5e22e0e2c32bc64cff4ea2724bff5cfc063e320eeb44417bf7a04ee8a93814000b31bb97716b4b5339c1e597e4f65901554d557a20e93c986f8a9b49e346937aba028769fd7d5b9731a4f991019696042c746ce892050739c66a5878816572093fc024610d7e77ee93d25239d727407f408702074536bf33ae18d1d8b08237c5216c63389e4872fed5c29aa33ce51aedef0bcbed806fde0f4525fb46c2c472b6ebe21aa9aec26829a76ad5692b1a2cc66c57bf2bcd88c604745740a56bb499f7861a97f1ae464ba0ef88364fc26072a73162e03d2dcdc15b38e621146dee6a33683f0d3b16ab549cc17140e2303b7612f2682e2a527852aa092574b12e8c68966de23f236fa03472af06390c5dbbcaaabed0bd40eb715aa10e64f2c0670c9f1c98ce50a8b033d6fa5f2c8304040097ab204329ec6455ad5dd714dac2d843a00d7795e166d76389ad34e8dce566a825805940fee35b43a25c2fc587ba67f472bc50a9958d8eb334c7433e6f52f66cd8e86ea12cf1307dc1b23eb2165637bbb177173be2c84d5f2fda30795e07c8f8369506ddb3b1e2281b79013ea823e51b2b9cfca368347df4e30b6ae900b0f8d26d29a10000c85d84516c42d817927da977614b543a4069dea2e9f519c49782e6abfa96b38d5628cd1af2f3b3fedbd9363a243c568c2a35563c36b8cc7aecd87f15ab0732cb538df0fdd514a97338ee68676c6af870f2abf7661b4c98f0f88c4d393d34f05037d4c09bf33c5be0100fcb267a181a583975e8b49d9dc13178a1bbcf9d9fc0e46e8db4fc22d15596deade237ddd014c7dc7145674e44914535e5853d23be804fc6fba9ac887781c55e906b3784a23a22c20e218fa1abd237d2b9c4f178fa82b781d2d02f2b689127198a0a6ce31929399d5d7bd1fb74244afb4c90bd07c56db602b18af89f64cbc3424d5c73f0978d47b12e3ec04d1dfbd0aaba7b205711688bfa39852da975c36182166adbadeac5610e46d573e53f9512efb9be28b8e94d5c807628115001c7f27519b9accc67faeb2c9e9bcbefb48e563bc1f424292f08440d9a1365815cb4133cb04a35018d22db7916f61aa43fe9129e521a2fd4c329233d7a71fbdb738d3d5cad2545c057cbe2ff7d20618a7c73aaa271817358dcf85886073643ed84bed69f670cef38dcadfbfa1ae250be941138c61923f42a46ff3e1a55c3f07174b84274c14d1caa06fda3be672f1b5c8eb08e231a5a16f654607b0e3469c29e069d929ede58e189464a2b68b4a9ca8e57eb962c1921b68d2743169df20ad9a80f4ee6233eed9e349da7d48e653a382c8741b12aeb73dccd309670a2f4d19bf012a4b5379e2c377100a7f61aad6e4c70e8e41658eeee524a4f16b7928b0787b19855eb49aa6b3640f3cb15a9dfa60341ca60ceba6d504fb2a91bacce55ba14cd2e5db23b57ec9120cd973cc1017d1ed06b5d640b0e1e74d6018dea39fe67635d7d577b9047c97c7a28fe698d1b1c5af1f53824bf435820db73e5220acd9712543d7b4e84d9aba5b0ae69238ddd446cfcb9feabae1e7db7f66ba70089eb17b76467074a262f81905e22b6f1ea12bbdf3c0964b1cfc1fb8b509b5634787f022358b76ec19def40d42e10ad9af0f6e8075f5f3715345aaef680492bb9b91cb1cb9be3eec9430e51ff86a1ee2088e35a581e395583cba97c115cb4ec6dd03712c2afae4da0419522f77e0753597fc4847246c24a776ffc8fa432f4b828c9eadc99b4020ffda0635bd16c7488b3140e5c03fcd6e25038da6772fbadaacec733d845680d8da21c16e040e740f1ccda0d150832c9fe076cb77743a289589276462f269494ccdf7a75eacb5e9c639b300e714da2f28f47354e708165c8847fe0b62d6d5cb8e7ad3e79ef2587d65f11c1a59987c7e294b60f78fdd5d4b8f276bda043c6c9b0cd3b5bf9547e44194621177f05bcf74e7aa59c415e55538845f36c5b0e9753c947c05ff506bbe21c7d56b198e08da0cb6210321f6298b1276834a2263ad68b1e36d77d4049e7d22e4526d39b6c705fad1bb4e367027b4585e009754bd3cbcdd77cc94519c527175957abd400536e51603c70ba9cac194cdf83618de8872278e355e856c7dd19eb7c1f20dd72b46bf1a0983b17c219e9f8af8b26a61ee704124abc068f25789c10a2813833026b05cca9beb78e8ff2ae717eb093c1aba9051ad67f36a698efe9444a807340e4939f0e78aa24ce68c8341a7553f527389623e5f8ddd8f1a184b07531de2e5e86b96e37bc87a21b8ec8a1cfa3822e667cba67b52595d00dfb091ea26cf4b3783abf14312614d8497a6d2a80d2037f1f7ee363394fca0aed66bdd97d51f2d30f89b6ff8c8bee0704b815e22ec73e882349ab34ca1b19e6eadec412471b4af611e69336908ac9e5f5fbf740527a2ece11ea53d1d766f742e464f7619efb77ca1b312b10d532884b8a40a415c26e8ed02ad723ab26c022da5ffb71da2afa7a735876f0e782b0f9894304be5e631736d83c8e3e504edf69dc4a69c1a08be7cf13090077053e68ce88af0b37d550fc10526f46c51bb31949004db08671b5c5d73058461eefc8654eee32363d21ddfd724a5d1c7e48a21e754b872a3a34a9a3296703833b92fac84815b25914805e1fffa66137cc217cc55fa3b8fccfafe1c06f5d3c7c84ec30b42c0187853faca8fbfe6bfaa76153a8fd068f4e3446ccc7e36e348e91cb8656c896ff595ee723a202d0d2893df612b774392c80f3dd9db88ed9ff2ebcd073175fd1295fe8b499cb3991079755ac5ce75dc525de497a3c59989b454e17a74a1f520c948342b94be9e4efe42629c97fd91df3e74191fb873140c440690a64c37788d055f9c2942301932e1c9a924c7b05b98777ca8ceb908ca93d0973a8fe9efe6a944c444de506266cf1455fdccb44ddba3213a274324e2fa8a8e552c2b5167cf08a039df9cad35038266519df6897d31d4ea4b61050299efc1d50bc12876fe93b5a8d0da11333e334c9cf86eb874eddb7ced83b2bf52422e05833a8cd3c99cb3a7ced33abaa402d92543009e5829fc3afebd399776e84f6296e3e4f8e4770cc5222d4f7166961411ad9956d25b5b17e33a187a1dd0f5d5480302f5943ab2dcf3f1655ba4994ac403abc3f7ce8238698ac2fdf2569075606c0ed09415769de83fb350fa04c74fa0f5d18bbc4327be09ae95cfafa411c369ddcb7ff6ddd29550ac824f7a056732a4f70c9e78a153f2fdf906fbb33bed4db3e4b8940022ec9dc05cf9e7d72c2cd3d0bbb784ef4c779d605f6ac78b13cae83029d370c768aeca1766506bc54478af5bcbd78d3bc756edbd69ecbe9ff0ed4f4cdcaac7fdb09c6eb47cca791a8746eb440d4d55adefa62d64f5218a4f6cf419e1ab347d2cffdf1c5b7ab3f7de3720046213332c77a6ee9efb3143bca9eba1c600505c3ac7727d44a04119e1e09d7984b816973cc5bcdd7e98e429daafe324b12046a82dd19a9b7af79c74954e1b55e6d7d54269266266527f22fe2cf5189f8766db098f8bc00d4543bc5adb6646416af52052be8b1a2aa11dc898a8443e6183bde7d92a74c90b8d1a930e9b558e264be386eae413c63efe0ca44f5a5ea7df42cb82870f7a45b88578eb1bacfa3e757a014d0532095af8bb039cbf57dc7ecfe26d6a701c7669b129928118a"], 0xffffff62) ioctl$EXT4_IOC_MIGRATE(r3, 0x6609) 21:24:37 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:37 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:37 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2d", 0xa9, 0x10000}], 0x0, 0x0) 21:24:38 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) ioctl$MON_IOCX_GET(r0, 0x40189206, &(0x7f0000000100)={&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000080)=""/17, 0x11}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) 21:24:38 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b", 0xc5, 0x10000}], 0x0, 0x0) 21:24:38 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:38 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:38 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:38 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:40 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x2, 0x2) ioctl$IMCLEAR_L2(0xffffffffffffffff, 0x80044946, 0x0) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x37) ptrace$cont(0x18, r0, 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x3}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$cont(0x9, 0x0, 0x0, 0x0) 21:24:40 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b", 0xc5, 0x10000}], 0x0, 0x0) 21:24:40 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x20032600) fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000040)='trusted.overlay.upper\x00', &(0x7f0000000180)={0x0, 0xfb, 0x107, 0x4, 0x1, "5df1dbd6670b0bf8a7af9b42ce80e9bf", "16c12fefc918848a2f8465e03d18d8c4688d6d982c6add8ce0bea76752b5552e5a0037489fb930dee33cc025e8cfab4b12652e46ce3a08c9a0f89566489f8580d7da814ed588cf5fa3bf30626f1d157afcca2608c1e1a1de3e9f97042699472ed2e90dd9c1447a76f8137764fe5e829bac475a56b713ffcc014136054bb88a936740b93e699e0885e791bf1fe19aafee7e2a34667568ecdfc8e12103bd90df39aa3e5e6001da9577ff8d0eac6fda95c93be70e84ef62c5f9e17cac82850c8570d7a125741ff0ef3a5f95148ee360ed9ec17a1e2cff6988f71d501976d3622782806f7021103ce974db048a9c434db633ebd2"}, 0x107, 0x2) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) 21:24:40 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 21:24:40 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:40 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:41 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:41 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 21:24:41 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:41 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:41 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b", 0xc5, 0x10000}], 0x0, 0x0) 21:24:41 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 21:24:44 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r0, &(0x7f0000000080)=ANY=[], 0x164ea0d1) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cachefiles\x00', 0x2, 0x0) 21:24:44 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:44 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:44 executing program 3: setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, 0x0, 0x0) r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x0, 0x0) setsockopt$inet_dccp_buf(r0, 0x21, 0x80, &(0x7f0000000300)="19fb402386e42cc382e9f223509f6540234844c99d47022a008027b83033dc7fa0c72d577f911bf051283fe0e355dc2547822cbb8125da3035bbebdbe5e7568c589270d6e1c7aef1732fd2c423607c722c45593901cf2a1aa42826aec94474fe699a6888f2ff9f7a4e5f807a9f0ebcd7b0dc2f488e727db00d3ee794bdb239e26634743bc10bf9e9b399", 0x8a) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x803, 0x3) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000040)={'bridge0\x00h\x00\x01\xd8\x00H\x00L'}) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0xb, 0x7d, 0x1, 0x5, 0x1, 0xffffffffffffffff, 0x5}, 0x3c) bpf$MAP_CREATE(0x0, &(0x7f0000ed1000)={0xc, 0x4, 0x0, 0x8000000007, 0x0, r2}, 0x3c) 21:24:44 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b215", 0xd3, 0x10000}], 0x0, 0x0) 21:24:44 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b", 0x71, 0x10000}], 0x0, 0x0) [ 373.958707] bridge0: port 2(bridge_slave_1) entered disabled state [ 373.968056] bridge0: port 1(bridge_slave_0) entered disabled state [ 373.993076] BTRFS error (device loop2): unsupported checksum algorithm 27691 21:24:44 executing program 5: openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r0, 0xae47, 0xd000) ioctl$KVM_RUN(r1, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r1, 0xae80, 0x0) [ 374.016973] BTRFS error (device loop2): superblock checksum mismatch 21:24:44 executing program 3: setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, 0x0, 0x0) r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x0, 0x0) setsockopt$inet_dccp_buf(r0, 0x21, 0x80, &(0x7f0000000300)="19fb402386e42cc382e9f223509f6540234844c99d47022a008027b83033dc7fa0c72d577f911bf051283fe0e355dc2547822cbb8125da3035bbebdbe5e7568c589270d6e1c7aef1732fd2c423607c722c45593901cf2a1aa42826aec94474fe699a6888f2ff9f7a4e5f807a9f0ebcd7b0dc2f488e727db00d3ee794bdb239e26634743bc10bf9e9b399", 0x8a) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x803, 0x3) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000040)={'bridge0\x00h\x00\x01\xd8\x00H\x00L'}) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0xb, 0x7d, 0x1, 0x5, 0x1, 0xffffffffffffffff, 0x5}, 0x3c) bpf$MAP_CREATE(0x0, &(0x7f0000ed1000)={0xc, 0x4, 0x0, 0x8000000007, 0x0, r2}, 0x3c) 21:24:44 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b215", 0xd3, 0x10000}], 0x0, 0x0) [ 374.092902] BTRFS error (device loop2): open_ctree failed [ 374.100965] BTRFS error (device loop2): unsupported checksum algorithm 27691 [ 374.129198] BTRFS error (device loop2): superblock checksum mismatch 21:24:44 executing program 5: openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r0, 0xae47, 0xd000) ioctl$KVM_RUN(r1, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r1, 0xae80, 0x0) 21:24:44 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:44 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b215", 0xd3, 0x10000}], 0x0, 0x0) [ 374.251428] BTRFS error (device loop2): open_ctree failed [ 374.267150] BTRFS error (device loop2): unsupported checksum algorithm 27691 [ 374.319636] BTRFS error (device loop2): superblock checksum mismatch [ 374.441297] BTRFS error (device loop2): open_ctree failed [ 374.451133] BTRFS error (device loop3): unsupported checksum algorithm 27691 [ 374.458353] BTRFS error (device loop3): superblock checksum mismatch [ 374.490266] BTRFS error (device loop3): open_ctree failed 21:24:44 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(r0, &(0x7f0000000040)='mements\x00\x00\x00\x00\x00\x00\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) 21:24:44 executing program 5: openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r0, 0xae47, 0xd000) ioctl$KVM_RUN(r1, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r1, 0xae80, 0x0) 21:24:44 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b", 0x71, 0x10000}], 0x0, 0x0) 21:24:44 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0b") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:44 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b215", 0xd3, 0x10000}], 0x0, 0x0) 21:24:44 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b215", 0xd3, 0x10000}], 0x0, 0x0) 21:24:44 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) mmap$perf(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x200000d, 0x1010, r0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) 21:24:44 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0b") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:44 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 374.664141] BTRFS error (device loop3): unsupported checksum algorithm 27691 [ 374.697308] BTRFS error (device loop3): superblock checksum mismatch 21:24:44 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 374.761108] BTRFS error (device loop3): open_ctree failed [ 374.770587] BTRFS error (device loop3): unsupported checksum algorithm 27691 [ 374.792009] BTRFS error (device loop3): superblock checksum mismatch 21:24:44 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b215", 0xd3, 0x10000}], 0x0, 0x0) 21:24:44 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0b") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:44 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:44 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b215", 0xd3, 0x10000}], 0x0, 0x0) [ 374.871283] BTRFS error (device loop3): open_ctree failed [ 374.893855] BTRFS error (device loop3): unsupported checksum algorithm 27691 [ 374.916590] BTRFS error (device loop3): superblock checksum mismatch 21:24:45 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b", 0x71, 0x10000}], 0x0, 0x0) 21:24:45 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(r0, &(0x7f0000000040)='cpuset.effective_mems\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) 21:24:45 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b21546e5e071341bf7", 0xda, 0x10000}], 0x0, 0x0) [ 375.040205] BTRFS error (device loop3): open_ctree failed [ 375.065563] BTRFS error (device loop2): unsupported checksum algorithm 27691 21:24:45 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47b") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:45 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:45 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:45 executing program 4: openat$audio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0xa0000, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='\a\x00\x00\x98\x00\x00\x9d\xf6\r\xe3\x00\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r0, 0x810c5701, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) [ 375.088505] BTRFS error (device loop2): superblock checksum mismatch 21:24:45 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) 21:24:45 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47b") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:45 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 375.233620] BTRFS error (device loop2): open_ctree failed [ 375.243824] BTRFS error (device loop2): unsupported checksum algorithm 27691 21:24:45 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b215", 0xd3, 0x10000}], 0x0, 0x0) 21:24:45 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47b") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) [ 375.281128] BTRFS error (device loop2): superblock checksum mismatch 21:24:45 executing program 0: syz_mount_image$btrfs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b", 0x71, 0x10000}], 0x0, 0x0) [ 375.360498] BTRFS error (device loop2): open_ctree failed 21:24:45 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 375.405764] BTRFS error (device loop3): unsupported checksum algorithm 27691 [ 375.425012] BTRFS error (device loop3): superblock checksum mismatch 21:24:45 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b21546e5e071341bf7", 0xda, 0x10000}], 0x0, 0x0) 21:24:45 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf0") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:45 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) set_thread_area(&(0x7f0000000040)={0xff, 0x100000, 0x2000, 0x3, 0x0, 0xdfd, 0x6, 0x100000000, 0xfffffffffffff001, 0x80}) getpeername$inet(r0, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x20032600) setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r2, 0x28, 0x0, &(0x7f0000000080)=0x100000001, 0x8) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) 21:24:45 executing program 0: syz_mount_image$btrfs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b", 0x71, 0x10000}], 0x0, 0x0) [ 375.552196] BTRFS error (device loop3): open_ctree failed 21:24:45 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b215", 0xd3, 0x10000}], 0x0, 0x0) [ 375.617998] BTRFS error (device loop2): unsupported checksum algorithm 27691 21:24:45 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, 0x0, &(0x7f0000000180)) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:45 executing program 0: syz_mount_image$btrfs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b", 0x71, 0x10000}], 0x0, 0x0) 21:24:45 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf0") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) [ 375.659507] BTRFS error (device loop2): superblock checksum mismatch [ 375.780446] BTRFS error (device loop2): open_ctree failed [ 375.793959] BTRFS error (device loop3): unsupported checksum algorithm 27691 21:24:45 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', 0x0, 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b", 0x71, 0x10000}], 0x0, 0x0) 21:24:45 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(0xffffffffffffffff, 0x6609) 21:24:45 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b21546e5e071341bf7", 0xda, 0x10000}], 0x0, 0x0) 21:24:45 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf0") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) [ 375.871575] BTRFS error (device loop3): superblock checksum mismatch 21:24:46 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', 0x0, 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b", 0x71, 0x10000}], 0x0, 0x0) 21:24:46 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:46 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) epoll_ctl$EPOLL_CTL_DEL(r0, 0x2, r0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(r0, &(0x7f0000000140)='pids.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) [ 375.941314] BTRFS error (device loop3): open_ctree failed [ 375.968362] BTRFS error (device loop2): unsupported checksum algorithm 27691 21:24:46 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b215", 0xd3, 0x10000}], 0x0, 0x0) [ 376.013534] BTRFS error (device loop2): superblock checksum mismatch 21:24:46 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) [ 376.090602] BTRFS error (device loop2): open_ctree failed [ 376.144907] BTRFS error (device loop3): unsupported checksum algorithm 27691 [ 376.154006] BTRFS error (device loop3): superblock checksum mismatch 21:24:46 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) ioctl$TUNGETDEVNETNS(r0, 0x54e3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) 21:24:46 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', 0x0, 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b", 0x71, 0x10000}], 0x0, 0x0) 21:24:46 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b215", 0xd3, 0x10000}], 0x0, 0x0) 21:24:46 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, 0x0, &(0x7f0000000180)) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:46 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) [ 376.250471] BTRFS error (device loop3): open_ctree failed 21:24:46 executing program 3: syz_mount_image$btrfs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b215", 0xd3, 0x10000}], 0x0, 0x0) 21:24:46 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(0xffffffffffffffff, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:46 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 376.359650] BTRFS error (device loop2): unsupported checksum algorithm 27691 [ 376.387323] BTRFS error (device loop2): superblock checksum mismatch [ 376.451566] BTRFS error (device loop2): open_ctree failed 21:24:46 executing program 4: r0 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/policy\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000180)={0x0, @in={{0x2, 0x4e22, @multicast2}}}, &(0x7f0000000240)=0x84) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000280)=@sack_info={r1, 0x0, 0x81}, &(0x7f00000002c0)=0xc) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0xb) socket$inet_udplite(0x2, 0x2, 0x88) r3 = openat$cgroup_ro(r0, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$DRM_IOCTL_WAIT_VBLANK(r3, 0xc018643a, &(0x7f0000000040)={0x20000000, 0x2, 0x30}) ioctl$EXT4_IOC_MIGRATE(r3, 0x6609) sendmsg$alg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000300)="94bc09e61934505abcc91fcca18f1527a42f9973a43b605f102dc7e8c345d43ac9c81e69ffec30f3c488221869e697d480df474daf65ec527712536f758a1001a713ccc0e66054e606102e36bfa2659d393f375bd02467d962f1e06d5ebe2dac5418d47689f3e2882a104f542b0ade9c0b6fa642cae291a670a24ea36bc850cdad2ec9d448c710ab049d21cf648437dad247e8c905eea5aa7567cfdaffa4135f03377557c10d241885e66c2ece739ecb042565a20024b24d4d743812e6006f9907debf2a9a8f0812db07e4bf5658c8f5829ef2f9a34fde25403d3279ac6ee63589bedc9834fead21ac90a9207804650d5ec6654afc6d74", 0xf7}, {&(0x7f0000000400)="dcb092a87620f4edff406c4f3a80d5e096f07a77dc25d1ca0dae2fa31be85a4581b885519cdaf4aa56cb3553ae10bd872cec45c83ad1d072c356f15adc2652bcfa1f38674da105fd4acbd2be6d76da2407c2898a902b0187719961ff775783db31a05132c5f7346f9adf4aeb965ae57b1dc8726cbc8773f4653702d3142608", 0x7f}, {&(0x7f00000000c0)="81883e304411d02a8d6357fa9d2a321967a896ce6cc490", 0x17}, {&(0x7f0000000140)="7f8140fa6bee77f3597b0bfe2efcadf04ee69ea9de9970c7f9bd0e8d0c4b1c6286c07295c21d7c07f424e70ecd36c90f", 0x30}, {&(0x7f0000000480)="74fe889d279607b48575d41569286ace4295d31c9c06afb0f979a13ef441bdaab0a9e859c4d5279dfc0075de8252f087cc83fc3b03945aa067c7febef3292888f833ca7673f7b8acb164796bcf48234cd915b5f1a572dac91b32fa9132618a2770f8b75dbcef103c96aa76095407cee732e6c26dfd077579ad02115a7f", 0x7d}], 0x5, &(0x7f0000000580)=[@iv={0x20, 0x117, 0x2, 0xa, "2a9a71d3a5cfa6f709e2"}, @op={0x18, 0x117, 0x3, 0x73a69b4d7e74dcb1}], 0x38, 0x44000}, 0x40001) 21:24:46 executing program 3: syz_mount_image$btrfs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b215", 0xd3, 0x10000}], 0x0, 0x0) 21:24:46 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(0xffffffffffffffff, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:46 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96", 0xcc, 0x10000}], 0x0, 0x0) 21:24:46 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 21:24:46 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(0xffffffffffffffff, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) [ 376.641536] BTRFS: device fsid fff6f2a2-2997-48ae-b81e-1b00920efd9a devid 9886936 transid 15394767792240231233 /dev/loop2 21:24:46 executing program 3: syz_mount_image$btrfs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b215", 0xd3, 0x10000}], 0x0, 0x0) [ 376.746378] BTRFS error (device loop2): unsupported checksum algorithm 27691 [ 376.765448] BTRFS error (device loop2): superblock checksum mismatch [ 376.860843] BTRFS error (device loop2): open_ctree failed 21:24:47 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, 0x0, &(0x7f0000000180)) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:47 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, 0x0) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:47 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 21:24:47 executing program 4: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x4) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000080)=0x226) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r1, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40106614, &(0x7f0000000100)={0x0, @speck128}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r1, 0xc05c5340, &(0x7f0000000180)={0x71f2, 0x35, 0x2, {0x77359400}, 0x2, 0x9e}) write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(r3, 0x6609) 21:24:47 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', 0x0, 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b215", 0xd3, 0x10000}], 0x0, 0x0) 21:24:47 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b", 0xc5, 0x10000}], 0x0, 0x0) 21:24:47 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, 0x0) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:47 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', 0x0, 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b215", 0xd3, 0x10000}], 0x0, 0x0) 21:24:47 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0) 21:24:47 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b", 0xc5, 0x10000}], 0x0, 0x0) 21:24:47 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, 0x0) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:47 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', 0x0, 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b215", 0xd3, 0x10000}], 0x0, 0x0) 21:24:47 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:47 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x81656) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) 21:24:47 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b", 0xc5, 0x10000}], 0x0, 0x0) 21:24:47 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0) 21:24:47 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 21:24:47 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(0xffffffffffffffff, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:47 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 21:24:47 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(0xffffffffffffffff, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:47 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0) 21:24:47 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) set_robust_list(&(0x7f00000001c0)={&(0x7f0000000080)={&(0x7f0000000040)}, 0x7, &(0x7f0000000180)={&(0x7f0000000100)}}, 0x18) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) 21:24:47 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 21:24:47 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4f", 0xc9, 0x10000}], 0x0, 0x0) 21:24:48 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:48 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(0xffffffffffffffff, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:48 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, 0x0) 21:24:48 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0) 21:24:48 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4f", 0xc9, 0x10000}], 0x0, 0x0) 21:24:48 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0) 21:24:48 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) 21:24:48 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, 0x0) 21:24:48 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, 0x0) 21:24:48 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0) 21:24:48 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4f", 0xc9, 0x10000}], 0x0, 0x0) 21:24:48 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, 0x0) 21:24:48 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:48 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) syz_open_procfs(r1, &(0x7f0000000080)='syscall\x00') ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(r3, 0x6609) 21:24:48 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, 0x0) 21:24:48 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600), 0x0, 0x10000}], 0x0, 0x0) 21:24:48 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, 0x0) 21:24:48 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc", 0xcb, 0x10000}], 0x0, 0x0) 21:24:48 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, 0x0) 21:24:48 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600), 0x0, 0x10000}], 0x0, 0x0) [ 378.486804] BTRFS: device fsid fff6f2a2-2997-48ae-b81e-1b00920efd9a devid 56536 transid 15394767792240231233 /dev/loop2 21:24:48 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, 0x0) [ 378.557088] BTRFS error (device loop2): unsupported checksum algorithm 27691 [ 378.605086] BTRFS error (device loop2): superblock checksum mismatch 21:24:48 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, 0x0) 21:24:48 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)) 21:24:48 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600), 0x0, 0x10000}], 0x0, 0x0) [ 378.720217] BTRFS error (device loop2): open_ctree failed 21:24:49 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r0, 0xae47, 0xd000) ioctl$KVM_RUN(r1, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r1, 0xae80, 0x0) 21:24:49 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) accept$unix(r1, &(0x7f0000000200)=@abs, &(0x7f0000000280)=0x6e) ioctl$BLKSECDISCARD(r0, 0x127d, &(0x7f0000000040)=0x8) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) setsockopt$RDS_RECVERR(r2, 0x114, 0x5, &(0x7f0000000080)=0x1, 0x4) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) getpeername$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000180)=0x14) setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f00000001c0)={@local, @local, r3}, 0xc) 21:24:49 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc", 0xcb, 0x10000}], 0x0, 0x0) 21:24:49 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)) 21:24:49 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001", 0x39, 0x10000}], 0x0, 0x0) 21:24:49 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600), 0x0, 0x10000}], 0x0, 0x0) 21:24:49 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001", 0x39, 0x10000}], 0x0, 0x0) 21:24:49 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r0, 0xae47, 0xd000) ioctl$KVM_RUN(r1, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r1, 0xae80, 0x0) 21:24:49 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600), 0x0, 0x10000}], 0x0, 0x0) 21:24:49 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)) [ 379.041187] BTRFS error (device loop2): unsupported checksum algorithm 27691 21:24:49 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x20032600) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r2, 0x84, 0x65, &(0x7f0000000180)=[@in={0x2, 0x4e21, @local}, @in={0x2, 0x4e23, @multicast1}, @in={0x2, 0x4e23, @local}, @in6={0xa, 0x4e20, 0x1, @mcast1, 0x7}], 0x4c) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) 21:24:49 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r0, 0xae47, 0xd000) ioctl$KVM_RUN(r1, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r1, 0xae80, 0x0) [ 379.098375] BTRFS error (device loop2): superblock checksum mismatch 21:24:49 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001", 0x39, 0x10000}], 0x0, 0x0) 21:24:49 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 379.240548] BTRFS error (device loop2): open_ctree failed 21:24:49 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc", 0xcb, 0x10000}], 0x0, 0x0) 21:24:49 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x81656) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) 21:24:49 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600), 0x0, 0x10000}], 0x0, 0x0) 21:24:49 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615", 0x55, 0x10000}], 0x0, 0x0) 21:24:49 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:49 executing program 4: r0 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/policy\x00', 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r1, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$key(0xf, 0x3, 0x2) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f00000002c0)=0x140000000) ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r1, 0xc0305302, &(0x7f0000000040)={0x9c4b, 0x4, 0x5fc, 0x2940000000, 0x8, 0x2}) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x20032600) bind$alg(r0, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'morus1280-avx2\x00'}, 0x58) getsockname(r2, &(0x7f0000000200)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x80) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000280)={'team0\x00', r4}) ioctl$EXT4_IOC_MIGRATE(r3, 0x6609) [ 379.405302] BTRFS error (device loop2): unsupported checksum algorithm 27691 [ 379.467276] BTRFS error (device loop2): superblock checksum mismatch 21:24:49 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0f", 0x6a, 0x10000}], 0x0, 0x0) [ 379.531337] BTRFS error (device loop2): open_ctree failed [ 379.543419] BTRFS error (device loop2): unsupported checksum algorithm 27691 21:24:49 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:49 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96", 0xcc}], 0x0, 0x0) 21:24:49 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc", 0xcb, 0x10000}], 0x0, 0x0) [ 379.582410] BTRFS error (device loop2): superblock checksum mismatch 21:24:49 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:49 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96", 0xcc}], 0x0, 0x0) [ 379.720270] BTRFS error (device loop2): open_ctree failed [ 379.734651] BTRFS error (device loop1): unsupported checksum algorithm 27691 [ 379.752523] BTRFS error (device loop1): superblock checksum mismatch 21:24:49 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001", 0x39, 0x10000}], 0x0, 0x0) 21:24:49 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8d", 0x1, 0x10000}], 0x0, 0x0) 21:24:49 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) syz_open_dev$cec(&(0x7f0000000040)='/dev/cec#\x00', 0x1, 0x2) 21:24:50 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001", 0x39, 0x10000}], 0x0, 0x0) 21:24:50 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96", 0xcc}], 0x0, 0x0) 21:24:50 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8d", 0x1, 0x10000}], 0x0, 0x0) [ 379.900374] BTRFS error (device loop1): open_ctree failed 21:24:50 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:50 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) ioctl$KVM_GET_DIRTY_LOG(r0, 0x4010ae42, &(0x7f0000000040)={0x10004, 0x0, &(0x7f0000ff9000/0x4000)=nil}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$sock_bt_cmtp_CMTPCONNADD(r0, 0x400443c8, &(0x7f0000000080)={r0, 0x8}) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) ioctl$KDDELIO(r0, 0x4b35, 0x6) 21:24:50 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc", 0xcb, 0x10000}], 0x0, 0x0) 21:24:50 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8d", 0x1, 0x10000}], 0x0, 0x0) 21:24:50 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001", 0x39, 0x10000}], 0x0, 0x0) 21:24:50 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:50 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0x0, 0x0) [ 380.251474] print_req_error: I/O error, dev loop3, sector 128 [ 380.270523] BTRFS error (device loop1): unsupported checksum algorithm 27691 21:24:50 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 21:24:50 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 380.296760] BTRFS error (device loop1): superblock checksum mismatch 21:24:50 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600), 0x0, 0x10000}], 0x0, 0x0) 21:24:50 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 380.380564] BTRFS error (device loop1): open_ctree failed 21:24:50 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0x0, 0x0) 21:24:50 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc", 0xcb, 0x10000}], 0x0, 0x0) 21:24:50 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 21:24:50 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96", 0xcc, 0x10000}], 0x0, 0x0) 21:24:50 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0x0, 0x0) 21:24:50 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:50 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96c723e69383b21546e5e071341bf7", 0xda, 0x10000}], 0x0, 0x0) 21:24:50 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) [ 380.680381] BTRFS error (device loop1): unsupported checksum algorithm 27691 21:24:50 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96", 0xcc, 0x10000}], 0x0, 0x0) 21:24:50 executing program 4: socket$inet_udplite(0x2, 0x2, 0x88) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:50 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 380.731270] BTRFS error (device loop1): superblock checksum mismatch 21:24:50 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d5", 0x50, 0x10000}], 0x0, 0x0) [ 380.810239] BTRFS error (device loop1): open_ctree failed 21:24:51 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33", 0x4e, 0x10000}], 0x0, 0x0) [ 380.858229] BTRFS: device fsid fff6f2a2-2997-48ae-b81e-1b00920efd9a [ 380.870714] devid 9886936 transid 15394767792240231233 /dev/loop2 21:24:51 executing program 1: syz_mount_image$btrfs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc", 0xcb, 0x10000}], 0x0, 0x0) 21:24:51 executing program 4: socket$inet_udplite(0x2, 0x2, 0x88) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 380.942377] BTRFS error (device loop2): unsupported checksum algorithm 27691 [ 380.997918] BTRFS error (device loop2): superblock checksum mismatch 21:24:51 executing program 4: socket$inet_udplite(0x2, 0x2, 0x88) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) [ 381.062395] BTRFS error (device loop2): open_ctree failed [ 381.070617] BTRFS error (device loop2): unsupported checksum algorithm 27691 [ 381.100682] BTRFS error (device loop2): superblock checksum mismatch 21:24:51 executing program 1: syz_mount_image$btrfs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc", 0xcb, 0x10000}], 0x0, 0x0) 21:24:51 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc96", 0xcc, 0x10000}], 0x0, 0x0) 21:24:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 381.166605] BTRFS error (device loop2): open_ctree failed [ 381.180924] BTRFS error (device loop2): unsupported checksum algorithm 27691 [ 381.203588] BTRFS error (device loop2): superblock checksum mismatch 21:24:51 executing program 1: syz_mount_image$btrfs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc", 0xcb, 0x10000}], 0x0, 0x0) 21:24:51 executing program 4: socket$inet_udplite(0x2, 0x2, 0x88) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) [ 381.280807] BTRFS error (device loop2): open_ctree failed 21:24:51 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d5", 0x50, 0x10000}], 0x0, 0x0) 21:24:51 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 21:24:51 executing program 4: socket$inet_udplite(0x2, 0x2, 0x88) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:51 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', 0x0, 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc", 0xcb, 0x10000}], 0x0, 0x0) 21:24:51 executing program 4: socket$inet_udplite(0x2, 0x2, 0x88) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:51 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 21:24:51 executing program 4: socket$inet_udplite(0x2, 0x2, 0x88) ioctl$EVIOCGPROP(0xffffffffffffffff, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(0xffffffffffffffff, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:51 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0x0, 0x0) 21:24:52 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:52 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', 0x0, 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc", 0xcb, 0x10000}], 0x0, 0x0) 21:24:52 executing program 4: socket$inet_udplite(0x2, 0x2, 0x88) ioctl$EVIOCGPROP(0xffffffffffffffff, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(0xffffffffffffffff, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:52 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0x0, 0x0) 21:24:52 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 21:24:52 executing program 4: socket$inet_udplite(0x2, 0x2, 0x88) ioctl$EVIOCGPROP(0xffffffffffffffff, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(0xffffffffffffffff, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:52 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0x0, 0x0) 21:24:52 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831a", 0x4b, 0x10000}], 0x0, 0x0) 21:24:52 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:52 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', 0x0, 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b07c68ae0fe62e118141158b304415f8964a824a4406500872b4a9af27e4756fd16211804a8cb527fa2caa935197578ef44cb0e5b24e434ad6e3ff0b87652c3fba79ae2dd2a83f2b60c5ce24a0f02598175ed494d0381702abe346917cf1e22b6ce5fb4fd8dc", 0xcb, 0x10000}], 0x0, 0x0) 21:24:52 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:52 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 382.491154] print_req_error: I/O error, dev loop1, sector 128 21:24:52 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:24:52 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f4248", 0x43, 0x10000}], 0x0, 0x0) 21:24:52 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:52 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 21:24:52 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266", 0x45, 0x10000}], 0x0, 0x0) 21:24:52 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:52 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:53 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f4248", 0x43, 0x10000}], 0x0, 0x0) 21:24:53 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266", 0x45, 0x10000}], 0x0, 0x0) 21:24:53 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 21:24:53 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:24:53 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:53 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266", 0x45, 0x10000}], 0x0, 0x0) 21:24:53 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f4248", 0x43, 0x10000}], 0x0, 0x0) 21:24:53 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 21:24:53 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(0xffffffffffffffff, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:53 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(0xffffffffffffffff, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:53 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:53 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 21:24:53 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:24:53 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0) 21:24:53 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d4183", 0x4a, 0x10000}], 0x0, 0x0) 21:24:53 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(0xffffffffffffffff, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:53 executing program 2: syz_mount_image$btrfs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:24:53 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 21:24:53 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, 0x0) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:53 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0) 21:24:53 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f424852", 0x44, 0x10000}], 0x0, 0x0) 21:24:53 executing program 2: syz_mount_image$btrfs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:24:54 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:54 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 21:24:54 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, 0x0) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:54 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f424852", 0x44, 0x10000}], 0x0, 0x0) 21:24:54 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0) 21:24:54 executing program 2: syz_mount_image$btrfs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:24:54 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, 0x0) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:54 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f424852", 0x44, 0x10000}], 0x0, 0x0) 21:24:54 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, 0x0) 21:24:54 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(0xffffffffffffffff, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:54 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0x0, 0x0) 21:24:54 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', 0x0, 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:24:54 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:54 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 21:24:54 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, 0x0) 21:24:54 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(0xffffffffffffffff, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:54 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0x0, 0x0) 21:24:54 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', 0x0, 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:24:54 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 21:24:54 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, 0x0) 21:24:54 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', 0x0, 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:24:54 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(0xffffffffffffffff, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:24:54 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0x0, 0x0) 21:24:54 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 21:24:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:55 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, 0x0) 21:24:55 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 21:24:55 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600), 0x0, 0x10000}], 0x0, 0x0) 21:24:55 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 21:24:55 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 21:24:55 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600), 0x0, 0x10000}], 0x0, 0x0) 21:24:55 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, 0x0) 21:24:55 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 21:24:55 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:55 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41", 0x49, 0x10000}], 0x0, 0x0) 21:24:55 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600), 0x0, 0x10000}], 0x0, 0x0) [ 385.196489] print_req_error: I/O error, dev loop1, sector 128 21:24:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:55 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0) 21:24:55 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, 0x0) 21:24:55 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:24:55 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd33a5d51958f24615f84b96bbde9cecae1220694baedae664b0", 0x66, 0x10000}], 0x0, 0x0) 21:24:55 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:55 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)) 21:24:55 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0) 21:24:55 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 21:24:55 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8d", 0x1, 0x10000}], 0x0, 0x0) 21:24:55 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)) 21:24:55 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0) 21:24:56 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:56 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 21:24:56 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8d", 0x1, 0x10000}], 0x0, 0x0) 21:24:56 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, 0x0) 21:24:56 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)) 21:24:56 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:56 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:24:56 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 21:24:56 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8d", 0x1, 0x10000}], 0x0, 0x0) 21:24:56 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, 0x0) 21:24:56 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a00000100", 0x34, 0x10000}], 0x0, 0x0) 21:24:56 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, 0x0) [ 386.570932] print_req_error: I/O error, dev loop1, sector 128 21:24:57 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:57 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:24:57 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0x0, 0x0) 21:24:57 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600), 0x0, 0x10000}], 0x0, 0x0) 21:24:57 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a00000100", 0x34, 0x10000}], 0x0, 0x0) [ 387.038843] print_req_error: I/O error, dev loop2, sector 128 [ 387.051187] print_req_error: I/O error, dev loop1, sector 128 21:24:57 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a00000100", 0x34, 0x10000}], 0x0, 0x0) 21:24:57 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a00000100", 0x34, 0x10000}], 0x0, 0x0) 21:24:57 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0x0, 0x0) 21:24:57 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600), 0x0, 0x10000}], 0x0, 0x0) 21:24:57 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:24:57 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600), 0x0, 0x10000}], 0x0, 0x0) [ 387.355466] print_req_error: I/O error, dev loop2, sector 128 21:24:57 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41831af8bd", 0x4d, 0x10000}], 0x0, 0x0) 21:24:57 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:57 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0x0, 0x0) 21:24:57 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:57 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2", 0x24, 0x10000}], 0x0, 0x0) 21:24:57 executing program 4: syz_mount_image$btrfs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:24:57 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a00000100", 0x34, 0x10000}], 0x0, 0x0) 21:24:57 executing program 4: syz_mount_image$btrfs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:24:57 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2", 0x24, 0x10000}], 0x0, 0x0) 21:24:57 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:57 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a00000100", 0x34, 0x10000}], 0x0, 0x0) 21:24:58 executing program 4: syz_mount_image$btrfs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:24:58 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2", 0x24, 0x10000}], 0x0, 0x0) 21:24:58 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(0xffffffffffffffff, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:58 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a00000100", 0x34, 0x10000}], 0x0, 0x0) 21:24:58 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0x0, 0x0) 21:24:58 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', 0x0, 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:24:58 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:58 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x20032600) bind$ax25(r2, &(0x7f0000000040)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x4}, [@default, @null, @default, @bcast, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) 21:24:58 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', 0x0, 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:24:58 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0x0, 0x0) 21:24:58 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f", 0x41, 0x10000}], 0x0, 0x0) 21:24:58 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(0xffffffffffffffff, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:58 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', 0x0, 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:24:58 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0x0, 0x0) 21:24:58 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f", 0x41, 0x10000}], 0x0, 0x0) 21:24:59 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(0xffffffffffffffff, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:59 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 21:24:59 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:59 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:59 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f", 0x41, 0x10000}], 0x0, 0x0) 21:24:59 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000", 0x3f, 0x10000}], 0x0, 0x0) 21:24:59 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 21:24:59 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:59 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, 0x0, 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:24:59 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 21:24:59 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000", 0x3f, 0x10000}], 0x0, 0x0) 21:24:59 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = request_key(&(0x7f0000000080)='pkcs7_test\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000180)='\x00', 0xfffffffffffffffd) keyctl$setperm(0x5, r2, 0x10000000) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$VIDIOC_STREAMOFF(r0, 0x40045613, &(0x7f00000001c0)=0x7) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0xe5, 0x2000) write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x20032600) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) 21:24:59 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 21:24:59 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000", 0x3f, 0x10000}], 0x0, 0x0) 21:24:59 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:25:00 executing program 3 (fault-call:0 fault-nth:0): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:00 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0) 21:25:00 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:25:00 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 21:25:00 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f424852", 0x44, 0x10000}], 0x0, 0x0) 21:25:00 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:25:00 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 390.168086] FAULT_INJECTION: forcing a failure. [ 390.168086] name failslab, interval 1, probability 0, space 0, times 0 21:25:00 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) [ 390.244530] CPU: 0 PID: 13160 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 390.251656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 390.251662] Call Trace: [ 390.251685] dump_stack+0x138/0x197 [ 390.251703] should_fail.cold+0x10f/0x159 [ 390.251721] should_failslab+0xdb/0x130 [ 390.275352] __kmalloc+0x2f0/0x7a0 [ 390.278897] ? __sb_end_write+0xc1/0x100 [ 390.282953] ? strnlen_user+0x12f/0x1a0 [ 390.282964] ? SyS_memfd_create+0xba/0x3a0 [ 390.282977] SyS_memfd_create+0xba/0x3a0 [ 390.282988] ? shmem_fcntl+0x130/0x130 [ 390.282998] ? do_syscall_64+0x53/0x640 [ 390.283010] ? shmem_fcntl+0x130/0x130 [ 390.299112] do_syscall_64+0x1e8/0x640 [ 390.299122] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 390.299140] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 390.299147] RIP: 0033:0x459879 [ 390.299156] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 [ 390.311829] ORIG_RAX: 000000000000013f [ 390.311837] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000459879 21:25:00 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f424852", 0x44, 0x10000}], 0x0, 0x0) 21:25:00 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0) [ 390.311843] RDX: 0000000020000228 RSI: 0000000000000000 RDI: 00000000004be7a8 [ 390.311849] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 390.311856] R10: 0000000000010000 R11: 0000000000000246 R12: 00007f66740e16d4 [ 390.311862] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:00 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d4183", 0x4a, 0x10000}], 0x0, 0x0) 21:25:00 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0) 21:25:00 executing program 3 (fault-call:0 fault-nth:1): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:00 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 390.617110] FAULT_INJECTION: forcing a failure. [ 390.617110] name failslab, interval 1, probability 0, space 0, times 0 [ 390.628733] CPU: 1 PID: 13201 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 390.635838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 390.645202] Call Trace: [ 390.647803] dump_stack+0x138/0x197 [ 390.651438] should_fail.cold+0x10f/0x159 [ 390.655606] should_failslab+0xdb/0x130 [ 390.659592] kmem_cache_alloc+0x2d7/0x780 [ 390.663746] ? __alloc_fd+0x1d4/0x4a0 [ 390.667570] __d_alloc+0x2d/0x9f0 [ 390.671023] ? lock_downgrade+0x6e0/0x6e0 [ 390.675199] d_alloc_pseudo+0x1e/0x30 [ 390.679007] __shmem_file_setup.part.0+0xd8/0x400 [ 390.683853] ? __alloc_fd+0x1d4/0x4a0 [ 390.683871] ? shmem_fill_super+0x8c0/0x8c0 [ 390.683891] SyS_memfd_create+0x1f9/0x3a0 [ 390.691982] ? shmem_fcntl+0x130/0x130 [ 390.691994] ? do_syscall_64+0x53/0x640 [ 390.692004] ? shmem_fcntl+0x130/0x130 [ 390.692014] do_syscall_64+0x1e8/0x640 [ 390.692025] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 390.716732] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 390.721928] RIP: 0033:0x459879 [ 390.725128] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 390.732840] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000459879 [ 390.740107] RDX: 0000000020000228 RSI: 0000000000000000 RDI: 00000000004be7a8 [ 390.747370] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 390.747376] R10: 0000000000010000 R11: 0000000000000246 R12: 00007f66740e16d4 [ 390.747382] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:00 executing program 0 (fault-call:2 fault-nth:0): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:00 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f424852", 0x44, 0x10000}], 0x0, 0x0) 21:25:00 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, 0x0) 21:25:00 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 21:25:00 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:25:00 executing program 3 (fault-call:0 fault-nth:2): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:01 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f4248526653", 0x46, 0x10000}], 0x0, 0x0) [ 390.888113] FAULT_INJECTION: forcing a failure. [ 390.888113] name failslab, interval 1, probability 0, space 0, times 0 [ 390.944504] FAULT_INJECTION: forcing a failure. [ 390.944504] name failslab, interval 1, probability 0, space 0, times 0 [ 390.957962] CPU: 1 PID: 13217 Comm: syz-executor.0 Not tainted 4.14.141 #37 [ 390.965083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 390.974431] Call Trace: [ 390.977020] dump_stack+0x138/0x197 [ 390.980648] should_fail.cold+0x10f/0x159 [ 390.984805] should_failslab+0xdb/0x130 [ 390.988808] kmem_cache_alloc_trace+0x2e9/0x790 [ 390.993490] ? lock_downgrade+0x6e0/0x6e0 [ 390.997700] slhc_init+0x89/0x4e7 [ 391.001263] ppp_ioctl+0xe9e/0x23bc [ 391.001288] ? ppp_nl_newlink+0x240/0x240 [ 391.001300] ? __might_sleep+0x93/0xb0 [ 391.009041] ? __fget+0x210/0x370 [ 391.009061] ? ppp_nl_newlink+0x240/0x240 [ 391.020516] do_vfs_ioctl+0x7ae/0x1060 [ 391.024404] ? selinux_file_mprotect+0x5d0/0x5d0 [ 391.029156] ? lock_downgrade+0x6e0/0x6e0 [ 391.033295] ? ioctl_preallocate+0x1c0/0x1c0 [ 391.037695] ? __fget+0x237/0x370 [ 391.041145] ? security_file_ioctl+0x89/0xb0 [ 391.045548] SyS_ioctl+0x8f/0xc0 [ 391.048901] ? do_vfs_ioctl+0x1060/0x1060 [ 391.053048] do_syscall_64+0x1e8/0x640 [ 391.056933] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 391.061781] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 391.066963] RIP: 0033:0x459879 [ 391.070146] RSP: 002b:00007f7caf464c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 391.077857] RAX: ffffffffffffffda RBX: 00007f7caf464c90 RCX: 0000000000459879 [ 391.085119] RDX: 0000000020000100 RSI: 0000000040047451 RDI: 0000000000000003 [ 391.092381] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 391.099645] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7caf4656d4 [ 391.106906] R13: 00000000004c34e3 R14: 00000000004d6d48 R15: 0000000000000004 [ 391.114190] CPU: 0 PID: 13223 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 391.121291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 391.130628] Call Trace: [ 391.133201] dump_stack+0x138/0x197 [ 391.136813] should_fail.cold+0x10f/0x159 [ 391.140946] should_failslab+0xdb/0x130 [ 391.144902] kmem_cache_alloc+0x2d7/0x780 [ 391.149029] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 391.154461] ? rcu_read_lock_sched_held+0x110/0x130 [ 391.159456] ? shmem_destroy_callback+0xa0/0xa0 [ 391.164105] shmem_alloc_inode+0x1c/0x50 [ 391.168146] alloc_inode+0x64/0x180 [ 391.171755] new_inode_pseudo+0x19/0xf0 [ 391.175708] new_inode+0x1f/0x40 [ 391.179052] shmem_get_inode+0x75/0x750 [ 391.183008] __shmem_file_setup.part.0+0x111/0x400 [ 391.187913] ? __alloc_fd+0x1d4/0x4a0 [ 391.191700] ? shmem_fill_super+0x8c0/0x8c0 [ 391.196003] SyS_memfd_create+0x1f9/0x3a0 [ 391.200132] ? shmem_fcntl+0x130/0x130 [ 391.204001] ? do_syscall_64+0x53/0x640 [ 391.207952] ? shmem_fcntl+0x130/0x130 [ 391.211819] do_syscall_64+0x1e8/0x640 [ 391.215688] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 391.220513] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 391.225679] RIP: 0033:0x459879 [ 391.228849] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 391.236535] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000459879 21:25:01 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, 0x0) 21:25:01 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) [ 391.243786] RDX: 0000000020000228 RSI: 0000000000000000 RDI: 00000000004be7a8 [ 391.251035] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 391.258295] R10: 0000000000010000 R11: 0000000000000246 R12: 00007f66740e16d4 [ 391.265547] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:01 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f4248526653", 0x46, 0x10000}], 0x0, 0x0) 21:25:01 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:25:01 executing program 0 (fault-call:2 fault-nth:1): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:01 executing program 3 (fault-call:0 fault-nth:3): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:01 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, 0x0) 21:25:01 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 21:25:01 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f4248526653", 0x46, 0x10000}], 0x0, 0x0) [ 391.482536] FAULT_INJECTION: forcing a failure. [ 391.482536] name failslab, interval 1, probability 0, space 0, times 0 [ 391.495023] FAULT_INJECTION: forcing a failure. [ 391.495023] name failslab, interval 1, probability 0, space 0, times 0 [ 391.542414] CPU: 1 PID: 13259 Comm: syz-executor.0 Not tainted 4.14.141 #37 [ 391.549548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 391.558904] Call Trace: [ 391.561501] dump_stack+0x138/0x197 [ 391.565143] should_fail.cold+0x10f/0x159 [ 391.569308] should_failslab+0xdb/0x130 [ 391.573292] __kmalloc+0x2f0/0x7a0 [ 391.576834] ? kmem_cache_alloc_trace+0x623/0x790 [ 391.581677] ? slhc_init+0x227/0x4e7 [ 391.585388] slhc_init+0x227/0x4e7 [ 391.588921] ppp_ioctl+0xe9e/0x23bc [ 391.592544] ? ppp_nl_newlink+0x240/0x240 [ 391.596770] ? __might_sleep+0x93/0xb0 [ 391.600650] ? __fget+0x210/0x370 [ 391.604099] ? ppp_nl_newlink+0x240/0x240 [ 391.608233] do_vfs_ioctl+0x7ae/0x1060 [ 391.612112] ? selinux_file_mprotect+0x5d0/0x5d0 [ 391.616860] ? lock_downgrade+0x6e0/0x6e0 [ 391.620998] ? ioctl_preallocate+0x1c0/0x1c0 [ 391.625397] ? __fget+0x237/0x370 [ 391.628844] ? security_file_ioctl+0x89/0xb0 [ 391.633244] SyS_ioctl+0x8f/0xc0 [ 391.636603] ? do_vfs_ioctl+0x1060/0x1060 21:25:01 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 391.640743] do_syscall_64+0x1e8/0x640 [ 391.644622] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 391.649457] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 391.654635] RIP: 0033:0x459879 [ 391.657811] RSP: 002b:00007f7caf443c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 391.665593] RAX: ffffffffffffffda RBX: 00007f7caf443c90 RCX: 0000000000459879 [ 391.672848] RDX: 0000000020000100 RSI: 0000000040047451 RDI: 0000000000000003 [ 391.672854] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 391.672860] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7caf4446d4 [ 391.672866] R13: 00000000004c34e3 R14: 00000000004d6d48 R15: 0000000000000004 [ 391.689857] CPU: 0 PID: 13255 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 391.709114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 391.718448] Call Trace: [ 391.721025] dump_stack+0x138/0x197 [ 391.724636] should_fail.cold+0x10f/0x159 [ 391.728764] should_failslab+0xdb/0x130 [ 391.732719] kmem_cache_alloc+0x2d7/0x780 [ 391.736845] ? shmem_alloc_inode+0x1c/0x50 [ 391.741060] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 391.746494] selinux_inode_alloc_security+0xb6/0x2a0 [ 391.751582] security_inode_alloc+0x94/0xd0 [ 391.755880] inode_init_always+0x552/0xaf0 [ 391.760092] alloc_inode+0x81/0x180 [ 391.763697] new_inode_pseudo+0x19/0xf0 [ 391.767649] new_inode+0x1f/0x40 [ 391.771006] shmem_get_inode+0x75/0x750 [ 391.774961] __shmem_file_setup.part.0+0x111/0x400 [ 391.779928] ? __alloc_fd+0x1d4/0x4a0 [ 391.783707] ? shmem_fill_super+0x8c0/0x8c0 [ 391.788010] SyS_memfd_create+0x1f9/0x3a0 [ 391.792137] ? shmem_fcntl+0x130/0x130 [ 391.796001] ? do_syscall_64+0x53/0x640 [ 391.799953] ? shmem_fcntl+0x130/0x130 [ 391.803819] do_syscall_64+0x1e8/0x640 [ 391.807685] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 391.812509] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 391.817681] RIP: 0033:0x459879 [ 391.820848] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 391.828533] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000459879 [ 391.835780] RDX: 0000000020000228 RSI: 0000000000000000 RDI: 00000000004be7a8 21:25:01 executing program 3 (fault-call:0 fault-nth:4): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 391.843029] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 391.850281] R10: 0000000000010000 R11: 0000000000000246 R12: 00007f66740e16d4 [ 391.857530] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:02 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d41", 0x49, 0x10000}], 0x0, 0x0) 21:25:02 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 21:25:02 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600), 0x0, 0x10000}], 0x0, 0x0) 21:25:02 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 391.991046] FAULT_INJECTION: forcing a failure. [ 391.991046] name failslab, interval 1, probability 0, space 0, times 0 21:25:02 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) [ 392.057401] CPU: 0 PID: 13283 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 392.064534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 392.073882] Call Trace: [ 392.076466] dump_stack+0x138/0x197 [ 392.080086] should_fail.cold+0x10f/0x159 [ 392.084222] should_failslab+0xdb/0x130 [ 392.088186] kmem_cache_alloc+0x2d7/0x780 [ 392.092321] ? lock_downgrade+0x6e0/0x6e0 [ 392.096450] get_empty_filp+0x8c/0x3f0 [ 392.100320] alloc_file+0x23/0x440 [ 392.103843] __shmem_file_setup.part.0+0x1b1/0x400 [ 392.108747] ? __alloc_fd+0x1d4/0x4a0 [ 392.112527] ? shmem_fill_super+0x8c0/0x8c0 [ 392.116834] SyS_memfd_create+0x1f9/0x3a0 [ 392.120962] ? shmem_fcntl+0x130/0x130 [ 392.124828] ? do_syscall_64+0x53/0x640 [ 392.128782] ? shmem_fcntl+0x130/0x130 [ 392.132648] do_syscall_64+0x1e8/0x640 [ 392.136513] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 392.142815] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 392.147988] RIP: 0033:0x459879 [ 392.151353] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 392.159040] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000459879 [ 392.166314] RDX: 0000000020000228 RSI: 0000000000000000 RDI: 00000000004be7a8 [ 392.173573] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 392.180823] R10: 0000000000010000 R11: 0000000000000246 R12: 00007f66740e16d4 [ 392.188071] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:02 executing program 0 (fault-call:2 fault-nth:2): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:02 executing program 3 (fault-call:0 fault-nth:5): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:02 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:02 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600), 0x0, 0x10000}], 0x0, 0x0) 21:25:02 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 392.319114] FAULT_INJECTION: forcing a failure. [ 392.319114] name failslab, interval 1, probability 0, space 0, times 0 [ 392.385436] CPU: 0 PID: 13308 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 392.392558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 392.401984] Call Trace: [ 392.404584] dump_stack+0x138/0x197 [ 392.408203] should_fail.cold+0x10f/0x159 [ 392.412338] should_failslab+0xdb/0x130 [ 392.416296] kmem_cache_alloc+0x2d7/0x780 [ 392.420428] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 392.425860] ? check_preemption_disabled+0x3c/0x250 [ 392.430859] selinux_file_alloc_security+0xb4/0x190 [ 392.435856] security_file_alloc+0x6d/0xa0 [ 392.440073] get_empty_filp+0x162/0x3f0 [ 392.444028] alloc_file+0x23/0x440 [ 392.447550] __shmem_file_setup.part.0+0x1b1/0x400 [ 392.452456] ? __alloc_fd+0x1d4/0x4a0 [ 392.456234] ? shmem_fill_super+0x8c0/0x8c0 [ 392.460543] SyS_memfd_create+0x1f9/0x3a0 [ 392.464668] ? shmem_fcntl+0x130/0x130 [ 392.468621] ? do_syscall_64+0x53/0x640 [ 392.472573] ? shmem_fcntl+0x130/0x130 [ 392.476441] do_syscall_64+0x1e8/0x640 [ 392.480305] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 392.485131] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 392.490296] RIP: 0033:0x459879 [ 392.493465] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 392.501151] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000459879 [ 392.508401] RDX: 0000000020000228 RSI: 0000000000000000 RDI: 00000000004be7a8 [ 392.515648] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 392.522896] R10: 0000000000010000 R11: 0000000000000246 R12: 00007f66740e16d4 21:25:02 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) [ 392.530147] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:02 executing program 3 (fault-call:0 fault-nth:6): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:02 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:25:02 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600), 0x0, 0x10000}], 0x0, 0x0) 21:25:02 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) r1 = syz_open_dev$swradio(&(0x7f0000000040)='/dev/swradio#\x00', 0x1, 0x2) ioctl$TIOCSPTLCK(r1, 0x40045431, &(0x7f0000000080)) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:02 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) [ 392.645009] FAULT_INJECTION: forcing a failure. [ 392.645009] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 392.710605] CPU: 1 PID: 13329 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 392.717730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 392.727072] Call Trace: [ 392.729652] dump_stack+0x138/0x197 [ 392.733274] should_fail.cold+0x10f/0x159 [ 392.737401] ? __might_sleep+0x93/0xb0 [ 392.741272] __alloc_pages_nodemask+0x1d6/0x7a0 [ 392.745924] ? __alloc_pages_slowpath+0x2930/0x2930 [ 392.750931] ? lock_downgrade+0x6e0/0x6e0 [ 392.755082] alloc_pages_vma+0xc9/0x4c0 [ 392.759043] shmem_alloc_page+0xf6/0x1a0 [ 392.763085] ? shmem_swapin+0x1a0/0x1a0 [ 392.767044] ? cred_has_capability+0x142/0x290 [ 392.771608] ? check_preemption_disabled+0x3c/0x250 [ 392.776605] ? __this_cpu_preempt_check+0x1d/0x30 [ 392.781426] ? percpu_counter_add_batch+0x112/0x160 [ 392.786424] ? __vm_enough_memory+0x26a/0x490 [ 392.790910] shmem_alloc_and_acct_page+0x12a/0x680 [ 392.795820] shmem_getpage_gfp+0x3e7/0x25d0 [ 392.800129] ? shmem_add_to_page_cache+0x860/0x860 [ 392.805040] ? iov_iter_fault_in_readable+0x1da/0x3c0 [ 392.810233] shmem_write_begin+0xfd/0x1b0 [ 392.814363] ? trace_hardirqs_on_caller+0x400/0x590 [ 392.819359] generic_perform_write+0x1f8/0x480 [ 392.823926] ? page_endio+0x530/0x530 [ 392.827707] ? current_time+0xb0/0xb0 [ 392.831490] ? generic_file_write_iter+0x9a/0x660 [ 392.836315] __generic_file_write_iter+0x239/0x5b0 [ 392.841230] generic_file_write_iter+0x303/0x660 [ 392.845967] __vfs_write+0x4a7/0x6b0 [ 392.849661] ? selinux_file_open+0x420/0x420 [ 392.854059] ? kernel_read+0x120/0x120 [ 392.857930] ? check_preemption_disabled+0x3c/0x250 [ 392.862928] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 392.868360] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 392.873097] ? __sb_start_write+0x153/0x2f0 [ 392.877397] vfs_write+0x198/0x500 [ 392.880918] SyS_pwrite64+0x115/0x140 [ 392.884698] ? SyS_pread64+0x140/0x140 [ 392.888567] ? do_syscall_64+0x53/0x640 [ 392.892524] ? SyS_pread64+0x140/0x140 [ 392.896394] do_syscall_64+0x1e8/0x640 [ 392.900260] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 392.905089] entry_SYSCALL_64_after_hwframe+0x42/0xb7 21:25:03 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2", 0x24, 0x10000}], 0x0, 0x0) [ 392.910255] RIP: 0033:0x4137c7 [ 392.913426] RSP: 002b:00007f66740e0a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 392.921115] RAX: ffffffffffffffda RBX: 0000000020000210 RCX: 00000000004137c7 [ 392.928371] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 0000000000000004 [ 392.935617] RBP: 0000000000000000 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 392.942878] R10: 0000000000010000 R11: 0000000000000293 R12: 0000000000000004 [ 392.950127] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:03 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:25:03 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 21:25:03 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ppp\x00', 0x2002, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:03 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0x0, 0x0) 21:25:03 executing program 3 (fault-call:0 fault-nth:7): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:03 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2", 0x24, 0x10000}], 0x0, 0x0) 21:25:03 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 21:25:03 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0x0, 0x0) 21:25:03 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) getresuid(&(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0)=0x0) setfsuid(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0xffffffffffffffff) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000180)={0x0}, &(0x7f00000001c0)=0xc) sendmsg$nl_generic(r2, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)={0xb0, 0x30, 0x200, 0x70bd28, 0x25dfdbfc, {0x7}, [@nested={0x70, 0x3c, [@generic="ca2e72d156074dcea3ee05f1f4e6b3e8e360797c843f36a3511dbf5121ebd68bc2ba38969bef6ea5846247d9c6c168b91604e0312fe8d5a51579b04477a7d3f1052b092c422299804cc20877f7c87d189e9371a295c71f0adda940fc026f605ffa6841", @typed={0x8, 0x16, @ipv4=@multicast2}]}, @generic="97a35a267961dbc033e45a07f8dd45cee6ec8a4f8ed5f9f49cd8", @typed={0x8, 0x70, @pid=r3}, @typed={0x8, 0x6f, @pid=r4}]}, 0xb0}, 0x1, 0x0, 0x0, 0xd4aa010ffb2e63b1}, 0xc7ec1c34ad777c64) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) [ 393.269088] FAULT_INJECTION: forcing a failure. [ 393.269088] name failslab, interval 1, probability 0, space 0, times 0 [ 393.280600] CPU: 0 PID: 13378 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 393.287791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 393.297137] Call Trace: [ 393.299757] dump_stack+0x138/0x197 [ 393.303401] should_fail.cold+0x10f/0x159 [ 393.307558] should_failslab+0xdb/0x130 [ 393.307574] kmem_cache_alloc+0x47/0x780 [ 393.307589] ? __alloc_pages_slowpath+0x2930/0x2930 [ 393.320598] ? lock_downgrade+0x6e0/0x6e0 [ 393.324754] radix_tree_node_alloc.constprop.0+0x1c7/0x310 [ 393.330380] __radix_tree_create+0x337/0x4d0 [ 393.334794] __radix_tree_insert+0xab/0x570 [ 393.339113] ? __radix_tree_create+0x4d0/0x4d0 [ 393.339134] shmem_add_to_page_cache+0x5a4/0x860 [ 393.339145] ? shmem_writepage+0xbb0/0xbb0 [ 393.339156] ? __radix_tree_preload+0x1d2/0x260 [ 393.339168] shmem_getpage_gfp+0x1757/0x25d0 [ 393.339188] ? shmem_add_to_page_cache+0x860/0x860 [ 393.339199] ? iov_iter_fault_in_readable+0x1da/0x3c0 [ 393.339209] shmem_write_begin+0xfd/0x1b0 [ 393.348667] ? trace_hardirqs_on_caller+0x400/0x590 [ 393.348681] generic_perform_write+0x1f8/0x480 [ 393.348698] ? page_endio+0x530/0x530 [ 393.348708] ? current_time+0xb0/0xb0 [ 393.348719] ? generic_file_write_iter+0x9a/0x660 [ 393.357585] __generic_file_write_iter+0x239/0x5b0 [ 393.357601] generic_file_write_iter+0x303/0x660 [ 393.357619] __vfs_write+0x4a7/0x6b0 [ 393.357630] ? selinux_file_open+0x420/0x420 21:25:03 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 393.366935] ? kernel_read+0x120/0x120 [ 393.366948] ? check_preemption_disabled+0x3c/0x250 [ 393.366963] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 393.366977] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 393.376273] ? __sb_start_write+0x153/0x2f0 [ 393.376286] vfs_write+0x198/0x500 [ 393.376300] SyS_pwrite64+0x115/0x140 [ 393.376310] ? SyS_pread64+0x140/0x140 [ 393.376320] ? do_syscall_64+0x53/0x640 [ 393.385873] ? SyS_pread64+0x140/0x140 [ 393.385886] do_syscall_64+0x1e8/0x640 [ 393.385895] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 393.385910] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 393.385919] RIP: 0033:0x4137c7 [ 393.393479] RSP: 002b:00007f66740e0a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 393.393489] RAX: ffffffffffffffda RBX: 0000000020000210 RCX: 00000000004137c7 [ 393.393495] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 0000000000000004 [ 393.393500] RBP: 0000000000000000 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 393.393505] R10: 0000000000010000 R11: 0000000000000293 R12: 0000000000000004 [ 393.393511] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:03 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0x0, 0x0) 21:25:03 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:25:03 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0x0, 0x0) 21:25:03 executing program 3 (fault-call:0 fault-nth:8): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:03 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2", 0x24, 0x10000}], 0x0, 0x0) 21:25:03 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) r1 = syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x10000, 0x800) write$P9_RMKDIR(r1, &(0x7f00000000c0)={0x14, 0x49, 0x2, {0x98, 0x4, 0x4}}, 0x14) fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f0000000040)=0x7) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) [ 393.685463] FAULT_INJECTION: forcing a failure. [ 393.685463] name failslab, interval 1, probability 0, space 0, times 0 [ 393.716114] CPU: 1 PID: 13418 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 393.723241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 393.732589] Call Trace: [ 393.732607] dump_stack+0x138/0x197 [ 393.732625] should_fail.cold+0x10f/0x159 [ 393.738799] should_failslab+0xdb/0x130 [ 393.746882] kmem_cache_alloc+0x2d7/0x780 [ 393.751047] ? vfs_write+0x25f/0x500 [ 393.754766] getname_flags+0xcb/0x580 [ 393.758547] ? check_preemption_disabled+0x3c/0x250 [ 393.763543] getname+0x1a/0x20 [ 393.766716] do_sys_open+0x1e7/0x430 [ 393.770410] ? filp_open+0x70/0x70 [ 393.773929] ? fput+0xd4/0x150 [ 393.777102] ? SyS_pwrite64+0xca/0x140 [ 393.780983] SyS_open+0x2d/0x40 [ 393.784241] ? do_sys_open+0x430/0x430 [ 393.788108] do_syscall_64+0x1e8/0x640 [ 393.791982] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 393.796808] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 393.801975] RIP: 0033:0x413761 [ 393.805142] RSP: 002b:00007f66740e0a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 393.812852] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000413761 [ 393.820101] RDX: 00007f66740e0b0a RSI: 0000000000000002 RDI: 00007f66740e0b00 [ 393.827350] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 393.834596] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 393.841854] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:04 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0x0, 0x0) 21:25:04 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0x0, 0x0) 21:25:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:25:04 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x200200, 0x0) ioctl$SG_SET_DEBUG(r1, 0x227e, &(0x7f0000000080)) ioctl$VT_WAITACTIVE(r1, 0x5607) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:04 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:04 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0x0, 0x0) 21:25:04 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0x0, 0x0) 21:25:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 21:25:04 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0x0, 0x0) 21:25:04 executing program 3 (fault-call:0 fault-nth:9): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:04 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) r1 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/hash_stats\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000240)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) ioctl$PPPIOCATTCHAN(r0, 0x40047438, &(0x7f0000000040)=0x2) 21:25:04 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 394.302234] FAULT_INJECTION: forcing a failure. [ 394.302234] name failslab, interval 1, probability 0, space 0, times 0 21:25:04 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000", 0x3f, 0x10000}], 0x0, 0x0) 21:25:04 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcs\x00', 0xa4000, 0x0) write$P9_RREMOVE(r1, &(0x7f0000000140)={0x7, 0x7b, 0x1}, 0x7) ioctl$PPPIOCDISCONN(r0, 0x7439) r2 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r2, 0xc008551a, &(0x7f0000000080)=ANY=[@ANYBLOB="83f600002400000001000000000000000200000203040000080000002c92de660000000009000000af189d00"]) [ 394.420500] CPU: 1 PID: 13477 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 394.427639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 394.436992] Call Trace: [ 394.439588] dump_stack+0x138/0x197 [ 394.443227] should_fail.cold+0x10f/0x159 [ 394.447386] should_failslab+0xdb/0x130 [ 394.451366] kmem_cache_alloc+0x2d7/0x780 [ 394.455520] ? save_stack+0xa9/0xd0 [ 394.459149] get_empty_filp+0x8c/0x3f0 [ 394.463032] path_openat+0x8f/0x3f70 21:25:04 executing program 1 (fault-call:0 fault-nth:0): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:04 executing program 2 (fault-call:0 fault-nth:0): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 21:25:04 executing program 3 (fault-call:0 fault-nth:10): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 394.463043] ? generic_perform_write+0x34f/0x480 [ 394.463062] ? path_lookupat.isra.0+0x7b0/0x7b0 [ 394.463074] ? save_trace+0x290/0x290 [ 394.463086] ? __alloc_fd+0x1d4/0x4a0 [ 394.463097] do_filp_open+0x18e/0x250 [ 394.463105] ? may_open_dev+0xe0/0xe0 [ 394.463116] ? lock_downgrade+0x6e0/0x6e0 [ 394.463132] ? _raw_spin_unlock+0x2d/0x50 [ 394.463139] ? __alloc_fd+0x1d4/0x4a0 [ 394.463156] do_sys_open+0x2c5/0x430 [ 394.463165] ? filp_open+0x70/0x70 [ 394.463172] ? fput+0xd4/0x150 [ 394.463180] ? SyS_pwrite64+0xca/0x140 [ 394.463190] SyS_open+0x2d/0x40 [ 394.463197] ? do_sys_open+0x430/0x430 [ 394.463207] do_syscall_64+0x1e8/0x640 [ 394.463214] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 394.463228] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 394.463235] RIP: 0033:0x413761 [ 394.463240] RSP: 002b:00007f66740e0a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 394.463250] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000413761 [ 394.463255] RDX: 00007f66740e0b0a RSI: 0000000000000002 RDI: 00007f66740e0b00 [ 394.463261] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 394.463266] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 394.463270] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 394.527889] FAULT_INJECTION: forcing a failure. [ 394.527889] name failslab, interval 1, probability 0, space 0, times 0 [ 394.573368] FAULT_INJECTION: forcing a failure. [ 394.573368] name failslab, interval 1, probability 0, space 0, times 0 [ 394.580931] FAULT_INJECTION: forcing a failure. [ 394.580931] name failslab, interval 1, probability 0, space 0, times 0 [ 394.589833] CPU: 1 PID: 13493 Comm: syz-executor.1 Not tainted 4.14.141 #37 [ 394.609969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 394.609974] Call Trace: [ 394.609991] dump_stack+0x138/0x197 [ 394.610008] should_fail.cold+0x10f/0x159 [ 394.610024] should_failslab+0xdb/0x130 [ 394.610036] __kmalloc+0x2f0/0x7a0 [ 394.610044] ? __sb_end_write+0xc1/0x100 [ 394.610054] ? strnlen_user+0x12f/0x1a0 [ 394.610062] ? SyS_memfd_create+0xba/0x3a0 [ 394.610071] SyS_memfd_create+0xba/0x3a0 [ 394.610085] ? shmem_fcntl+0x130/0x130 [ 394.643846] ? do_syscall_64+0x53/0x640 [ 394.643859] ? shmem_fcntl+0x130/0x130 [ 394.643871] do_syscall_64+0x1e8/0x640 [ 394.643880] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 394.643898] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 394.643905] RIP: 0033:0x459879 [ 394.643912] RSP: 002b:00007f91b8a23a88 EFLAGS: 00000246 [ 394.659544] ORIG_RAX: 000000000000013f [ 394.659551] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000459879 [ 394.659557] RDX: 0000000020000228 RSI: 0000000000000000 RDI: 00000000004be7a8 [ 394.659563] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 394.659568] R10: 0000000000010000 R11: 0000000000000246 R12: 00007f91b8a246d4 [ 394.659575] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 394.668810] CPU: 0 PID: 13496 Comm: syz-executor.2 Not tainted 4.14.141 #37 [ 394.753423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 394.753427] Call Trace: [ 394.753443] dump_stack+0x138/0x197 [ 394.753456] should_fail.cold+0x10f/0x159 [ 394.753467] should_failslab+0xdb/0x130 [ 394.753476] __kmalloc+0x2f0/0x7a0 [ 394.753483] ? __sb_end_write+0xc1/0x100 [ 394.753490] ? strnlen_user+0x12f/0x1a0 [ 394.753497] ? SyS_memfd_create+0xba/0x3a0 [ 394.753505] SyS_memfd_create+0xba/0x3a0 [ 394.753512] ? shmem_fcntl+0x130/0x130 [ 394.753520] ? do_syscall_64+0x53/0x640 [ 394.753526] ? shmem_fcntl+0x130/0x130 [ 394.753534] do_syscall_64+0x1e8/0x640 [ 394.753540] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 394.753553] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 394.753559] RIP: 0033:0x459879 [ 394.753563] RSP: 002b:00007f261cb1ea88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 394.753571] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000459879 [ 394.753575] RDX: 0000000020000228 RSI: 0000000000000000 RDI: 00000000004be7a8 [ 394.753579] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 394.753584] R10: 0000000000010000 R11: 0000000000000246 R12: 00007f261cb1f6d4 [ 394.753588] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 394.753912] CPU: 1 PID: 13497 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 394.769354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 394.769359] Call Trace: [ 394.769376] dump_stack+0x138/0x197 [ 394.769393] should_fail.cold+0x10f/0x159 [ 394.769408] should_failslab+0xdb/0x130 [ 394.769420] kmem_cache_alloc+0x2d7/0x780 [ 394.769430] ? save_stack+0xa9/0xd0 [ 394.769443] get_empty_filp+0x8c/0x3f0 [ 394.777522] path_openat+0x8f/0x3f70 [ 394.777538] ? trace_hardirqs_on+0x10/0x10 21:25:05 executing program 3 (fault-call:0 fault-nth:11): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:05 executing program 1 (fault-call:0 fault-nth:1): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 394.777551] ? check_preemption_disabled+0x3c/0x250 [ 394.777568] ? path_lookupat.isra.0+0x7b0/0x7b0 [ 394.777582] ? find_held_lock+0x35/0x130 [ 394.777591] ? save_trace+0x290/0x290 [ 394.777602] ? __alloc_fd+0x1d4/0x4a0 [ 394.777613] do_filp_open+0x18e/0x250 [ 394.785172] ? may_open_dev+0xe0/0xe0 [ 394.785186] ? lock_downgrade+0x6e0/0x6e0 [ 394.785201] ? _raw_spin_unlock+0x2d/0x50 [ 394.785211] ? __alloc_fd+0x1d4/0x4a0 [ 394.785232] do_sys_open+0x2c5/0x430 [ 394.785243] ? filp_open+0x70/0x70 21:25:05 executing program 2 (fault-call:0 fault-nth:1): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 394.785250] ? fput+0xd4/0x150 [ 394.785260] ? SyS_pwrite64+0xca/0x140 [ 394.805306] SyS_open+0x2d/0x40 [ 394.805316] ? do_sys_open+0x430/0x430 [ 394.805328] do_syscall_64+0x1e8/0x640 [ 394.805338] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 394.805355] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 394.805363] RIP: 0033:0x413761 [ 394.805368] RSP: 002b:00007f66740e0a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 394.805380] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000413761 [ 394.823117] RDX: 00007f66740e0b0a RSI: 0000000000000002 RDI: 00007f66740e0b00 [ 394.823124] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 394.823129] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 394.823135] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 394.995264] FAULT_INJECTION: forcing a failure. [ 394.995264] name failslab, interval 1, probability 0, space 0, times 0 [ 395.003524] FAULT_INJECTION: forcing a failure. [ 395.003524] name failslab, interval 1, probability 0, space 0, times 0 [ 395.024788] FAULT_INJECTION: forcing a failure. [ 395.024788] name failslab, interval 1, probability 0, space 0, times 0 [ 395.039642] CPU: 1 PID: 13512 Comm: syz-executor.2 Not tainted 4.14.141 #37 [ 395.068772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 395.068777] Call Trace: [ 395.068793] dump_stack+0x138/0x197 [ 395.068821] should_fail.cold+0x10f/0x159 [ 395.068836] should_failslab+0xdb/0x130 [ 395.096416] kmem_cache_alloc+0x2d7/0x780 [ 395.096427] ? __alloc_fd+0x1d4/0x4a0 [ 395.096444] __d_alloc+0x2d/0x9f0 [ 395.096454] ? lock_downgrade+0x6e0/0x6e0 [ 395.096467] d_alloc_pseudo+0x1e/0x30 [ 395.096478] __shmem_file_setup.part.0+0xd8/0x400 [ 395.096485] ? __alloc_fd+0x1d4/0x4a0 [ 395.096494] ? shmem_fill_super+0x8c0/0x8c0 [ 395.096509] SyS_memfd_create+0x1f9/0x3a0 [ 395.114894] ? shmem_fcntl+0x130/0x130 [ 395.114906] ? do_syscall_64+0x53/0x640 [ 395.114917] ? shmem_fcntl+0x130/0x130 [ 395.114929] do_syscall_64+0x1e8/0x640 [ 395.114938] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 395.114953] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 395.114962] RIP: 0033:0x459879 [ 395.179855] RSP: 002b:00007f261cb1ea88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 395.187543] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000459879 [ 395.194805] RDX: 0000000020000228 RSI: 0000000000000000 RDI: 00000000004be7a8 [ 395.202054] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 395.209301] R10: 0000000000010000 R11: 0000000000000246 R12: 00007f261cb1f6d4 [ 395.216560] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:05 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000", 0x3f, 0x10000}], 0x0, 0x0) [ 395.226891] CPU: 0 PID: 13510 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 395.234005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 395.243351] Call Trace: [ 395.245942] dump_stack+0x138/0x197 [ 395.249577] should_fail.cold+0x10f/0x159 [ 395.253725] should_failslab+0xdb/0x130 [ 395.253740] kmem_cache_alloc_trace+0x2e9/0x790 [ 395.253752] ? __lockdep_init_map+0x10c/0x570 [ 395.253767] ? loop_get_status64+0x120/0x120 [ 395.253780] __kthread_create_on_node+0xe3/0x3e0 [ 395.262487] ? kthread_park+0x140/0x140 [ 395.262500] ? __fget+0x210/0x370 [ 395.262521] ? loop_get_status64+0x120/0x120 [ 395.262532] kthread_create_on_node+0xa8/0xd0 [ 395.262541] ? __kthread_create_on_node+0x3e0/0x3e0 [ 395.262556] ? __lockdep_init_map+0x10c/0x570 [ 395.276351] lo_ioctl+0xcf7/0x1ce0 [ 395.276362] ? debug_check_no_obj_freed+0x2aa/0x7b7 [ 395.276376] ? loop_probe+0x160/0x160 [ 395.276388] blkdev_ioctl+0x96b/0x1860 [ 395.276398] ? blkpg_ioctl+0x980/0x980 [ 395.276415] ? __might_sleep+0x93/0xb0 [ 395.288188] ? __fget+0x210/0x370 [ 395.288202] block_ioctl+0xde/0x120 [ 395.288212] ? blkdev_fallocate+0x3b0/0x3b0 [ 395.288223] do_vfs_ioctl+0x7ae/0x1060 [ 395.288234] ? selinux_file_mprotect+0x5d0/0x5d0 [ 395.288244] ? lock_downgrade+0x6e0/0x6e0 [ 395.288253] ? ioctl_preallocate+0x1c0/0x1c0 [ 395.288264] ? __fget+0x237/0x370 [ 395.302218] ? security_file_ioctl+0x89/0xb0 [ 395.302232] SyS_ioctl+0x8f/0xc0 [ 395.302241] ? do_vfs_ioctl+0x1060/0x1060 [ 395.302255] do_syscall_64+0x1e8/0x640 21:25:05 executing program 3 (fault-call:0 fault-nth:12): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:05 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) [ 395.302264] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 395.302283] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 395.310795] RIP: 0033:0x4596e7 [ 395.310800] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 395.310811] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004596e7 [ 395.310816] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 395.310822] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 395.310828] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 395.310834] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 395.388544] CPU: 1 PID: 13513 Comm: syz-executor.1 Not tainted 4.14.141 #37 [ 395.402592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 395.402597] Call Trace: [ 395.402612] dump_stack+0x138/0x197 [ 395.402628] should_fail.cold+0x10f/0x159 [ 395.402643] should_failslab+0xdb/0x130 [ 395.402655] kmem_cache_alloc+0x2d7/0x780 [ 395.402665] ? __alloc_fd+0x1d4/0x4a0 [ 395.402680] __d_alloc+0x2d/0x9f0 [ 395.473839] ? lock_downgrade+0x6e0/0x6e0 [ 395.473853] d_alloc_pseudo+0x1e/0x30 [ 395.473861] __shmem_file_setup.part.0+0xd8/0x400 [ 395.473867] ? __alloc_fd+0x1d4/0x4a0 [ 395.473874] ? shmem_fill_super+0x8c0/0x8c0 [ 395.473886] SyS_memfd_create+0x1f9/0x3a0 [ 395.473893] ? shmem_fcntl+0x130/0x130 [ 395.473900] ? do_syscall_64+0x53/0x640 [ 395.473907] ? shmem_fcntl+0x130/0x130 [ 395.473914] do_syscall_64+0x1e8/0x640 [ 395.473920] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 395.473933] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 395.473939] RIP: 0033:0x459879 [ 395.473942] RSP: 002b:00007f91b8a23a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 395.473950] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000459879 [ 395.473954] RDX: 0000000020000228 RSI: 0000000000000000 RDI: 00000000004be7a8 [ 395.473958] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 395.473962] R10: 0000000000010000 R11: 0000000000000246 R12: 00007f91b8a246d4 [ 395.473966] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 395.482974] FAULT_INJECTION: forcing a failure. [ 395.482974] name failslab, interval 1, probability 0, space 0, times 0 [ 395.487008] CPU: 1 PID: 13521 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 395.499711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 395.499716] Call Trace: [ 395.499736] dump_stack+0x138/0x197 [ 395.499755] should_fail.cold+0x10f/0x159 [ 395.507759] should_failslab+0xdb/0x130 [ 395.507775] kmem_cache_alloc_trace+0x2e9/0x790 [ 395.507789] ? __lockdep_init_map+0x10c/0x570 [ 395.519476] ? loop_get_status64+0x120/0x120 [ 395.519489] __kthread_create_on_node+0xe3/0x3e0 [ 395.519500] ? kthread_park+0x140/0x140 [ 395.529509] ? __fget+0x210/0x370 [ 395.529533] ? loop_get_status64+0x120/0x120 [ 395.529544] kthread_create_on_node+0xa8/0xd0 [ 395.540398] ? __kthread_create_on_node+0x3e0/0x3e0 [ 395.540414] ? __lockdep_init_map+0x10c/0x570 [ 395.540431] lo_ioctl+0xcf7/0x1ce0 [ 395.540440] ? debug_check_no_obj_freed+0x2aa/0x7b7 [ 395.540453] ? loop_probe+0x160/0x160 [ 395.540463] blkdev_ioctl+0x96b/0x1860 [ 395.540472] ? blkpg_ioctl+0x980/0x980 [ 395.554991] ? __might_sleep+0x93/0xb0 [ 395.555001] ? __fget+0x210/0x370 [ 395.555013] block_ioctl+0xde/0x120 [ 395.555022] ? blkdev_fallocate+0x3b0/0x3b0 [ 395.555031] do_vfs_ioctl+0x7ae/0x1060 [ 395.555042] ? selinux_file_mprotect+0x5d0/0x5d0 [ 395.555052] ? lock_downgrade+0x6e0/0x6e0 [ 395.555062] ? ioctl_preallocate+0x1c0/0x1c0 [ 395.555073] ? __fget+0x237/0x370 [ 395.555087] ? security_file_ioctl+0x89/0xb0 [ 395.723387] SyS_ioctl+0x8f/0xc0 [ 395.726739] ? do_vfs_ioctl+0x1060/0x1060 [ 395.730870] do_syscall_64+0x1e8/0x640 [ 395.734736] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 395.739562] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 395.744730] RIP: 0033:0x4596e7 [ 395.747901] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 395.755590] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004596e7 [ 395.762849] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 395.770456] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 21:25:05 executing program 3 (fault-call:0 fault-nth:13): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 395.777706] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 395.784953] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:05 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x121280, 0x0) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000080)=0xffffffffffff0000) r1 = syz_open_dev$cec(&(0x7f0000000180)='/dev/cec#\x00', 0x1, 0x2) r2 = openat(r1, &(0x7f00000000c0)='./file0\x00', 0x80, 0x2) ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x4e20, @multicast1}, {0x2, 0x4e24, @multicast2}, {0x2, 0x4e22, @rand_addr=0x75120000000}, 0x8, 0x0, 0x0, 0x0, 0x2f35397a, 0x0, 0x2, 0x7, 0xffffffff}) 21:25:05 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000", 0x3f, 0x10000}], 0x0, 0x0) 21:25:06 executing program 5 (fault-call:11 fault-nth:0): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:25:06 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 395.938813] FAULT_INJECTION: forcing a failure. [ 395.938813] name failslab, interval 1, probability 0, space 0, times 0 [ 395.966664] CPU: 1 PID: 13534 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 395.973790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 395.983133] Call Trace: [ 395.985708] dump_stack+0x138/0x197 [ 395.989333] should_fail.cold+0x10f/0x159 [ 395.993469] should_failslab+0xdb/0x130 [ 395.997428] kmem_cache_alloc+0x2d7/0x780 [ 396.001558] ? trace_hardirqs_on+0x10/0x10 [ 396.005802] ? save_trace+0x290/0x290 [ 396.009587] __kernfs_new_node+0x70/0x420 [ 396.013717] kernfs_new_node+0x80/0xf0 [ 396.017672] kernfs_create_dir_ns+0x41/0x140 [ 396.022063] internal_create_group+0xea/0x7b0 [ 396.026542] sysfs_create_group+0x20/0x30 [ 396.030671] lo_ioctl+0x1176/0x1ce0 [ 396.034281] ? loop_probe+0x160/0x160 [ 396.038061] blkdev_ioctl+0x96b/0x1860 [ 396.041926] ? blkpg_ioctl+0x980/0x980 [ 396.045800] ? __might_sleep+0x93/0xb0 [ 396.049669] ? __fget+0x210/0x370 [ 396.053107] block_ioctl+0xde/0x120 [ 396.056710] ? blkdev_fallocate+0x3b0/0x3b0 [ 396.061013] do_vfs_ioctl+0x7ae/0x1060 [ 396.064887] ? selinux_file_mprotect+0x5d0/0x5d0 [ 396.069631] ? lock_downgrade+0x6e0/0x6e0 [ 396.073757] ? ioctl_preallocate+0x1c0/0x1c0 [ 396.078143] ? __fget+0x237/0x370 [ 396.081582] ? security_file_ioctl+0x89/0xb0 [ 396.085971] SyS_ioctl+0x8f/0xc0 [ 396.089315] ? do_vfs_ioctl+0x1060/0x1060 [ 396.093446] do_syscall_64+0x1e8/0x640 [ 396.097313] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 396.102140] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 396.107307] RIP: 0033:0x4596e7 [ 396.110476] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 396.118166] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004596e7 [ 396.125414] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 21:25:06 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f424852", 0x44, 0x10000}], 0x0, 0x0) 21:25:06 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-control\x00', 0x400001, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@initdev, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@dev}}, &(0x7f0000000180)=0xe8) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='pids.events\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0xf, 0xb, &(0x7f0000000080)=@raw=[@call={0x85, 0x0, 0x0, 0x61}, @alu={0x4, 0x79a16d65, 0xb, 0x7, 0x0, 0x0, 0x1}, @generic={0x4, 0x2, 0x2, 0x9, 0x81}, @initr0={0x18, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x8}, @map={0x18, 0x6, 0x1, 0x0, r0}, @call={0x85, 0x0, 0x0, 0x5a}, @ldst={0x3e29212b07f7b6a9, 0x1, 0x1, 0xf, 0x6d785c5bc3f74be3, 0xfffffffffffffffc, 0xfffffffffffffff0}, @alu={0x4, 0x52a, 0xaef78667a8403380, 0x9, 0x6, 0xfffffffffffffff0, 0x1}, @ldst={0xc0875d0335c76799, 0x0, 0x1, 0x0, 0x0, 0xffffffffffffffff}], &(0x7f0000000140)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41100, 0x6, [], r1, 0x3, r2, 0x8, &(0x7f0000000340)={0x1, 0x5}, 0x8, 0x10, &(0x7f0000000380)={0x3, 0x10, 0x4, 0x9}, 0x10}, 0x70) [ 396.132662] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 396.140746] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 396.147997] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:06 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f424852", 0x44, 0x10000}], 0x0, 0x0) 21:25:06 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000680)='./file0\x00', &(0x7f00000006c0)='rpc_pipefs\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000)) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:25:06 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mixer\x00', 0x200, 0x0) ioctl$VIDIOC_G_STD(r1, 0x80085617, &(0x7f0000000180)) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) r2 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/btrfs-control\x00', 0x200001, 0x0) sendto$rose(r2, &(0x7f0000000080)="1446766214fd16f4a2df59ef9a3d15", 0xf, 0x40, &(0x7f00000000c0)=@short={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, 0x1, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}}, 0x1c) [ 396.271283] print_req_error: I/O error, dev loop1, sector 128 21:25:06 executing program 3 (fault-call:0 fault-nth:14): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:06 executing program 1: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x80000, 0x0) ioctl$TIOCMGET(r0, 0x5415, &(0x7f0000000080)) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:06 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f424852", 0x44, 0x10000}], 0x0, 0x0) 21:25:06 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000040)={0x20, 0x0, 0x2, 0x9, 0x2, [{0x9, 0x9, 0x0, 0x0, 0x0, 0x2000}, {0xfffffffffffffffc, 0x80, 0x9, 0x0, 0x0, 0x904}]}) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) r4 = add_key$keyring(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000300)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff) r5 = add_key$keyring(&(0x7f0000000380)='keyring\x00', &(0x7f00000003c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffff9) keyctl$KEYCTL_MOVE(0x1e, r3, r4, r5, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:25:06 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x101000, 0x0) set_tid_address(&(0x7f0000000040)) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:06 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2a9, &(0x7f0000000200), 0x0, 0x0) pipe2(&(0x7f0000000740)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) unlinkat(r0, &(0x7f0000000780)='./file0\x00', 0x200) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000840)={0x0, 0x0}, &(0x7f00000005c0)=0xc) syz_open_dev$audion(&(0x7f00000007c0)='/dev/audio#\x00', 0x80, 0x111000) syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x5, 0x6, &(0x7f0000000500)=[{&(0x7f00000000c0)="4b8a111085f79088e7dc9c90f875e33a580d8867d612aadb13fb4d", 0x1b, 0xca60}, {&(0x7f0000000140)='%\aU', 0x3, 0x3}, {&(0x7f0000000240)="49b727a66859b70ccdee2047d88080e5086e0746b019c7a15c0387e1baebe312291e6c51b2f144937a2eb76486b809df15e594eefc6d065dd3de246a93b1f845ffabba6100d71e9674a6273ba4fca84b8be3ca5fb7214bf996c7cc1f6288617019f3d47b95279ae4399c9d48609755ac6f96869b87e0b421b287ec22c1653a734bcd384684efce8b5dedfc6454465e8897d3d91669ea3ab87b2bcfaebab2ba37e18cab8d7654f88bb5adb20f681e6d22f41d61134afdf71fa43888c0d299b4f3fa2d845cb8a29411e407387b4770d9", 0xcf, 0x4}, {&(0x7f0000000180)="18f53e5191afe530e972177a3a0e77", 0xf, 0x100}, {&(0x7f0000000340)="81cb715a40499457c9f8e37d6f8fa143a5ecedb330645ace8bb92998a54be0c6af636596d77de5933eab0249d5401bad28ffa86fadb807964eb91f56d56d53154915d7073eb308e9579c31db5095beaf7e511309cccbf60a5dd6f5621de5b51c6343920f3fe4337d4cae57aee5138d5b7ec15a570efde338a2e11561ba65ad713510f4e372cdda76832d706ecb45ec1fbadcc97e5cab7c15ef61b0a8cebd8971d814c1c4f246394eebe9da069fc31cd349d2dbd55881379457f2e99902fdd514a9977679ac3c8f037088e8a3bfcef1489578a14aaa5d73", 0xd7}, {&(0x7f0000000440)="650645ec77a96aeb8faddb407f142a8acc1dba4c11200044941025ee5bbc4523774bd6155e614b1b4b35eec6b9dea58914697a71bf35cd4865c8ce15938e58a2c156bc0946d37f7099e8affe69af414fd4622ece7beb22d927820817e5f64b73c87489b97f32af971f3695bbe6cde23750a1225f6e15c6b2c56a987ecb9446459bc0c56e02d1cf1b11b20c0cf0c99352ebacfbb9b5a83deb8a", 0x99, 0xffffffff}], 0x8, &(0x7f0000000680)={[{@ikeep='ikeep'}, {@discard='discard'}, {@sunit={'sunit', 0x3d, 0xb79}}, {@inode32='inode32'}, {@attr2='attr2'}], [{@fowner_eq={'fowner', 0x3d, r1}}, {@smackfsfloor={'smackfsfloor', 0x3d, '$securitymd5sum%'}}, {@dont_measure='dont_measure'}, {@obj_role={'obj_role', 0x3d, 'self&\\//ppp0vmnet1\xf5]md5sumselinux'}}]}) openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000200)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) [ 396.580522] FAULT_INJECTION: forcing a failure. [ 396.580522] name failslab, interval 1, probability 0, space 0, times 0 [ 396.602961] CPU: 0 PID: 13589 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 396.610081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 396.619423] Call Trace: [ 396.622001] dump_stack+0x138/0x197 [ 396.625620] should_fail.cold+0x10f/0x159 [ 396.629752] should_failslab+0xdb/0x130 [ 396.633715] kmem_cache_alloc+0x2d7/0x780 [ 396.637844] ? __mutex_unlock_slowpath+0x71/0x800 [ 396.642665] ? __lock_is_held+0xb6/0x140 [ 396.646705] ? aa_new_mount+0x2f0/0x5b0 [ 396.650663] __kernfs_new_node+0x70/0x420 [ 396.654793] kernfs_new_node+0x80/0xf0 [ 396.658659] __kernfs_create_file+0x46/0x323 [ 396.663050] sysfs_add_file_mode_ns+0x1e4/0x450 [ 396.667700] internal_create_group+0x232/0x7b0 [ 396.672268] sysfs_create_group+0x20/0x30 [ 396.676398] lo_ioctl+0x1176/0x1ce0 [ 396.680024] ? loop_probe+0x160/0x160 [ 396.683805] blkdev_ioctl+0x96b/0x1860 [ 396.687672] ? blkpg_ioctl+0x980/0x980 [ 396.691542] ? __might_sleep+0x93/0xb0 [ 396.695406] ? __fget+0x210/0x370 [ 396.698839] block_ioctl+0xde/0x120 [ 396.702445] ? blkdev_fallocate+0x3b0/0x3b0 [ 396.706751] do_vfs_ioctl+0x7ae/0x1060 [ 396.710637] ? selinux_file_mprotect+0x5d0/0x5d0 [ 396.715370] ? lock_downgrade+0x6e0/0x6e0 [ 396.719512] ? ioctl_preallocate+0x1c0/0x1c0 [ 396.723902] ? __fget+0x237/0x370 [ 396.727336] ? security_file_ioctl+0x89/0xb0 [ 396.731728] SyS_ioctl+0x8f/0xc0 [ 396.735076] ? do_vfs_ioctl+0x1060/0x1060 [ 396.739205] do_syscall_64+0x1e8/0x640 [ 396.743073] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 396.747898] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 396.753066] RIP: 0033:0x4596e7 [ 396.756236] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 396.763926] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004596e7 [ 396.771177] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 396.778423] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 396.785675] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 396.792943] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:06 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f4248526653", 0x46, 0x10000}], 0x0, 0x0) 21:25:07 executing program 0: r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self\x00', 0x0, 0x0) close(r0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x40282, 0x0) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dsp\x00', 0x71f3b22ec0e8ffc6, 0x0) ioctl$KVM_ASSIGN_PCI_DEVICE(r3, 0x8040ae69, &(0x7f00000001c0)={0xed, 0x20, 0x91, 0x5, 0x5}) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) openat$apparmor_task_current(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/attr/current\x00', 0x2, 0x0) ioctl$PPPIOCSMAXCID(r2, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:07 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={0x1, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0x10) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r0, 0x4}, 0xc) 21:25:07 executing program 3 (fault-call:0 fault-nth:15): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 396.922231] XFS (loop2): unknown mount option [fowner=00000000000000000000]. 21:25:07 executing program 2: r0 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/status\x00', 0x0, 0x0) ioctl$TIOCGSERIAL(r0, 0x541e, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=""/52}) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:07 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f4248526653", 0x46, 0x10000}], 0x0, 0x0) [ 397.053252] FAULT_INJECTION: forcing a failure. [ 397.053252] name failslab, interval 1, probability 0, space 0, times 0 21:25:07 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$KVM_DIRTY_TLB(r0, 0x4010aeaa, &(0x7f0000000040)={0x2, 0x3}) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) [ 397.124641] print_req_error: I/O error, dev loop1, sector 128 [ 397.149165] CPU: 0 PID: 13631 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 397.156287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 397.165635] Call Trace: [ 397.168231] dump_stack+0x138/0x197 [ 397.171868] should_fail.cold+0x10f/0x159 [ 397.176025] should_failslab+0xdb/0x130 [ 397.180010] kmem_cache_alloc+0x2d7/0x780 [ 397.184167] ? wait_for_completion+0x420/0x420 [ 397.188755] __kernfs_new_node+0x70/0x420 [ 397.192917] kernfs_new_node+0x80/0xf0 [ 397.196811] __kernfs_create_file+0x46/0x323 [ 397.201220] sysfs_add_file_mode_ns+0x1e4/0x450 [ 397.205892] internal_create_group+0x232/0x7b0 [ 397.211266] sysfs_create_group+0x20/0x30 [ 397.215412] lo_ioctl+0x1176/0x1ce0 [ 397.219040] ? loop_probe+0x160/0x160 [ 397.222839] blkdev_ioctl+0x96b/0x1860 [ 397.222850] ? blkpg_ioctl+0x980/0x980 [ 397.222867] ? __might_sleep+0x93/0xb0 [ 397.222879] ? __fget+0x210/0x370 [ 397.230629] block_ioctl+0xde/0x120 [ 397.230641] ? blkdev_fallocate+0x3b0/0x3b0 [ 397.230651] do_vfs_ioctl+0x7ae/0x1060 [ 397.230663] ? selinux_file_mprotect+0x5d0/0x5d0 [ 397.230673] ? lock_downgrade+0x6e0/0x6e0 [ 397.230683] ? ioctl_preallocate+0x1c0/0x1c0 [ 397.230698] ? __fget+0x237/0x370 [ 397.238017] ? security_file_ioctl+0x89/0xb0 [ 397.238031] SyS_ioctl+0x8f/0xc0 [ 397.238040] ? do_vfs_ioctl+0x1060/0x1060 [ 397.238051] do_syscall_64+0x1e8/0x640 [ 397.238063] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 397.245980] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 397.245990] RIP: 0033:0x4596e7 [ 397.245996] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 397.246006] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004596e7 [ 397.246013] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 21:25:07 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r1, 0xc10c5541, &(0x7f0000000480)={0x4, 0x0, 0x6, 0x0, 0x0, [], [], [], 0xffffffff, 0x10000}) fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000080)='trusted.overlay.upper\x00', &(0x7f0000000380)={0x0, 0xfb, 0xc6, 0x1, 0xffff, "18fa3b92a7b44bc426f6b4c5ab6eea2c", "e61fc235943c54e5b58df458066e4ccd5d1f7bc48f99ccd09bf1c089598e3b34fb9d0e5360969314deb5cedf50928e65a9c31c2780a8de9cadce12e5589eaac67fff9115a2628cbf4d5c934787de272de63e15dc21a90bb7386c79b2e99d7d0e95f79696735083ec78d759122c75d6067b429dc90e7de4d72d900dbe882069283273d3abfc63b1cfe47a48a3f9e142383d8f53ce1dd49316a9920939710e6f484c7a63b739e44ce5830bc907548681ce5a"}, 0xc6, 0x1) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) getsockopt$IP_VS_SO_GET_INFO(r1, 0x0, 0x481, &(0x7f0000000300), &(0x7f00000005c0)=0xc) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/attr/exec\x00', 0x2, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000000c0)={0x0, 0x1, 0x20, 0x6, 0x5}, &(0x7f00000001c0)=0x18) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f0000000200)={r5, 0xfff}, &(0x7f00000002c0)=0x8) 21:25:07 executing program 1: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x2000, 0x0) sendmsg$kcm(r0, &(0x7f0000000280)={&(0x7f0000000080)=@ipx={0x4, 0xfff, 0x6, "3fca079a10b3", 0x65}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000140)="e2184d5215ebe806a202730b1bc9cd1f2ba1372b1a89855ba3ea82cfe63ff84a3a673a4594d456f3340f4e9896e8968df9417bd8fc6a309dbf646e704fd6cae66ce5e04e263451ceb3738f5f0474c6a1990e6c687dcc6ac199b4b41155ca49a49114743f282f23e49f815f3a6efc435cdbc6da91805f4248174fe97383c247f0fd1ce0fcc8d29d89543c493c449a1dc72a398763565bf32c07b665a9c16a2c2624b453cb736db3590bfbf4243805", 0xae}], 0x1}, 0x20000001) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 397.254611] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 397.254616] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 397.254621] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:07 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f4248526653", 0x46, 0x10000}], 0x0, 0x0) 21:25:07 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0x2, 0x304) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) write$evdev(r1, &(0x7f00000000c0)=[{{r2, r3/1000+10000}, 0x4, 0xaac, 0x3}], 0x18) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:07 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f00000000c0)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm_plock\x00', 0x400000, 0x0) 21:25:07 executing program 3 (fault-call:0 fault-nth:16): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:07 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000000c0)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x108}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)=@gettfilter={0x3c, 0x2e, 0x20, 0x70bd2d, 0x25dfdbfc, {0x0, r2, {0x10, 0xa}, {0xc, 0xffff}, {0x1, 0xb}}, [{0x8, 0xb, 0x3fe}, {0x8, 0xb, 0x5}, {0x8, 0xb, 0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000}, 0x7f88f4a35ff8cffe) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r3, 0xae47, 0xd000) ioctl$KVM_RUN(r4, 0xae80, 0x0) syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x7, 0x88001) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 21:25:07 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) [ 397.626016] FAULT_INJECTION: forcing a failure. [ 397.626016] name failslab, interval 1, probability 0, space 0, times 0 [ 397.663977] CPU: 1 PID: 13687 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 397.671094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 397.680435] Call Trace: [ 397.683017] dump_stack+0x138/0x197 [ 397.686636] should_fail.cold+0x10f/0x159 [ 397.690774] should_failslab+0xdb/0x130 [ 397.694732] kmem_cache_alloc+0x2d7/0x780 [ 397.698861] ? wait_for_completion+0x420/0x420 [ 397.703428] __kernfs_new_node+0x70/0x420 [ 397.707556] kernfs_new_node+0x80/0xf0 [ 397.711437] __kernfs_create_file+0x46/0x323 [ 397.715826] sysfs_add_file_mode_ns+0x1e4/0x450 [ 397.720475] internal_create_group+0x232/0x7b0 [ 397.725043] sysfs_create_group+0x20/0x30 [ 397.729169] lo_ioctl+0x1176/0x1ce0 [ 397.732778] ? loop_probe+0x160/0x160 [ 397.736561] blkdev_ioctl+0x96b/0x1860 [ 397.740429] ? blkpg_ioctl+0x980/0x980 [ 397.744302] ? __might_sleep+0x93/0xb0 [ 397.748167] ? __fget+0x210/0x370 [ 397.751601] block_ioctl+0xde/0x120 [ 397.755212] ? blkdev_fallocate+0x3b0/0x3b0 [ 397.759514] do_vfs_ioctl+0x7ae/0x1060 [ 397.763387] ? selinux_file_mprotect+0x5d0/0x5d0 [ 397.768132] ? lock_downgrade+0x6e0/0x6e0 [ 397.772260] ? ioctl_preallocate+0x1c0/0x1c0 [ 397.776649] ? __fget+0x237/0x370 [ 397.780085] ? security_file_ioctl+0x89/0xb0 [ 397.784473] SyS_ioctl+0x8f/0xc0 [ 397.787817] ? do_vfs_ioctl+0x1060/0x1060 [ 397.791948] do_syscall_64+0x1e8/0x640 [ 397.795812] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 397.800637] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 397.805805] RIP: 0033:0x4596e7 [ 397.808972] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 397.816672] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004596e7 21:25:07 executing program 1: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x10000, 0x0) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080)='TIPCv2\x00') sendmsg$TIPC_NL_NET_GET(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x24, r1, 0x0, 0x70bd2c, 0x25dfdbfc, {}, [@TIPC_NLA_NET={0x10, 0x7, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x9}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x804) syz_mount_image$btrfs(&(0x7f0000000140)='btrfs\x00', &(0x7f0000000200)='./file0\x00', 0x3, 0x0, &(0x7f0000000200), 0x0, 0x0) [ 397.823921] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 397.831172] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 397.838432] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 397.845680] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:08 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 21:25:08 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x200, 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r1, 0x114, 0xa, &(0x7f0000000080)=ANY=[@ANYBLOB='\x00\x00'], 0x2) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:08 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:25:08 executing program 2: r0 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x81, 0x10100) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x2c, r1, 0x800, 0x70bd28, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DAEMON={0x18, 0x3, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ip6tnl0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x800) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000240)=0x8, 0x4) ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, &(0x7f0000000280)) 21:25:08 executing program 3 (fault-call:0 fault-nth:17): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:08 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 21:25:08 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000080)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dlm_plock\x00', 0x1, 0x0) mknodat(r0, &(0x7f0000000180)='./file0\x00', 0x20, 0x7) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58) setsockopt$inet_sctp6_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000240)=0x80000000, 0x4) r2 = accept4(r1, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) sendmsg$alg(r2, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) recvmmsg(r2, &(0x7f0000006f80)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/167, 0xfffffcf5}], 0x1}}], 0x183, 0x0, 0x0) umount2(&(0x7f0000000040)='./file0\x00', 0xb) write$eventfd(r0, &(0x7f0000000280)=0x4, 0x8) 21:25:08 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cachefiles\x00', 0x4000, 0x0) ioctl$DRM_IOCTL_GEM_FLINK(r1, 0xc008640a, &(0x7f0000000300)={0x0}) ioctl$EVIOCSREP(r1, 0x40084503, &(0x7f0000000380)=[0x7, 0xfffffffffffffffe]) ioctl$DRM_IOCTL_GEM_CLOSE(r1, 0x40086409, &(0x7f0000000340)={r2}) ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f0000000200)={0x2, @win={{0x6, 0xfffffffffffffffd, 0x1f, 0x6}, 0x9, 0x9, &(0x7f0000000140)={{0x40, 0x0, 0x4, 0x2}, &(0x7f00000000c0)={{0x6, 0x4, 0x1, 0x5}, &(0x7f0000000080)={{0xff, 0x2}}}}, 0x4b3, &(0x7f0000000180)="3e767ab90633ad63517550604c44e8afcecca94ede456ee4255dbad234ee6def4455fa4cb5f3b59df29e8fbae57cee03b2a24c92f1fde5d8accc1c2e6577fb1cc81f0ca33b6cdae23a5973883395aee6847fc0e680", 0x8}}) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:08 executing program 5: r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) ioctl$KVM_SET_VAPIC_ADDR(r0, 0x4008ae93, &(0x7f0000000040)=0x4) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r3, 0xae47, 0xd000) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_REINJECT_CONTROL(r2, 0xae71, &(0x7f0000000080)={0x3ff}) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 398.182821] FAULT_INJECTION: forcing a failure. [ 398.182821] name failslab, interval 1, probability 0, space 0, times 0 [ 398.252979] CPU: 1 PID: 13732 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 398.260111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 398.269466] Call Trace: [ 398.272045] dump_stack+0x138/0x197 [ 398.272064] should_fail.cold+0x10f/0x159 [ 398.272082] should_failslab+0xdb/0x130 [ 398.272096] kmem_cache_alloc+0x2d7/0x780 [ 398.272104] ? wait_for_completion+0x420/0x420 [ 398.272119] __kernfs_new_node+0x70/0x420 [ 398.283844] kernfs_new_node+0x80/0xf0 [ 398.283859] __kernfs_create_file+0x46/0x323 [ 398.283872] sysfs_add_file_mode_ns+0x1e4/0x450 [ 398.283885] internal_create_group+0x232/0x7b0 [ 398.315627] sysfs_create_group+0x20/0x30 [ 398.319761] lo_ioctl+0x1176/0x1ce0 [ 398.323369] ? loop_probe+0x160/0x160 [ 398.327149] blkdev_ioctl+0x96b/0x1860 [ 398.331013] ? blkpg_ioctl+0x980/0x980 [ 398.334885] ? __might_sleep+0x93/0xb0 [ 398.338751] ? __fget+0x210/0x370 [ 398.342185] block_ioctl+0xde/0x120 [ 398.345789] ? blkdev_fallocate+0x3b0/0x3b0 [ 398.350088] do_vfs_ioctl+0x7ae/0x1060 [ 398.353960] ? selinux_file_mprotect+0x5d0/0x5d0 [ 398.358696] ? lock_downgrade+0x6e0/0x6e0 [ 398.362825] ? ioctl_preallocate+0x1c0/0x1c0 [ 398.367211] ? __fget+0x237/0x370 [ 398.370649] ? security_file_ioctl+0x89/0xb0 [ 398.375037] SyS_ioctl+0x8f/0xc0 [ 398.378380] ? do_vfs_ioctl+0x1060/0x1060 [ 398.382511] do_syscall_64+0x1e8/0x640 [ 398.386379] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 398.391208] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 398.396372] RIP: 0033:0x4596e7 21:25:08 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0x0, 0x0) [ 398.399543] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 398.407230] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004596e7 [ 398.414481] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 398.421728] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 398.428976] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 398.436225] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:08 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000180)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a00000100000000000100000000a520ab5d42485266535f4d", 0xfd99, 0x8}], 0x0, 0x0) setxattr$trusted_overlay_opaque(&(0x7f0000000080)='./file0\x00', &(0x7f0000000240)='trusted.overlay.opaque\x00', &(0x7f0000000140)='y\x00', 0x0, 0x2) syz_open_dev$sndpcmp(&(0x7f00000000c0)='/dev/snd/pcmC#D#p\x00', 0x8, 0x40) syz_mount_image$ntfs(&(0x7f0000000280)='ntfs\x00', &(0x7f00000002c0)='./file0\x00', 0x7, 0x4, &(0x7f0000001540)=[{&(0x7f0000000300)="739cfab53a87ecceda3bc8bbd683dbf0d48053b9a54103d79d3c0c81dc5ff87e7429657516284e1a6a7fc1029da79e45fa84a3b50433a9dde0c4b5dbcc", 0x3d, 0x5}, {&(0x7f0000000340)="6bf75a1b76dadb22d7eec2e6b381ec42c9ce3ef0e41cf1c3ece5baefcbf3c5a041af90e8a14a9bb9e2c431e5b251357e5a85c77a11936e5ab81c9d50e69c63a278a8b0db221cc8c6235cc1d0f11691c2d60f5f989a7539627620c4951ba42e0e62370c3fe659dbf6830961f25c356343572c4d50286cc4a7c0453a9f87e9f046c60c49f7573e9823dc58b94862349158aeb1d5c2545ab7c6cc3cb5db59d095e1bf73a554c42ff8b93f664fb7336bb36481b43d7abf792ab8b89443c8d33a6b1490386a14205c6b6b0a13e16819cdaedb2b51d09d382b64daf06b9b7d695bc71118ef0926b0025439", 0xe8, 0x4}, {&(0x7f0000000440)="e7b891d0bcc2933838e31bdc87e8166d169f66eacab992f571d721261d9703492a73059db582e4ee1931eda9fdc05f3f7e44451550c973455426633e221529ae8e1f1475d9d0a1abf52a4cca6ef42866051e980b40a7d63786a3fd8140a05ab7ca7834f02a811f35987e0cb31be8e1e26a01f6321d1c05489caaa3abe24759775ce87319dbb5ac1d4842082cb1e696d024ebfb883a8a72825db62271214ac5dc6271dfa41acadcfdcafc032449ed04a459c3403d23168594b01d57e8456600fafee14d8681fdbf1ac9a44427ad", 0xcd, 0x1}, {&(0x7f0000000540)="15dbeb2f36f547e0381d039177032eb7260a6e827f7d519275224f7e4d05e41f4ed0f4c4db26c2c3153ce5f12e21b130f8b96acba6063897d7e9287a67081d36b4dc815191ad461a7c2b3280719bd397826e2ea1bfae4bbd21d3d28a36f84e4166705967ca0a066efcb766a04356e18122d1a5d33ed29b8ca4972b51fca9899437db6d484a3b25d16e23f85b10e2ff5dc01b7359f248c741cb80334323c1d24f67055d420c8641f2669cd424ac3840e617390dc83582649376d50df9b80c785bba265166ff0c73edde031c152ba9b27699cef8cd3b7a547358bead67550b22bac63793a32126bed415607ec77a6823d9d79950e80ad1e2ec04ea950f5c35ee8d6ddad9b69ed3053783e3d8e7bf83ecbe14829f92ef7b30e767220d4958844c260f64a2915fd83799f5a9b3a72dffdaa773a988bb9018db9e1ce6d1c7b0a1c606f528b2240b0c56f0cb439c8dfb1b4697f62e07390926f00fedb6964710aa05e8b8ded999acd290b3d7ee81adb688c9eb7991d4335735a683d7587f77b9326008312426ded292264a01bc6513098e794657ca13a62b6517adba84910ffb76cdc9175311e530136fe4d9cfca5db7295e87d24bf47773fa2f3eb3c6dc5368f14d90b08a7f62ef98c086a89f839b18cd82512c5cd246914cd7e1e1066a2133c4b4f31e70057e7039fc9514b37577e089fb4d3ce66c2b222ddad9bcf743e9c9709a41f5dce2ec92ae7cc4345d61f1f8cf4ec94219f721f8a6ffb71d1ab3fcd2bb0b27488704fd4912ed52312dff70bb372867f1ec626c8d63fc8186fa4d0d6b6e3cfebdf93d38d8e70121051de0cfa8fe284703b5427cc84f3404666eabf32c68075b72e15d3d2f5106292cf1480e4a3e622bf226605917fd6506d6266dceb29aa717bb6e55b0591af8bbbfbd4aad986b6358c19cf0cde50b2afe342937cc1b26c42e22d81ba553717f93d8ec0503aacf0e4f3745f5d0947cd190b8ab5a0155056bc4f72bb2be8179692cf519671faa4a736f62555dbe358a25651ed4f08044a262b92c99a41c81b61e4505da627a033221750f92c9f8c7377ac71648f79938b3d96352992879b1631f4076911bef210957b17b03a5176ef741f29941561afd702b09f09380f72e6b94deba3930dfa68531a5f5405440789d854510df94547bddf1ef9e848f83934c3712e105c1c8758f4713970ee14809bbd4050b9b2d3d05968b9522dc6be14fcd87b8e73e556b7718271bde12744cb85f396e4c3a3ba0929764719094b7c0314f975aaf8ace9ace8d421bc04429e6c835b915a19084fb4f5f71598074c0fbda3cfcf542d0b632e761bdbb5c291125cb44806d4a6f3315adafb7c62d11dfa1a32530a87f395910891ff0e556cc5e0af327fd4184749120510a52a594893430505bd5262283e7f90ebee8ba834040cf829963d8ca96e95ef1d0fc38c82077fa0b371c5396e0a5aec3973aabae47109c73e1a1d30752e584e16e9a073cfb6594b02f7eea911ddd6ee87fc25865c3da1143064d76e5255b63a35a784f15fbbec47a743399f9865675dd772a2dd50bafb1b06d26f40924ee8a380fd03df079fb74f6867f08636c8c250d5460cdaf19fe64884f84a4d39b3b282683406fa2e310bd5ea5b26b9b4baaf6d7baff555df20145232ed01e55fd9739080a8cff15fe7c01cdc956be3381602cf977a7750ec3f0884b0e406264eec4e39beebd309cba664077d26eac5f927d7e5410dbaaec8e6bf79f082b06ceec080cab3136ac53ac7cb825ece3bcfecf212a8cb562144285561a3b7a5a095059500220d3ec0a929fe69340012d3cc5cf9a942dff20347ebdf00c76ddc7d4fff0e1fbb32e5c32d661059215dd0e96ec6e728fce55defd5d9ab99a1fd6949dbe829e22104a39eff109df5cc7624b5251489f5e96c5cf87e2dff386fcf43c49e2f0208f28b6db7dc7fe846114cfae9c852514109490c14c409591696c3778194ab9878a96395d50612f112dd01c2e3fde037ae1ad572935aff723885be4ebc24a309f26d3c8a99edaed7594925a40b22316c50cc94f1e240ef74686bda1ce625a60bf66c3840cc9527aa44056d2c628a1ba593cfcc20a9b4210061fa0b040bae69a330f16b8816c3ea44e9d473663db919d87d79aed4df7f07c9245eede01844d82ca7089fd0ee3890281305637709cda068c3863dd8e4933a3c5b1d8c16f77abf9e44843e4c64d465e5f9332a785470e58016b1ba413b3ff356cf9ba121e930a7d8ec39920fb738691ca09f6f5fdb620a57cace0f904bc2f32d962f52b3a16e93ba6912f93fd98a859d9ffbd1948d229879fe32763618ac5d89af843b6a3b5ef6baaf67e2e97fe47a62a4299eb220a3728286f0a5891c3143c4055331d93136439671d3c26a73e316ebc9dfd8e7ee448a1a57d9efef67fa9899e2501b84e4ad712a1fe1c998d0e9e096c3c0c3caa32cfe686ccba2352bce351df2c8fdb779ac3dce27fbf3c31ad7e52ce65c4521cdb0591900aca150edf5f3fea71cc1754b9d928d78fe126ed62f66d7e5f0e459d3406aeaec3e830731da7798bcd3f979ad48a9fea2727210d2a039ae43c83466ece0a287739581f8eb3dbb255fe9c5ead54331765ac9c5150675f7cee91e59dcf1c622ca81a79fc353df8dcab068450ff4d1070a79c7fcd03975c15c51a64226700e583cfd3904fc77c55996650dd85ee48c30b835312849638ebca6aafd5514c8f2361fa784b5d2bf59800414a182e88e08cd54a39ba434782cdf49808b77f70e45b0498fde30bae891e25f4b89239d860d56831ce33797cbd7d2debb3f5af55d470eb22368edde5cea32f73d8748555f5eb56711d051874b4ebf47eaf49bd1a569d3ebe90d7e872e1a4a2db2949b014660ba5b864d374b3e8ccd4d47ccc0dca78cf9f35a0dfff4afb5a3cf33b01dda7f795c5147148f5fac6974bbae1a006c03b8ee3dbe6ea31bc503b0ab984edc40155683d388df2da8ccd5729509c35003a3ff2baeeff9aea4941e3f1c1dc70e7221d9e2c9d311887e0be3f790d023ef4edd9549ca90b790e16373b21c79edbd39a12f9cacb13b8579d0edab52d99f763ccfda0c4769ef72537966e58c424c2f3e4570db225949946d0b186630a373f16e5a88509812a32bf0077b5a7568e33f19659200295c890e0a356e3f725b1d2db0b01e8744c59319503419517262e6a9865443f1ae1a16426dc2d74ce720cc3968f8d1d14c67b7596db88f02c49b2cdddd17f8f045cfbb77e27a3506040d8b8c8955d08b1225763caf35c726bfad6341a57a18b719d513a6c0ee904c6780077ac0f77de1c92cf959ab1dd17767849bc17a0841871639b221cdf3ba30a6f7ed7099f07e6f94802a300baeb0d429a1cb489b91367c94ad025874d40ae6151d0220e1c28cb4def85628ca48738cb474c9ad8c977793ec4d02c87391ad11f5e4be54aa2a53a71042332470a78c02fb4c9f7a5b7ff15067013f0488c96125deaaac292104783b5cd9e91ce84c88e32698e883f63f5192da501f835565c8c7bc1bab09af27bddefd62618585df9ef4a480236c023cf0d6cc75eddc8ceef0c00c7fb7fb72888a63a922dfe8f1b742db6188b3a4c761c62674d80bebd19a97c893400323ec22d8328013f07650746c94419d21190286ac6397f56d0df87718a5e1ff08689efc78dada72c2f1f3ab118789fed85cda1fbce4f3997e7094f9cd19626c207d76e3dc2d7013a8494fe83dd7e34b92fec70abac9f5d1c7756e987c0e2be66297e0289b39c6929d07083a77ca29d52aeca06b2eee0bf377a5c523cd3f2ace7535a13575b5424af01e9d875258aa44c0fe69f0be373fff6febe1562a210cce9ca31e4a9ba04050bfe3a897087d4395a91e4afae7321e7e526718cc4429c35a8837519b792c2391f100f6d927e54199d8e4badeb46a8028f7db56637af1de33f6502bec493840bbf83145e3d47d1258aef640e353acccf2c74cf41a2d737ee58a120f4fc25e492803fbe34ce50d21767f2c897e22f19f09220aabceb3deef6ecae1d9211df1292b1ecd4211d89b08c8989ebce2fe26f4f0c530b4caf808b846383155abe0f94caaf2ec3913fc81b49f49fd856fd421ed2b9b8ac384ee41d57ec81c449785ccff6c0e66ab35cf2bab8f38181208dfb51eea396de59886df4a315ffbe41e4ce80af54d22b3a6ab34c3b69fff3de2bc8bef047cbe1247b7f94097c56aeed86042b75a2f6b8aa22a43c2d817384454c7304d42b924b7a38d2d8a55c69ad0c7bfc63a64a72caf9c48f89e9cf804ced92f6569366a649293eb2dc9fffe730f0e75d4acc35d6872d266763e6dae51d02d3ca0498fb0710ab709a327be71dffab92eb076b60faf898d0d541c6769704150e2acbe68bb6961bc149128dc702e44475d1063f08ea7da4ac3586f02dadd1ec9f7da7707079bac42e1d50ac0c40b1737569749c4e9b6e807a659916bfaffa31bd265d14896c476c0ec8fc1b7b326105da26445ed91fc0f20192fef0697daa2f10b1dc25c7a06edc3eba12ab3e7d7049ad3ba37d1dc3d09072000de128e2a0ba0f340818965e21c80b01d90e42416d31a103caf974dbc96502fab34e3868c65a9a256248ecf8e03f6a0463a356ff760ef8e8dc2ea49c15f2f7db6f2b54266f60fb5cbb9b21a7c507cdb73c713c2a94a448e71a05944f7fbe4fc95629aee5863cd35b5c40caf4ebeacf37334db10cc9c7bdd7d00f963691813245d48d0ccbcdae1eb3d2ed91d287bdda6c0ae94aecb0bca7d163eaf69a2328991563af1b13afd08b1dd495bdbe50b453c918c556306b9580248866f484d8f70cff43db9c704fe7ae4138a1111ddd1158b253f1b7dfa4f757a1b9dd5448a116bde1e0640e43ca4435f316d67e84dbac30ef89eb9e860fbb0f22448d119cc28b65ef479c34294ca02b1c8aafd029108010fe8570653d3d5fcaa3ffb7465af06191264acead1b986b73c0d583b1201418491f529fd0fdb23fb6691b232e57ab3d3225bc5625d82003094ad77fc483f69e60eb7e842a1367542e7b0b106d4ce12fba19f2a6702f08c06c07d761d17674fb3de4d3d37f5dd30c40ffd0fe37839e0e8e0c65b4c03651153ac1acfba2e1b1ca530bea30f6bad848aa825a1d5f5ccb4c4c6455da6a96d943b2fe64ca913fc461da75b562974c04972dd5ea0a6b45ec771cb7b0f3ab73323f6084bc846e052f49923e7a2af89b1ce2d2b5ad999c09b5aee69978ca89bcf5b32122874493eb63635fcf6ea867f2883f163b331fc0fc2888e1b6e0b6986f73af39b693b407cc60f0a9b69b54dde69dc109a0b9d94b3fa98ae6a914441f5f6ffb8528b888248dc6fe2a8e42c5010f207291b71eaea3721315aa4810bb1c7b2cc2f0938ee3c49c33eaf844d0fbd39621ce3eacc7f5439513689e6dcda767cbcd77883793a26f8f15ec30942735e7de61aac337004b3d9bdb76f5f0320b3b46b76e32a348bdf618c20912f1b0bcb436444afe16ef5197b8d3a8a5c2373f56661ad4a4661d7bc42463980389d69205ff3a212acd03f91910fe132b319e64481d88d8f28916b5fe572fbcaf4f0462ff753bef17309452bbff86628e66cb87f6c5493b96a5a33e6b23c6901af183c2b63a799d84850d7edeb714fc79c37f89bb16c3135dead0f0de11b17c51fa7c36e60405f3d3c11c8739dfc46cefec9137c42ccd4b034241caf62850023c399bcc24c456c79c3e060dd0c6a384df0af35009cb535566a88d9d327e1e43053434ae422c373be53521a07f862899d93fe105251f364cebc95b981e53152366", 0x1000, 0xffff}], 0x100c2, &(0x7f00000015c0)={[{@case_sensitive_yes='case_sensitive=yes'}, {@case_sensitive_no='case_sensitive=no'}, {@dmask={'dmask', 0x3d, 0x100000000}}, {@dmask={'dmask', 0x3d, 0x8}}, {@fmask={'fmask', 0x3d, 0x8001}}, {@fmask={'fmask', 0x3d, 0x101}}, {@case_sensitive_no='case_sensitive=no'}, {@case_sensitive_no='case_sensitive=no'}], [{@audit='audit'}]}) open(&(0x7f0000000040)='./file0\x00', 0x1, 0x35) [ 398.533539] print_req_error: I/O error, dev loop1, sector 128 21:25:08 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$MON_IOCQ_RING_SIZE(r1, 0x9205) setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f00000001c0)=r1, 0x4) write$selinux_attr(r4, &(0x7f0000000040)='system_u:object_r:hald_var_run_t:s0\x00', 0x24) ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x8000, 0x6, 0xff, 0x181, 0x800, 0x1, 0x7, 0x9, 0x3, 0x5, 0x6, 0x5}, {0x0, 0x39, 0x9, 0x24cc, 0xfffffffffffffffb, 0x1, 0xfffffffffffffe01, 0x1, 0x816, 0x20, 0x7ff, 0x1, 0x9}, {0x4, 0x2, 0x2, 0x3, 0x9, 0x1, 0x6, 0x7f, 0x0, 0x7f, 0x0, 0xdbf, 0x8}], 0x5}) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:25:08 executing program 3 (fault-call:0 fault-nth:18): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:08 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000240)={{{@in=@multicast2, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@loopback}}, &(0x7f00000000c0)=0xe8) r1 = syz_open_dev$vbi(&(0x7f0000000800)='/dev/vbi#\x00', 0x1, 0x2) setsockopt$RXRPC_UPGRADEABLE_SERVICE(r1, 0x110, 0x5, &(0x7f0000000840)=[0x3], 0x2) stat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f0000000340)=0x0, &(0x7f0000000380), &(0x7f00000003c0)) stat(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = semget(0x0, 0x0, 0x400) semop(r5, &(0x7f00000007c0)=[{0x4, 0x8, 0x800}, {0x3, 0x21ce, 0x1800}, {0x1, 0x8, 0xbdd72baaa3cf1f32}, {0x2, 0x4, 0x1000}], 0x4) lstat(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r7 = getegid() getresgid(&(0x7f0000000580)=0x0, &(0x7f00000005c0), &(0x7f0000000680)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000006c0)={0x0, 0x0, 0x0}, &(0x7f0000000700)=0xc) setxattr$system_posix_acl(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='system.posix_acl_default\x00', &(0x7f0000000740)=ANY=[@ANYBLOB="02000000010004000000000002000200", @ANYRES32=r0, @ANYBLOB="02000600", @ANYRES32=r2, @ANYBLOB="04000200000000000800b6d9", @ANYRES32=r3, @ANYBLOB="08000400", @ANYRES32=r4, @ANYBLOB="08000400", @ANYRES32=r6, @ANYBLOB="08000200", @ANYRES32=r7, @ANYBLOB="08000400", @ANYRES32=r8, @ANYBLOB="08000100", @ANYRES32=r9, @ANYBLOB="100002000000020000000100fee7c32c"], 0x64, 0x3) 21:25:08 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x40200, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:08 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0x0, 0x0) [ 398.727943] ntfs: (device loop2): parse_options(): Unrecognized mount option audit. [ 398.765403] ntfs: (device loop2): parse_options(): Unrecognized mount option . 21:25:08 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) ioctl$KVM_GET_CPUID2(r1, 0xc008ae91, &(0x7f0000000380)={0x6, 0x0, [{}, {}, {}, {}, {}, {}]}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) setsockopt$bt_hci_HCI_FILTER(r1, 0x0, 0x2, &(0x7f0000000040)={0xda80, 0x8, 0xfff, 0xa689}, 0x10) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 398.775714] FAULT_INJECTION: forcing a failure. [ 398.775714] name failslab, interval 1, probability 0, space 0, times 0 [ 398.829867] CPU: 1 PID: 13792 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 398.836995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 398.846347] Call Trace: [ 398.848930] dump_stack+0x138/0x197 [ 398.852548] should_fail.cold+0x10f/0x159 [ 398.856689] should_failslab+0xdb/0x130 [ 398.860656] kmem_cache_alloc+0x2d7/0x780 [ 398.864783] ? wait_for_completion+0x420/0x420 [ 398.869350] __kernfs_new_node+0x70/0x420 [ 398.873482] kernfs_new_node+0x80/0xf0 [ 398.877350] __kernfs_create_file+0x46/0x323 [ 398.881739] sysfs_add_file_mode_ns+0x1e4/0x450 [ 398.886388] internal_create_group+0x232/0x7b0 [ 398.890952] sysfs_create_group+0x20/0x30 [ 398.895083] lo_ioctl+0x1176/0x1ce0 [ 398.898693] ? loop_probe+0x160/0x160 [ 398.902480] blkdev_ioctl+0x96b/0x1860 [ 398.906360] ? blkpg_ioctl+0x980/0x980 [ 398.910245] ? __might_sleep+0x93/0xb0 [ 398.914114] ? __fget+0x210/0x370 [ 398.917549] block_ioctl+0xde/0x120 [ 398.921154] ? blkdev_fallocate+0x3b0/0x3b0 [ 398.925455] do_vfs_ioctl+0x7ae/0x1060 [ 398.929325] ? selinux_file_mprotect+0x5d0/0x5d0 [ 398.934060] ? lock_downgrade+0x6e0/0x6e0 [ 398.938189] ? ioctl_preallocate+0x1c0/0x1c0 [ 398.942577] ? __fget+0x237/0x370 [ 398.946012] ? security_file_ioctl+0x89/0xb0 [ 398.950399] SyS_ioctl+0x8f/0xc0 [ 398.953743] ? do_vfs_ioctl+0x1060/0x1060 [ 398.957871] do_syscall_64+0x1e8/0x640 [ 398.961738] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 398.966564] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 398.971735] RIP: 0033:0x4596e7 21:25:09 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0x0, 0x0) [ 398.974904] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 398.982592] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004596e7 [ 398.989840] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 398.997088] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 399.004336] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 399.011584] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:09 executing program 2: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x2000, 0x0) ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000040)={{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x306}, 0x18, {0x2, 0x4e24, @broadcast}, 'bpq0\x00'}) ioctl$VIDIOC_S_AUDIO(r0, 0x40345622, &(0x7f00000000c0)={0x4, "0ef4bdf0c2039a377013f570cbee598f7d2c9be94f9ebda218ef722e2516d5bf", 0x3, 0x1}) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000100)={0xfff, 0x7fffffff, 0x9f, 0x1ff, 0x18, 0x20, 0x7, 0x4, 0x8, 0x6, 0x635b5a29, 0x8}) 21:25:09 executing program 0: syz_init_net_socket$x25(0x9, 0x5, 0x0) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) keyctl$session_to_parent(0x12) 21:25:09 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) setsockopt$IP_VS_SO_SET_DELDEST(r3, 0x0, 0x488, &(0x7f0000000040)={{0x2, @rand_addr=0x7, 0x4e21, 0x0, 'none\x00', 0x20, 0x1, 0x21}, {@dev={0xac, 0x14, 0x14, 0x23}, 0x4e20, 0x4, 0x800, 0x146, 0xff}}, 0x44) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:25:09 executing program 2: arch_prctl$ARCH_GET_FS(0x1003, &(0x7f0000000000)) r0 = syz_open_dev$mice(&(0x7f00000000c0)='/dev/input/mice\x00', 0x0, 0x200) ioctl$KIOCSOUND(r0, 0x4b2f, 0xe7bc) r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/btrfs-control\x00', 0x2, 0x0) ioctl$BLKFLSBUF(r1, 0x1261, &(0x7f0000000080)=0x7121) 21:25:09 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/mls\x00', 0x0, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000280)={@hyper}) renameat(r0, &(0x7f0000000180)='\x00', r0, &(0x7f00000001c0)='./file0\x00') r1 = semget(0x3, 0x2, 0x70) semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000140)=""/3) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x400041, 0x0) bind$isdn_base(r0, &(0x7f0000000240)={0x22, 0x800, 0x663, 0x81, 0xef}, 0x6) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f00000000c0)={0x3, r2}) 21:25:09 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) r1 = syz_open_dev$sndpcmc(&(0x7f0000000040)='/dev/snd/pcmC#D#c\x00', 0x2, 0x0) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0xfffffffffffffffb) [ 399.423927] print_req_error: I/O error, dev loop1, sector 128 21:25:09 executing program 3 (fault-call:0 fault-nth:19): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:09 executing program 4: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x80000, 0x0) ioctl$TIOCMGET(r0, 0x5415, &(0x7f0000000080)) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:09 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x2a) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:25:09 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x3, 0xa, &(0x7f0000000780)=[{&(0x7f0000000140)="e352e61add9284b2d92b172522b883df2a4c6c704a04012c2a09406479895c6c1f817e67faa678af7ad0b9fcdc9c8a8ca115c3ee06156f9ca6b8ed285ca3b35ada6b8728fdcf749ccb02d0ed93b1a7f99fe368afbbb6442111926d345d97a07afffcf4936586381c3864ed9de5095b960ce1018a13ccb7bc76f00e4f1d1ca546", 0x80, 0xfffffffffffffff7}, {&(0x7f00000000c0)="1f78bb5e02b7fcfdf7a261510d2fa2c6d3d76e7006a56954608ba6604ad858fb761dd1d124a8af31", 0x28, 0x7}, {&(0x7f0000000240)="bfe0ad58ebba0ee4822d6f99cf28ca1b3568488dc1e91c3deec6e0e0da0b473e2628a64a3038c659831a267add44c36d92a15545dab57096ab2307b0113ce2658e1a05f03ba3028e4255f5ea2e5f0b5d187e95b05457b84fca70bd4e460c84a6ff14af7c966e", 0x66, 0x8001}, {&(0x7f00000002c0)="9a49bc2d122fe9e761aa33969720bdefd547f750658f362931602355e951453aa994e3080babe2a6f363d266332c7c1b826bcc12c4dead3bdba8287453f7bbf7ad42262f54895e276f63014e3591f9224f4d21fdfc3f285bba1ec243156d54ec3a31533832de5e11d99508a8897d72", 0x6f, 0xfffffffffffff800}, {&(0x7f0000000340)="e54c9560046afca1d0eceaad2d1ef78eb0499dc170e9170c5be99ec7ea158a203f77998d8c3187f7cfd76a8039fa5b10955e0a4345a65f66d13a8cd1a7396106627160d914030e9b8cd982eadc3ba256f44b", 0x52, 0x2}, {&(0x7f00000003c0)="7c6e73fbb626620f954b738f880e31da22d9f1b31ce4ef33e5fccdb30c5bd8d8817c2705f4077923db842511a528bafc407894ed894983ab63f902382581dd414d6aac47e05fe9c7dbbeaae0ad0b29d41213bd", 0x53, 0x1ff}, {&(0x7f0000000440)="483adb0b5f92352be02526d7b5b98111bf01cd5b97e337e797301a05f594e49dfbbc23d74c6793cd13bb938fe580b5303871d2ca1ddbf9d8dbb2e75b3486311c83c489e1e940608e81116cb4018fd0874de64bfe64c5fc65fc8328f2c8b5451cbaae1eb263591e0bc5be718dad3e3026f7223445bfd63badf370212d217823a059e8436ec0e5ba9d569fa1b584a50cdf8398888649f5ebd35e355efd04d3b1e644a6d56f6447f2f181a5f7b77ff1c90aae3d4034704d4098a365587110b954a4dceecd12877ac4acc101671ca27eccf6", 0xd0, 0xde}, {&(0x7f00000001c0)="32f63f03bb5e3058e34ee2a38aa9cdb3e3cc9dd1ddd746fb92137f96934462b877", 0x21, 0xa2e}, {&(0x7f0000000540)="d9034f611dc0f17983162bffdca5535aa00fe68de430f0979503ff8d966500e20b1379a5deb94bb6e2af52070d9606e0055f967db47466c7267ca1721f0db9ca1b826a30", 0x44, 0x7}, {&(0x7f0000000680)="76572c586ce9f5eb433475743e1a35bc4ca2cf52171028a4a9a0d72c50661bac001368f144e2b7e37d32342273dce2d02a49476f5642bc166308ae8fe47036e6788d941996a7f2c318af3035aa5d0e237e8eb5fa7c951a40c602b01aaa9365d71be3e576c15a117511e80f5541544062b222bb9829d237385523c4a5cf0a9d46852bd4bea47d08b4be07d297c527e6c47356e4f9ccccf2b57772279468a0ddd0623ff47028648d66e4700ad7180691b3bb8bb9e58fee0a8efa881b86a058421b58f4f5eebb1dcbb66b450cf4d67651c9385bb47ed4d7c814", 0xd8, 0xcb6}], 0x10c4024, &(0x7f0000000880)={[{@datacow='datacow'}], [{@context={'context', 0x3d, 'system_u'}}, {@obj_type={'obj_type', 0x3d, 'eth1bdev{vmnet1\x9d.#!wlan1[+'}}, {@subj_role={'subj_role', 0x3d, '$'}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise='appraise'}, {@mask={'mask', 0x3d, '^MAY_WRITE'}}, {@pcr={'pcr', 0x3d, 0x1a}}, {@fsuuid={'fsuuid', 0x3d, {[0x63, 0x32, 0x31, 0x39, 0x32, 0x64, 0x33, 0x31], 0x2d, [0x34, 0x65, 0x34, 0x65], 0x2d, [0x0, 0x32, 0x0, 0x61], 0x2d, [0x62, 0x62, 0x64, 0x47340a671857d44c], 0x2d, [0x30, 0x35, 0x34, 0x36, 0x77, 0x61, 0x37, 0x62]}}}]}) 21:25:09 executing program 0: r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00') sendmsg$TIPC_NL_PEER_REMOVE(r0, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x50, r1, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@TIPC_NLA_NODE={0x1c, 0x6, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7fffffff}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x6}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_NET={0x20, 0x7, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x5}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x4}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000}, 0x40800) ioctl$EVIOCGPROP(0xffffffffffffffff, 0xc004743e, &(0x7f0000000440)=""/246) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0xc0440, 0x0) setsockopt$inet_sctp6_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000140)={0x1a, 0x2, 0x6492, 0x1, 0x2, 0x97, 0xbd, 0x3ff, 0x3, 0x200, 0x1}, 0xb) ioctl$PPPIOCSMAXCID(0xffffffffffffffff, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x280, 0x0) ioctl$EVIOCGKEYCODE(r3, 0x80084504, &(0x7f0000000080)=""/124) 21:25:09 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) lsetxattr$security_smack_entry(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='security.SMACK64\x00', &(0x7f00000000c0)='*cpuset{,/+user\x00', 0x10, 0x1) [ 399.602746] FAULT_INJECTION: forcing a failure. [ 399.602746] name failslab, interval 1, probability 0, space 0, times 0 [ 399.614702] print_req_error: I/O error, dev loop1, sector 128 [ 399.657981] CPU: 0 PID: 13875 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 399.665141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 399.674477] Call Trace: [ 399.677052] dump_stack+0x138/0x197 [ 399.680665] should_fail.cold+0x10f/0x159 [ 399.684807] should_failslab+0xdb/0x130 [ 399.688765] kmem_cache_alloc+0x2d7/0x780 [ 399.692892] ? wait_for_completion+0x420/0x420 [ 399.697460] __kernfs_new_node+0x70/0x420 [ 399.701592] kernfs_new_node+0x80/0xf0 [ 399.705464] __kernfs_create_file+0x46/0x323 [ 399.709855] sysfs_add_file_mode_ns+0x1e4/0x450 [ 399.714507] internal_create_group+0x232/0x7b0 [ 399.719073] sysfs_create_group+0x20/0x30 [ 399.723200] lo_ioctl+0x1176/0x1ce0 [ 399.726816] ? loop_probe+0x160/0x160 [ 399.730596] blkdev_ioctl+0x96b/0x1860 [ 399.734460] ? blkpg_ioctl+0x980/0x980 [ 399.738335] ? __might_sleep+0x93/0xb0 [ 399.742214] ? __fget+0x210/0x370 [ 399.745667] block_ioctl+0xde/0x120 [ 399.749274] ? blkdev_fallocate+0x3b0/0x3b0 [ 399.753576] do_vfs_ioctl+0x7ae/0x1060 [ 399.757444] ? selinux_file_mprotect+0x5d0/0x5d0 [ 399.762177] ? lock_downgrade+0x6e0/0x6e0 [ 399.766304] ? ioctl_preallocate+0x1c0/0x1c0 [ 399.770690] ? __fget+0x237/0x370 [ 399.774127] ? security_file_ioctl+0x89/0xb0 [ 399.778514] SyS_ioctl+0x8f/0xc0 [ 399.781859] ? do_vfs_ioctl+0x1060/0x1060 [ 399.785988] do_syscall_64+0x1e8/0x640 [ 399.789861] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 399.794689] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 399.799855] RIP: 0033:0x4596e7 21:25:09 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) r1 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20\x00', 0xa003, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x40, 0x0) r2 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/policy\x00', 0x0, 0x0) setsockopt$bt_rfcomm_RFCOMM_LM(r2, 0x12, 0x3, &(0x7f0000000140)=0xea633b425563b466, 0x4) r3 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000640)='/selinux/commit_pending_bools\x00', 0x1, 0x0) ioctl$EVIOCGPROP(r3, 0xc004743e, &(0x7f0000000540)=""/246) ioctl$RTC_PIE_ON(r1, 0x7005) ioctl$PIO_CMAP(r1, 0x4b71, &(0x7f0000000180)={0x9, 0x40, 0x4, 0x100, 0x9, 0x35c}) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) [ 399.803024] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 399.810799] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004596e7 [ 399.818048] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 399.825296] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 399.832545] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 399.839795] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:10 executing program 4: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x80000, 0x0) ioctl$TIOCMGET(r0, 0x5415, &(0x7f0000000080)) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:10 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) fadvise64(r0, 0x0, 0x2, 0x5) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 399.930829] print_req_error: I/O error, dev loop2, sector 128 21:25:10 executing program 3 (fault-call:0 fault-nth:20): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:10 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x8, 0x800) r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x4080, 0x0) ioctl$EVIOCGPROP(r2, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f00000000c0), &(0x7f0000000140)=0x14) 21:25:10 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x20, 0x0, &(0x7f0000000200), 0x0, 0x0) r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000440)={@in6={{0xa, 0x4e24, 0xffffffffffffdc66, @empty, 0x5}}, 0x0, 0x1ff, 0x0, "459d42f3396a9f8dea849503321656e62c109c6c97fe28fbbbe04319a99696835ef9c34bb6ba9d5bff6cf67b3841b7f2c587e53a2013767a09ff0bd895fabb467b92fef64f70f3ce79e64fb0b0a043ae"}, 0xd8) readlink(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=""/8, 0x8) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x2141, 0x0) fgetxattr(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="757365722e000000007301"], &(0x7f0000000340)=""/244, 0xf4) ioctl$SIOCAX25NOUID(r1, 0x89e3, &(0x7f0000000280)=0x1) 21:25:10 executing program 4: perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x9e, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f000002b000)='./file0\x00', 0x0) mount(0x0, &(0x7f000002c000)='./file0\x00', &(0x7f0000000140)='ramfs\x00', 0x4040, 0x0) creat(&(0x7f00000000c0)='./file0/bus\x00', 0xcebb6075bb566d03) sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, 0x0, 0x40000) r0 = open$dir(&(0x7f0000000000)='./file0/bus\x00', 0x0, 0x0) fcntl$lock(r0, 0x26, &(0x7f0000000040)) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x1000011, r0, 0x0) 21:25:10 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xaaaaaaaaaaaaade, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x6, 0x10000}], 0x0, 0x0) 21:25:10 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) r1 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x400, 0x4400) ioctl$VIDIOC_S_OUTPUT(r1, 0xc004562f, &(0x7f0000000140)=0x7) [ 400.254600] audit: type=1804 audit(1567113910.355:59): pid=13920 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir975667901/syzkaller.e1eKDu/282/file0/bus" dev="ramfs" ino=63187 res=1 [ 400.288507] FAULT_INJECTION: forcing a failure. [ 400.288507] name failslab, interval 1, probability 0, space 0, times 0 [ 400.333995] CPU: 1 PID: 13912 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 400.341125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 400.350476] Call Trace: [ 400.353072] dump_stack+0x138/0x197 [ 400.356710] should_fail.cold+0x10f/0x159 [ 400.360869] should_failslab+0xdb/0x130 [ 400.364854] kmem_cache_alloc+0x2d7/0x780 [ 400.369001] ? wait_for_completion+0x420/0x420 [ 400.373590] __kernfs_new_node+0x70/0x420 [ 400.377621] audit: type=1400 audit(1567113910.355:60): avc: denied { map } for pid=13914 comm="syz-executor.4" path="/root/syzkaller-testdir975667901/syzkaller.e1eKDu/282/file0/bus" dev="ramfs" ino=63187 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:ramfs_t:s0 tclass=file permissive=1 [ 400.377740] kernfs_new_node+0x80/0xf0 [ 400.410398] __kernfs_create_file+0x46/0x323 [ 400.414810] sysfs_add_file_mode_ns+0x1e4/0x450 [ 400.419484] internal_create_group+0x232/0x7b0 [ 400.424071] sysfs_create_group+0x20/0x30 [ 400.428222] lo_ioctl+0x1176/0x1ce0 [ 400.431864] ? loop_probe+0x160/0x160 [ 400.435666] blkdev_ioctl+0x96b/0x1860 [ 400.439544] ? blkpg_ioctl+0x980/0x980 [ 400.439563] ? __might_sleep+0x93/0xb0 [ 400.439573] ? __fget+0x210/0x370 [ 400.439585] block_ioctl+0xde/0x120 [ 400.439596] ? blkdev_fallocate+0x3b0/0x3b0 [ 400.447338] do_vfs_ioctl+0x7ae/0x1060 [ 400.454400] ? selinux_file_mprotect+0x5d0/0x5d0 [ 400.454412] ? lock_downgrade+0x6e0/0x6e0 [ 400.454424] ? ioctl_preallocate+0x1c0/0x1c0 [ 400.454435] ? __fget+0x237/0x370 [ 400.454450] ? security_file_ioctl+0x89/0xb0 [ 400.467360] SyS_ioctl+0x8f/0xc0 [ 400.467370] ? do_vfs_ioctl+0x1060/0x1060 [ 400.467384] do_syscall_64+0x1e8/0x640 [ 400.467393] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 400.467411] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 400.479365] RIP: 0033:0x4596e7 [ 400.479371] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 400.479382] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004596e7 [ 400.479388] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 400.479394] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 400.479399] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 400.479405] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 400.584848] print_req_error: I/O error, dev loop1, sector 128 [ 400.611867] audit: type=1804 audit(1567113910.715:61): pid=13920 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir975667901/syzkaller.e1eKDu/282/file0/bus" dev="ramfs" ino=63200 res=1 21:25:10 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/igmp\x00') accept4$rose(r0, &(0x7f0000000080)=@full={0xb, @remote, @remote, 0x0, [@remote, @remote, @remote, @remote, @bcast, @netrom]}, &(0x7f00000000c0)=0x40, 0x80800) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:10 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/mls\x00', 0x0, 0x0) epoll_pwait(r0, &(0x7f0000000080)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x8, 0x7, &(0x7f0000000140)={0x9}, 0x8) 21:25:10 executing program 4: mkdir(&(0x7f0000000340)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) mknod$loop(&(0x7f00000001c0)='./file0/file1\x00', 0x0, 0xffffffffffffffff) read$FUSE(r0, &(0x7f0000000780), 0x1000) write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, 0x1, {0x7, 0x1e}}, 0x50) read$FUSE(r0, &(0x7f00000020c0), 0x1000) read$FUSE(r0, &(0x7f00000030c0), 0xffffffd1) write$FUSE_ENTRY(r0, &(0x7f0000002000)={0x90, 0x0, 0x2}, 0x90) write$FUSE_ENTRY(r0, &(0x7f0000000540)={0x90, 0x0, 0x3, {0x2, 0x0, 0x0, 0x800, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x85eb}}}, 0x90) 21:25:10 executing program 3 (fault-call:0 fault-nth:21): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:10 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) r1 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) setsockopt$netrom_NETROM_IDLE(r1, 0x103, 0x7, &(0x7f0000000080)=0x2, 0x4) [ 400.796414] FAULT_INJECTION: forcing a failure. [ 400.796414] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 400.808430] CPU: 0 PID: 13952 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 400.808437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 400.808441] Call Trace: [ 400.808460] dump_stack+0x138/0x197 [ 400.831093] should_fail.cold+0x10f/0x159 [ 400.835250] __alloc_pages_nodemask+0x1d6/0x7a0 [ 400.839960] ? __alloc_pages_slowpath+0x2930/0x2930 [ 400.845020] cache_grow_begin+0x80/0x400 [ 400.845036] kmem_cache_alloc_trace+0x6b2/0x790 [ 400.853738] ? kernfs_put+0x35e/0x490 [ 400.857532] ? devm_device_remove_groups+0x50/0x50 [ 400.857546] kobject_uevent_env+0x378/0xc23 [ 400.857555] ? internal_create_group+0x49a/0x7b0 [ 400.857570] kobject_uevent+0x20/0x26 [ 400.871527] lo_ioctl+0x11e7/0x1ce0 [ 400.871542] ? loop_probe+0x160/0x160 [ 400.871554] blkdev_ioctl+0x96b/0x1860 [ 400.871565] ? blkpg_ioctl+0x980/0x980 [ 400.890492] ? __might_sleep+0x93/0xb0 [ 400.890501] ? __fget+0x210/0x370 [ 400.890514] block_ioctl+0xde/0x120 [ 400.890525] ? blkdev_fallocate+0x3b0/0x3b0 [ 400.905740] do_vfs_ioctl+0x7ae/0x1060 [ 400.909618] ? selinux_file_mprotect+0x5d0/0x5d0 [ 400.914618] ? lock_downgrade+0x6e0/0x6e0 [ 400.918753] ? ioctl_preallocate+0x1c0/0x1c0 [ 400.923144] ? __fget+0x237/0x370 [ 400.926585] ? security_file_ioctl+0x89/0xb0 [ 400.930982] SyS_ioctl+0x8f/0xc0 [ 400.934332] ? do_vfs_ioctl+0x1060/0x1060 [ 400.938472] do_syscall_64+0x1e8/0x640 [ 400.942342] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 400.947172] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 400.952351] RIP: 0033:0x4596e7 [ 400.955524] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 400.963231] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004596e7 [ 400.970484] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 400.977734] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 400.984984] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 400.992235] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:11 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r1, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000040)="0f060f20d86635080000000f22d80f01df0f01c40f2013f3d067f4ba4200ed0f01b401000f01c2660f383eff", 0x2c}], 0x1, 0x1, &(0x7f00000000c0)=[@vmwrite={0x8, 0x0, 0x5, 0x0, 0x1, 0x0, 0x2, 0x0, 0x3}, @efer={0x2, 0x2000}], 0x2) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_TRANSLATE(r3, 0xc018ae85, &(0x7f00000001c0)={0x2, 0x5000, 0x2a1e, 0x7fffffff, 0x2}) 21:25:11 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) uselib(&(0x7f0000000040)='./file0\x00') 21:25:11 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) syz_init_net_socket$x25(0x9, 0x5, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e20, @rand_addr=0x1ff}, 0x10) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:25:11 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) r1 = syz_open_dev$amidi(&(0x7f00000000c0)='/dev/amidi#\x00', 0x9, 0x1) ioctl$PPPIOCSFLAGS(r1, 0x40047459, &(0x7f0000000200)=0x8000000) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x0, 0x0) ioctl$SG_SET_COMMAND_Q(r2, 0x2271, &(0x7f0000000080)=0x4) ioctl$EVIOCGBITSW(r2, 0x80404525, &(0x7f0000000140)=""/160) [ 401.280891] print_req_error: I/O error, dev loop2, sector 128 21:25:11 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0x1, 0x2) ioctl$KVM_REINJECT_CONTROL(r0, 0xae71, &(0x7f0000000080)={0x6}) 21:25:11 executing program 3 (fault-call:0 fault-nth:22): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:11 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) getsockopt$bt_BT_CHANNEL_POLICY(r3, 0x112, 0xa, &(0x7f0000000040)=0x10001, &(0x7f0000000080)=0x4) 21:25:11 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) r1 = accept4(0xffffffffffffffff, &(0x7f0000000040)=@ax25={{0x3, @netrom}, [@netrom, @bcast, @default, @default, @default, @null, @netrom, @bcast]}, &(0x7f00000000c0)=0x80, 0x80000) sendmsg$nl_netfilter(r1, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="3c000000140f000226bd7000fedbdf25000000033c6d7417433f30649cac7689674a0a669f3684cc51d4eb0ea400"/60], 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x20000000) [ 401.510311] print_req_error: I/O error, dev loop1, sector 128 21:25:11 executing program 2: lsetxattr$trusted_overlay_nlink(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='trusted.overlay.nlink\x00', &(0x7f00000000c0)={'L+', 0x7fff}, 0x28, 0x3) r0 = syz_open_dev$swradio(&(0x7f0000000cc0)='/dev/swradio#\x00', 0x1, 0x2) ioctl$SG_IO(r0, 0x2285, &(0x7f0000001280)={0x53, 0xfffffffffffffffe, 0x73, 0x3f0479a, @scatter={0x6, 0x0, &(0x7f0000001080)=[{&(0x7f0000000d00)=""/191, 0xbf}, {&(0x7f0000000dc0)}, {&(0x7f0000000e00)=""/79, 0x4f}, {&(0x7f0000000e80)=""/169, 0xa9}, {&(0x7f0000000f40)=""/44, 0x2c}, {&(0x7f0000000f80)=""/216, 0xd8}]}, &(0x7f0000001100)="b9bf9f8d6639d7df38cf9bf8bfcbb7518f7464f8c15fe5fec1fa30951bb791f6e1c053e283540d02a3f7a4a0cb8be6b6279db0b131bbfc36677d1694695833f7e42a3a1bd081aeba147ad85f0ff4d1781a439835d2c50b55213ddf1842cca84858e42727964461a9f11796cb0ccf5e03997b4d", &(0x7f0000001180)=""/189, 0x2, 0x1, 0x1, &(0x7f0000001240)}) stat(&(0x7f00000005c0)='./file0\x00', &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000008c0)={{{@in6=@empty, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in=@broadcast}}, &(0x7f00000009c0)=0xe8) openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000dc0)='/selinux/avc/cache_stats\x00', 0x0, 0x0) fstat(0xffffffffffffffff, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000a80)={0x0, 0x0}, &(0x7f0000000ac0)=0xc) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000b00)={0x0, 0x0}, &(0x7f0000000b40)=0xc) syz_mount_image$ntfs(&(0x7f0000000140)='ntfs\x00', &(0x7f0000000180)='./file0\x00', 0xffffffffc4f46775, 0x8, &(0x7f0000000780)=[{&(0x7f0000000240)="4c5da1f33d3457db2a62fa2c989232e9ddbfbdd406c73f42b59cef2c5978758a9c7a7489034eeaaeab154fd2ab87869980c852a716701d6cac7e45d864a2dcc0416350250e9c429dde2e428fadd7fe78dd5159d421a3b8aedcb3161762f644b9d0d7a7e112bae2e3817cf823c505ae3a4cbd9967030ccf64cadccf4e827d1a8fb41107c7539bb372c9a86ca0ec", 0x8d, 0x1}, {&(0x7f0000000300)="b8b396cc3af9f2f116f52f1634fbc20bf9584dccb1d1e080a90888dee41895054f99e4e2a88cddf2f3937a7220cb8c13bffe172eb1659d92dd3ec8f367aadb9080a537a99259f237042039c195e3289dfec55716", 0x54, 0x608c}, {&(0x7f0000000380)="c4733fa1820f85f1bc25f6ff27d120dc854360c37d979e7b7858ac391d823a2f8ff76be33fc6cf9cef101a73448113ded663a03b80894509881ba8eb7c070be3b035e2f66d1dc6098dfffe072df1e8fc5ab864ce9a72e4bb7a7b12cdcc00a7ac8788b026e361475bb244b25e9a518f60a8cd9cb8781e84fff20aa3a7b982b2b068710245980ab4f3f24069981d5db8bb375d992ace6aa9166829208c0e04e9f44bc4915318faa49d61fb8615384daf6996a780f25ae47f9634e45060cfa31e7f580e2c6ea3b3dee17dec4006b1d99ff9d91ef9307a650785a03da94e18cd1f38838ef73fce2076ed82cdfd523e6e70a9e769159ff3ef0eeb", 0xf8, 0x4b5e}, {&(0x7f0000000480)="659ac45ffe0b40611d9e344cc9286b3e722989f9f73f0c7b32937ab74a6a37975dcad999fb7df721700199393943fc9f65621685b68259771253ed98ab4a5922bdcd7549d2200ce09ff12c9e4083e348affcd4a244f42e7d480b9f436516115790295334765407c86f6fc03ddb0463b212210ff9d98d9b21721b6e58569feb8339a7a478fd747da61e1b4286009a171c18956bb63c798cc031eac47428d9a40a1870a7cf4bf2286b83dc34128637", 0xae}, {&(0x7f0000000540)="9bd9d9d86e0d6f522144833308714776dbedb52807b1b6d9613b90a867c678e38fb739fea018ddacc83de8d6ffc9e8849f30f2bb55df20baebf5589fac6e0d8385a3e1d942d6cec5629bffe1daece1ff02e65c6ac5275219c3d09a7b176ca4dfa813c93f01b6c95118c14f211bb667ecead386ed525f06ca0a694f", 0x7b, 0x20}, {&(0x7f00000001c0)="d8ac74cab9e83448f8bc08bcbaa39238a7361535a9", 0x15, 0xffffffff80000000}, {&(0x7f0000000680)="eb89bd2562b3c384cbbe82c65e6aeb2ea5192c7cc8a976d5d428c7cfaccf0041e5f1a9f0ccd36f47f2d9f0ace9eaa80e66f32f4d2fba402704c3ecae01181d682325272636367d0e8a365b74443b7793ee23d3c1ce", 0x55, 0x2}, {&(0x7f0000000700)="49c704f5388383e19a0ee70f8521de035abf4e37732afd6d171fbefdfc528d7139807e946eabba611f4a648128b31cb96b23f84f565c59d4150a6268b740a9df50aebfbc01c03fd46c7e7d48709a510c6f7f0cb91927f13f646de38d59c5598316e453", 0x63, 0x8}], 0x400, &(0x7f0000000b80)={[{@case_sensitive_no='case_sensitive=no'}, {@errors_recover='errors=recover'}, {@errors_continue='errors=continue'}, {@nls={'nls', 0x3d, 'cp1250'}}, {@gid={'gid', 0x3d, r1}}, {@mft_zone_multiplier={'mft_zone_multiplier'}}], [{@fscontext={'fscontext', 0x3d, 'system_u'}}, {@dont_appraise='dont_appraise'}, {@uid_gt={'uid>', r2}}, {@subj_type={'subj_type', 0x3d, 'btrfs\x00'}}, {@uid_eq={'uid', 0x3d, r3}}, {@context={'context', 0x3d, 'staff_u'}}, {@euid_lt={'euid<', r4}}, {@dont_hash='dont_hash'}, {@uid_eq={'uid', 0x3d, r5}}, {@func={'func', 0x3d, 'FIRMWARE_CHECK'}}]}) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 401.743561] ntfs: (device loop2): parse_options(): Unrecognized mount option dont_appraise. [ 401.758215] ntfs: (device loop2): parse_options(): Unrecognized mount option uid>00000000000000000000. [ 401.768773] ntfs: (device loop2): parse_options(): Unrecognized mount option subj_type. [ 401.769571] FAULT_INJECTION: forcing a failure. [ 401.769571] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 401.788731] CPU: 0 PID: 14025 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 401.788737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 401.788741] Call Trace: [ 401.788759] dump_stack+0x138/0x197 [ 401.788777] should_fail.cold+0x10f/0x159 [ 401.788790] __alloc_pages_nodemask+0x1d6/0x7a0 [ 401.788802] ? __alloc_pages_slowpath+0x2930/0x2930 [ 401.788824] cache_grow_begin+0x80/0x400 [ 401.788836] kmem_cache_alloc_trace+0x6b2/0x790 [ 401.834257] ? kernfs_put+0x35e/0x490 [ 401.838051] ? devm_device_remove_groups+0x50/0x50 [ 401.843051] kobject_uevent_env+0x378/0xc23 [ 401.847360] ? internal_create_group+0x49a/0x7b0 [ 401.852124] kobject_uevent+0x20/0x26 [ 401.855913] lo_ioctl+0x11e7/0x1ce0 [ 401.859601] ? loop_probe+0x160/0x160 [ 401.863395] blkdev_ioctl+0x96b/0x1860 [ 401.867267] ? blkpg_ioctl+0x980/0x980 [ 401.871147] ? __might_sleep+0x93/0xb0 [ 401.875022] ? __fget+0x210/0x370 [ 401.878464] block_ioctl+0xde/0x120 [ 401.882077] ? blkdev_fallocate+0x3b0/0x3b0 [ 401.886390] do_vfs_ioctl+0x7ae/0x1060 [ 401.890265] ? selinux_file_mprotect+0x5d0/0x5d0 [ 401.895005] ? lock_downgrade+0x6e0/0x6e0 [ 401.899140] ? ioctl_preallocate+0x1c0/0x1c0 [ 401.903555] ? __fget+0x237/0x370 [ 401.907003] ? security_file_ioctl+0x89/0xb0 [ 401.911659] SyS_ioctl+0x8f/0xc0 [ 401.915011] ? do_vfs_ioctl+0x1060/0x1060 [ 401.919150] do_syscall_64+0x1e8/0x640 [ 401.923034] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 401.927869] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 401.933046] RIP: 0033:0x4596e7 [ 401.936229] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 21:25:12 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000000)='./file0\x00', 0xe004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) fallocate(r2, 0x1, 0x0, 0x369e5d84) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) creat(&(0x7f00000003c0)='./file1\x00', 0x0) ioctl$FS_IOC_SETFSLABEL(0xffffffffffffffff, 0x41009432, &(0x7f0000000340)="b96cfff20f3c3927f6c23a47b4f54d42df8bd9802a03eb28f1a0223e86b9d81c2202d5564831dfc98f778171c13b7c76b1d2d515de709d49a083afc58b84a573c0dc0196ca195056610a453a8326730e46eb64da03a43148fce014b5c4d0e5c881342047e94c76b6d72e993a79b20f9de52eb571f6bda90f79935ca30b0be1bea424fe6cc3b890682a61d17c8c1bf2520327f51db2524d217526b6ab31bcdee7ec3b95156b4aad9d9eb1bca85cf991f490cc66a3cc155978f94df8c54ac29c838387a93b2918071b32c8488012090c76e9a2735af0383c8d05829ae1b149b165bbaedb5078704d557f931700") ioctl$DRM_IOCTL_IRQ_BUSID(0xffffffffffffffff, 0xc0106403, &(0x7f00000005c0)={0x1, 0x3, 0x0, 0x2}) openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f00000000c0)={0x0, @aes256, 0x0, "5bf37bb85c848452"}) 21:25:12 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) tee(r0, r0, 0x8, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$TIOCMBIS(r1, 0x5416, &(0x7f00000000c0)=0x3) ioctl$TUNSETLINK(r1, 0x400454cd, 0x205) ioctl$KVM_RUN(r3, 0xae80, 0x0) getpeername$llc(r1, &(0x7f0000000040), &(0x7f0000000080)=0x10) [ 401.943923] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004596e7 [ 401.951266] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 401.958525] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 401.965782] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 401.973053] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:12 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x20000, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x1, &(0x7f00000000c0)={0xffffffffffffffff}, 0x0, 0x6}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000080)=0x1, r1, 0x0, 0x2, 0x4}}, 0x20) 21:25:12 executing program 0: r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/enforce\x00', 0x0, 0x0) ioctl$TCSETXW(r0, 0x5435, &(0x7f0000000080)={0x77, 0x7, [0xdf82, 0x4d2, 0x2, 0x9, 0x3ff], 0x3ff}) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:12 executing program 3 (fault-call:0 fault-nth:23): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:12 executing program 1: 21:25:12 executing program 0: r0 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000080), &(0x7f00000000c0)=0x8) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x40, 0x0) ioctl$UI_SET_SWBIT(r2, 0x4004556d, 0x9) 21:25:12 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x1000000000000, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 402.276877] FAULT_INJECTION: forcing a failure. [ 402.276877] name failslab, interval 1, probability 0, space 0, times 0 [ 402.305864] CPU: 0 PID: 14060 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 402.312981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 402.322778] Call Trace: [ 402.325380] dump_stack+0x138/0x197 [ 402.329019] should_fail.cold+0x10f/0x159 [ 402.329035] should_failslab+0xdb/0x130 [ 402.329049] kmem_cache_alloc_node+0x287/0x780 [ 402.329127] __alloc_skb+0x9c/0x500 [ 402.337173] ? skb_scrub_packet+0x4b0/0x4b0 [ 402.337232] ? netlink_has_listeners+0x20a/0x330 [ 402.337247] kobject_uevent_env+0x781/0xc23 [ 402.345457] kobject_uevent+0x20/0x26 [ 402.345470] lo_ioctl+0x11e7/0x1ce0 [ 402.345483] ? loop_probe+0x160/0x160 [ 402.345495] blkdev_ioctl+0x96b/0x1860 [ 402.373963] ? blkpg_ioctl+0x980/0x980 [ 402.377883] ? __might_sleep+0x93/0xb0 [ 402.381778] ? __fget+0x210/0x370 [ 402.385268] block_ioctl+0xde/0x120 [ 402.388927] ? blkdev_fallocate+0x3b0/0x3b0 [ 402.389158] audit: type=1400 audit(1567113912.405:62): avc: denied { ioctl } for pid=14043 comm="syz-executor.4" path="socket:[64508]" dev="sockfs" ino=64508 ioctlcmd=0x6613 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 [ 402.393249] do_vfs_ioctl+0x7ae/0x1060 [ 402.393262] ? selinux_file_mprotect+0x5d0/0x5d0 [ 402.393272] ? lock_downgrade+0x6e0/0x6e0 [ 402.393282] ? ioctl_preallocate+0x1c0/0x1c0 [ 402.393293] ? __fget+0x237/0x370 [ 402.393309] ? security_file_ioctl+0x89/0xb0 [ 402.393321] SyS_ioctl+0x8f/0xc0 [ 402.450975] ? do_vfs_ioctl+0x1060/0x1060 [ 402.455125] do_syscall_64+0x1e8/0x640 [ 402.459008] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 402.464120] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 402.469482] RIP: 0033:0x4596e7 [ 402.472990] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 402.480830] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004596e7 [ 402.488099] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 402.495357] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 402.502712] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 402.510255] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:12 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x4, 0xafd, &(0x7f0000000040)=[{&(0x7f0000000140)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0xfffffffffffffe87, 0x10000}], 0x0, 0x0) 21:25:12 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000000)='./file0\x00', 0xe004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r1 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) fallocate(r2, 0x1, 0x0, 0x369e5d84) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) creat(&(0x7f00000003c0)='./file1\x00', 0x0) ioctl$FS_IOC_SETFSLABEL(0xffffffffffffffff, 0x41009432, &(0x7f0000000340)="b96cfff20f3c3927f6c23a47b4f54d42df8bd9802a03eb28f1a0223e86b9d81c2202d5564831dfc98f778171c13b7c76b1d2d515de709d49a083afc58b84a573c0dc0196ca195056610a453a8326730e46eb64da03a43148fce014b5c4d0e5c881342047e94c76b6d72e993a79b20f9de52eb571f6bda90f79935ca30b0be1bea424fe6cc3b890682a61d17c8c1bf2520327f51db2524d217526b6ab31bcdee7ec3b95156b4aad9d9eb1bca85cf991f490cc66a3cc155978f94df8c54ac29c838387a93b2918071b32c8488012090c76e9a2735af0383c8d05829ae1b149b165bbaedb5078704d557f931700") ioctl$DRM_IOCTL_IRQ_BUSID(0xffffffffffffffff, 0xc0106403, &(0x7f00000005c0)={0x1, 0x3, 0x0, 0x2}) openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f00000000c0)={0x0, @aes256, 0x0, "5bf37bb85c848452"}) [ 402.606227] audit: type=1804 audit(1567113912.695:63): pid=14077 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="ToMToU" comm="syz-executor.4" name="/root/syzkaller-testdir975667901/syzkaller.e1eKDu/284/file0/file0" dev="sda1" ino=17713 res=1 21:25:12 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='.\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10004}], 0x0, 0x0) ioctl$KVM_GET_NR_MMU_PAGES(0xffffffffffffffff, 0xae45, 0x7) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000180)={0x0, 0x8e7}, &(0x7f00000000c0)=0xffffff4b) setsockopt$inet_sctp6_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000140)=@assoc_id=r0, 0x4) r1 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) ioctl$sock_proto_private(r1, 0x89e0, &(0x7f0000000680)="42bee2beee8b4dea3a866ea015b0dce05f7c7176cf66303536f5d9bc471f73f6c2f4ff04e7e46c0511f0c843160b469d93d65b5cceaed0a31e2b712ecea1c7d41f1cec20d4ec8b39bf88d481764c6409272d2d17438b7af3787f49ad2b5063563f353d0ccd38aff41d2c85ed14fa7c10eaec865f4ed75e98b412f8b87bd3a8531dc9e486390bc779440ba409ca52c3df44e28019db34ab52b18097423f9df63e03f5721dcc76a763e92b6a7978044aa01e683a8133e201f3fd398d1d389dbfe7cc88cee523e230859cc473197714a6ddb52290785e04ba4324801808fed3c100226a0b5938af20da3cb0d56d054b9a6fcf0d1d0d2a3ce3ea2c9cf3ab5e97a8a367bc5eacea0cb0d4d867309bb6968675c0ee5f7317d54ed666484bd99e9fec25040d116016938aab6af777351b9e0dea2ce68c2a963775becc7d910dde577a6ed151504e7012c2d614c7a1a4d62bc03964ce5ff97f61e17775ea76a0712629524163e232366f271324293bee16a047cb26a6f2c92d85e79a3e85e701edc40de333eebe78e47d68a29135d2767491451621799c36e6516421d79d88dfbac5678edaf01481d545658f35025f7e4e9488b4cba7fa0b093b3839c014c4e0ef10a010926b197646200cc595ff57864c720971af8d5d8f37553c25bbae667a153ed7bf52deafa11b33273610755c5c5d70f0039a3c4cb6b51a327233b51c6fdb9a72ae826f00545909e7c349e1d5f4f790c75604c23cab4ec776af38a9431dee860ff70b832c02962bf81fdba01763b137c1df8269a7abbd6deea20ab0a03e1d6ba019e40d5ed9fa55d35e72a3f56444ce8aeca61a3159de847d07f28c87a99dfc6b02f7478d4e84cd4c1cfde38a8b514d0689ceb2dab19967a45d09fee5820d899709c025aadaae9a8bf88b07c8fe0c3462a1ba8f4a8c27b42186ce0263a0173c6665320d9a7023728a23aaac1ffe2b1fce8ebc0708570c4f39dd0f7fb08bceb2eac8ea09b4c744b92f56654502d9db6b208afd18ca684da5b9c0d78db7d25af4c6263b9414979bffcf803060b830cdd91e1ba1d3f88ad6c785d8b7a8b89bfa53aef4f80d5a182d5c7d1b9d9e2f9474253a9016bdf034365bfce5fdd7ff0d91b77893ded2a85f8e7e4d1373abc3bb329463c41a9cfc8b07516e1c9ff3a815377237e3498ec3df5ade482b53df1ea58ab7db6f26021b8915de3ffffa654e53fbec71f2a905c61c668e58566e22283d3f24722cf156baa423d2a3b36449bc282b3e720b96e012f04423120e54803401201b73c4f04c504012235858761c14a75686a334f20bdebb9fe98b354e6fa739ccd775ca3492071ad204eaff0d214c902555710ff29e3a3fc734635e064a6dc62b167d116edcd3e14d2b546edb4d47ef9de84f5479bc90afe6b6484af5a9032c639f0be7a0d7cafbe8ff20a61db94072f53467f80cb554ced03b57bbdb1726072f82077a9bf218645366953e30627e1ea41436ccfb30343755432092e4545e4b809a2928203c62dfb5caa409c2d926d8f90953b6a3c93e18be2e887f92fb5005852775d220954578f98c507be06f4ff93ffc655ede27567592fda189e1d05a46e3c24375b5e5b115e3dc3d9000b23f16c34e1c7db01e5851cf1cf27e537cac6d5fec1df5743e8cd05e33c51cbff5bf516dc03458d14f264a96e681cafb6b805975e1734a4e2365bd3f1cf07dc1d519453638d96d11c1e08ce71f21e7e398ad9ede2cde40c1cd4fd3a66c926c5ceccc7b50c3203e3719b7817cd824df75a44b5324ff890ae3c448b863073c174d584a1b68ca053ef53b47ed6e7323cb523db86c91c4c32300140d611d0919663a8ba2f5b91a4af1844fba5d1e82bcfb83323b5a8ac59f34e5c69982dd0e03f81f9c27b84046c164bc35d3fdde844ad5697a0af3b11825f5899c5314df440740274a974a59341b6edf7aae73d577a8ed1a0f04c41f7a8c7c1cce5b8dd08fe39f60e1ddebfe5c5521485d443f9331f0b13cc36d71ab27133619ada960a23e389172fc91e3e096d06784381de6aea65e19fcde9a4908492f5b5aedd83b29d6e67c304abe7b45e6d31c4f143fcb4b98725fa0ea135869a864cac3cb65045f8bd28630a0c0d8dd50377521d4bd94f6b87ae7ed90eeed97c487108a875ac9a4d4309afc8a4ba1dac8337c16c280e8a1ee3d8b86f59217f2de9439d0fc551af2587331ed9fceddc103d3b5c13a53d59680671fb1a852ce0c372bb9ce5731078972f19849cb22d842da1919f076757f382558f9a223c88b584b2d623b8730bcfdff2a688eaaed0028181032abde6a244f36ffe3574e52c6cd61afb661f8de02d96bb5d850992ea8d8564787ac5006b0d0f121c7f3be2d5d862884765eaa3df90a383bb28a629b677bffddb6ff57c5688f2bbeca8dc201170a5668f0fdc9b01773fe223f884cd7da456da80e82b1636a39cb5fc74c8a90a23e885b8901002923a889297211e001d7a7862615e81c1d352051092502dd0e20c5fa45acb3ada41cc8bcd53adcace15baecb1c5960b1d2f1b0269f2b067ce3c1824d12829f7c7fbf04926cff619f3ac84fcc4ca6fab1883c39143f56c99a3dac0aa0449582110dfa4128edc40c7e24a2912c7563d386d8aedfad52663d941e47d8cce5fddd392ed987743da652ec3e31555d89229d83759e3020ca7ca647167fc4ec3c1047b840882e689d396efa440be1185333061b55fc849667390b8bf3b86e788a2c4e45d2e3bed4ea40641b776da4488c40ab31a81b7e550da52c95564d7fa0f46752536ba4ac966be515240d5b4b26c4486aab3c858f1bec3d4f8c10f755d1eac5ddde3e33fa1c6ac0a92a768ffe93aaa4e74640bd55993a65367e51acfebabc40c2927dbf7459e27c2193c1eeb79562c9e4d19452c327d6d21876f5eaa5de27774738edfbc796a3d075c4f828a7566a6197df48cb5877f10ce974f8a471b497107260b5e7c80c9a70f68a721afc4115656a40a504b2bc0fda54fa6cbb66193d00eb2d507d820f484ef08936f90f0c49fbbf5e21cfc8c400c39be4043110ea965a1ef39e67f6a351b71b7424d88298a1fd4b9b8ed60996884fe2c0c850430dd2228a3823df6f762eb0042e64369287917ba2c4c50a0917cd8c642ca6cfb9d1aac8c8dbeea51aa8be9b4f19967f668fd29f46bd77bbdbac79c23467ebdbbcfadc264049ad16f044f43cd67d35e94d9c599615e38f0f251be45e7fd688fdb7820a084e24404bf5904bc5c8d1e5cdacdb71bb9888fb0cea3223703f23aacc4420865f9395e90751e5665f1ef0513b584eeca929aaa326c7275df05a066736b103e06c62c102f15481ea03ecea4b9f2a97c9802d8f95d639d1319c4d05aa381542eec9130e5d6ec187f7eb8636551a8783739eb2be1e00a4223b4ecad44ab947218fe9783f1e266234c36163d5ad53fe5c90910ba72fd77c36fa1b5259202f78c72e240e5895cffff65a94ce06635a7db970a5a863e6028dc1dc6c4423753d0377856fb4d09d4c7f46be1f79a35efb2d42f4484c3d7a1ec5e52564e265995b6ba2a019588645a52478e6e8bc7873ccf3102ee342964632ac577e00c8c935a461d8c9a8dce8c74ee3105c4879f6432c4544c3b63af73fbea10235785a1e1f646da043c30f032ca7a3561839954d7ef6f20968f10bd01b78233d22b6ec2fe7a60d4213c98767de9d4231e7071ad19566ca5ca7c7b2a37e588a8ee720823e974a59e6d78c13aa4f092f1b4e53300ef361ce770cd39ba8612095975910627c21fbf8aefbbad69fbae59647f2b013c3fdf20fb18226c8c00a769e5441add55c7a1f07966c03f1c18ff7e416a6f1a6c5741d708e2d9865b45d478c0fd0af8e3ac2ca73bbba5cd2f8e16912d50fcdf57b1c844a4c7345cdd6a066117f0a59047dd46ee5c49d133beaa571c2179d41d8073d1cf30da0ebb4e75d4e3bacc7c8a985c8b7dac532b91b6575b5a8db08822e2d00c82bf3546c6ca2f3d165b09cc0751fc6fdfdf00c8b92289c5a665f9e8592f09d85f44040898187bf07541d194ca180283bf1ce2fa93ab8e60cbd187af9332218354367d929ad177703b9278f67dda2ce4de8d564f6ecf2ef74e8d654aff2670b4326caa26f140eb63a3c538c8d77dbda388254d7a06884b0b205fcf77800b3b77949e55824647ac5810df4384db67bf9aef5f01de5e7cbb15ef788572e9821fba4b6d11799928798c8c916b2f4f650fd8a605f5840a7c2221ece83fa57e6e4544a4de7596c1af0f8858b4d24daa13f3463a5d935eb84ebfc029bd5e16e2fb1d0d3cb7655a8ba6bc221a7bd33ef9bf936b6e32232af4449b75c44964095cf0cdf46714a6ada1c0268027685474da5a36a0340b162093d0aef731724cf1663d31bf33ff13859c80c47623f8bc381eb2b4b09279559990fc62ce3803a05d6c4144d1b4b1fb2723f81eb93643b1842c369c67a0e0c0fb51275655a13156f085d21cf1391ac8b9fee2cb190771e4faece12cc79e4698eb27341b65990548d21dbf6d1cc42ea46e27084fdd3f028b2e3a7e85ac4bb5daee08b421808b2f4fb521e4ce1c40b9db8d08866233ceddfa9d96d2f6b558b8e5e2a44e291c7e41869e302eab2cb026c32f3e808e2b8b628935dd307e04df848a1300bd4d68ecd7efe389d9e32441428fffeac8e629a57dc82b6caa9d0d8693779466a4a63a6374eaed9b41017a74410bb9763a190436c1545cfd091d753012ba63dd2fd6b7ad886533cc8c128b450b4f630dfdd7100f3227dd393384101b7dd0574436d7d097addcd9c8928483f16c7810e806d15688f4702af5b8dcc27e17dd8ced7b536946e6cbe4670c331f26d63797c570546ca0ab0d6e528241ecc049e381dc78a8617ef16a4e29f6c97c1b924f2103933490a76a9a02ea20331c39b7193809b5790bbeb6a22e605c01e9e2b94865cf70246d130415cd8f5ed99ca996f94a4c377da0c12418e9c41797291202efe7239fa1ccd1b70a6e1bedd223420d90d9a7898bbe8b4ada094118a802932506d06aad155e38305cbb5b3974d2734320de6c95ded5a23ae0a1ad8c64d87aa80d10ccd02122dbcea42a52ab29a77069d51625a86c05fc6666c2cb324db243a5a98c12ecb83f7c8fd60f57cfc25cd8e86a07a1cdbe00cd5d490ad85640c0d770d85bfdf058e25c6adcc6895c0df2b624876c55737ca5affd0ddd2bc3bd33d724c58f5d03fb8ad1ab6b963eadac772a3d06cb68747795deedac63ab843175ebe3df700290eedc6a3b2978f0eeb75bf5713be02d66616c9447c7f6543ef1f7de24ee4d30186ebf4f704ade54fcc3a2cab3b4a98d15c5d5ae7a04ab9fac4012b76250e82d07408512b62f05dae0ef256fbafe072b4ef54ad21a89281d78faa641f66bb7e1f766cab116791477c6b4e3c87e131f949c2da07d87e58ea02955c58c5ed03964ced9adb39cd887849441cd91508ab15ee5fcaf74526cd458fdd7e9ce439903a6b3c3e77875ac43f339372d46ddc8aa495055a5075c736fe94ae4139f68d844c097e7637e8588b5b56563d7644f153f00942acc67375878178ac68243c1de0da67e87a366f459fad64938fd46819892bf33cba91336df28125128f172699004b93f8476d806cae5a73fa44cf3bc3b13a6ea71867a3704f21b8562b8c87d8213e6feccea611472cdbf20f1701fabb1cbb88381b5a61b54a1da981bea88f24b7a29e1727680bbd8572de199105c9af42d60d578cf768cf4490c946d0ac7bedbf19a5fdfacb56c2d73484095246d6b2e756d6af315816334e97089a097ad10d3d28") 21:25:12 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) open_by_handle_at(r1, &(0x7f0000000380)={0xca, 0x7, "1313c80b0a653acece879c688a055fe542b4d85bcb0e95635d733e910500497d0cff80a923d82b93e56d572f3b9a923a336ef3769c4241939fe9a04b55b50db8503ecd5dd0a5808bb4cb6f43870ef079214aca921488445efc56b371046a2b53bd248d45dbda00c7575981f43a734a5aeef7affc7c8c178119a06ff81625c669c8ffa67cba9f198e190fd69adac4fabf5ed4ac3875bfc6bcf1c9401cd7a138b26ba6f0e02199f93c5fb3e765defe06180c6928a9755c4baccf76f4e7e9780894fdae"}, 0x101000) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$TIOCGLCKTRMIOS(r1, 0x5456, &(0x7f0000000040)={0x3, 0x90b, 0x7fff, 0xffffffffffffffe1, 0x4, 0xffffffff, 0x8, 0x9, 0x9, 0x9, 0xffff, 0x1}) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0xc242ece877e7d68d, 0x70f5d3b31a9c231f, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:25:12 executing program 0: r0 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0xe8, 0x80001) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000080)={0x0, 0x1, 0x10}, &(0x7f00000000c0)=0xc) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000140)={r1, 0x8000, 0x10}, 0xc) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) fcntl$setstatus(r0, 0x4, 0x800) ioctl$EVIOCGPROP(r2, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r2, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:12 executing program 3 (fault-call:0 fault-nth:24): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:12 executing program 1: r0 = add_key$keyring(&(0x7f0000000280)='keyring\x00', &(0x7f00000002c0)={'syz', 0x2}, 0x0, 0x0, 0x0) request_key(&(0x7f0000000180)='encrypted\x00', &(0x7f00000001c0)={'syz', 0x3}, &(0x7f0000000240)='\xc1trustedeth1vmnet0lovboxnet0+self\x00', r0) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x2001000, 0x0) r1 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x9, 0x400000) getsockname$packet(r1, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, &(0x7f0000000140)={0xec2, 0x3, 0x619, 0x3, 0x400000}) ioctl$RTC_UIE_OFF(r1, 0x7004) [ 402.913797] FAULT_INJECTION: forcing a failure. [ 402.913797] name failslab, interval 1, probability 0, space 0, times 0 [ 402.955416] CPU: 0 PID: 14109 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 402.962552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 402.971904] Call Trace: [ 402.971922] dump_stack+0x138/0x197 [ 402.971942] should_fail.cold+0x10f/0x159 [ 402.971957] should_failslab+0xdb/0x130 [ 402.971973] kmem_cache_alloc_node_trace+0x280/0x770 [ 402.978173] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 402.978192] __kmalloc_node_track_caller+0x3d/0x80 [ 402.978205] __kmalloc_reserve.isra.0+0x40/0xe0 [ 403.006568] __alloc_skb+0xcf/0x500 [ 403.010204] ? skb_scrub_packet+0x4b0/0x4b0 [ 403.014536] ? netlink_has_listeners+0x20a/0x330 [ 403.019295] kobject_uevent_env+0x781/0xc23 [ 403.023630] kobject_uevent+0x20/0x26 [ 403.027435] lo_ioctl+0x11e7/0x1ce0 [ 403.031068] ? loop_probe+0x160/0x160 [ 403.034872] blkdev_ioctl+0x96b/0x1860 [ 403.038760] ? blkpg_ioctl+0x980/0x980 [ 403.042655] ? __might_sleep+0x93/0xb0 [ 403.046629] ? __fget+0x210/0x370 [ 403.050088] block_ioctl+0xde/0x120 [ 403.053718] ? blkdev_fallocate+0x3b0/0x3b0 [ 403.058039] do_vfs_ioctl+0x7ae/0x1060 [ 403.061927] ? selinux_file_mprotect+0x5d0/0x5d0 [ 403.066682] ? lock_downgrade+0x6e0/0x6e0 [ 403.070833] ? ioctl_preallocate+0x1c0/0x1c0 [ 403.075251] ? __fget+0x237/0x370 [ 403.078714] ? security_file_ioctl+0x89/0xb0 [ 403.083132] SyS_ioctl+0x8f/0xc0 [ 403.086499] ? do_vfs_ioctl+0x1060/0x1060 [ 403.090659] do_syscall_64+0x1e8/0x640 [ 403.094547] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 403.099398] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 403.104592] RIP: 0033:0x4596e7 [ 403.107780] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 403.115491] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004596e7 [ 403.122765] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 403.130040] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 403.137315] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 403.144596] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:13 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = syz_open_dev$cec(&(0x7f0000000080)='/dev/cec#\x00', 0x2, 0x2) ioctl$TIOCNXCL(r1, 0x540d) r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r3, 0xae47, 0xd000) epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r5, &(0x7f0000000040)={0x10}) ioctl$RTC_AIE_OFF(r2, 0x7002) ioctl$KVM_RUN(r4, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 403.165616] print_req_error: I/O error, dev loop2, sector 128 21:25:13 executing program 4: r0 = socket$inet6(0xa, 0x802, 0x73) setsockopt$inet6_opts(r0, 0x29, 0x37, &(0x7f0000000280)=@routing, 0x8) sendmmsg$inet6(r0, &(0x7f0000001700)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, 0x1c, 0x0}}, {{&(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={[], [], @broadcast}}, 0x1c, 0x0}}], 0x2, 0x0) 21:25:13 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="8da4363ac0ed0000000000000001004d0100000000efffffffffffffff000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x6}], 0x100, 0x0) 21:25:13 executing program 3 (fault-call:0 fault-nth:25): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:13 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = socket$inet6(0xa, 0x5, 0x0) shutdown(r1, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000100)={0x0, 0x10, &(0x7f0000000140)=[@in={0x2, 0x0, @loopback=0xac1414e0}]}, &(0x7f0000000080)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r1, 0x84, 0x70, &(0x7f0000000180)={r2, @in={{0x2, 0x0, @multicast2}}}, &(0x7f0000000000)=0x100) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r3, 0xae47, 0xd000) ioctl$KVM_RUN(r4, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 403.358921] FAT-fs (loop4): error, fat_free_clusters: deleting FAT entry beyond EOF [ 403.394499] FAT-fs (loop4): Filesystem has been set read-only [ 403.434250] FAULT_INJECTION: forcing a failure. [ 403.434250] name failslab, interval 1, probability 0, space 0, times 0 [ 403.455108] CPU: 1 PID: 14142 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 403.462234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 403.462239] Call Trace: [ 403.462258] dump_stack+0x138/0x197 [ 403.462276] should_fail.cold+0x10f/0x159 21:25:13 executing program 2: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x2000, 0x0) ioctl$VIDIOC_LOG_STATUS(r0, 0x5646, 0x0) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) chroot(&(0x7f0000000040)='./file0\x00') 21:25:13 executing program 0: r0 = semget$private(0x0, 0x1, 0x70d) r1 = getpid() tkill(r1, 0x9) semctl$GETPID(r0, 0x1, 0xb, &(0x7f0000000180)=""/133) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r2, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r2, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) r3 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x400) clone(0x2000004103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) openat$ppp(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ppp\x00', 0x101081, 0x0) r4 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r4, 0x0, 0x0) ptrace$getsig(0x4207, r4, 0x0, 0x0) ioctl$RNDGETENTCNT(r3, 0x80045200, &(0x7f0000000080)) setsockopt$RDS_CANCEL_SENT_TO(r3, 0x114, 0x1, &(0x7f00000000c0)={0x2, 0x4e20, @rand_addr=0x400}, 0x10) ioctl$SNDRV_SEQ_IOCTL_PVERSION(r3, 0x80045300, &(0x7f0000000240)) socket$pptp(0x18, 0x1, 0x2) 21:25:13 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x58000, 0x0) ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000140)={0x9, &(0x7f0000000080)=[{0x0}, {}, {}, {}, {}, {}, {}, {}, {}]}) ioctl$DRM_IOCTL_NEW_CTX(r1, 0x40086425, &(0x7f0000000180)={r2, 0x2}) [ 403.462293] should_failslab+0xdb/0x130 [ 403.462305] kmem_cache_alloc_node+0x287/0x780 [ 403.462322] __alloc_skb+0x9c/0x500 [ 403.482040] ? skb_scrub_packet+0x4b0/0x4b0 [ 403.482054] ? netlink_has_listeners+0x20a/0x330 [ 403.482069] kobject_uevent_env+0x781/0xc23 [ 403.482086] kobject_uevent+0x20/0x26 [ 403.482096] lo_ioctl+0x11e7/0x1ce0 [ 403.482109] ? loop_probe+0x160/0x160 [ 403.519183] blkdev_ioctl+0x96b/0x1860 [ 403.523255] ? blkpg_ioctl+0x980/0x980 [ 403.527240] ? __might_sleep+0x93/0xb0 [ 403.531122] ? __fget+0x210/0x370 [ 403.534580] block_ioctl+0xde/0x120 [ 403.538206] ? blkdev_fallocate+0x3b0/0x3b0 [ 403.542514] do_vfs_ioctl+0x7ae/0x1060 [ 403.547053] ? selinux_file_mprotect+0x5d0/0x5d0 [ 403.551810] ? lock_downgrade+0x6e0/0x6e0 [ 403.555955] ? ioctl_preallocate+0x1c0/0x1c0 [ 403.560366] ? __fget+0x237/0x370 [ 403.564004] ? security_file_ioctl+0x89/0xb0 [ 403.568407] SyS_ioctl+0x8f/0xc0 [ 403.571772] ? do_vfs_ioctl+0x1060/0x1060 [ 403.575928] do_syscall_64+0x1e8/0x640 [ 403.579898] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 403.584914] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 403.590275] RIP: 0033:0x4596e7 [ 403.593466] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 403.601361] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004596e7 [ 403.609345] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 403.616605] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 403.623864] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 403.631128] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:13 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000380)={0x0, 0x0, 0x5, 0x0, [], [{0x6, 0x6b8, 0x4, 0x10000, 0x7, 0x1b}, {0x3, 0x10001, 0xff, 0xffffffffffffffff, 0x10000, 0xff}], [[], [], [], [], []]}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r1, 0x4010ae74, &(0x7f0000000040)={0x1, 0x92a, 0x401}) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:25:13 executing program 3 (fault-call:0 fault-nth:26): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:13 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = gettid() r1 = syz_open_procfs(r0, &(0x7f0000000040)='net/mcfilter6\x00') getsockopt$IP_VS_SO_GET_DESTS(r1, 0x0, 0x484, &(0x7f0000000680)=""/4096, &(0x7f0000000080)=0x1000) 21:25:13 executing program 4: r0 = socket$inet6(0xa, 0x802, 0x73) setsockopt$inet6_opts(r0, 0x29, 0x37, &(0x7f0000000280)=@routing, 0x8) sendmmsg$inet6(r0, &(0x7f0000001700)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, 0x1c, 0x0}}], 0x1, 0x0) [ 403.846890] FAULT_INJECTION: forcing a failure. [ 403.846890] name failslab, interval 1, probability 0, space 0, times 0 [ 403.865741] CPU: 0 PID: 14178 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 403.873023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 403.882382] Call Trace: [ 403.882404] dump_stack+0x138/0x197 [ 403.882423] should_fail.cold+0x10f/0x159 [ 403.882438] should_failslab+0xdb/0x130 [ 403.882456] kmem_cache_alloc_node_trace+0x280/0x770 [ 403.888771] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 403.888791] __kmalloc_node_track_caller+0x3d/0x80 [ 403.888806] __kmalloc_reserve.isra.0+0x40/0xe0 [ 403.917183] __alloc_skb+0xcf/0x500 [ 403.920806] ? skb_scrub_packet+0x4b0/0x4b0 [ 403.925119] ? netlink_has_listeners+0x20a/0x330 [ 403.929867] kobject_uevent_env+0x781/0xc23 [ 403.934356] kobject_uevent+0x20/0x26 [ 403.938152] lo_ioctl+0x11e7/0x1ce0 [ 403.941916] ? loop_probe+0x160/0x160 [ 403.945710] blkdev_ioctl+0x96b/0x1860 [ 403.949753] ? blkpg_ioctl+0x980/0x980 [ 403.953646] ? __might_sleep+0x93/0xb0 [ 403.957617] ? __fget+0x210/0x370 [ 403.961085] block_ioctl+0xde/0x120 [ 403.964705] ? blkdev_fallocate+0x3b0/0x3b0 [ 403.969016] do_vfs_ioctl+0x7ae/0x1060 [ 403.973024] ? selinux_file_mprotect+0x5d0/0x5d0 [ 403.978103] ? lock_downgrade+0x6e0/0x6e0 [ 403.982243] ? ioctl_preallocate+0x1c0/0x1c0 [ 403.987018] ? __fget+0x237/0x370 [ 403.990478] ? security_file_ioctl+0x89/0xb0 [ 403.995074] SyS_ioctl+0x8f/0xc0 [ 403.998599] ? do_vfs_ioctl+0x1060/0x1060 [ 404.002746] do_syscall_64+0x1e8/0x640 [ 404.006695] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 404.011533] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 404.016762] RIP: 0033:0x4596e7 [ 404.019964] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 404.027784] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004596e7 [ 404.035051] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 21:25:14 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r0, &(0x7f0000000080)=""/90, 0x5a, 0x0, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r1, 0x0, 0xfffffecb, 0x0, 0x0, 0x800e00515) shutdown(r0, 0x0) mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x10, r1, 0x0) recvfrom$inet(r1, 0x0, 0xd172, 0x2, 0x0, 0x800e0050e) shutdown(r1, 0x0) [ 404.042314] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 404.049695] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 404.056964] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:14 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f00000002c0)=0x101) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$PPPIOCSFLAGS(r1, 0x40047459, &(0x7f0000000300)=0x50000) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000380)={{{@in=@local, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@empty}, 0x0, @in6=@remote}}, &(0x7f0000000480)=0xe8) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000004c0)={0x0, 0x0}, &(0x7f0000000500)=0xc) setsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000000540)={{{@in=@local, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e24, 0xd6, 0x4e24, 0x0, 0xa, 0x20, 0x0, 0x3b, r5, r6}, {0xfff, 0xfffffffffffffffa, 0xfff, 0x1ff, 0x7ff, 0x7, 0x43, 0x1648}, {0x7, 0x80, 0x4, 0xfffffffffffffffc}, 0x7, 0x6e6bc0, 0x1, 0x0, 0x1, 0x3}, {{@in=@remote, 0x4d4, 0x2b}, 0xa, @in=@multicast2, 0x3506, 0x3, 0x2, 0x4, 0x5, 0x7, 0x5}}, 0xe8) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r1, 0x40045542, &(0x7f0000000040)=0x5) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x101, 0xb66, 0x6, 0x4, 0x2}, &(0x7f00000000c0)=0x14) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r4, 0x84, 0x71, &(0x7f00000001c0)={r7, 0x1}, &(0x7f0000000200)=0x8) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:25:14 executing program 0: r0 = openat$full(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/full\x00', 0x0, 0x0) read$alg(r0, &(0x7f0000000300)=""/120, 0x78) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000540)=""/246) r2 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000140)='/dev/btrfs-control\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000180)={0x0, 0x1, 0x4, 0x10000}, &(0x7f00000001c0)=0x10) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f0000000200)={r3, 0x1}, &(0x7f0000000240)=0x8) ioctl$KVM_REINJECT_CONTROL(r2, 0xae71, &(0x7f0000000280)={0x6}) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) ioctl$EVIOCGKEYCODE(r4, 0x80084504, &(0x7f0000000080)=""/121) [ 404.094505] print_req_error: I/O error, dev loop2, sector 128 21:25:14 executing program 2: r0 = syz_open_dev$media(&(0x7f0000000040)='/dev/media#\x00', 0x5, 0x210002) ioctl$EVIOCRMFF(r0, 0x40044581, &(0x7f0000000080)=0x4) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000880)={{{@in6=@loopback, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in6=@mcast1}}, &(0x7f00000001c0)=0xe8) syz_mount_image$xfs(&(0x7f0000000140)='xfs\x00', &(0x7f0000000180)='./file0\x00', 0xffffffffffff66e6, 0x7, &(0x7f00000007c0)=[{&(0x7f0000000240)="ec2cb8052dc259bbd66e52c71c166dd4f265a75fbd1c9d8cf780cc0e2594ae6420a6ed6a243c4650dd980827083fe3086e68e14bc2be12fdd5295c4313680c58da4810299a72c0569bf41e0fb65248aa01c8223ba7986489ae55f3d74215b67c9c84", 0x62, 0x7}, {&(0x7f00000002c0)="267387dd8fc7f8b39c5c028204c4e547a29cff225b8b97b100e69a73a0c4cef8fa918fe2b9aff582fb6dee69eb1ce67216638992444f296ba525f2d40e0c056f0695631899f745dd1c84141063597dabb058041c9cc2f40ea24ca0a3062ba2f073647daa42f230232353bab92514108b28d5f391f21d57a52befbd33c7714803f3679c405ec73bec4b1e21c8501cdb9cc0789a8740808270a54f508c1273214d6a2a60b446b47d9abcc8b1c4f979aa4b4ad34b887cfc6b95ed963c7b75ad946db7d4af927aa2b107174b8d36af22fd787b49b959c33b1a6fec7e76b51bf109e1ff6377139517c66c55216f398e433970de8d53e27c5e9dcc3fa73b7e74", 0xfd, 0x3}, {&(0x7f00000003c0)="86775f6db31a58818bf733837974504b9b99adb14b4261a85be19eeb2e5d30f670d46bf09af2790a1b7bfdeb47720f6b0e3d2ea72351f9e3738db9c0226638dba1fd455c1b083a0bdab9ec4ce9ff7d7fe85d5464b0a83bb629c2e19f913203ed433bd21122f3b05c476a0494c3e3", 0x6e, 0xfffffffffffffbff}, {&(0x7f0000000440)="a6c11c749171c3e6878f395460f956cf4e28441d9e55000603e36e740322cb04ed554e3e81068f0fad5ced20bb90dc76c31cc8c3ac43f56ae3290232a7b42b783194303dc0b1e23416ae51b049c1b77f8017e799b66c58de4489f0dbafd2dddc0352261cc23e2190c2b4b45f61a0f07f63af9c94b44d7153b1f803f3255a4f31924a1aa8c2a5aa6a4f505002739e64571c00372daea1a2b01deb97065a1e3e95c8dcd5cb8ba17c8f2fa3071693960520ba59b6c74772719803c8aeb400c38cebcb7117f109562862b3b93ef7ca5ff99248fc3c0fb4f9a84e911d99cae990", 0xde, 0x9}, {&(0x7f0000000540)="70dd0c46e111f1c0b22a3f7b0f09843b91545f79dbedd2f8bd6751211562ff2553c53f533b463eed19710efb8d3332d81a040835b1fadf7a52ce65db54984bb3016e9afd49c08af817332f5d6a01ff9685222bd2a26b906d5c33e2a1650c3b282aee385c144c2586626d518c41205912b442d4516d547da007f47ef1c81bda0052adb6a680763cfad09b2ef9deefe6955dc5621144255aafb22c02f385fd06be1401b8082f93c0bbd61f48aa3d96657b0e2e2666bae63e98b01ada05b06eef", 0xbf, 0xfff}, {&(0x7f0000000680)="e854edb8c554501544fa40ca4913f3940a4c2112c43bb62bbf8607afc93503d570fc1b2f04e2f57f5d39a5c051857d9e05de6dd2f5decf8ccf682fc5f18a4de4411250ca6d48318810bc78a5f4935c34215b", 0x52, 0xfffffffffffffffd}, {&(0x7f0000000700)="c433e5cb87c472c782cc1e01a97135bed47c82e26a90e6fce49cb54d559810f6a6067b0d15e7b45ea91fc8a0814a308157f852ad703333cd5df13f0a92319a736667a4b48d831eb97a4da5fad01faece34fca094762ca9411413a8b6b2cbd69bca638bc2b476f7d643a736e6b9300158b09a15f4795fc6d58883471d71ed246d73bffe65e1ea8b", 0x87}], 0x1000014, &(0x7f0000000980)={[{@prjquota='prjquota'}, {@attr2='attr2'}, {@bsdgroups='bsdgroups'}, {@usrquota='usrquota'}, {@logbufs={'logbufs', 0x3d, 0x8}}, {@nolargeio='nolargeio'}], [{@fscontext={'fscontext', 0x3d, 'user_u'}}, {@appraise='appraise'}, {@fsmagic={'fsmagic', 0x3d, 0x200}}, {@fowner_eq={'fowner', 0x3d, r1}}, {@smackfstransmute={'smackfstransmute', 0x3d, '/dev/media#\x00'}}, {@obj_user={'obj_user', 0x3d, 'btrfs\x00'}}]}) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f00000000c0)={@remote, @dev={0xac, 0x14, 0x14, 0x27}, @rand_addr=0x1}, 0xc) 21:25:14 executing program 3 (fault-call:0 fault-nth:27): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:14 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = socket$l2tp(0x18, 0x1, 0x1) pipe(&(0x7f00000000c0)={0xffffffffffffffff}) ioctl$DRM_IOCTL_MARK_BUFS(r1, 0x40206417, &(0x7f0000000140)={0x81, 0x9213, 0x1, 0xfffffffffffffe01, 0x625a870da085156f, 0x5}) fsetxattr$security_smack_entry(r0, &(0x7f0000000040)='security.SMACK64\x00', &(0x7f0000000080)='btrfs\x00', 0x6, 0x1) [ 404.263320] audit: type=1400 audit(1567113914.365:64): avc: denied { map } for pid=14194 comm="syz-executor.4" path="socket:[64993]" dev="sockfs" ino=64993 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=rawip_socket permissive=1 [ 404.314805] FAULT_INJECTION: forcing a failure. [ 404.314805] name failslab, interval 1, probability 0, space 0, times 0 [ 404.338722] CPU: 1 PID: 14211 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 404.345872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 404.355254] Call Trace: [ 404.357950] dump_stack+0x138/0x197 21:25:14 executing program 4: setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000000)={0x5, '#\x00', 0x1}, 0x18) r0 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x0) ioctl$SG_EMULATED_HOST(r0, 0xc0347c03, &(0x7f0000000000)) [ 404.361598] should_fail.cold+0x10f/0x159 [ 404.365764] should_failslab+0xdb/0x130 [ 404.369860] kmem_cache_alloc_node_trace+0x280/0x770 [ 404.369875] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 404.369891] __kmalloc_node_track_caller+0x3d/0x80 [ 404.380544] __kmalloc_reserve.isra.0+0x40/0xe0 [ 404.380557] __alloc_skb+0xcf/0x500 [ 404.380565] ? skb_scrub_packet+0x4b0/0x4b0 [ 404.380576] ? netlink_has_listeners+0x20a/0x330 [ 404.380591] kobject_uevent_env+0x781/0xc23 [ 404.380609] kobject_uevent+0x20/0x26 [ 404.380619] lo_ioctl+0x11e7/0x1ce0 21:25:14 executing program 4: setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000000)={0x5, '#\x00', 0x1}, 0x18) r0 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x0) ioctl$SG_EMULATED_HOST(r0, 0xc0347c03, &(0x7f0000000000)) 21:25:14 executing program 4: setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000000)={0x5, '#\x00', 0x1}, 0x18) r0 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x0) ioctl$SG_EMULATED_HOST(r0, 0xc0347c03, &(0x7f0000000000)) [ 404.380632] ? loop_probe+0x160/0x160 [ 404.415048] blkdev_ioctl+0x96b/0x1860 [ 404.415060] ? blkpg_ioctl+0x980/0x980 [ 404.415078] ? __might_sleep+0x93/0xb0 [ 404.415087] ? __fget+0x210/0x370 [ 404.415098] block_ioctl+0xde/0x120 [ 404.422796] ? blkdev_fallocate+0x3b0/0x3b0 [ 404.422806] do_vfs_ioctl+0x7ae/0x1060 [ 404.422817] ? selinux_file_mprotect+0x5d0/0x5d0 [ 404.422827] ? lock_downgrade+0x6e0/0x6e0 [ 404.422836] ? ioctl_preallocate+0x1c0/0x1c0 [ 404.422846] ? __fget+0x237/0x370 21:25:14 executing program 4: setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000000)={0x5, '#\x00', 0x1}, 0x18) r0 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x0) ioctl$SG_EMULATED_HOST(r0, 0xc0347c03, &(0x7f0000000000)) 21:25:14 executing program 4: setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000000)={0x5, '#\x00', 0x1}, 0x18) ioctl$SG_EMULATED_HOST(0xffffffffffffffff, 0xc0347c03, &(0x7f0000000000)) [ 404.422860] ? security_file_ioctl+0x89/0xb0 [ 404.467325] SyS_ioctl+0x8f/0xc0 [ 404.470713] ? do_vfs_ioctl+0x1060/0x1060 [ 404.474877] do_syscall_64+0x1e8/0x640 [ 404.478788] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 404.483650] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 404.488853] RIP: 0033:0x4596e7 [ 404.492193] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 404.500040] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004596e7 [ 404.507315] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 21:25:14 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cpuacct.stat\x00', 0x0, 0x0) ioctl$TIOCSIG(r1, 0x40045436, 0x41) write$capi20(r1, &(0x7f0000000080)={0x10, 0x9, 0x8, 0x83, 0x5bd8, 0x8}, 0x10) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) [ 404.514596] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 404.521874] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 404.529149] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 404.549435] print_req_error: I/O error, dev loop1, sector 128 21:25:14 executing program 4: setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000000)={0x5, '#\x00', 0x1}, 0x18) ioctl$SG_EMULATED_HOST(0xffffffffffffffff, 0xc0347c03, &(0x7f0000000000)) 21:25:14 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$CAPI_CLR_FLAGS(r1, 0x80044325, &(0x7f0000000040)=0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:25:14 executing program 3 (fault-call:0 fault-nth:28): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 404.651839] print_req_error: I/O error, dev loop1, sector 128 21:25:14 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0xaaaaaaaaaaaae61, &(0x7f0000000080), 0x0, 0x0) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x101002, 0x0) ioctl$KDSETMODE(r0, 0x4b3a, 0x5) r1 = accept4$unix(0xffffffffffffffff, &(0x7f00000001c0), &(0x7f0000000100)=0x6e, 0x800) bind$unix(r1, &(0x7f0000000140)=@abs={0x0, 0x0, 0x4e23}, 0x6e) 21:25:14 executing program 4: setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000000)={0x5, '#\x00', 0x1}, 0x18) ioctl$SG_EMULATED_HOST(0xffffffffffffffff, 0xc0347c03, &(0x7f0000000000)) 21:25:14 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) stat(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fstat(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fstat(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getgroups(0x2, &(0x7f0000000400)=[0xee00, 0xee01]) stat(&(0x7f0000000540)='./file1\x00', &(0x7f0000000580)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000440)={0x0, 0x0, 0x0}, &(0x7f0000000480)=0xc) getgroups(0x8, &(0x7f00000004c0)=[0xee01, 0xee00, 0xee01, 0xee01, 0xee01, 0xee01, 0xee00, 0x0]) getgroups(0x8, &(0x7f0000000500)=[r0, r1, r2, r3, r4, r5, r6, r7]) 21:25:14 executing program 4: r0 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x0) ioctl$SG_EMULATED_HOST(r0, 0xc0347c03, &(0x7f0000000000)) 21:25:14 executing program 0: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x18) ioctl$KVM_GET_VCPU_EVENTS(r0, 0x8040ae9f, &(0x7f0000000080)) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) linkat(r0, &(0x7f00000000c0)='./file0/file0\x00', r0, &(0x7f0000000140)='./file0\x00', 0x1400) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r0, 0xc0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=0x5, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x1, 0x2}, 0x0, 0x0, &(0x7f0000000200)={0x2, 0x1, 0x9, 0x400}, &(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=0x1}}, 0x10) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) [ 404.852365] FAULT_INJECTION: forcing a failure. [ 404.852365] name failslab, interval 1, probability 0, space 0, times 0 [ 404.893596] CPU: 0 PID: 14264 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 404.901008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 404.910549] Call Trace: [ 404.913157] dump_stack+0x138/0x197 [ 404.916811] should_fail.cold+0x10f/0x159 [ 404.920982] should_failslab+0xdb/0x130 [ 404.924979] kmem_cache_alloc_node_trace+0x280/0x770 [ 404.930101] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 404.935572] __kmalloc_node_track_caller+0x3d/0x80 [ 404.940517] __kmalloc_reserve.isra.0+0x40/0xe0 [ 404.945202] __alloc_skb+0xcf/0x500 [ 404.948836] ? skb_scrub_packet+0x4b0/0x4b0 [ 404.953164] ? netlink_has_listeners+0x20a/0x330 [ 404.953179] kobject_uevent_env+0x781/0xc23 [ 404.953195] kobject_uevent+0x20/0x26 [ 404.953207] lo_ioctl+0x11e7/0x1ce0 [ 404.966220] ? loop_probe+0x160/0x160 [ 404.966234] blkdev_ioctl+0x96b/0x1860 [ 404.966245] ? blkpg_ioctl+0x980/0x980 [ 404.973674] ? __might_sleep+0x93/0xb0 [ 404.973685] ? __fget+0x210/0x370 [ 404.973697] block_ioctl+0xde/0x120 [ 404.981598] ? blkdev_fallocate+0x3b0/0x3b0 [ 404.981610] do_vfs_ioctl+0x7ae/0x1060 [ 404.981622] ? selinux_file_mprotect+0x5d0/0x5d0 [ 404.981631] ? lock_downgrade+0x6e0/0x6e0 [ 404.981641] ? ioctl_preallocate+0x1c0/0x1c0 [ 404.981652] ? __fget+0x237/0x370 [ 404.981668] ? security_file_ioctl+0x89/0xb0 [ 405.022777] SyS_ioctl+0x8f/0xc0 [ 405.026298] ? do_vfs_ioctl+0x1060/0x1060 [ 405.030446] do_syscall_64+0x1e8/0x640 [ 405.034483] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 405.039323] entry_SYSCALL_64_after_hwframe+0x42/0xb7 21:25:15 executing program 4: r0 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x0) ioctl$SG_EMULATED_HOST(r0, 0xc0347c03, &(0x7f0000000000)) [ 405.044505] RIP: 0033:0x4596e7 [ 405.047856] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 405.055561] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004596e7 [ 405.062824] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 405.070091] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 405.077356] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 405.084624] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:15 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r1, 0x4138ae84, &(0x7f0000000380)={{0xf000, 0x4000, 0x8, 0x101, 0x3000000000000, 0x4, 0x3f, 0x0, 0x0, 0x5, 0x4, 0x5}, {0xf000, 0x4, 0x8, 0x7, 0x1f, 0x3, 0x1, 0x5, 0x2, 0x7, 0x1fe0000000000, 0xfffffffffffffffb}, {0x2000, 0x4000, 0x8, 0x5, 0x7f, 0xebb, 0xff, 0x9, 0xc2, 0x1, 0xf196, 0x1f}, {0x4000, 0x5000, 0xa0a263792670640f, 0x0, 0x80000000, 0x6, 0x1, 0x2, 0x4, 0x3, 0xffff, 0xffffffffffffff01}, {0x1, 0x4000, 0xe, 0x5ad8, 0x4, 0x400, 0x1f, 0x6, 0x52, 0x6, 0x2000000000000000, 0x8001}, {0xf000, 0x6000, 0xa, 0x81, 0x1, 0x400, 0x4, 0x12, 0x5, 0x1, 0x5, 0x5}, {0x3f13cda1f7283c90, 0x1000, 0xe, 0x6, 0x4, 0x3f, 0x8, 0x7, 0x31d, 0x7, 0xd0, 0x32d18001}, {0x5000, 0x4, 0xc, 0x20, 0x59, 0x8, 0x1f, 0x80000001, 0x8, 0x3ff, 0xf, 0x86}, {0xd000, 0xd000}, {0x1, 0xf000}, 0x40000, 0x0, 0x5000, 0x400000, 0x4, 0x1101, 0xf000, [0x0, 0x0, 0x10001, 0xf206]}) 21:25:15 executing program 3 (fault-call:0 fault-nth:29): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:15 executing program 4: r0 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x0) ioctl$SG_EMULATED_HOST(r0, 0xc0347c03, &(0x7f0000000000)) 21:25:15 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4ddb5ff2283dc7380a436d235e73496cfbc4462385f9ed415477ad4aeb6fda90afa42023e4ee226f42de818f9db73da146db8ecdcfdfd17bd338eddcf92d30e85e6b3c06455cb2973f819aba9f9c55f95aa0ec9192f533f38446b4f7105040", 0xa6, 0x8}], 0x880, 0x0) 21:25:15 executing program 4: setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, 0x0, 0x0) r0 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x0) ioctl$SG_EMULATED_HOST(r0, 0xc0347c03, &(0x7f0000000000)) 21:25:15 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) setxattr(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)=@random={'osx.', 'btrfs\x00'}, &(0x7f00000000c0)='--!\x00', 0x4, 0x3911fd9d141ad6bc) 21:25:15 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f00000000c0)=0xfffffffbfffefffe) [ 405.349509] FAULT_INJECTION: forcing a failure. [ 405.349509] name failslab, interval 1, probability 0, space 0, times 0 [ 405.388766] CPU: 1 PID: 14308 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 405.395902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 405.395906] Call Trace: [ 405.395926] dump_stack+0x138/0x197 [ 405.395947] should_fail.cold+0x10f/0x159 [ 405.395967] should_failslab+0xdb/0x130 [ 405.419881] kmem_cache_alloc_node+0x287/0x780 [ 405.419901] __alloc_skb+0x9c/0x500 [ 405.419910] ? skb_scrub_packet+0x4b0/0x4b0 [ 405.419924] ? netlink_has_listeners+0x20a/0x330 [ 405.419939] kobject_uevent_env+0x781/0xc23 [ 405.441947] kobject_uevent+0x20/0x26 [ 405.445750] lo_ioctl+0x11e7/0x1ce0 [ 405.449379] ? loop_probe+0x160/0x160 [ 405.453179] blkdev_ioctl+0x96b/0x1860 [ 405.457070] ? blkpg_ioctl+0x980/0x980 [ 405.460989] ? __might_sleep+0x93/0xb0 [ 405.464871] ? __fget+0x210/0x370 [ 405.468327] block_ioctl+0xde/0x120 [ 405.471956] ? blkdev_fallocate+0x3b0/0x3b0 [ 405.476273] do_vfs_ioctl+0x7ae/0x1060 [ 405.480162] ? selinux_file_mprotect+0x5d0/0x5d0 [ 405.485007] ? lock_downgrade+0x6e0/0x6e0 [ 405.489161] ? ioctl_preallocate+0x1c0/0x1c0 [ 405.493569] ? __fget+0x237/0x370 [ 405.497026] ? security_file_ioctl+0x89/0xb0 [ 405.501434] SyS_ioctl+0x8f/0xc0 [ 405.504799] ? do_vfs_ioctl+0x1060/0x1060 [ 405.508952] do_syscall_64+0x1e8/0x640 [ 405.512841] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 405.517755] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 405.522943] RIP: 0033:0x4596e7 [ 405.526130] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 405.533848] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004596e7 [ 405.541213] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 21:25:15 executing program 4: setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, 0x0, 0x0) r0 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x0) ioctl$SG_EMULATED_HOST(r0, 0xc0347c03, &(0x7f0000000000)) [ 405.548480] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 405.555750] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 405.563017] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:15 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/mls\x00', 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDIT(r0, 0x0, 0x483, &(0x7f0000000180)={0x5c, @local, 0x4e20, 0x3, 'lblcr\x00', 0x4, 0x0, 0x3e}, 0x2c) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x800, 0x0) fsetxattr$security_smack_transmute(r0, &(0x7f00000001c0)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000240)='TRUE', 0x4, 0x2) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000080)={0x0, @initdev, @multicast1}, &(0x7f00000000c0)=0xc) 21:25:15 executing program 4: setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, 0x0, 0x0) r0 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x0) ioctl$SG_EMULATED_HOST(r0, 0xc0347c03, &(0x7f0000000000)) 21:25:15 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cachefiles\x00', 0x301000, 0x0) lstat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) getgroups(0x7, &(0x7f0000000240)=[0xee00, 0xee01, 0xffffffffffffffff, 0xee01, 0x0, 0xee01, 0xffffffffffffffff]) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000280)={0x0, 0x0}, &(0x7f00000002c0)=0xc) r4 = getegid() getresuid(&(0x7f0000000300)=0x0, &(0x7f0000000340), &(0x7f0000000380)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000003c0)={0x0, 0x0, 0x0}, &(0x7f0000000400)=0xc) fstat(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000005c0)={0x0, 0x0, 0x0}, &(0x7f0000000600)=0xc) getresuid(&(0x7f0000000640), &(0x7f0000000680)=0x0, &(0x7f00000006c0)) stat(&(0x7f0000000700)='./file0\x00', &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_DIRENTPLUS(r0, &(0x7f00000007c0)={0x358, 0x0, 0x4, [{{0x2, 0x2, 0x14, 0x3f, 0x1f, 0x8, {0x6, 0x11fc, 0x1f, 0x6, 0x4, 0x6, 0xae84, 0x7, 0x0, 0x4, 0x1, r1, r2, 0x73b, 0xfff}}, {0x0, 0x0, 0xd, 0x7ff, 'self#trusted!'}}, {{0x5, 0x3, 0xf6c7, 0x1, 0x7ff, 0x57f, {0x2, 0x9, 0x100000000, 0x9, 0x3dd4, 0x6, 0x8, 0x81, 0x0, 0xfc0b, 0x832, r3, r4, 0x1, 0x53}}, {0x1, 0x3, 0x9, 0x1, '/dev/ppp\x00'}}, {{0x5, 0x1, 0x7f, 0x3, 0x9, 0x10000, {0x4, 0x0, 0x5c, 0x6, 0xfffffffffffffe01, 0xfff, 0x6, 0x4, 0x1, 0x3f, 0x40000000, r5, r6, 0x80, 0x80000000}}, {0x4, 0x200, 0xc, 0x2e, '/dev/autofs\x00'}}, {{0x5, 0x1, 0x3495f13, 0x4ed, 0x800000, 0x200, {0x6, 0x3f, 0x5, 0x4, 0x2, 0x9, 0x2, 0xb28d, 0x7f, 0x1ff, 0x8a89, r7, r8, 0x9bf5, 0xfce}}, {0x2, 0x8001, 0x9, 0xd886, '/dev/ppp\x00'}}, {{0x1, 0x0, 0x4, 0x100000001, 0x10000, 0x9, {0x6, 0x0, 0x18f, 0x9d, 0x4, 0x3, 0x40, 0x2, 0x1ff, 0x0, 0x2eb, r9, r10, 0xec, 0x80}}, {0x6, 0x81, 0xc, 0x1000, '/dev/autofs\x00'}}]}, 0x358) r11 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ppp\x00', 0x80, 0x0) ioctl$EVIOCGPROP(r11, 0xc004743e, &(0x7f0000000440)=""/246) r12 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x212703f118c67518, 0x0) ioctl$DRM_IOCTL_GEM_FLINK(0xffffffffffffffff, 0xc008640a, &(0x7f0000000040)={0x0}) ioctl$DRM_IOCTL_GEM_CLOSE(r12, 0x40086409, &(0x7f00000000c0)={r13}) socket$pptp(0x18, 0x1, 0x2) ioctl$PPPIOCSMAXCID(r11, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:15 executing program 3 (fault-call:0 fault-nth:30): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 405.857036] FAULT_INJECTION: forcing a failure. [ 405.857036] name failslab, interval 1, probability 0, space 0, times 0 [ 405.881745] CPU: 1 PID: 14353 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 405.889079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 405.898574] Call Trace: [ 405.901186] dump_stack+0x138/0x197 [ 405.904886] should_fail.cold+0x10f/0x159 [ 405.909206] should_failslab+0xdb/0x130 [ 405.913199] kmem_cache_alloc_node_trace+0x280/0x770 [ 405.918319] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 405.923788] __kmalloc_node_track_caller+0x3d/0x80 [ 405.928746] __kmalloc_reserve.isra.0+0x40/0xe0 [ 405.933425] __alloc_skb+0xcf/0x500 [ 405.937058] ? skb_scrub_packet+0x4b0/0x4b0 [ 405.941564] ? netlink_has_listeners+0x20a/0x330 [ 405.946355] kobject_uevent_env+0x781/0xc23 [ 405.950693] kobject_uevent+0x20/0x26 [ 405.954532] lo_ioctl+0x11e7/0x1ce0 [ 405.958326] ? loop_probe+0x160/0x160 [ 405.962230] blkdev_ioctl+0x96b/0x1860 [ 405.966119] ? blkpg_ioctl+0x980/0x980 [ 405.970108] ? __might_sleep+0x93/0xb0 [ 405.974000] ? __fget+0x210/0x370 [ 405.977481] block_ioctl+0xde/0x120 [ 405.981286] ? blkdev_fallocate+0x3b0/0x3b0 [ 405.985763] do_vfs_ioctl+0x7ae/0x1060 [ 405.989663] ? selinux_file_mprotect+0x5d0/0x5d0 [ 405.994517] ? lock_downgrade+0x6e0/0x6e0 [ 405.998691] ? ioctl_preallocate+0x1c0/0x1c0 [ 406.003109] ? __fget+0x237/0x370 [ 406.006594] ? security_file_ioctl+0x89/0xb0 [ 406.011164] SyS_ioctl+0x8f/0xc0 [ 406.014554] ? do_vfs_ioctl+0x1060/0x1060 [ 406.018710] do_syscall_64+0x1e8/0x640 [ 406.022612] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 406.027469] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 406.032654] RIP: 0033:0x4596e7 [ 406.032659] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 406.032668] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004596e7 21:25:16 executing program 4: setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000000)={0x0, '#\x00', 0x1}, 0x18) r0 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x0) ioctl$SG_EMULATED_HOST(r0, 0xc0347c03, &(0x7f0000000000)) 21:25:16 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/policy\x00', 0x0, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f00000000c0)={&(0x7f0000000080)}) [ 406.032673] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 406.032677] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 406.032682] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 406.032687] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:16 executing program 5: openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(r0, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000040)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000000c0)={'team0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000180)={'team0\x00', r2}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r1, 0xae80, 0x0) r3 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$EVIOCGBITKEY(r3, 0x80404521, &(0x7f0000000380)=""/190) setsockopt$netlink_NETLINK_NO_ENOBUFS(r3, 0x10e, 0x5, &(0x7f00000001c0)=0x4, 0x4) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$DRM_IOCTL_AGP_ENABLE(r0, 0x40086432, &(0x7f0000000080)=0x6) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:25:16 executing program 2: syz_mount_image$btrfs(&(0x7f00000000c0)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x2, 0x0) r0 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/mls\x00', 0x0, 0x0) ioctl$KVM_GET_CLOCK(r0, 0x8030ae7c, &(0x7f0000000140)) 21:25:16 executing program 4: setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000000)={0x0, '#\x00', 0x1}, 0x18) r0 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x0) ioctl$SG_EMULATED_HOST(r0, 0xc0347c03, &(0x7f0000000000)) 21:25:16 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) mlock(&(0x7f0000ffd000/0x1000)=nil, 0x1000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:25:16 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snapshot\x00', 0x10000, 0x0) ioctl$VFIO_CHECK_EXTENSION(r1, 0x3b65, 0x7) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) ioctl$FS_IOC_GETFSLABEL(r1, 0x81009431, &(0x7f0000000240)) getsockname$tipc(r1, &(0x7f0000000040), &(0x7f0000000080)=0x10) ioctl$DRM_IOCTL_ADD_CTX(r1, 0xc0086420, &(0x7f00000000c0)={0x0}) ioctl$DRM_IOCTL_LOCK(r1, 0x4008642a, &(0x7f0000000340)={r2, 0x10}) ioctl$SIOCX25SCALLUSERDATA(r1, 0x89e5, &(0x7f0000000140)={0x6d, "2a45cea34b4f3af5d74367c61631169a8d0dbe2f4e9423fc5c7b9a12f17bf3d1a9fb24a3d3ea0d767242ff611c56955b8ac0c5a0b8fc41528dc6f7847294da3045dedc961ad944d3ab855ca50177fc1aa5058374c8bec4dacb57634afb8892094743f7701d1bfee01e442e35e47ea26af26cdde18340c41b543ac73f6d8d5787"}) 21:25:16 executing program 3 (fault-call:0 fault-nth:31): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:16 executing program 4: setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000000)={0x0, '#\x00', 0x1}, 0x18) r0 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x0) ioctl$SG_EMULATED_HOST(r0, 0xc0347c03, &(0x7f0000000000)) [ 406.306454] FAULT_INJECTION: forcing a failure. [ 406.306454] name failslab, interval 1, probability 0, space 0, times 0 [ 406.344599] CPU: 1 PID: 14389 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 406.351904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 406.361406] Call Trace: [ 406.364269] dump_stack+0x138/0x197 [ 406.367904] should_fail.cold+0x10f/0x159 [ 406.372234] should_failslab+0xdb/0x130 [ 406.376215] kmem_cache_alloc_node_trace+0x280/0x770 [ 406.381318] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 406.386876] __kmalloc_node_track_caller+0x3d/0x80 [ 406.391974] __kmalloc_reserve.isra.0+0x40/0xe0 [ 406.396851] __alloc_skb+0xcf/0x500 [ 406.400476] ? skb_scrub_packet+0x4b0/0x4b0 [ 406.404882] ? netlink_has_listeners+0x20a/0x330 [ 406.409674] kobject_uevent_env+0x781/0xc23 [ 406.414003] kobject_uevent+0x20/0x26 [ 406.417795] lo_ioctl+0x11e7/0x1ce0 [ 406.421423] ? loop_probe+0x160/0x160 [ 406.425226] blkdev_ioctl+0x96b/0x1860 [ 406.429118] ? blkpg_ioctl+0x980/0x980 [ 406.433168] ? __might_sleep+0x93/0xb0 [ 406.437048] ? __fget+0x210/0x370 [ 406.440716] block_ioctl+0xde/0x120 [ 406.444344] ? blkdev_fallocate+0x3b0/0x3b0 [ 406.448829] do_vfs_ioctl+0x7ae/0x1060 [ 406.452725] ? selinux_file_mprotect+0x5d0/0x5d0 [ 406.457481] ? lock_downgrade+0x6e0/0x6e0 [ 406.461628] ? ioctl_preallocate+0x1c0/0x1c0 [ 406.466036] ? __fget+0x237/0x370 [ 406.469627] ? security_file_ioctl+0x89/0xb0 [ 406.474185] SyS_ioctl+0x8f/0xc0 [ 406.477542] ? do_vfs_ioctl+0x1060/0x1060 [ 406.481694] do_syscall_64+0x1e8/0x640 [ 406.485584] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 406.490435] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 406.495623] RIP: 0033:0x4596e7 [ 406.498811] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 21:25:16 executing program 4: setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000000)={0x5, '#\x00'}, 0x18) r0 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x0) ioctl$SG_EMULATED_HOST(r0, 0xc0347c03, &(0x7f0000000000)) 21:25:16 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0xf) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 406.506523] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004596e7 [ 406.513789] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 406.521208] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 406.528585] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 406.535850] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 406.546898] print_req_error: I/O error, dev loop2, sector 128 21:25:16 executing program 4: setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000000)={0x5, '#\x00'}, 0x18) r0 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x0) ioctl$SG_EMULATED_HOST(r0, 0xc0347c03, &(0x7f0000000000)) 21:25:16 executing program 0: openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x2, 0x0) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ppp\x00', 0x101000, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:16 executing program 1: syz_mount_image$btrfs(&(0x7f0000000480)='btrfs\x00', &(0x7f00000000c0)='./file0\x00', 0x7fff, 0x5, &(0x7f0000000400)=[{&(0x7f0000000100)="b21a2a3ba580f1b0760f21f91b05dda7e2c21f21eb57d96dbe4426abc1f53a2f07cd6aa3dd90855daeebb9c80ee1f5539dee5fa9908dbfac022b2ccd300f10662ef2e86d13ece3ed8845a2b198e96aa94d78064b93c252c37ecfbb8c5a3cf7b3fc021adee703f7f437a9e835f1efdad03a5d797d", 0x74, 0x81}, {&(0x7f0000000180)="7ba197091f5c42cc2594424245649c92c3f88b36e559a5e9390088ee1a5aa62e1eeac6ae27d8f335f1da1f70bd14733693e1e9308e1468e3ec62ac52a5a9435574f66e37dd025fcf37832cf0392eaa320e91846b6fbe346fc9b77d8f741c5c3861ad05721a8926a526e10e956ee23b4fc6069c26ebea40b7a17497843c1ce0dd783079dd02ae2a35a08b9f5bed9ac91cdac6a05dc9e077c4f2d3a29d7150072e2c20f7db", 0xa4, 0x1}, {&(0x7f0000000240)="aba75c9bc204c7326dbdc2e2f4205135c994e6d6f8b8e154a6192d65d14fc6af4381e8f20c78e5398152966ea3a7a76ad6660746d9f4ae8347b1bacd0048def8d20329a50804d0e6040edbe1b402dbd45773c0625b00fdffe913408b4f676d8e9a5aa0b1fb33750e7624ec72d15557696edadae5d3ed7a68f677fd4ae96f90d4b4e66a4d688bcc15452d191290986175e1ab02e7869d024da6d8cc925bd48e8e9ad263bdf8e4f2f21addd513bd60cf121767d9", 0xb3, 0x400}, {&(0x7f0000000300)="15825ced4dc6e40583263ffc8fda0dfc5048f52c300c8f28c593720cb0e7e08d65d227255829e020331521ca6f4c6ae8e15664a6bddf0b7e2ff2621ed96f7b2d67ca5147c6262320d12fbd352263bb2f7ddb9b22e2d9e19145f6", 0x5a, 0x56}, {&(0x7f0000000380)="53dd92489798b2016c4fc1f8f2d2313e0fc6d04bca93ec9853ab8d3bef94581d79f75f234cb79b914566d2a525d9b59c3df8afea9b4234d8b36fb2b8723a5f89bf103bce4350549bee49bcd019", 0x4d, 0x3}], 0x1010001, 0x0) 21:25:16 executing program 4: setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000000)={0x5, '#\x00'}, 0x18) r0 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x0) ioctl$SG_EMULATED_HOST(r0, 0xc0347c03, &(0x7f0000000000)) 21:25:16 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='overlay\x00', 0x20000, &(0x7f00000000c0)={[{@redirect_dir={'redirect_dir', 0x3d, './file0'}}], [{@func={'func', 0x3d, 'POLICY_CHECK'}}]}) 21:25:16 executing program 4: setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000000)={0x5, '#\x00', 0x1}, 0x18) r0 = syz_open_dev$media(0x0, 0x0, 0x0) ioctl$SG_EMULATED_HOST(r0, 0xc0347c03, &(0x7f0000000000)) 21:25:17 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x1, 0x10000) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) ioctl$BLKBSZSET(r1, 0x40081271, &(0x7f0000000080)=0x4) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x12, 0x15, 0x4, "fcbcf2df1103c29bf2e67e410e691cba4efd69c66b9b788f9646a516658765c19be4ab5327adeed3d7f358eac23f37148f5d7fdb77a2e6afb3ad6eb46c488728", "7158139873514706b9c3929ba8c1d05eaf7dd486302df0e2fb7f498636f2703e", [0x9, 0x382e]}) 21:25:17 executing program 1: syz_mount_image$btrfs(&(0x7f0000000140)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x16, 0x10000}], 0x808001, 0x0) r0 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_stats\x00', 0x0, 0x0) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x802000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="24ef4b02e7338718a5fab41bae8e20e0bd57f1a2ba3549a6451bf596cd35a8071f4f1845b65865677ec0dd799bcac3d9eb340412cd157cc95a4643d7f342c003f15be30cdf2c", @ANYRES16=r1, @ANYBLOB="000128bd7000ffdbdf250400000008000600010400000800060007000000"], 0x24}, 0x1, 0x0, 0x0, 0x44004}, 0x40000) setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000080)=0x2, 0x4) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000280)={0x0, @in6={{0xa, 0x4e22, 0x0, @rand_addr="988970bd70c1c71290041a7af6997e72", 0x81}}}, &(0x7f0000000340)=0x84) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000380)=@assoc_value={r2, 0x4}, &(0x7f0000000400)=0x8) 21:25:17 executing program 3 (fault-call:0 fault-nth:32): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:17 executing program 4: setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000000)={0x5, '#\x00', 0x1}, 0x18) r0 = syz_open_dev$media(0x0, 0x0, 0x0) ioctl$SG_EMULATED_HOST(r0, 0xc0347c03, &(0x7f0000000000)) 21:25:17 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000040)=0xffffffffffff0000) [ 407.070840] FAULT_INJECTION: forcing a failure. [ 407.070840] name failslab, interval 1, probability 0, space 0, times 0 [ 407.098177] CPU: 1 PID: 14450 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 407.105423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 407.114880] Call Trace: [ 407.117477] dump_stack+0x138/0x197 [ 407.121103] should_fail.cold+0x10f/0x159 [ 407.125250] should_failslab+0xdb/0x130 [ 407.129219] kmem_cache_alloc_node_trace+0x280/0x770 [ 407.134320] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 407.139767] __kmalloc_node_track_caller+0x3d/0x80 [ 407.144693] __kmalloc_reserve.isra.0+0x40/0xe0 [ 407.149353] __alloc_skb+0xcf/0x500 [ 407.152971] ? skb_scrub_packet+0x4b0/0x4b0 [ 407.157324] ? netlink_has_listeners+0x20a/0x330 [ 407.162075] kobject_uevent_env+0x781/0xc23 [ 407.166391] kobject_uevent+0x20/0x26 [ 407.170182] lo_ioctl+0x11e7/0x1ce0 [ 407.173804] ? loop_probe+0x160/0x160 [ 407.177618] blkdev_ioctl+0x96b/0x1860 [ 407.181623] ? blkpg_ioctl+0x980/0x980 [ 407.185507] ? __might_sleep+0x93/0xb0 [ 407.189384] ? __fget+0x210/0x370 [ 407.192828] block_ioctl+0xde/0x120 [ 407.196444] ? blkdev_fallocate+0x3b0/0x3b0 [ 407.200755] do_vfs_ioctl+0x7ae/0x1060 [ 407.204631] ? selinux_file_mprotect+0x5d0/0x5d0 [ 407.209375] ? lock_downgrade+0x6e0/0x6e0 [ 407.213564] ? ioctl_preallocate+0x1c0/0x1c0 [ 407.217960] ? __fget+0x237/0x370 [ 407.221408] ? security_file_ioctl+0x89/0xb0 [ 407.225806] SyS_ioctl+0x8f/0xc0 [ 407.229168] ? do_vfs_ioctl+0x1060/0x1060 [ 407.233308] do_syscall_64+0x1e8/0x640 [ 407.237185] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 407.242024] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 407.247212] RIP: 0033:0x4596e7 [ 407.250395] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 407.258092] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004596e7 [ 407.265350] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 407.272696] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 407.279957] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 407.287218] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 407.353456] print_req_error: I/O error, dev loop1, sector 128 21:25:17 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000040)={0x0, @remote, @initdev}, &(0x7f0000000080)=0xc) bind$bt_hci(r0, &(0x7f00000000c0)={0x1f, r1, 0x1}, 0xc) 21:25:17 executing program 4: setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000000)={0x5, '#\x00', 0x1}, 0x18) r0 = syz_open_dev$media(0x0, 0x0, 0x0) ioctl$SG_EMULATED_HOST(r0, 0xc0347c03, &(0x7f0000000000)) 21:25:17 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$NBD_CLEAR_SOCK(r1, 0xab04) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) set_tid_address(&(0x7f0000000a80)) ioctl$PIO_UNIMAP(r1, 0x4b67, &(0x7f00000007c0)={0x2, &(0x7f0000000780)=[{0x2, 0x5}, {0x5, 0x101}]}) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000380)={{{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in6=@ipv4={[], [], @multicast2}}}, &(0x7f0000000080)=0xe8) clock_gettime(0x0, &(0x7f00000006c0)={0x0, 0x0}) futimesat(r1, &(0x7f0000000300)='./file0\x00', &(0x7f0000000700)={{0x0, 0x2710}, {r5, r6/1000+10000}}) sendmsg$nl_route(r1, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000800)=ANY=[@ANYBLOB="18010000100000042bbd70ddfadbdf250000000031a83c9da2865023", @ANYRES32=r4, @ANYBLOB="eb5569ea1040040008002000ffffffff0c0001000000000000000000b80018005c000100080006007000000014000400d85f341027b119bfdfabaf2fc7926ba614000400c5da6a58a2ae7c872ab94ca1540fc14d14000400e0024ae43c15a3dc181b8350507621a814000400548aab1d8c81de27db9555231c0928721c0001000800010001000000100002002f6465762f766373230000003c00010008000100050000001400050099aafac66ed1588ec661fe4a56501ad014000500de83ad41a1131187eee9f58edf53a62508000100040b00000800110000000000040014002000120010000100626f6e645f736c61766500000c0005000800050000040000"], 0x118}, 0x1, 0x0, 0x0, 0x40}, 0x4000000) getsockopt$inet6_dccp_buf(r1, 0x21, 0x0, &(0x7f00000005c0)=""/203, &(0x7f00000002c0)=0xcb) ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r3, 0x80045301, &(0x7f0000000200)) ioctl$KVM_RUN(r3, 0xae80, 0x0) r7 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x200) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000a40)={r2, 0x0, 0x1f, 0xf2, &(0x7f0000000580)="b22e01b17db28c3a21bcd48610f9569832b810c75c3aaff92de4b5a17d0536", &(0x7f0000000940)=""/242, 0xfffffffffffffffa}, 0x28) openat$cgroup_subtree(r7, &(0x7f0000000740)='cgroup.subtree_control\x00', 0x2, 0x0) ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r7, 0x80845663, &(0x7f0000000480)) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000540)={0x1, 0x7, 0x8}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:25:17 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = syz_open_dev$mice(&(0x7f0000003600)='/dev/input/mice\x00', 0x0, 0x800) ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000240)={0x6, 0x2, 0x8, 0x0, 0x0, [{r0, 0x0, 0x3}, {r0, 0x0, 0x1}, {r0, 0x0, 0xd6b7}, {r0, 0x0, 0x6}, {r0, 0x0, 0xfffffffffffffff8}, {r0, 0x0, 0x3}, {r0, 0x0, 0x7ff}, {r0, 0x0, 0x7f}]}) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f0000003640), &(0x7f0000003680)=0x4) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000040)={{0x100, 0x2, 0x3, 0x6}, 'syz1\x00', 0x21}) 21:25:17 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = semget(0x0, 0x1, 0x100) semctl$IPC_STAT(r0, 0x0, 0x2, &(0x7f0000000180)=""/96) semctl$SETVAL(r0, 0x1, 0x10, &(0x7f0000000040)=0x4) r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000080)='/proc/capi/capi20ncci\x00', 0x2ba3454ecd966742, 0x0) ioctl$sock_x25_SIOCADDRT(r1, 0x890b, &(0x7f0000000240)={@remote={[], 0x0}, 0x6, 'veth0_to_hsr\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfa\xff\xff\xff\xff\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00'}) timerfd_settime(r1, 0x1, &(0x7f00000000c0)={{0x77359400}}, &(0x7f0000000140)) 21:25:17 executing program 4: setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000000)={0x5, '#\x00', 0x1}, 0x18) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x0) ioctl$SG_EMULATED_HOST(0xffffffffffffffff, 0xc0347c03, &(0x7f0000000000)) 21:25:17 executing program 3 (fault-call:0 fault-nth:33): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:17 executing program 4: setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000000)={0x5, '#\x00', 0x1}, 0x18) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x0) ioctl$SG_EMULATED_HOST(0xffffffffffffffff, 0xc0347c03, &(0x7f0000000000)) [ 407.605145] print_req_error: I/O error, dev loop1, sector 128 21:25:17 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:17 executing program 4: setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000000)={0x5, '#\x00', 0x1}, 0x18) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x0) ioctl$SG_EMULATED_HOST(0xffffffffffffffff, 0xc0347c03, &(0x7f0000000000)) [ 407.688270] FAULT_INJECTION: forcing a failure. [ 407.688270] name failslab, interval 1, probability 0, space 0, times 0 [ 407.709277] CPU: 1 PID: 14502 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 407.716510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 407.726050] Call Trace: [ 407.726073] dump_stack+0x138/0x197 [ 407.726091] should_fail.cold+0x10f/0x159 [ 407.726105] should_failslab+0xdb/0x130 [ 407.726119] kmem_cache_alloc_node_trace+0x280/0x770 [ 407.726136] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 407.751438] __kmalloc_node_track_caller+0x3d/0x80 [ 407.751454] __kmalloc_reserve.isra.0+0x40/0xe0 [ 407.751466] __alloc_skb+0xcf/0x500 [ 407.751473] ? skb_scrub_packet+0x4b0/0x4b0 [ 407.751484] ? netlink_has_listeners+0x20a/0x330 [ 407.751499] kobject_uevent_env+0x781/0xc23 [ 407.751514] kobject_uevent+0x20/0x26 [ 407.751525] lo_ioctl+0x11e7/0x1ce0 21:25:17 executing program 4: setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000000)={0x5, '#\x00', 0x1}, 0x18) r0 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x0) ioctl$SG_EMULATED_HOST(r0, 0xc0347c03, 0x0) [ 407.751539] ? loop_probe+0x160/0x160 [ 407.751550] blkdev_ioctl+0x96b/0x1860 [ 407.751562] ? blkpg_ioctl+0x980/0x980 [ 407.765017] ? __might_sleep+0x93/0xb0 [ 407.765027] ? __fget+0x210/0x370 [ 407.765040] block_ioctl+0xde/0x120 [ 407.765051] ? blkdev_fallocate+0x3b0/0x3b0 [ 407.774123] do_vfs_ioctl+0x7ae/0x1060 [ 407.774135] ? selinux_file_mprotect+0x5d0/0x5d0 [ 407.774146] ? lock_downgrade+0x6e0/0x6e0 [ 407.774156] ? ioctl_preallocate+0x1c0/0x1c0 [ 407.774168] ? __fget+0x237/0x370 [ 407.774184] ? security_file_ioctl+0x89/0xb0 21:25:17 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x839, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) r1 = syz_genetlink_get_family_id$tipc(&(0x7f00000001c0)='TIPC\x00') sendmsg$TIPC_CMD_GET_REMOTE_MNG(r0, &(0x7f00000002c0)={&(0x7f0000000180), 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x1, 0x70bd29, 0x25dfdbfe, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x4000) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x22400, 0x0) setsockopt$packet_int(r2, 0x107, 0x3, &(0x7f0000000080)=0x6, 0x4) ioctl$TCFLSH(r2, 0x540b, 0x7) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r2, 0x400c6615, &(0x7f00000000c0)) [ 407.774194] SyS_ioctl+0x8f/0xc0 [ 407.774202] ? do_vfs_ioctl+0x1060/0x1060 [ 407.774214] do_syscall_64+0x1e8/0x640 [ 407.774222] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 407.774237] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 407.774247] RIP: 0033:0x4596e7 [ 407.816829] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 407.816841] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004596e7 [ 407.816847] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 21:25:18 executing program 4: setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000000)={0x5, '#\x00', 0x1}, 0x18) r0 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x0) ioctl$SG_EMULATED_HOST(r0, 0xc0347c03, 0x0) 21:25:18 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) getsockopt$bt_BT_SNDMTU(r1, 0x112, 0xc, &(0x7f0000000040)=0x3, &(0x7f0000000080)=0x2) [ 407.816853] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 407.816859] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 407.816864] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 407.830719] print_req_error: I/O error, dev loop1, sector 128 21:25:18 executing program 4: setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000000)={0x5, '#\x00', 0x1}, 0x18) r0 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x0) ioctl$SG_EMULATED_HOST(r0, 0xc0347c03, 0x0) 21:25:18 executing program 2: pipe(&(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_SET_GUEST_DEBUG(r0, 0x4048ae9b, &(0x7f0000000380)={0x1, 0x0, [0xbd2, 0x80, 0x1, 0x6, 0x1, 0x5c57c82, 0x2a85, 0x10001]}) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e0600920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x8000, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/snat_reroute\x00', 0x2, 0x0) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000001400)={0x0, 0x20, 0xffffffffffff4d1f, 0x5}) ioctl$SIOCGSTAMPNS(r1, 0x8907, &(0x7f0000001540)) getsockopt$bt_BT_VOICE(r0, 0x112, 0xb, &(0x7f0000001440)=0x3, &(0x7f0000001480)=0x2) setsockopt$bt_BT_DEFER_SETUP(r2, 0x112, 0x7, &(0x7f0000000080), 0x4) r3 = getgid() getresgid(&(0x7f00000000c0), &(0x7f00000001c0), &(0x7f0000000240)=0x0) fstat(r2, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setgroups(0x3, &(0x7f0000000300)=[r3, r4, r5]) read$FUSE(r0, &(0x7f0000000400), 0x1000) getsockopt$IP_VS_SO_GET_INFO(r2, 0x0, 0x481, &(0x7f00000014c0), &(0x7f0000001500)=0xc) 21:25:18 executing program 0: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x10400, 0x0) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f00000000c0)={0x0, 0x5}, &(0x7f0000000140)=0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000001c0)={r1, 0x10, &(0x7f0000000180)=[@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xa}}]}, &(0x7f0000000200)=0x10) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r2, 0xc004743e, &(0x7f0000000440)=""/246) openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$PPPIOCSMAXCID(r2, 0x40047451, &(0x7f0000000100)=0x3) 21:25:18 executing program 4: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee67, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r0) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10000003b) ptrace$cont(0x18, r1, 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x14a}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 21:25:18 executing program 3 (fault-call:0 fault-nth:34): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:18 executing program 1: pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000280), &(0x7f00000002c0)=0x4) syz_mount_image$bfs(&(0x7f0000000040)='bfs\x00', &(0x7f00000001c0)='./file0\x00', 0x7, 0x4, &(0x7f0000000540)=[{&(0x7f0000000340)="2f85796a", 0x4, 0x5}, {&(0x7f0000000380)="3343236a4f9adca5711be74e5ccd86aacdf2473f1fe8a65125d6b585b5f6625ed4cd4c5718a3fac45243bea1d847707a0201701132cf84eff717064947829cd2eba6b2eb1f99c551cab9e1b682f27472d7d2651a1f10bd0bb78ee67c60893c3e318d4ddd2c892f58f2e68f9ab1f702191fbc84f78fc9692d6a1b486d216e39dca6f09ed9c35b3391e493172e202396edff047c4a", 0x94, 0x3}, {&(0x7f0000000440)="f88e95ff59daae254bde98a3ba7772f9682909f81dfd0a51b4702b3340c218f63448a83360c786cfff05a594242314774f83a1c3872fbbc87cb226449c03eb28572dbbcc2b084ea3707d3c8ef8957eb2694f3091a63cb0154db26a752f7cd834e987b6ea8c6c47ea186decde728b2d9248b15b466ebb448d997ff0fb2ec53f39aa3be096bce967b9ca11dcb2a776bee75a5e5a13656dda1298980740894cc43f80598a066fadfbb4f9bde8c9e76a120c4ef7b710e5413a46bea7e44d8947765b79f3867b4bc38023191869157b7b86eb7677409d2c11eddb2efe06a76e04c6a95a41d0", 0xe3, 0x4}, {&(0x7f0000000680)="8e649d27d4368e1620f9873ea76392ef8e3412032ed28e66e45275311b393c8cc89cfd04d15a96dac1eb3b88290ecd6e995c37f2308d94ea7322259e73b207763d49fd237b123b8dfff8ce61d396b6923b097c4421a80581299609c25ec6ebd11fbc29d284d8da74fdd99da1ce7dd41f71732e4a715f927fc11fc8c63f54fa26c726d5859a8c962fab73828ea4e31ad795de2df82761556961a12537e77151062c10ce0c11b7e7594ff6933c8935a59f115db29d2a21f78d866de0e1ea58d23ae26f697918d0d0b3009f3a10776ab9294261337303d5e8c92c4c432865a59559848abfa52fc4b7477931493d0abf4202bfba3b52310ba06dda9e72fa5e44f3d2f8cbfab1c36881a1b14bb5c2224edf62fd7d5bb52e1e7e10b3f3e42df093832cb4e0ffcce4e45481db5729489735594c49d4538ceb4dba1f17ff1dc8d6073b579df24e1d82ca3e8bed8c41e1226a42d0e06ab3186be834aac6db9fbfffad5911c5cdee0f5b4fc8281716950e3ea913f08d439934b67c666f7456b44cc7195b6dc32ceaa044da889c77df1cd218f3c5255a08e8ee7ccfd43f620b3a085ea3e9bf6cb901417077e5f62ce8d1e0006323784bc913b93468e4a3257bfee1e0f9b3e12e0af230509371281f2da991f7370a3daf12ec42ae0158869d8d0c82fa8fd8a608b4ed61054c8643109b0887b6ff248655b24ffeded90098de351ab0f7d4d11fb46630fa398c69fb81400c4c0cf7dcfb128217bff143c10ba821f8b1771b0bc72be5e86ec17d16352099351f74af3b677a3d2876285ed7dbfc271aaa6bb04ec262c44fd97762c5fabd43110aa4040541ff0bf615c6dd0b0f3fad3e7e8eb5e3d0357d92884ff9ff55a34e194722929ce846d8d01ce1e9b6ad7a8d47b0487b36dc8c8b486a8e4c57275bafdfdd5a9587f5c9fa1f1b2dd8c4fbbe9c7d8f841f6a026e572b6300b75cd337316c0e9e143624c9e8fd22ea76f80e8d36aa30a6ec354335759c98910fdde27dc31ccc5fb41925545c546490e3123247e7f4e8e5f15ed263849787ce453103f9201cb06615676d8435ad15c25bb6e7e535d3eff90705519724be60b5c6324f8e7172a3e69c74e27c67045a1c3119f0686121f6a5df32bf6b7cfb2f90c1f7c2abe331701c31454e295f59ec43a946438263c19ac40a08bff139e2573ae0a5500d45652569aeb30d7d9e1781e418cf9f992f3d6f4e97d7fe0cfabcb97e487fbd5af57060cd6e17e04d9033c1a7cd0ab249887b0adaa6be50c845a4b400366a9205a4d5dfe6a1c87fb0e01733b8496b6e267878b6e495ec24e71818a2e56c64b188007ea0f9c6f04a6d2170974c356123afd7f06cbbf826fbf2b7f75972b29f0f242244e9d9badcc286cea95214f87e5139310fe3e6bb21dd513ffc993e197f8a1163ba0ddcab17b8da4c721456a384940f34297a544fd4d32785771e8ca752e2d0b615d3531c7f511babddf3c89a6958ca8d53529d997ea2ed6f9854ee8d5a391e12f2182eaf1ce1d157beaa31e848954fb7652c00f4d74d0217c15f39c9ed57de8aeb7899e9905e714038c1313b78848627f65dfa3bcd6873ad99510d4e1350e0a57b4a672b92e98023b9adfd405427de53a7e87cd83643c636fff43ebd032b4c7ea7f0b9160d388ef0bbcc13d81266b9204e419034642a4400b98e957e4428b137821cbaead7ec30de2edf7ff07ba45fc67f0c56dd9725c800aabf904b8b0571c81e13fe57e06cd3c2d3d94228601a9d6cd38d651097694dce39389e6b1fda00190f6a786db0ebd8715b2a7203153e268ff33f2d47ae860f06af73cbb377bcc57b42c78f8b749ebc25a8619485b5df187be7bcc0885fb5c6b7436f02a67de61ce75ab207b7bed3fe42d3283701bfa12113fbd80a8c82806669df8def62ec41b56b68cc4167625b83b02d83baefb1d28cb27ae47f9f3a288230a1ee88648b07f5f8cbdcfa6e1e4acf7708b583273e7cb2029c202999eafd667c53496ff402ff0a10c3c319c1265fa31f23439e8501858e0d186cfac2d5fe727148f6adb9281fac1e45b8ef4341e1c95b819ea6641edd58efa7d1b491e8e3e6ed97ac27feadd699d0274c7b6dbde5b6fcc1518c9bfed48dedd3f9b9bca8a8b27877d40fadba65be724cb92e2d9047496501f2820ad9465278cff30065929803f0144096d6b59d3ea430ed061d921ba87f9dfca92dd62693b6e7febfb5866655b47e1a143394da025d65c0769c4be6847009576881f8b6182cca406d29941013fadb1142b78bd105db20d88321455cccd97d363074f6fb76dee5bc1b163b8ae1faceba2b0cd18289a286cd01fff056d360246a89f1bc5594484b697678110bb967ccf742dd605c8ea41acad0467abc5525268431b78a51b7703cc3b8f10f2977647e5c0d8cdce0107a86b2558b20473fab327932263daf47a27c40f3bdabb58f62ad8fecbab5fe83d43a0efc467b6807a09b95ec7c268c2940b8a325b1b1841bb6f0000e90c64b5235dd8c0fc7f536996e458bac221474860db3dcee9358d44802f39770c6328b7ed59589ded751c37631cf9330127a1464beb186ca9d425b1c523f2e48343248efb1cae5559f225a29298dc142744d3247d6eacad10e0598b4bda8a8c3885bf8d0279643ae1e146c826e244d1457f5b160f81a4d1f32a755637b4d49e9a730bc77b9a6744790b4f8b0895b633fe1eceafd705f465661b4b70d17d0261006d8d83ceffb5320344c0f4d8c9004f8017e826f8a7d245752c6e12634b216e71df93fbc1f3c7e2b1a4d92daa4e8394bbf5e69928a5f065290b4a377e09abaddbd2d32a8137f76af11087a2d981730b62a3667001ff563a8e744e1e45ae90b89ee7c309ced04d2654c1054a33ef98f85101555586ba1d84fe4c668a7e165f244d541c093cbc6a31f2f742130caa09afb8ea48b7b25a6491bc6bb38b00edef792dee814e58b0b2cf48882f957dda3ccc94709c035c2aa84a2fe48d5d3a1fe9d6efdda0ca4939019f761554efdb6b02bb29dcead719f1b97a840b6185c96aebb24c9f5345690e5206bb24e4fd40077f676c0cdc3735fb7662acef70aac2fa37096d4bcee476231d6e3a1483827176f38a708bdf005072f697cb4455f0a289ed3bb83d2845d906200469caf92baa46be38bde19701ea2dc589467a52e8da95e13461d41e70c1858610543e687039b4b23ac9a12c27bf47cf5eec01cc1e2f98f590d1787c50c1beac5aa22a49a060bdf1bc2134033a1d9b1bcc4747688b9219b061b61f025d0df1ef763702c0513da5b9718818589630f0cb961cae50483dd598d54b18c275fb534a390972fc3d84ca3cb73b86a12559e2f30dda50c9daf48ddb25c90925cf5124eb94b9834e243192cabbf83716019586f7eac4f369e51f14e20f1e5294d830729f96ffa032c4a2c2adfcd9fde59f20717afbdae0d6aa1142ebf2ba908bd743e440d064c29213439f0e6e5e40603c4322c02e4e83afdf6d0c032c003018d179b4bdd879120c7ce2f76b32bb135337c78dd8233edf2120e08ee548abb9a9029c51723e9485f55b8e90c9ef532083f586b5fafc2bafaf49fd3c25b2984734fb177479c293bcf6a4e73fe875b8c99f74f894041187004cacfb922c639bc53fd52de57ddd61107502da15be7c57aca83b02fe570871813a4e6ad95395446b42d9ce285bbcb6a45129c9a0d10b78a188d465419dc8ad579141ec2572db9f0e906005970947deef9afdca9d762c271e5ebc797eb9e9e1100dcc3a80b70810143052ce0fc8fad20706668f28b49ae9570a473295045c02b33b43a2924bcbdb6b3c3e5fd330b3840a7644845e0f80635693d7f1fc2e70b4f22fdc232d75fe4bff0aa96554b24633a3738b3a7fb73d08fb1732c3333f31e3eaa7d5e7dea9a7d20e58bc462994834813dc71386fe6415587f0eefe12b42f2e0530b845c59a272b1214fa2894142500af3210c0e0c6a64e7757857e1e0c4516f9bda92ed47ba0b2d10f787b28a86dec802bf6f3a9cada4522c729f2e37eb457b4095f98cb5a1040761d69b0990eab36ea0174031d142d36708302118d7747ce82c280c2bf41b283f5024a83019c3ff2f6f8020fddd1a40fa238adfb2153509f376b2d177aff3c4b297b5cae58e4f0ecb1714b71f3f24f2068ba614399a5d5a9224f444c27fdffb3bbdcf5aa7cde0dcefee0c01def4987428c90961142e10b044de57ac26f73c8898915f50ced80e7f40316516efde96e256200a0306d3f77399d8892901c7ed58f9dc347a562ca2ee226af5aa885db8395b7ad792db1157f641ecdfdb42462a0e1d15f34c34ee328f1c01874574423e8778b4e681ce8b252a8a07eaf2cc41cd6e66748d14a2bf68567137690908a0726b40618c6f6534bd74d0db11c75d8f27693fe25637b7522034a4d1f87e052aaad30d46ba42fab953a5ad633fea028dfbc747b7b9a768b501af4c527a9c0ab34fa7c1369faee872323303f93f3942c317d694f77669378fec471143a3542c5e756d8f3548e5af561667216ffec24c58946aa63327889af565c89fa5c18e52d2376a13c90424738458b555030cce580bae885d2ec962d2a9abffaaf4ba008489b9ae6e8358f63b6c7720801cf40e22605f98265b4deaff958118e400417cb44b7683c99e4f5ecb9bedcd21d7a51ece441b6fed1f5fd5c6e74a979ea63424bb3a4d5f775b95130f1bfa81b11ac4ba1cd426fe77234b3bcdf3ef5f62c3bb91ee3f115c1fd9a1c04796dda600ef95e7f4a31e9250cb25ee09ad683fb297ee97c5c2a480e84ed23763f9450187b05554d7a89c5cf55ce843833d095d99cf6f4ef76df1e23cbf0e9b872d06704a26e568e3c4bf7cb7b9bd52386f51fb36c26879d5f06869030797a4a023d56887a63d2f09ce637dcf66d152759a09840738af2f938e2cfb73d65440600f714ef4c8b1ec826efa76ba3871353d37848725d52309ac734ca8ace80e7c7808b39f755dc632b0784d6c45234e3e858a7a423794d4144e46526623cc7087845def133dd84503fc9446b24099f8f72cab77dcbc2ed8841266b94338f7817403d6978e75f5535a1bf7c2e6f1d7ac63ec1e9b3ab21630b398b3b77c1f8227520ec4668838ececbd59db980b385454f7edea850011f59a1d44addd7a0c285e010060a4aa2b917330ddf0d0c296dc9a0626958961020ff5ca97162f1510dbdeb7cfa967946583c23c8fc4db5856c9d3b15aef8378a7b42fee095530ffde44292286f5e422d6488ac609fd5aa74c593e4ef7c0577a398024435ab4a170c389a8cc0bc83fb7e84623b2bc8e5573b22d7dbdf561bebda06e65bba0d215bcad5ae65aa7706a8881640f66cdc449e09f2251460c654fc5e219b1f39126e5dda28e09fd949cf29bb13556206de2b1f9994b550b7cea258fb9fe6698d633fe5a7b44bd6c7b8461cde0c8fc318fc0ef1772025a541eafd6428330f6d8e3d5a5306a4acee7cf633e1b57a7255214f84bddd86c6d27e78fdc4a897968a009cf5e61aa87b21f92dab8a6d7b71369625f1cca996cfe24e84af743515fb52e6b2a50481e2befaa2220163a7cc7c9129ebe14a7395c16acaabe08ca572115b07ca120fa32f8891b48379584683d9b239127e881cb033332d0ef3496bac5df5088ae7d43f51f91a1483cc1df2a8ed5fcebf71196cdaccd2c091526d98757941a1fae709232c1c805eafcd109e385d748805f4fcd756aac1fcaf96ba14be9dee557352d4de836c6f169e1cdd76b2049bbc1f5a3b44374e17e979e21f9d46165e9af99de24d0ee8bb61aed3819586aeb", 0x1000, 0x5}], 0x400, 0x0) r1 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000180)='/selinux/avc/hash_stats\x00', 0x0, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000001680)={{{@in6=@mcast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4}, 0x0, @in=@empty}}, &(0x7f0000000080)=0xfffffffffffffcc1) sync_file_range(r1, 0x81, 0x8c, 0x5) connect$packet(r1, &(0x7f00000000c0)={0x11, 0x3, r2, 0x1, 0x2, 0x6, @random="20b046dec92b"}, 0x14) setsockopt$inet_sctp_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000140)=0x100000000, 0x4) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 408.115621] BTRFS: device fsid fff6f2a2-2997-48ae-b81e-0600920efd9a devid 0 transid 0 /dev/loop2 [ 408.189763] FAULT_INJECTION: forcing a failure. [ 408.189763] name failslab, interval 1, probability 0, space 0, times 0 [ 408.202552] CPU: 1 PID: 14557 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 408.209681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 408.219039] Call Trace: [ 408.221628] dump_stack+0x138/0x197 [ 408.225257] should_fail.cold+0x10f/0x159 [ 408.229425] should_failslab+0xdb/0x130 [ 408.233395] kmem_cache_alloc_node+0x287/0x780 [ 408.237974] __alloc_skb+0x9c/0x500 [ 408.241704] ? skb_scrub_packet+0x4b0/0x4b0 [ 408.246034] ? netlink_has_listeners+0x20a/0x330 [ 408.250785] kobject_uevent_env+0x781/0xc23 [ 408.255106] kobject_uevent+0x20/0x26 [ 408.258900] lo_ioctl+0x11e7/0x1ce0 [ 408.262520] ? loop_probe+0x160/0x160 [ 408.266314] blkdev_ioctl+0x96b/0x1860 [ 408.270194] ? blkpg_ioctl+0x980/0x980 [ 408.274076] ? __might_sleep+0x93/0xb0 [ 408.277953] ? __fget+0x210/0x370 [ 408.281488] block_ioctl+0xde/0x120 [ 408.285156] ? blkdev_fallocate+0x3b0/0x3b0 [ 408.289468] do_vfs_ioctl+0x7ae/0x1060 [ 408.293350] ? selinux_file_mprotect+0x5d0/0x5d0 [ 408.298096] ? lock_downgrade+0x6e0/0x6e0 [ 408.302237] ? ioctl_preallocate+0x1c0/0x1c0 [ 408.308127] ? __fget+0x237/0x370 [ 408.311623] ? security_file_ioctl+0x89/0xb0 [ 408.316029] SyS_ioctl+0x8f/0xc0 [ 408.319392] ? do_vfs_ioctl+0x1060/0x1060 [ 408.323571] do_syscall_64+0x1e8/0x640 [ 408.327695] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 408.332544] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 408.337764] RIP: 0033:0x4596e7 [ 408.340943] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 408.348683] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004596e7 [ 408.355943] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 408.363203] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 408.370463] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 408.377721] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 408.436171] BFS-fs: bfs_fill_super(): No BFS filesystem on loop1 (magic=33000000) 21:25:18 executing program 3 (fault-call:0 fault-nth:35): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:18 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000140)=0xffffffffffff0000) r1 = fcntl$getown(r0, 0x9) r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x1, 0x0) ioctl$CAPI_GET_MANUFACTURER(r2, 0xc0044306, &(0x7f00000000c0)=0x1) syz_open_procfs(r1, &(0x7f0000000040)='net/connector\x00') [ 408.532031] BFS-fs: bfs_fill_super(): No BFS filesystem on loop1 (magic=33000000) [ 408.595003] FAULT_INJECTION: forcing a failure. [ 408.595003] name failslab, interval 1, probability 0, space 0, times 0 [ 408.608066] CPU: 1 PID: 14584 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 408.615282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 408.624646] Call Trace: [ 408.627255] dump_stack+0x138/0x197 [ 408.630913] should_fail.cold+0x10f/0x159 [ 408.635235] should_failslab+0xdb/0x130 [ 408.639227] kmem_cache_alloc_node_trace+0x280/0x770 [ 408.644348] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 408.649996] __kmalloc_node_track_caller+0x3d/0x80 [ 408.654941] __kmalloc_reserve.isra.0+0x40/0xe0 [ 408.659624] __alloc_skb+0xcf/0x500 [ 408.663256] ? skb_scrub_packet+0x4b0/0x4b0 [ 408.667582] ? netlink_has_listeners+0x20a/0x330 [ 408.672373] kobject_uevent_env+0x781/0xc23 [ 408.676711] kobject_uevent+0x20/0x26 [ 408.680530] lo_ioctl+0x11e7/0x1ce0 [ 408.684166] ? loop_probe+0x160/0x160 [ 408.688063] blkdev_ioctl+0x96b/0x1860 [ 408.691968] ? blkpg_ioctl+0x980/0x980 [ 408.695887] ? __might_sleep+0x93/0xb0 [ 408.699775] ? __fget+0x210/0x370 [ 408.703244] block_ioctl+0xde/0x120 [ 408.706887] ? blkdev_fallocate+0x3b0/0x3b0 [ 408.711221] do_vfs_ioctl+0x7ae/0x1060 [ 408.715122] ? selinux_file_mprotect+0x5d0/0x5d0 [ 408.719888] ? lock_downgrade+0x6e0/0x6e0 [ 408.724061] ? ioctl_preallocate+0x1c0/0x1c0 [ 408.728640] ? __fget+0x237/0x370 [ 408.732112] ? security_file_ioctl+0x89/0xb0 [ 408.736538] SyS_ioctl+0x8f/0xc0 [ 408.739919] ? do_vfs_ioctl+0x1060/0x1060 [ 408.744077] do_syscall_64+0x1e8/0x640 [ 408.747980] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 408.752846] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 408.758035] RIP: 0033:0x4596e7 [ 408.761389] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 408.769210] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004596e7 [ 408.776483] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 408.784016] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 408.791290] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 408.798576] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:18 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000140), 0x0, 0x0) syz_open_dev$video(&(0x7f00000000c0)='/dev/video#\x00', 0x2, 0x101200) mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='bpf\x00', 0x880003, &(0x7f0000000140)={[{@mode={'mode', 0x3d, 0x4}}, {@mode={'mode', 0x3d, 0x800}}], [{@smackfsroot={'smackfsroot', 0x3d, 'btrfs\x00'}}, {@fsuuid={'fsuuid', 0x3d, {[0x32, 0x66, 0x35, 0x38, 0x37, 0x30, 0x32, 0x64], 0x2d, [0x63, 0x31, 0x39, 0x66], 0x2d, [0x7c5e3706a346ce10, 0x65, 0x65, 0x30], 0x2d, [0xbd1478113fc6385b, 0x34, 0x7f, 0x77], 0x2d, [0x37, 0x37, 0x30, 0x6427c755c4303416, 0xe776fc2246f81578, 0x63, 0x63, 0x93ee8ab3c758330]}}}, {@smackfsroot={'smackfsroot', 0x3d, 'btrfs\x00'}}, {@fsuuid={'fsuuid', 0x3d, {[0x61, 0x62, 0x0, 0x61, 0x65, 0x64, 0xd47a3737d04412fd, 0x35], 0x2d, [0x63, 0x34, 0x35], 0x2d, [0x62, 0x35, 0x66, 0x30], 0x2d, [0x37, 0x39, 0x37, 0x64], 0x2d, [0x0, 0x63, 0x32, 0x36, 0x35, 0x63, 0x31, 0x63]}}}]}) r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000300)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) ioctl$VIDIOC_DBG_G_CHIP_INFO(r0, 0xc0c85666, &(0x7f0000000200)={{0x0, @name="3313a0978896b54d5cd1ba1ee5e73eea7657e101a68251be74105d8d6bbd40ed"}, "a74ded7e8ab8ebbfdd5b60e791a08f3e0f3b48d84d0c1a8bb732f72b26c3477e", 0x1}) getsockopt$IP_VS_SO_GET_TIMEOUT(r0, 0x0, 0x486, &(0x7f0000000340), &(0x7f0000000380)=0xc) 21:25:19 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) sendmsg$nfc_llcp(r3, &(0x7f0000000740)={&(0x7f0000000780)={0x27, 0x1, 0x1, 0xa896077b5bbd643c, 0xe5, 0x40, "f116b515ae1c910bafdbeeda8fcfd41f4645ce0f043cdda78bc8ce723c6e1708fb28ff9f98d6afd3b4bd737563ca3721536a50f4f0c1c3509e912ef342cbe8", 0x2}, 0x60, &(0x7f00000006c0)=[{&(0x7f0000000800)="87fbbf08791d8b1d3a5938f59d44a86561a15c5ab376ffd4a805d25a46df4960824df4dcebed912b9c70cdfeab14b6fd6bbdcffe7599228144822847ef1b03608472f71110331033a9fe6ba223225c0e50d4bcd1b688e2c91ef1f300e40eae49f15e9256b02908b9c584fcf95a7e8ce4578e3d1cdc03117df9ab010f56", 0x7d}, {&(0x7f00000002c0)="5b5586c5a8e2f86af7eabd902e1530595408e5f7e096a417b0b223b64246c7beaa05b3209e7cf87944ffb1193d532aeef9d030d8a9c38e46edf08da19e484c52bbb582cb2dfe025f318af70fab274499056f8f1bd75d89ce0aaf2a5cbedbeecc18724d3f989d27e150", 0x69}, {&(0x7f0000000380)="624853e71d94c7d5881fa4a380f8606c206fdeff1bc47fa6ecac4414add0f69b906def14a08c82252ad9f20068763d3245537650a1fe44e3abd687abca2f173bbefaf559cf3347111b05306fd56ee11929e8598f9a2c0b328e7b238a37c8f79305fb9384ba2785be2369cd2e60eb34b1574e07f6e49e284f7e222ae540831ee9926e286cf386ae760d0bc6051462c32dd65aaaafb2bbc96c90ce78963f0a2742ae18688ae9d7", 0xa6}, {&(0x7f0000000440)="00865d126bc50389c2e589bb19e965df66ea4e770d903e0c78b983cca3fc9cd7e34cc008e08735555be555735967276543e68121abedaecdbffab055124e02fc77ae8e6fbd77e1cd6cf9817a5ae6b772f66b194c41503b3bc331e9579ad2a16c29dddcc692a0502eea46aa4ce8216e8bcfceb869c670bda2c1f3303f", 0x7c}, {&(0x7f00000004c0)="7f487ee475abc86bf8e9f73d451ec8fa13c5b2feb807400caa751f827a03cbf83270592307695fe87b8ae9d99c99d2d9400f47fc5861c8eb1ec840e5279cf47b9f0c021f4a3f41151e2335ecbcb0c4ca6688ca6f8aba9eaab02cf60dc83ee40799dfa478da1c6f0c7bbd0a983af232c22d0a7784d412d8", 0x77}, {&(0x7f0000000540)="9f2dd8f9aae46ff153eb8d511a5b53e1c166f58bfb33ce8b505b1ae4224ee653e1d67dbcfdf813295849e1cdbeb946c63e3e80c5fe7a28bb3bdbfe24bd8a46d254905683b087a6ce9f3b07e653cfa738b6e46de640633355", 0x58}, {&(0x7f00000005c0)="679d0d86e41caba5309c2d7f30a071cd6de0cd34b408319a71d725cc5b22ad0d9e3c63df75d83638ed866abbdd8b843b34f46fc001f37d284f87cebb194dee74918326f4c7f3a668a1dca4e9dfde250cf89fde338cc6617b2a65144c1a8ee4eadcf27f8d1e0ae23908ba41b7402b0b7bff4e74", 0x73}, {&(0x7f0000000640)="11dac22c626bb4ad8fa16f6a1b081f8cab2aeff51840b62ac9b46d6574315cf7262404fcdffdf2afed8458460505929654cc81044dc75d7a4cf3b62c0245a8e73a59e32c395f937b8bb385e42056e6667c8e7b4a1f9c9cb9b0464e95799cee49c574a60c7c1b3e0e98cdffb750286e3332c42f3c0b86", 0x76}], 0x8, &(0x7f00000000c0)={0x30, 0x1, 0xd3, "ef41561f65de452f2901e70fc2a0bc7e58bd64b9b3df22396b26d06b6ed8c58f"}, 0x30, 0x8000}, 0x80) 21:25:19 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x210000, 0x0) ioctl$sock_SIOCGSKNS(r0, 0x894c, &(0x7f0000000080)=0x3) 21:25:19 executing program 3 (fault-call:0 fault-nth:36): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:19 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ppp\x00', 0x4dfc16e1fa4a47b0, 0x0) r1 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x7, 0x6502c1) write(r1, &(0x7f00000000c0)="9471bd7f6414a48252c268b6b613052771", 0x11) accept$packet(r1, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000001c0)=0x14) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000200)={0x0, 0x0}, &(0x7f0000000340)=0xc) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000380)={{{@in=@multicast1, @in=@empty, 0x4e22, 0x7, 0x4e22, 0x0, 0xa, 0x80, 0xc687ca1e194291a3, 0x32, r2, r3}, {0x95, 0x9, 0xe38f, 0x6, 0xfa, 0x4, 0x665, 0x4}, {0x3, 0x1, 0x5, 0x2}, 0x3, 0x6e6bc0, 0x1, 0x1, 0x1, 0x3}, {{@in6=@dev={0xfe, 0x80, [], 0xf}, 0x4d4, 0x32}, 0x2, @in=@rand_addr=0x3f, 0x3502, 0x3, 0xd76304000f8159c7, 0x401, 0x40, 0x7762, 0x8000}}, 0xe8) ioctl$BLKSECTGET(r1, 0x1267, &(0x7f0000000280)) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) ioctl$TIOCGPKT(r1, 0x80045438, &(0x7f0000000080)) 21:25:19 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) stat(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0}) fstat(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000000540)='./file0\x00', &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0}) r3 = dup2(0xffffffffffffffff, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000019c0)={&(0x7f0000001980)='./file0\x00', r3}, 0x10) mount$9p_virtio(&(0x7f0000001780)='btrfs\x00', &(0x7f00000017c0)='./file0\x00', &(0x7f0000001800)='9p\x00', 0x2010000, &(0x7f0000001840)={'trans=virtio,', {[{@cachetag={'cachetag', 0x3d, '/dev/vcsa#\x00'}}, {@cache_fscache='cache=fscache'}, {@msize={'msize', 0x3d, 0x3}}, {@posixacl='posixacl'}, {@posixacl='posixacl'}, {@loose='loose'}, {@dfltuid={'dfltuid', 0x3d, r0}}, {@afid={'afid', 0x3d, 0xfffffffffffffff9}}], [{@smackfstransmute={'smackfstransmute', 0x3d, 'uid>'}}, {@uid_gt={'uid>', r0}}, {@euid_eq={'euid', 0x3d, r2}}]}}) syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x1000, 0x5, &(0x7f0000000380)=[{&(0x7f0000000140)="dc60d41233d1e8973f521a53977de9e28f5f5f05a6eb0be804c2c199121bd7b0d276c998c2d59b3ba43f8443306c05830351ae0dfee970ea51585bdc4dbc105dbab911f0fcc1337030e746b66e5d15c3bfc703736d2542ed3eea5eb3b2fa6eb37b9b107b87a54f5b3397d7eecdd0ff1d62a601d5cdcee8b7b232144125a8e57c8adf2ae999f5b980dd5c948a0c6d58677f9f38821a38bf8971fa60df728c083349c199b43cd9e442fb5741a9486d58f7", 0xb0, 0xff}, {&(0x7f0000000240)="5acdeb030734155dc70619f84d665aeea82daec920a21ff2468ce18524735944bfaf5c288892316cdf113a0874a97adb53367763d3bda96c03fc86659006731464c0efff9f98388ea6ef999f6aa7a36ce077a7edbcadfa0d26f4f8f22ed7b0f346c63d4705f263a0a2d340a3564a38f9a24ff4aec1371999a726b17b73b316e2cbc442f5f1c80cda93b5527e614fd7293e9848232411199db2cd336802cec4c27e94c8cd4709ee4c7ded8f2f88b39a02b832801fc081fb9e2e06b0e975625818", 0xc0, 0x5}, {&(0x7f00000000c0)="82b3e3f6a103dccd3110e832308a8e3e28912b533fe555b23bdeb10467b7d5b58009068c1a4ee2bc6d2a095a429f649f", 0x30, 0x1}, {&(0x7f0000000680)="fa9a17c73f5a1a2fb496200d16564dec725ead0c2b2a0ae1e785d4c7957409817afb8630c363177c73da112c741f709bca3b456631ade6fca38efa4bcf7bf5ade4db83a124f6ee8ba8694a5f5d6df73196b2239f08c74dacb3c446d9e6c4c62eee22f5388602cbf8b0a7802005bef224106fd8688197d1f7cf1afad9d947298875693e74ad17f7060d2063cc5e46db6886b01a93923d6a914ea2072104ecff5b83ea3456e34a92d5ee7a72c4010451990d17ddd12b46b72a984eac83937b3b71b75dc351459bf670547168c6c88685b106979dc88fcf2cfd6a8131c1e2df11ed2e258ced35ee41e849f7398128157355859981941f627c7b957c837d74b25d3c21a7cbddbb54b152e03a81972a09ea573f91710694105937915b97f5dae53f049fa573ee32d410876bc7b0be608b2e895fd78f103d31bc7efc13129446acdffa0cc49b25d8beb51a456428ae87a95f38a93b1c2cea914ee67c39e2f9e0ec66c9f1f07f0fa30ffb630a7acb60d1342a211c974fa302a6a5eaeaf73461a62a314c68d01f34900a2a0364ae2c35e24df0a463c8a0b6d780d4a172101de932ef4d4e7ceb70099332d6a31ff591a0c06f94a3c76362dc449ff88ce2156f6bb72fdc018d53dd1a1930381acb3a21ec27eac6736b5aacb7ff06d20f0afc9819423c399b93d15be0be809838d7fe37833f442fe9166dbed41159ff5a85fbc56dea2ae33818032d4a62676b6bc7126913adfc65f83ed9da4bfd7cd6acf10f413180a06c436fc4f0d42d0e778ab9453e8d97ddc20c35b08da51fbc634eb0fcf303fe46e1e0c43d889477f40671fe051a9fae958f9b6837cdf6687723548a61088b4983b559d3c0035c8704c1037c9c46f9502ed9d9289ffdab39aef1e3e8de4260d4dbb5a51ca2c81307192319c4fc23a88116c5fc87ae3650e17707cd915ef9fbb1d8fad57fe66ac4acc50c7d0abc707a572921e401a08b79d0e0de896766ce7865879d83c5bd9ce8df0f97a83463357429a953ed7165bc5fb1eb280734c614fb3350723bdda9ce5acff70ce0306ec8f6601da4c04cad65ee1d2811e6dbdf1f3b703fa0b3d34bc3a11fa32eeed5f8c0c6713bc4f14ff5d55990199203b97395fd8ee86e1d55012a1fe7f4ed2a1e59d609b7055172da0d8c7fa4590be20cea06216da9cbf131c19dc39360a4ad46ea7e1b19719b667a46d1a8f7f36f9bee82828e510cd2b0433414894a1aca048f0cf8329534daf5eb45c7986ce13b535e139221df8f32797e9b8e2f804a365daa989ca2ec0364147cacb20544c3971f2cd7906a546011d2c122d40f0f96914d32ba0c80a41010a3119c135456fbab88b7edb65067bdf313d580af2e89cc43e90432c6a0ac90a8ba1b15609e8f84fa829f68c5db9e5bf5bcbd909a4c6adcee8db660fcf64824f5d6047d5fa6dba4987ff14d57fbe6ae6b21acbdb7f821f3cb31dc6d80e0aa05e2681636280840172f1103446377f64e3c51452d10ee89c9345d3edb5fbce7545bd97802b92a26ba04f826b6731845f1a1e54436ed4aff3c92e3e1436e46659d92e25eef95ae1d93bb2aa80c576845fcaab46aa7903410635f37ae57962f8bb70410891d7f120621c6bc13d03d79d301774abadb19f4a6e36bf5999da129ffa19b67290c41aeece499e7599d9c9be8cde3295104412afa4b35962446763effe3fc79098e183d8733eb1cae3a4556045a6ae36414f89a5918fe2825fde6067e40961cb2d22ce9dd7aaf2cc746939b7b6235c45ce32868b8b29dbe7ec31046f264587c6bf4e17bc371aa80ebaf5cadce42fa75bc6e420c6ce722a33c61c7af2507926dc1373687d9007d3397abe5e5684888a825b21f0717d8c0647539b98d214a3baeb7018dc1d9b2d0692453d6930d5a903983475c8921329a3466efadd335eab2ee93aa240b7211236dc2017ede850550662e2290b5524c81912269d2c9a309eefaaa4000204ea26719aa43552517f9d45912b43c6706f34be415e9daf57f25745257465abe4eb2c677e09fbe0fd2cb92cd29c7cfd40f9091dfd1d8b8b50c84345d6f23ac381e6ae72319a7d5c74bd2933fad1e18635751377a28a66ddb8ade5055282cac647b956b5d3cb81fc695b1b915b84102ad3314d75ac464e9809ee077b1710fe86d2c50d2ca950e2d65a60436199f3f04f01255bedc3af83000bddfe60b11cfc398071870d990f3b22f6c191a68ed7066bf541de981665e4b92751002a3be8551ae8c115a60cd3a1558e81606f93e514df79ec73f86c9204a1fb8033094b6e3ed372dbab28b81beeb9381a10b5eab4aa345fe3e43ffda42e129e3686d679c562ad1cd815e85d685e1c918e05b3327ba2e8ae98200a5f50a003c7a73d34c5bccde62210beb729b89011fe7200ab88845915afae095a7ba4fe524ac64adf1bcbf76ed67cbba3aeb2940feb2b7399f050058bc9b7da1957bafd6607e4fe21d5c2d301e841d0d4a4b661f41dc02280a3042215348e68b05fadde11f673118e321f9f0ee91cdfb31f761ffd24d820ac8b6b239e3b861e6f6110c4d2d48a27d40a8b87c8b23fe716d17804e345b28c24b2009691db1064096d777f9316f0335cd3a1a5a433a0449b0c8faf9c7f5abd55f86e6ee09612ad0d823dd8008bc409372ed1fcd116848472b3625cd1961b278ec03f9ef5a1e505deeed496d109b140ecc95e1d27c467c71dbaac02849716c11921abb5e42a98de6d3be8f120213538f1235b47c083dbaeb24f8cc9e0d960aac5793b8550095bc3f5261485c360a990f9e63ad50046c1d4d58a8392d6b2afdcadc134d74c839e95cdda4bef3e408a0b1e3df0521a65f02964cd8d0d4ee5a52a8f5d199953712d0022334255b9e66515580518b006f050e5e6ca4b9edb4eafafe41abf1cdff7f22accc09b0170c5782df7aec62ea584d9f85009ee6d398ffdce22b5ec01bd3dc5b789913855bd913ac7deb78cd6ee5b21c637c4ef63d8fe22918ed0f3dc78e58115e0e15b17a98a86c5c466f6f541a5933f566e75142270cf35933b1f210df672725822367268bf848be89bcc692f7728f29eee29f78d929b57cfc3dfca126992ffdd839f6539e5a7410cf186b69ea5303eeb30ed3e8fb191a4ccd6383ac1acf7d41b54443eb5610c79e633a81ef83bb4748c1104cdcded715f8bae806f34f42af1c289a8a6211d3986467323d1e414a976f326385880bc563d4d99e0d900b295fa88b57d90d4e612d9f04c1b0fcb642fd429dac354543bf710addc5e2e6fa4f9bb618bb8ade991898ecba0021de35ca3a5d98f64aaec9c39021e47a451f86d5ee3401af744751e8e2f93f598fdea0f1eaa5c3ff33c638dc3bb6ae2d9921b7cb3e215e5a2f15a5c1fb0c3ae7ff2b585b5342566f1483c81ab23512f8a9520c7b402a0672357f8bca8a3302eb2e7d34ddd8943d02729b82b3bb94de9326e443feb3250165dbd0e8dc5e83b7169740db2be2dfc6d233bd48492fd496b60775cb1524dc12918edba53cad8c3aed3094146317a878db125c4d0989b4a15c2adb0ed31836350a7d5d77f3e6e28e9bbb8339cbb48bc7e8c3d3d47de42b7e22917fc8cf306a2ec276879b5f5476098e1a15cdc61584a157f5e7a4590d8533bc16b191738250a4e6096c4fdcce0f6d8b16e652189cf35e51e8f60897e374ff0875e9171f27170157e92fb66a747400ea9beb7e886c3a0dd18463a1a490d7cbd8eec7f170f40ed9e85bd22d8931bc08392d0826c52aaac61847e300a0bf3db72cb5ffab7b081f4c068720db4afa2c2175e3019fac0140c8ed46cd7f68acb592c207025a8f5672a8c25e4caf2e31a60dac020b9660612f73f8a36bb211f54c92f4de2698ec89f0f5774ccc66b4a67644060a21cffe0a8bc463d4b6e89896e03d2cfd10fc3b8999ccdf019d5496c8127068ef224e9dfd0718d48357862d70e21f8a3de21c68c98cc5bd3b612e498db344ea8c7cd3ccbde37801ab71a1b6ac22d98c3a35e54b07cbc8e4434cf86bf771bfb5ab996cd9bb4360f1c2e84464d589f8737f66290235c48ee8b4fac9a0fb4aa73d27b733af8f5a7a86dff4f41a3f4d120e7ba715de31f892e7dfd3c4cf4495987cd4a50aeeb392bb0f2e9e929e930f81ea202858c27c426551f6e1fc988c7a3ed90aebcae5d8a11597b551e46b6bdfa7669569d78ee102f03d3497b56162eb0f21a1a8f344341a72dc899629eae5dfd4a6cdb9d7d482c08aa20d482cad1e2f3392203781eb2fe06009fb15e718e9b96fee58179d0f2811fdf9e25f8072cc98cc6caa31eed4d0c69c3f7b84510f2aa7a6964c322002c2fe6df4a56c33e5b128f9b7ca180dff48905ef97b83ab5e1e24694b5f5791f8a9cf7507dd50ae4e42e60f0a214f99fdf380a6db409055811f99cdea91ba6d8510f14edd4e3adc2a466324b3f6b832dd8dfcad51bc8877aecc7a6d38bcef866419bd1cf10e7b53499049db2d23496d2b62d24f87ce832cd2547851af2e66198c3f5778c57b7d7b61ae009a98d17241f4b5da944e48ff78e00d8b82b3c2220af1fcdaf9ffc66cbb59df6cca435214f243c9efd474a0d53c46392ec4fde89218e8530e03ceaeb6205aa6ed1902aff47f017f49d8d1860ee9ebead65be891cbb28a0b7ce6e72ad65fe1440b2e52eff8c39e50f1fe43c761c82d285e5ad46e04c044477888fa8b2ab282b63753a8a1e393823235f6105f587e2932431cd7dd630597f03e08abc5e13851d4622a746c2f559c836d3349bec6e9442f80130d1a1d8b2296c060a87995261d939002bc0ce0586a8c29c6d234d4674c0c66ee62961321fc6953bae8b3ead105611064f9b490bb444892bfc762b031ff6c6ad61663099475f72bb692d3c6ef2443142dfd489b40d4d09f483badbfe151eaa77419fffa7577b943c2484811a0742bb4c9a96af6d1994b7760d9f3bb86fba6f27a45ea68f2233b5bd6b34765a581dcd2aa99a3f281cc7a0e1d316d4155b36a28d8392a07b6fb43e49bceb283a6756628b066d45cb18b2b20139b380f42cbc1ec72c4bbc686a5a0402f32db7cc32a193780fc7c6249f55eb9541190b51598628ade206179b81542bcd804598c069c5866d63d0e5f4e3577514703c0acf9210b4350838b093e7ead816616a93e38b5dcfbecbe3e08f25be833ffdb2ccaa451c43a264eef2ce21a68f91e6b3e68ba1874051db97aa3126a8cc74c356c5e49f02acb5bc45146886413bd999c1810fe74e67b74f765fc0688f59d06f72329470fbd11febfb8b62051c61f7d967589e928b50f5b6bd232d7037467957fd1c0bf6cee98ed8599f15aeb5668686f5447041744821f9e8f579455f58be2a4377438faf92d81d9ffbc7fc023f2d399aee9a203b405c1aaac6cfc6bd5d832e3ce2b63b401e9dc7289de4dad652520d908f46822378b2fc5d8ad09509474b5cf0818c3fd58dd35688f954a9c03618703c8b010bc857c8c8e15e07a375e1b8d5f124278f073b44f6809c1ea59b15e3972da1f8e3e2c3a96407c4fa78f70abc52d77716c611337d05ac2ff4d39d3712d8b06df4d5b8818e2c83282af14505f0a7ec4bc92ec5c91ddfb1c803a03a894731216a4b01d525440c7f3a7e20cd24706576301552df4fa898f15f01e9d4855467f8c4947db9fbfce0b9f1020ad7a8cf1b26bdcd6f68ea371f17ef42e40562e50486aa3c5217c5392a2165535a27d152fcb1f864770811a9983a724cc8b80ac1eb66a26987c0e272bca7440914f606b2e8158903a8cab291fc0a421e3b6af98217bf46e9f8f68ca9246685a789925c6fe14958ef00f14b1d1", 0x1000, 0x9}, {&(0x7f0000000300)="27fc35ae9aa0cf0376d95b1061c4aa2192f4451d647ae45eb5b795cbdcbe1bf9ea40e2b9b8de19231a23c4ba4c157ac5f971821deb4f2a9ffe510602f447cf9fdea1aa3b9c859893344cbc0bf5acf32882be401c77afe567394441ea97f1d02864630aca59ea5233cfeb", 0x6a}], 0x2000, &(0x7f0000001680)={[], [{@subj_role={'subj_role', 0x3d, ']ppp0+!}trusted'}}, {@dont_hash='dont_hash'}, {@obj_role={'obj_role', 0x3d, '&GPLeth0'}}, {@uid_gt={'uid>', r0}}, {@permit_directio='permit_directio'}, {@uid_lt={'uid<', r1}}, {@fowner_lt={'fowner<', r2}}]}) r4 = syz_open_dev$vcsa(&(0x7f0000001740)='/dev/vcsa#\x00', 0xf8, 0x400000) setsockopt$inet_sctp6_SCTP_INITMSG(r4, 0x84, 0x2, &(0x7f0000001940)={0x2, 0x855, 0x6, 0x1}, 0x8) 21:25:19 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-control\x00', 0x4082, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x8040450a, &(0x7f00000000c0)=""/211) ioctl$EVIOCGMTSLOTS(r1, 0x8040450a, &(0x7f0000000300)=""/243) ioctl$TCGETS2(r1, 0x802c542a, &(0x7f00000001c0)) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000080)=0x2) setsockopt$RXRPC_SECURITY_KEYRING(r1, 0x110, 0x2, &(0x7f0000000240)='vboxnet1)\x00', 0xffffffffffffff9b) [ 409.089401] FAULT_INJECTION: forcing a failure. [ 409.089401] name failslab, interval 1, probability 0, space 0, times 0 [ 409.113053] CPU: 1 PID: 14618 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 409.120569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 409.120574] Call Trace: [ 409.120599] dump_stack+0x138/0x197 [ 409.120616] should_fail.cold+0x10f/0x159 [ 409.120632] should_failslab+0xdb/0x130 [ 409.120646] kmem_cache_alloc+0x2d7/0x780 [ 409.120657] ? selinux_file_mprotect+0x5d0/0x5d0 [ 409.120666] ? lock_downgrade+0x6e0/0x6e0 [ 409.120677] ? ioctl_preallocate+0x1c0/0x1c0 [ 409.120688] getname_flags+0xcb/0x580 [ 409.120700] SyS_mkdir+0x7e/0x200 [ 409.120711] ? SyS_mkdirat+0x210/0x210 [ 409.120721] ? do_syscall_64+0x53/0x640 [ 409.120731] ? SyS_mkdirat+0x210/0x210 [ 409.120743] do_syscall_64+0x1e8/0x640 [ 409.120752] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 409.120767] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 409.120775] RIP: 0033:0x458c97 [ 409.120780] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 409.120790] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000458c97 [ 409.120796] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 409.120801] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 409.120808] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 409.120814] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 409.140480] 9pnet_virtio: no channels available for device btrfs [ 409.304408] 9pnet_virtio: no channels available for device btrfs 21:25:21 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r0, &(0x7f0000000080)=""/90, 0x5a, 0x0, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r1, 0x0, 0xfffffecb, 0x0, 0x0, 0x800e00515) shutdown(r0, 0x0) mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x1410, r1, 0x0) recvfrom$inet(r1, 0x0, 0xd172, 0x2, 0x0, 0x800e0050e) shutdown(r1, 0x0) 21:25:21 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) accept4$packet(r3, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000000c0)=0x14, 0x80000) sendmsg$nl_route_sched(r1, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x410202}, 0xc, &(0x7f00000002c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="6c000000250002002dbd7000fddbdf2500000000", @ANYRES32=r4, @ANYBLOB="0300050007687f0f669383f88af9e59e1f2fd0da85d8722634d721090004000800050006b3842bb99ad311363f00002c0008001c000100011f0000fff8f935ae99ffff00080000000000000001000000030000000c0045875279b242"], 0x6c}, 0x1, 0x0, 0x0, 0x890}, 0x40000) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:25:21 executing program 3 (fault-call:0 fault-nth:37): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:21 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20\x00', 0x200, 0x0) r1 = accept4$llc(r0, 0x0, &(0x7f0000000240), 0x41a16b57fce2a622) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000300)={0x0, 0x0}, &(0x7f0000000340)=0xc) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000380)={{{@in=@initdev, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in=@loopback}}, &(0x7f0000000480)=0xe8) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000004c0)={{{@in=@initdev, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@empty}}, &(0x7f00000005c0)=0xe8) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000680)={{{@in, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in=@broadcast}}, &(0x7f0000000780)=0xe8) mount$overlay(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f00000002c0)='overlay\x00', 0x1, &(0x7f00000007c0)={[{@xino_on='xino=on'}], [{@context={'context', 0x3d, 'root'}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'policy\x00'}}, {@fsname={'fsname', 0x3d, 'rose0\x00'}}, {@pcr={'pcr', 0x3d, 0x1c}}, {@fsuuid={'fsuuid', 0x3d, {[0x33, 0x37, 0x31, 0x7f, 0x35, 0x61, 0x252755769210c4e2, 0x39], 0x2d, [0x62, 0x33, 0x61, 0x777c1a54782647f], 0x2d, [0xa5070a7c535e16fb, 0x38, 0x36, 0x65], 0x2d, [0x37, 0x77, 0x66, 0x39], 0x2d, [0x31, 0x63, 0x65, 0x65, 0x36, 0x32, 0x32, 0x33]}}}, {@uid_lt={'uid<', r2}}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}, {@fowner_lt={'fowner<', r3}}, {@euid_gt={'euid>', r4}}, {@euid_gt={'euid>', r5}}]}) open$dir(&(0x7f0000000140)='./file0\x00', 0x100, 0xa) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000180)) bind$tipc(r0, 0x0, 0x0) membarrier(0x0, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000001e40)=@filter={'filter\x00', 0xe, 0x4, 0x3f8, 0x0, 0x218, 0x310, 0x310, 0x0, 0x408, 0x408, 0x408, 0x408, 0x408, 0x4, &(0x7f0000000080), {[{{@uncond, 0x0, 0xd8, 0x100, 0x0, {}, [@common=@inet=@policy={0x0, 'policy\x00', 0x0, {[{@ipv6=@remote, [0xa6d6f63106f204c7, 0x0, 0xff, 0xffffff00], @ipv4=@multicast2, [0xff, 0xffffffff, 0xff000000, 0xffffffff], 0x4d4, 0x3504, 0x0, 0x0, 0x4, 0x2}, {@ipv4=@multicast1, [0x0, 0x0, 0x0, 0xffffff00], @ipv6=@rand_addr="4e3d33a5c983d0d5e24d5989ed4a6364", [0xff000000, 0xffffffff, 0x0, 0xffffffff], 0x4d4, 0x0, 0x0, 0x1, 0x3, 0x10}, {@ipv6=@mcast1, [0xffffffff, 0x0, 0x0, 0xffffff00], @ipv4=@loopback, [0xff, 0xffffffff, 0xff], 0x4d6, 0x3500, 0xff, 0x0, 0x4, 0x4}, {@ipv4=@broadcast, [0xff, 0xff000000, 0xff], @ipv6=@empty, [0xff000000, 0xffffff00, 0xffffff00, 0xff], 0x4d2, 0x3500, 0xff, 0x0, 0x1, 0x4}], 0x8}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x2}}}, {{@uncond, 0x0, 0xd8, 0x51}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x10001, [0x5, 0x7f, 0x0, 0x5, 0xffffffffffffff98, 0x1000], 0xfffffffffffffff8, 0x7f}, {0x4, [0x101, 0xfffffffffffffffc, 0x10000, 0x6, 0x8, 0x34cd], 0x8, 0x6dc5}}}}, {{@ip={@rand_addr=0x6, @multicast2, 0x0, 0xd88bf2d213ee5444, 'team0\x00', 'rose0\x00', {0xff}, {}, 0x32, 0x2}, 0x0, 0xc8, 0x128}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x7, [0x5, 0x7ff, 0x8001, 0x5, 0x2, 0x9f1], 0x4, 0x2cd6}, {0x4, [0x80000000, 0x3, 0x1, 0x6, 0x4, 0x493], 0x4, 0x9}}}}], {{[], 0x0, 0x70, 0x98}, {0x1}}}}, 0x3d) ioctl$PPPIOCSACTIVE(r0, 0x40107446, &(0x7f0000000280)={0x6, &(0x7f00000001c0)=[{0x9, 0x6b, 0x4, 0x40}, {0x5, 0x7, 0x5, 0xe19}, {0x100000000, 0x1, 0x20, 0x4b07}, {0x1, 0x80, 0x7951, 0x1}, {0x20, 0x80, 0x401, 0x100}, {0x7, 0x1ab0, 0x10000, 0x4}]}) accept4$nfc_llcp(r0, 0x0, &(0x7f00000008c0), 0x80000) 21:25:21 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x80000, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f00000000c0)={0x0, 0xcac}, &(0x7f0000000140)=0x8) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000180)={r1, 0x3a, "24fab84c0e98fe30d0efdc8b4dc2022aa3d0876c2f3f0b5e0512b704b58bf8724e3f518239bdcd2191998ebc03185f9d33abe28ea4a8ad7ad1ec"}, &(0x7f0000000200)=0x42) 21:25:21 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/enforce\x00', 0x80040, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x200}, &(0x7f00000000c0)=0x8) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000140)={r2, 0xffffffffffffffc4, 0xa, [0x400, 0x4, 0x642b8a2d, 0xb0e6, 0x3d350a14, 0x8, 0xbb0, 0x1000, 0x2, 0x4]}, 0x1c) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) [ 411.172141] FAULT_INJECTION: forcing a failure. [ 411.172141] name failslab, interval 1, probability 0, space 0, times 0 [ 411.194665] CPU: 0 PID: 14660 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 411.201889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 411.211752] Call Trace: [ 411.214373] dump_stack+0x138/0x197 [ 411.218244] should_fail.cold+0x10f/0x159 [ 411.222517] should_failslab+0xdb/0x130 [ 411.226488] kmem_cache_alloc_node_trace+0x280/0x770 [ 411.231584] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 411.237209] __kmalloc_node_track_caller+0x3d/0x80 [ 411.242316] __kmalloc_reserve.isra.0+0x40/0xe0 [ 411.246995] __alloc_skb+0xcf/0x500 [ 411.251045] ? skb_scrub_packet+0x4b0/0x4b0 [ 411.263607] ? netlink_has_listeners+0x20a/0x330 [ 411.268522] kobject_uevent_env+0x781/0xc23 [ 411.272896] kobject_uevent+0x20/0x26 [ 411.276690] lo_ioctl+0x11e7/0x1ce0 [ 411.280312] ? loop_probe+0x160/0x160 [ 411.284105] blkdev_ioctl+0x96b/0x1860 [ 411.287983] ? blkpg_ioctl+0x980/0x980 [ 411.291874] ? __might_sleep+0x93/0xb0 [ 411.295758] ? __fget+0x210/0x370 [ 411.299341] block_ioctl+0xde/0x120 [ 411.302977] ? blkdev_fallocate+0x3b0/0x3b0 [ 411.307290] do_vfs_ioctl+0x7ae/0x1060 [ 411.313514] ? selinux_file_mprotect+0x5d0/0x5d0 [ 411.318262] ? lock_downgrade+0x6e0/0x6e0 [ 411.322402] ? ioctl_preallocate+0x1c0/0x1c0 [ 411.326800] ? __fget+0x237/0x370 [ 411.330266] ? security_file_ioctl+0x89/0xb0 [ 411.334702] SyS_ioctl+0x8f/0xc0 [ 411.338096] ? do_vfs_ioctl+0x1060/0x1060 [ 411.342243] do_syscall_64+0x1e8/0x640 [ 411.346119] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 411.350976] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 411.356190] RIP: 0033:0x4596e7 [ 411.359366] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 411.367059] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004596e7 [ 411.374316] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 411.381573] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 411.388834] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 411.396099] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:21 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) getresuid(&(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0)) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:25:21 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) r1 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20\x00', 0x109000, 0x0) getsockopt$IPT_SO_GET_ENTRIES(r1, 0x0, 0x41, &(0x7f0000000140)={'filter\x00', 0xac, "fa2dfc25223aa4f2c8b41b34a4455e5a1cb670f133466ca35638d44a0f11191713de83f9a92bdc5870d2aae10951173d856ca5b9b901baae7d9357eb7de3ecc43d05ede779b9edd110f00a03a08f06cd87a359680e3af6814389e945607310ba01272c2b6414d8b920af9f13dfb004c68cfa62f0738ab86dc5195d2df5990680280de6137cfabf30b428883f6e7eff6f168b9c962704cff4946ff1b97915381770ee0faaafbea5e56989d15c"}, &(0x7f0000000080)=0xd0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:21 executing program 3 (fault-call:0 fault-nth:38): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:21 executing program 4: r0 = perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x0) 21:25:21 executing program 2: r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x1, 0x10000) write$FUSE_INTERRUPT(r0, &(0x7f00000000c0)={0x10, 0x0, 0x6}, 0x10) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) write$selinux_attr(r1, &(0x7f0000000040)='system_u:object_r:systemd_logind_var_run_t:s0\x00', 0x23) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) rt_sigprocmask(0x2, &(0x7f0000000140)={0x7fff}, &(0x7f0000000180), 0x8) ioctl$UFFDIO_UNREGISTER(r0, 0x8010aa01, &(0x7f00000001c0)={&(0x7f0000fff000/0x1000)=nil, 0x1000}) [ 411.614406] overlayfs: unrecognized mount option "xino=on" or missing value 21:25:21 executing program 4: r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x40000fffffd, 0x200000000000042) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f00000000c0)={0x103a1, 0x0, 0x0, 0x0, 0x0, 0x7ff0bdbe}) [ 411.728988] FAULT_INJECTION: forcing a failure. [ 411.728988] name failslab, interval 1, probability 0, space 0, times 0 [ 411.745007] CPU: 1 PID: 14697 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 411.752139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 411.761498] Call Trace: [ 411.764104] dump_stack+0x138/0x197 [ 411.767759] should_fail.cold+0x10f/0x159 [ 411.769373] usb usb7: usbfs: process 14707 (syz-executor.4) did not claim interface 0 before use [ 411.771911] should_failslab+0xdb/0x130 [ 411.771928] kmem_cache_alloc+0x2d7/0x780 [ 411.771938] ? selinux_file_mprotect+0x5d0/0x5d0 [ 411.771954] ? lock_downgrade+0x6e0/0x6e0 [ 411.797840] ? ioctl_preallocate+0x1c0/0x1c0 [ 411.802264] getname_flags+0xcb/0x580 [ 411.806073] SyS_mkdir+0x7e/0x200 [ 411.809529] ? SyS_mkdirat+0x210/0x210 [ 411.813426] ? do_syscall_64+0x53/0x640 [ 411.817404] ? SyS_mkdirat+0x210/0x210 [ 411.821292] do_syscall_64+0x1e8/0x640 [ 411.825176] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 411.830019] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 411.830027] RIP: 0033:0x458c97 [ 411.830031] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 411.830041] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000458c97 [ 411.830046] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 411.830051] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 411.830059] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 21:25:21 executing program 4: r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x40000fffffd, 0x200000000000042) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f00000000c0)={0x103a1, 0x0, 0x0, 0x0, 0x0, 0x7ff0bdbe}) [ 411.875153] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:22 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getresuid(&(0x7f00000007c0), &(0x7f00000000c0)=0x0, &(0x7f0000000780)) r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dlm-monitor\x00', 0x0, 0x0) ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f0000000800)) syz_mount_image$vfat(&(0x7f0000000040)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x7, &(0x7f0000000500)=[{&(0x7f00000000c0)}, {&(0x7f0000000140)="08fcf3f3f19f20979a9f1a42b35e", 0xe, 0x5}, {&(0x7f0000000180)="6072a9b9a61edbc142a733250ded74c24c", 0x11, 0x2}, {&(0x7f0000000240)="8559c78f4022a618ae44b1efb8218dd6d10c8d1e65169762ad925013e0682e6283ce08cdb1e915acd110a03c094f81469cd9e0d6fc6a2f36d9a01c44863f6b47324d6f5242b436024bd090477877fc0d02beebe9f94f612a9d8c63c3d428001b888879e11bdbee51af8ae7c40f", 0x6d, 0x1}, {&(0x7f00000002c0)="a7da598c1ecdd89f4ffbf8ca70ed52b4065da41a725dd74eafff9db9fe99f7fa90cf51898076cec6df6092fbcf98a492d4a3fe490294ee4c99df5d243c175a107ef98ec35abbe099155e7ed5dbe3739055e8e4864cc6c14c9ccd3a11ddc4bd43663cc39f71bb4798887dd40279df8dd294134a83adf7ccda6a9c065c1d", 0x7d, 0x401}, {&(0x7f0000000340)="618d80fdcb56fbc278b063ee6436846e9d1eddcffeb1f2dfd07fd6f336b265913c979daafccb143eebb526e03ad1d5615eb37154c154383352a93dbb675f4d5cd9481265e3501ae52f8d2f2d950e668b1752d22bc8c81a1eb81bd256fd1cdc811fe1ed9be43a44f03a387093a88c42b3a47751609648aebab65a6f6a6ce167c7c4ac45b8f3ef19d63f3e23709aaaffd8f27fc1012bb6e7176bfa37d33ca82be99430640d022abcc53d3a4ef309d864836d942f05ce145eaac2b5000de8e54511068aec09d365eb0cc0bf1441f5b3097c5a59530cd9d9e3677d1b2f8e98abb5f95de9c37fcca3a8049db59a6187296bfa39f54c63877a9cbfff", 0xf9, 0x8001}, {&(0x7f0000000440)="f09f257d7c9581b204201380e060d97cbbf515e293f83bb5d22de8b0e96da8a0d846cd421209ae1b15467688e705d92e1eaba6c4962247e7a81ad1daf26cfbfeceb40820d7665f8f70e8cdc7d1f7158067ee2726f84d0b3c7aa3efe190f948a259db984e22e1adf83d786eab618d71d7037a71b647d20fa04e08f6551e92c685e07fc31916b688684484173ef20804cefcc7fe8fc8faac3ba952a7744a1b1d79be2d495e03566aaeae6dd68879bc310ca8601a05e8a8af378aaf", 0xba, 0x1}], 0x80, &(0x7f00000006c0)={[{@numtail='nonumtail=0'}, {@numtail='nonumtail=0'}, {@nonumtail='nnonumtail=1'}], [{@pcr={'pcr', 0x3d, 0x32}}, {@fowner_eq={'fowner', 0x3d, r0}}, {@fsuuid={'fsuuid', 0x3d, {[0x34, 0x2d46d1c684c17045, 0x34, 0x61, 0x77, 0x63, 0x30, 0x30], 0x2d, [0x9108ab131aad8d96, 0x31, 0x32, 0x32], 0x2d, [0x33, 0x34, 0x9798d293af17f5fd, 0x30], 0x2d, [0x61, 0x35, 0x31, 0x90e8db3586e64f5b], 0x2d, [0x64, 0x61, 0x63, 0x304dd6e50f737402, 0x64, 0x32, 0x100e8523cc40dc34, 0x65]}}}]}) 21:25:22 executing program 3 (fault-call:0 fault-nth:39): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 411.902282] usb usb7: usbfs: process 14710 (syz-executor.4) did not claim interface 0 before use 21:25:22 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-control\x00', 0x8000, 0x0) ioctl$CAPI_GET_SERIAL(r1, 0xc0044308, &(0x7f0000000080)) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:22 executing program 4: r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x40000fffffd, 0x200000000000042) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f00000000c0)={0x103a1, 0x0, 0x0, 0x0, 0x0, 0x7ff0bdbe}) [ 412.059837] FAULT_INJECTION: forcing a failure. [ 412.059837] name failslab, interval 1, probability 0, space 0, times 0 [ 412.079801] usb usb7: usbfs: process 14730 (syz-executor.4) did not claim interface 0 before use [ 412.128482] CPU: 1 PID: 14722 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 412.135627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 412.146145] Call Trace: [ 412.148739] dump_stack+0x138/0x197 [ 412.152402] should_fail.cold+0x10f/0x159 [ 412.156558] should_failslab+0xdb/0x130 [ 412.160547] kmem_cache_alloc+0x2d7/0x780 [ 412.164695] ? __d_lookup+0x3a2/0x670 [ 412.168495] ? mark_held_locks+0xb1/0x100 [ 412.172652] ? d_lookup+0xe5/0x240 [ 412.176206] __d_alloc+0x2d/0x9f0 [ 412.179659] d_alloc+0x4d/0x270 [ 412.182938] __lookup_hash+0x58/0x180 [ 412.186737] filename_create+0x16c/0x430 [ 412.190797] ? kern_path_mountpoint+0x40/0x40 [ 412.195297] SyS_mkdir+0x92/0x200 [ 412.198743] ? SyS_mkdirat+0x210/0x210 [ 412.202614] ? do_syscall_64+0x53/0x640 [ 412.206567] ? SyS_mkdirat+0x210/0x210 [ 412.210434] do_syscall_64+0x1e8/0x640 [ 412.214300] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 412.219131] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 412.224300] RIP: 0033:0x458c97 21:25:22 executing program 4: r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x40000fffffd, 0x200000000000042) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f00000000c0)={0x103a1, 0x0, 0x0, 0x0, 0x0, 0x7ff0bdbe}) [ 412.227469] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 412.235160] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000458c97 [ 412.242410] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 412.249660] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 412.256912] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 412.264170] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:22 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff) r1 = shmget(0x3, 0x3000, 0x40, &(0x7f0000ffd000/0x3000)=nil) shmctl$SHM_UNLOCK(r1, 0xc) r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x101000, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x5) openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x2, 0x0) setsockopt$inet_sctp6_SCTP_NODELAY(r2, 0x84, 0x3, &(0x7f0000000140)=0xfffffffffffffff8, 0x4) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:22 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) r1 = syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0x3, 0x2) r2 = syz_genetlink_get_family_id$net_dm(&(0x7f00000000c0)='NET_DM\x00') sendmsg$NET_DM_CMD_STOP(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, r2, 0x1, 0x70bd2c, 0x25dfdbfc, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x800) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:22 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$UI_SET_ABSBIT(r1, 0x40045567, 0x2) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:25:22 executing program 3 (fault-call:0 fault-nth:40): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 412.335582] usb usb7: usbfs: process 14741 (syz-executor.4) did not claim interface 0 before use 21:25:22 executing program 4: ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0xc0185500, &(0x7f00000000c0)={0x103a1, 0x0, 0x0, 0x0, 0x0, 0x7ff0bdbe}) [ 412.445670] FAULT_INJECTION: forcing a failure. [ 412.445670] name failslab, interval 1, probability 0, space 0, times 0 [ 412.465774] CPU: 0 PID: 14756 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 412.472909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 412.482268] Call Trace: [ 412.484877] dump_stack+0x138/0x197 [ 412.488518] should_fail.cold+0x10f/0x159 [ 412.492683] should_failslab+0xdb/0x130 [ 412.496663] kmem_cache_alloc+0x2d7/0x780 [ 412.496692] ? __debug_object_init+0x171/0x8e0 [ 412.496706] ? ext4_alloc_inode+0x1d/0x610 [ 412.509642] selinux_inode_alloc_security+0xb6/0x2a0 [ 412.514746] security_inode_alloc+0x94/0xd0 [ 412.519066] inode_init_always+0x552/0xaf0 [ 412.519078] alloc_inode+0x81/0x180 [ 412.519088] new_inode_pseudo+0x19/0xf0 [ 412.519098] new_inode+0x1f/0x40 [ 412.519108] __ext4_new_inode+0x32c/0x4860 [ 412.519124] ? avc_has_perm+0x2df/0x4b0 [ 412.542485] ? ext4_free_inode+0x1210/0x1210 [ 412.546888] ? dquot_get_next_dqblk+0x160/0x160 [ 412.546908] ext4_mkdir+0x331/0xc20 [ 412.546928] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 412.546943] ? security_inode_mkdir+0xd0/0x110 [ 412.564460] vfs_mkdir+0x3ca/0x610 [ 412.568010] SyS_mkdir+0x1b7/0x200 [ 412.571561] ? SyS_mkdirat+0x210/0x210 [ 412.575448] ? do_syscall_64+0x53/0x640 [ 412.579415] ? SyS_mkdirat+0x210/0x210 [ 412.579429] do_syscall_64+0x1e8/0x640 [ 412.579438] ? trace_hardirqs_off_thunk+0x1a/0x1c 21:25:22 executing program 4: ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0xc0185500, &(0x7f00000000c0)={0x103a1, 0x0, 0x0, 0x0, 0x0, 0x7ff0bdbe}) [ 412.579455] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 412.579464] RIP: 0033:0x458c97 [ 412.579469] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 412.600394] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000458c97 [ 412.600400] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 412.600405] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 412.600410] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 412.600415] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:22 executing program 3 (fault-call:0 fault-nth:41): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:22 executing program 4: ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0xc0185500, &(0x7f00000000c0)={0x103a1, 0x0, 0x0, 0x0, 0x0, 0x7ff0bdbe}) 21:25:22 executing program 1: rt_sigaction(0x2e, &(0x7f0000000140)={&(0x7f0000000380)="f20f2ae744a80c3e660f73d6fec4a14bd0820000000045ae64ca0000f30f9706dde546c74100e75e4729f20f1a30", {0x6}, 0x40000002, &(0x7f0000000400)="0f53ade18d0000c4c11972f755660f38329600000000c48129efce3e46f73e67f30f53c23e36470f15cfc463bd5f4100c7f2a7449d"}, &(0x7f0000000240)={&(0x7f0000000340)="419c0fe232460fa143a4f20f5fe20f4622440f913a67440f18da3672b5653666400f7d4ffa", {}, 0x0, &(0x7f00000001c0)="66400f380754eb3f36e73266400ffed9c42379176efeab84bd000000006644dc3ec4c17de64565f3470fae750046cfc4a1085ca8b1000000"}, 0x8, &(0x7f00000003c0)) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f00000005c0)={0x0, 0x80000, 0xffffffffffffffff}) readahead(r0, 0x9, 0x1) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f00000000c0)='./file0\x00', 0x1000, 0x8, &(0x7f0000001940)=[{&(0x7f0000000180)="6e9b3c3c04", 0x5, 0x6}, {&(0x7f0000000440)="51af49404076787736684867ff9d181524edd0378b7d1816e8fe0738267aae1a10821434e8e245caeb4a7ded8164f060e059cd6e1f206d762058c8040aa6aea122e0479589658af3a1dea03815b93a45b9028b3fd8395968c0ec61b9f9e65fe12262c4d68f", 0x65, 0x20}, {&(0x7f0000000680)="66b02b5f8ea8c557fa90a700585ac28707e48a4be0468e2e4453f2a894e6977f5f7d9839a09032556bf0dd990d8fe5c588fa831308e1b921947ff97507538df9a4966541dda33c32e3ecef9b915f0b13c61f50079d340cb422fa6869f5966f7cfaf49998b073b05692b4a0bde18c558185596d6d59c024ed2583803979903bfa1c377af8f68d9191c985408e03dc1d025bd5faecba78d903180176bbc59845f6c8664554ff2bbe64603ea9a4b2280a81c5809f17d8058504b51dd63a8cc32f5498d150cf3897cf9822d05d00229812a7368d756f1dae66ee12dab5bbf95de0181e79031ef220ac55a9441b65ba487430ea8a971dcec3f1544d474a8399c365f2b80dd396172186dcda7f92ba0a4b18b105e5094b5096f0ca1fc5cd7d189d857736bc57e13721c2fecfdd6e358bc6eb5cae873e219493b1c174835649289329a23c0759bfd7d845bcf7774c1bf983ddd4e7a3170ea4c7ae2952eee1cea2a62aebf1874d8dfc2d5ab81a2f2e59dd93d622e1f734cfc2c745ffe0b3f31e4f75190808c89aeff2a139d654e009f5b92f88f82b454730c1c693d20162583e68e650e49de69e3a5ab1efb980f7ff7cb0664518009cc72df888ce55df2a6234243e5b82051dbfbca0ff3ce9183ae7f820f025252d49d9f2caaf1358249d25e2da023bc76bbfdebf758c4aa32a179e9e5c693ed17e6f284d5f339725cce0ac64cdbae68c450e7868545941096a364552bbc03e140dc890e7caff03cca6c5c90fa88bb00911e53fd6ba6fb75e413f1e968223443318599d9f76c1864cf271bc0e6ea18026a16789c9606ccc0b293570b702227a88845e691d9666fabff4ac7131b3758644851303a6b7691fa8b9faee3929652d32d07cd32ed38b5b9e0c0dd7c3407512369f7a30d45ff41cb1f0bd4c00ad343ba2028bdca3d0acc3ce564d55114847292c8e918625d4fdf877bef1fde99d73fa1704eeed3b6e666611b3e960f41320e23f0d993578a0a9df600a80e844c07abfe1db728b187dc4ed626d987361885beb425da842cf805c40dcde642b28bef805969d65ac99384f8f63a4a1d36336a25f0637c4c428791d97f86376845f8cd73bac0de526516eda5ef6274070d115eb14d6e65d98c87f9998269c03c6eba8ba33e69687555d85205ec938f6fa17f3623b62ad1c7890bf231730900ed67656e3d16ab13985588c52c01a5273b8097a6814329557f4813f1d42d43e86677c7ccc268b298e5e533da7343e6e877807d7aedd64ef275d0b4f968a2b7b7a4362892bd1c1bddd9bc46711b6913546077593d6d777aa5b4bb37c1669ba45a2694e94261b10d0a6a02bed82264a66a0bfa090c85feb9f517bea68c91e8040e2433e88ea42c4364168f73fe6a8c014fd9e37b9da82c7a976617ebab79a4142778e2d9010531788a5d80396142e413e36a2930f0fdca37c3c9f064a2708105aa41d83ca7cba60a3fff1bcb147727722c6aaa99de75a40c9cca1c650aac476310f3890c23a11411fbf50627792f2bdc3c2e5a1eee3829ea67546caead0c488e1d69557813134bad1d569d7c35648e4103c72a4303d6f167929a2dab2ce5c2a5098c674cab87c22fb263fbf8142eae99a079510082cd53770696518c3f406757d8c1efa2a1be2f6bd8cc6d4cdd6e27c9d3788b1030a51732947a7fc31341ddfc6a5fe0a970d5f5bd61479e21a76d55d67b7d41cc31b6aa123d34c57940c2ae04455d9e806befb2f6772804f75c4672b8e17a683b39b20e23e6716c8ec5c98997e60fe4c6cf47c8453851a322b7e85f18f9888d774b93de2a90fcbac018e8bed323c1f40070926e0916a770e6db138bcf9ba9931a3acbbc7f9d977926590a87cf70b0a6b235dc836b255e51e8b3e0d320fa570c1ecad7c6fe9618fd0bfb86ed021efeba499f47a2004520e7f197933692ab43accf9e1386c7e96fee2f45a4fab5b959cff7c6ce97dfb9f7a10b410c4836bc169db60de8f627f93eebe591a6887ec60f33ecb3b136cbfc6c6ea3921be3e6b78a4115d667d8f12351c86f7e406738a73aedf94d57503acae9f344ff24e6f537faf7972ac40f5b2cb95b8ff5c4b13e3ce3350e9e9a6942f812789ffc84b9868bd5cb097e322ea57c57ecfe5fff0e3a5d17a30ae855ddebfda2b7ed9a2edcde085d59122436c26e09f3997489439cb93f8e61dfe90ca0e88493ab82e27d9f28df1dcb00967f5c5320c55e0d78c31789f3cf9221be670f20962d0b7790e50bc7a9643c345a52572ad14d3a0d626804fa99dd201d23fc50414c26525e4eef9ac07c482fbb47598f75ca45859a6228a8d0d48380448b441db6b7052af2967d17171063e39e7d6acb3499d66cbba7987f593a4512c167120ae21d0f666504bd72c49d201e2224ddab9e20590b0bafdaa9f1501cf264391214f657b0ce0dd40c917b0fc18de1c04ebee2c4e885202ab1d9f0719f47931eece3c1bf28a16fbea45e51b79de3c7dbe2117fe949aea7d053ec82586b787cb7ad9df771e9a4ba6c77c8d1b2d837e3a00f9862567d75db2f782b472de906d9f819e433a5a81530e1ef2a0826715aa386831ede1d4a1cec559081e4767dae26e04965d38b25ccba53fb7c09046c0adbd3bc8af591f2bbd1311a7cf1c78e2afb8c12a79f8c747fe1e5b1710e7327547bb10226e14e06f66b470db2be927048a04da562a62d4b3c60adedf8448a779dbb1037c3bb5e203b83fd2e4c97d7b716197b00c5f082fbcf20ac7ab969a04653dda92e00910b1a0b61ebf1cf81b35779ad79c6edf0bf185aa2aee66d5544fcdc8077bfda0e5635e013a2ceb24ac4cfc944a0681e78ea75f3c62c72f886071f55458c0504ed009b1e330637132460fb7aa78912be0ddc47fd30c3c44aa40ca9814ed490aec1594a49230ac3a0601c90c1853b003a634c59b264f0066d53422570219e076510ed01381af5932d66eb6b8fe93dffd616f085da09710f271dba31872c690efee23b68241ca96225c910a766f331b198789859d056001de8754f20a05f225e80a18315e90935727ab08ce4f73d8851eaab74e999e8e8d62691dc5d70ef1faa08937b7b48b523c577fc142c994c121f6869e869a7cc6908e5e60c03fb607bc22b974dccf92188a1754336d05377d9f97f5cc76d685a4186c24bd9d302b106f94cb83644a2bcdb57c741d8c54157d49576910371387680c9e5d2bea85e36af7b9cb84f57319b6e9bcc22cb29d0bc5786f721ec670012f088fbb0547f1d9f8524a0de66e753ad1b6dc59ab0ff0dca60e986f68227482d2f9c3ea0319a8291c3f9f30f5bc179ed26ca06eef299c89f1e71c924399e70e6cf53f4d504df236bdb5f6fbf609f3dba6d5d918f8922be3eca070660cbd02280947233d8a1588b1702ca13fee61e250fce2b65166e45faa87916823659a846cae86f7a9121d7888dc0a73ff7f591c5ef797aba9d0f8a845128857d93b93825aca0afce8c581ef87d089d150a5c943ad8d6d5fabd6436ff87831351a81bbdbedee309aff86a8b5c1479f0dabd53bdc8af68044554bc22835066799f79f372b550aad39c41b96670519f9850c4c13ef52594dd61bd89c4b1d937756c2fa41e77de1618057c692f0779ea6828024be7c8fc14c01abf07de2c876663256fe6b18a028378c30a978d8f857a3ae7dd3c623afaebe1e6f3600adf22f9e262dd854f97a6501f400dfe47df44a4235ed9bf47c1872dd28855c07f76bc7e896d3c076dcff17ea7f1ae290a7192cf68c86fbb15032d5434e2506972ddc6174d3d5048a87325062b8ea74bde7788afee277f3781c34c6e15c6660cb1c0c67d96ce208ddf9b46fea08874de96b6fd601767a90bed44df0ed668ef33cf022a2ea115bd643cea3ae6cf5b49de048621e603c4e4be04c6e4515dba3ced61c8d46664ac5fa6fd96b1859e9621b22d0192fa7f0d0ae53c27d92622dfa06e42b2927107f2492e690b6e3e8ab36db185352d9b530cb9fc9d3ff08f9b6b3c5ccca6d16369c4ef6fb4421a72d70be4821a9f2380b31b6bb4997e655a4aca9bcfe8d5542af0cbfb5e64d8cbc4d1b4a5abce318eae86aab224b6eaf6322c421b27def436cb9b454b30cf6ac2002982ecc4ee1efbd12f67d4236b0adb6f3442a2ad36c4d27c566f4a87033222c982e513fafc0491b00a4c8921c285a9ef1d1a7141047d860a7902610da87882a052eacb45301d9c25ed562ebfbb8a08a4902001979cc570f4668833892e6dd95142af1a37ced604f432900bcb993ca8665bd5b99fc8ad0f48683a1e9cf4cfbf43dbfeec1465ff898b965ca1e16ced103c403ba5ac368e3a287812c6331ae8d878f4af37cf66cfbb3f86025edd6931e234393827a4b11cb840fd0b2877ab7c130a2f83d5c7a8d110d24e2718ad3863ba1eb83bb817157b05ad102d0ede69fa1948f69c7402403a74fc7bc58d3a539a7d99268f4e7a5d9768f41ab64ec09c85011e3798bb3a2f58deaef39d913309bb8f821ad89abae165856f069f5e95ad6d9e54224eea302cbc4f1d64239bacb1fe2e04a086551eca1f0e8422e7c1d8b968d5b93f1b18c9104911a96942c1b8df2f966528a8bb4acbec9c2583295d8c8fbd08b0963e591c192f94e9ccc643488c4bb21e3393189d1584fd522192e8a44ebe42d3e503119807515ced7fd771a060413dc51a41fbadd53c7d1049c6ea718cb3dbc0b4b51a3c5333ee4190111ea387f9e7aee1e3d2f6d180ee6c4533768bc7a428a19f73163c2ae2f2cc05e1c92d3e9fcd60b46c7147808d47858eadce1643f9e948b4d9ede518b87574aa2b024af643103c18a70ac6b4e2ab7cfec4f3e635b1d9084c9440d3af8b32cc00c4a2ebf09d049c8973f577d100cc4863d30d4575243e569e0f6ab55a14e6387a6253e80412c7e92ebe1ec31580e74fd96f7200858db2ffc95622235058cd852ed50c78b3bfaaf20b4a42e7bd5714acfea4838113912fcff8157d9969c7cdbb8d674cb8976b1c4cf348db9fe0ebabfb59175d468abf0544f3578e0491b744f79ebab4ab39e89d5ffe664416059d6bd5ffd0e51a18f2e180bfe5873bbb71625a666876960b95587be0c64ca701d42854d9d39a3d11514b2a5e0c2b91dce68510fc510f0fc8701a74774912eee93a2b6af6148ecdfcede3995fa070d7371a08ddd2209f2af3542629746a86246342d0ed87706e2d23cecc14eb407661867012318f4da26d2817f602307438f1e067cc3fd7293c5e58139734205f4b9e58f1d30a6f8c8035a92f32e692461670205fb206558930bdd22d5bce85a2b05f0d8a7d631566a9d59b0316e97f07c08fcac94cd84b7da5a90db4ddd29ab67462309bf6184a8fd79d4c93234a9882d06f0eef26c44aebfcfa2625cf4e8bed89085c3ff9101ee4c40f44b8c3b5cb58765823a03b67df60836e041fa1cc6b072f646f1736d518b189b449bf680a396b3053185796f583c3f4f6430445eeba49e265c6a6cde52b1d2c2678d37f7ecd66993126ca38a6b3d5054dce0b53ff8798d11a4036279b4267b4ef0f2ab2fddb5b4e5613a42a52a4cca22bdedf14eade8ea6e958419470fe9623e6171b6dadf8ce4747f274dc6774f5d96a0150c9858556a063e4e323d21190466aee25845b909196dc2b907761b82d92c43f9277f7c0702b3f28a5d46c2167c43700f269746580697541b8f77c28195cef87640b637dcfdb601afd954d9cee59a64602515756803e4562fcd459eb47c55cb17af9b149f3482a83f527a126aec4010cfe1eee0caaa09e89338fd27f90f5499cf7a88d0bfd7bc6b0f1356a4cebe", 0x1000, 0x101}, {&(0x7f00000004c0)="cbb83c42579ac42ad45697f502fb7049a1ae603245cc08c8c616f41493795d9d3416292170c7853a6d58e1862c65b7b3ae86bc1d76168703f366b5b4265cbbee6b7ac1c177c2781dde1e0bb62e3629709c7760e90bb1b52adb1374b05a12b35b8cd80966e4498d335475245cbaa1460142e7795d8b8840591ea1bc530de9835899e004e19e6906e3358c1ced40c1178dde6347e59925758862855bbfc5246a48e8209836bec9f84f7f5cd1744b4dbf1fff553ea86b9ca7685077d764be7a6b1cbc7e72d6c76c94cb1b9ed4681b6a22e9747460743e67b8d7e8bf4618c076073787a460b8d2a675ca62e68bc9480c", 0xee, 0xfff}, {&(0x7f0000001680)="6805ca3e12794cc8d368ffdc970d7e294f70bfb81ac638b102f78b19c0eb551399f4078b407e2f026138941aa5e0059caa2b220addd26b09e36034a72b10bc087a85f9943e3cb3cb3aedb13d39137e4d6845ed837c64985201dfdee7124d905dbcb8d49fae4ce13b5af516e6b8264b011a5a1f715f55f9380fc5f8b75b18b60bf5c08b6c10322435586ee672e49bdcdc1c3ad3e1b5cd", 0x96, 0xfffffffffffffe30}, {&(0x7f0000001740)="d5e0bcf9a3f4a679c8210871316347337553d309a8af92ffcd0168a72020075ac03637b00130c23f474d1cb6f7c933487d5c102fba2881a96aeebb94f0cbd342ad73e48e7135d8e5a37beb7cf61793fcd00f3ec220c229fac1e4ea22ce4fe9e6da887dd2224fa324b671072beae95f8fdf468175ee7603c9834254b566f3198db096d52e83ca1d0832c5d1b87568abdeb1a3a2a0e0b2b1aaa08a0e2d0fcd45ad7a0d10eaa77c75f2769831cf251f11a149008264fe137036490007e108d213bf42360754e743861eba1b213fac12ba32134fc9a1aabd2adc0956492c852e14c7314f3305d8b2966d26ef1a27229ef1784da2129975ea", 0xf6}, {&(0x7f0000001840)="23dfcf82f0880811888866a21dbdd17b80379615e096ea30cc6543f0280b1423e78d2346e9042e1c5b0a1fd7d6684cf1ad545ccfe492f25247320527c0aaa83e372251ea3ab01d183d811a8a6fd059fdf6af08cfca61244f89c2b748ea6084a16ba0f5812cce03e68a0b111b591aa8ebc79f6942abfdc920e16fa37af41a73c89151af07b6aa3ff05a92bf47f6181b22fabe352c84fef099a5b3917d93390f1f2e3f939df7bc6216e7e9394e0042e1d48598a89305d659f677175782df028561bb88166c8712fbb1c6e7d936269715603221837ffa50ce8c99467ea9d4dc0c95c0acae3a9e9047d1ac1e637124fc2a3122d940e93c2d0671e296", 0xfa, 0x2}, {&(0x7f0000000280)="187672e1e04e4c41f0a0648a68458a300b62d93df06bb48fe3cb6b275a00"/42, 0x2a, 0x3}], 0x2e0400, &(0x7f0000001a80)=ANY=[@ANYBLOB="636f6d70726573733d7a6c691f00636865636b5f696e745f646174612c6f626a5f747970653d7d2c6673757569643d63661937396462392d39323f332d333065302d626263352d6361773200003a772c726f6f74636f6e746578743d73797374656d5f752c66736e616d653d6274726673002c00a89a9bcec98a0bec6fc0"]) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/vcs\x00', 0x8000, 0x0) connect$caif(r1, &(0x7f0000001b00), 0x18) r2 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/btrfs-control\x00', 0x4000, 0x0) syz_open_dev$vbi(&(0x7f0000001a00)='/dev/vbi#\x00', 0x2, 0x2) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000001b40)=0xfffffffffffffdb8) bind$isdn_base(r2, &(0x7f0000000300)={0x22, 0x7, 0x911c, 0x800, 0x10001}, 0x6) openat$vcs(0xffffffffffffff9c, &(0x7f0000001b80)='/dev/vcs\x00', 0x100, 0x0) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 412.737422] FAULT_INJECTION: forcing a failure. [ 412.737422] name failslab, interval 1, probability 0, space 0, times 0 [ 412.749067] CPU: 1 PID: 14769 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 412.756173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 412.765527] Call Trace: [ 412.768123] dump_stack+0x138/0x197 [ 412.771778] should_fail.cold+0x10f/0x159 [ 412.775939] should_failslab+0xdb/0x130 [ 412.779920] __kmalloc+0x71/0x7a0 [ 412.783377] ? mls_compute_context_len+0x3f6/0x5e0 [ 412.788309] ? context_struct_to_string+0x33a/0x630 [ 412.793343] context_struct_to_string+0x33a/0x630 [ 412.798190] ? security_load_policycaps+0x320/0x320 [ 412.803212] security_sid_to_context_core+0x18a/0x200 [ 412.808408] security_sid_to_context_force+0x2b/0x40 [ 412.813514] selinux_inode_init_security+0x493/0x700 [ 412.818626] ? selinux_inode_create+0x30/0x30 [ 412.823124] ? kfree+0x20a/0x270 [ 412.826630] security_inode_init_security+0x18d/0x360 [ 412.831829] ? ext4_init_acl+0x1f0/0x1f0 [ 412.835892] ? security_kernel_post_read_file+0xd0/0xd0 [ 412.841259] ? posix_acl_create+0xf5/0x3a0 [ 412.845504] ? ext4_set_acl+0x400/0x400 [ 412.849480] ? lock_downgrade+0x6e0/0x6e0 [ 412.853637] ext4_init_security+0x34/0x40 [ 412.857802] __ext4_new_inode+0x3385/0x4860 [ 412.862143] ? ext4_free_inode+0x1210/0x1210 [ 412.866561] ? dquot_get_next_dqblk+0x160/0x160 [ 412.871645] ext4_mkdir+0x331/0xc20 [ 412.871676] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 412.871691] ? security_inode_mkdir+0xd0/0x110 [ 412.871706] vfs_mkdir+0x3ca/0x610 [ 412.871719] SyS_mkdir+0x1b7/0x200 [ 412.871729] ? SyS_mkdirat+0x210/0x210 [ 412.871737] ? do_syscall_64+0x53/0x640 [ 412.871748] ? SyS_mkdirat+0x210/0x210 [ 412.888126] do_syscall_64+0x1e8/0x640 [ 412.888136] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 412.888155] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 412.888162] RIP: 0033:0x458c97 [ 412.888171] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 [ 412.895567] ORIG_RAX: 0000000000000053 [ 412.895574] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000458c97 21:25:23 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = getuid() syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x5, 0x6, &(0x7f00000003c0)=[{&(0x7f00000000c0)="1ca75272a173b819918334579bbec4eccd914d52ec244df4254d3245", 0x1c, 0x10000}, {&(0x7f0000000140)="3fa70260dac0378f481d379630b20ab64361149333e864b090688be38a3829a5e98df9c379b4d49cb73871f344cee580b66d55345525ac3065b452c1c152846873ec89", 0x43, 0x397acb34}, {&(0x7f00000001c0)="bd449f352117fd517c87f060137504da954e71f5daae1c2084979e0e2718bacfbbd5581edbb2", 0x26, 0x6}, {&(0x7f0000000240)="5991e2c9c8791c8a768c7fad58aa82dd1a473d2d8f9e2999b7c1bd1bb86fc09d8d30bd2b24dab9c29f5cf1b165213e858a02a47a9fc6ee401cb280cf37813bb08e6a59794083772d7d7de34837e414bb1a104836296423a6746bce439bdccfe46fe2eb20a5a9bea683137afa2f2c8a697036ad25a390bff0d4f16898ae4e2b8e8529f396afc1836cafb00e83636c62484c8891a3d982b708936af0d0cb3269c90fe97e353db151353268bf3d28e95d5e371dae33e1f2f826f7f44aa3b02804fb731d", 0xc2, 0xaa}, {&(0x7f0000000680)="3764341b3f4a340f91d5eaaca95633724c34f3bfe46c6698d1a0d344decf92ce3eaeed16fb1f9b75ba909e1f06321aa7ba7974b47c2225f709b4705db1caf67052ffbedf6db0879c089dd13ac1b19a500820166454dae64c518848a78b2ea281b9211a132fb4b63b824103d19f0a1487b799ffbb53f226ce603fc98cf1f4951bafa802fafb2f2b7ae1a914fbb873a6420db116865e9cf54a4eacce13e134f138291407d65745b7ce829e6a00c2e0281c2335b757bbe37fc103f3e99ead9478cddaa06392774f6b0a9e900dfc89af015c42b32d27b3c2cdda1045e80efd22d06df3773f40d21cc942205a214842d1aa23b28daf0579068a9050a69a0c8aaa2c4be5627514d28cc070d4c2bbe10bfa93d80d566b75a99b12f652d17ded0c84166a0195512a56151e714e1502e8d712b7f67fce1778fa8558c51ba41e98e37fe7ee4471b2e5a7c0f10b78bf22c69107efa2a0b8b310a12e030b057b895a4ca2643f87c5eb232cb900a391f1be6abf887f1e08a9822e89348e4b89f337de7fbb2a991f55a827d30ec1e2a3b95da43e48ed36a3ddf6c4548c12f4435ac69e7144f3539ab734f4a1a6d923daedd667cba2f20df199d5a5638703e2f35c582c9f1fd1d98245743ce2bd88fa60cae12abb601548055cdb1421e2a9e54a21083a790793499427c7e942c40a040474698f8369f11308d04724afb407eae7c918c8cc564ba453df181876b0b3af33e0658ae07b12c5fa338d049afc80572096462790bb08173b7ab8b3c1322db5cfd58985817774e73633ff1b39409354ae0066371b40d2f41e682c76b017348ba60e9c4590d8ca8a9f6c76ad59c5a88f7966a5cf2724622707d5d3f25bd53d95e0f02732b18015b1747b85cf909351d14465359d3a5157bdcdf6c07d4e25aa49dc28133d119962e412930a244af806ca9614170e6f34b9403562bd6375db291a921495874f0c95fb73b11b89ce87f32bab229461956e24ab2f0bac055919c38524f62ef737b4a788728200c72e088be8392a56d21e517cc5f00756d7434c5d8a8e5f1cc0ae1f49a0fbaaae2685380e59b1d2884ac474a21a2810a69e696683898952cadba8f4726fd90a36d3fcf571b7a21c7f131f5849ed655dc6055306061ee82d92d0d792184bca68a16b768f0c3efbb8e486a851e4685e7574d1370382b4aed049a909c5648482ce6ea57c3aa78431411b26efbc24afec1480493a1a357d523448b0cabbfc707d724b7d8e6dcb90675ddd34b6c7ea1647c5a5dbe4af04a0e6464d0daff248d78ce56fba03a6eac5edfac0f7bdf888a656c479b1e43b047f8ab8daa9165fd759f8e8735f9278e72e951b6ee129b44c1dc05fd44842ce2b841c698d53ea158d2d54b13a3539e8654c795bd4aeb2614dc6de1aa9d3d6f0ea2fa296cf951b0b8720a2e7ccab645541a0e554fd8e05a173e4582f9e4fcc5e5be947873a53edb68293b3feb509266c4976e6e17f69fa7acdf4b44d47199184f0d18184463a7434a14f494172e7e7fceb5040f0680cd76adbac729251e430809311b2654767f09965ed38a59923853eed6a7ec69815ff5469b7649be6e4562fe9da6597cbfba201811ee37a181a45ba715613985bd86bd3d337ea36260cafbc239b66f0e35eab2bae214a46e1df1b7803b3a04d7e684e81e7673fb85b1fd2383290d4893f50cf87822713cc72d2768dcb7de52f8702cd7886de2fccdbcf34d00dc71fbd4d20613e65c098452f64db949f6fea5206c7a542d35a23152f885ae33141748d99e5481546605ae83ff4ccddbb8144b9a53ec9d44bbc83604b41868d70d3b47adb4d9a9b9ce79573b96cd7c08a070cdce9cfc11161b19f60030e23e9f26d6c14d8b61da1034076b51576211d6d2afbd857658bf1f99157a018b533448779b05db1162b210ad75621b8d61d3ed944e33baf0cdc92b38efede44038908c876bc48a1410971c443c19b6ee2dac7e68cf7e5abea54ebeee77ca97f6c204cd95984a669336b841e9ea08ca29c9cbcfa1e534a768bb090930d96bf1818e39d2cb183e9f6872eb2066935ae5ed75a79bc64d2efb02e0df3376f3c9315acecac0b1db12ddf51bdcae804507a496a3c00607425fcf104e74c55ad853e211413e03486b6385fb6baed19603f93cf332f44a91e3b358457ddd0bc9c25d39a2430d05d45391f62bb9ea02e44a5f6bfddb96dbc05ee235c0502e6b85d4669bcfb3b0344a670992fd4e54e3eb663d9963cf689366cc941c38b186b68e15b2089ec660c4c0fc0ca6d727113119c78234b7c0b75e46cceadebb6b89f056206f5708535792720cb1e8e9dc25f26678db3e86b70d37eae573cb19bbbd766799109b40067ca9868103e20201ff53b3828ee9166680b9d1949edb2409e46309130f170d21d2fcdac839ab26724167eccb330e29e57d007aa771bfff5dc97696a051c93b407435422fb9deb52308f111be955ae5b675d031fb60d064b249001d23a7787f926609bc664095b9d2f966da0f3661d3d8c1793d5d334a0ad37a15559199bb3a26b61d57da77b8653df60f8cf6897a511b1fb4d4275c1213034257e5d1081c6f3adc735dbc23c43bd4468a651a275ce988fda732ff87761d516b9a962cb9261f12028caabf963260ba05ecbc2ca9b1555ca228d91c966093747bdcf95fdc465d20a7b4899e6aafb865255869ad6c0614845bf8033fcb5ee50af2410c5c790c20c556340ebc32ff2cf3dbe18dd2ea77fd61dd4f4944168a3ab11198792d940a4c5abf0854d76fa04de61a81e86b2e9c88e10f673b1e833a78ff9d8a57cabf7346ca61f46c4f3195d0967a0db2b0673ff6d7beecf4c07a788403e1f768dc568c1cfa740b788c51f4071cf432ea15edc1323b6207eee11db940c2dc3a4045f0c7f00dab9c816bfcabbce603d0a8a0877730d1b28c5a76d57aa934616d035637e4492bdbc19ff705513defa1c29cfd859eb03f40e3c5bd8b4412b0a9a152c8fc48ae278c4612967582d1bc33019e9f69bc69036c94606e07dba04db5dfbf19564bf45262768c7b02b22a7d77501758bbca11f40c68137bd42affd6c0bb2cd0493bb9d4b8a66f1cd2c89d39eeddb749e5dcdb9958bcf0a2d86bb0a3aa5a074fdb794e6e26ae4b55faeda14bf23b6ffb625bdaf3a8f5c54fa61b1bc7d670b247c236ffd0738173fcf76d16aee203f322f9363a53f25ce9e00a4b518e0cd196c35ba7466381457e08a27c7a83579589f7b56cf2adb445901757760deb800d55f93cfae305283cd0289c442b922ab90573542aad6d1e2643f32bec09766c9a80fa79b2c7a51704ac14558aadb235831b98a12d9abefc1dbcf0c76a0376ffbef64465f5312638fd5a064335170c2783a0893ad0116f90b9a355d080665bc188a3284a93d31f20b47ee8267d09965d42d63883b757040746add88d15b56cc56d311f652b04fe676a244740000f465135c5543d32b4b78beba5e682e02a08c4850a606004eede15f37c86d54915b6906676a0f120d5e0870fbad1c68e622d18eb8b3c41bf8c82b832943fef6e804110402e2e5dd6bb5bd886c14f5bdc6808effe507c3f2a0b808801192cef373f2d7f9aa4813b490913b2da998482dd3d8c1bc0c31df201b7a1b6091d0fc7956c287d68787485b5dbf27c635b53630533c91c7273b4f6aae50f618a757598fc7273841f5ae83a609a86921bc5268ce99e8fa99e5f7224ce180eca749a1ef4de8707b9d9d4d415a820933e17de77cf93f7f34667c9a1413aedcd0c12259ff19d766a2c7a392aaf8b75959b7b3b4462cfa17b0350991e2cdcd332d5973da329bb05573f625ab6be255a45e22d17af8b52c0b8e7a40ec19cdb5a310d9e721b7964ac5d1a5314642cd9184b72866184527586db964f7fdcfce5833867038abd93f0fbd97d2044470663a388eadbbe686aef4540fc3d20775a17ab64023793a417e91656e6973846590ab3544d78a3e1989feae97776ea8ffa79a73fb20e30847234292fc78bcc2579dd0560a77b58c32ad35d42993fb03abb85965f83f06052c079a415cd1f957ceb20fed76c5b6a8fb0ea8a8f551ad2a69f70d41bdc002467a2f76ce625238614df277bcc546a8be194f2ca07050fd311df08ad58d01e407abbeb2622ac4beb2dcbfe97fbe34015417bfb13d304bd74a2dd67208c9a478f90df0071d6fe2ef94a3bb79bdf409298050d3d31f51625a6c0abff4b83433c336ae4a26ee83c983d3991ae4afafaa0e4529bdfb06dd5bd8b6f07ffe8390fe16e87f15c1bd41e6c87f38443f98a7f04dc07d3496dc136be4fa9621b521af31f12fe787a259686b1815daa1edf274fa82e269431f1daebe107a85b47e8d957c9ff792aae567b4ffe27ebb0c06a2e4f6cdff712d451321b42c81de4f65fbda33bab3821ab147d92b75e0e1166d17ed6554fbc3f387294042d9bd4a6e6b176d8857859b6f007fa29f99c1dffa89496e66584a744e08388b6e841882696c921d5616a4386f11b477f8d8458c7ab0b19cc3b71a38fefb442952ff0d1c8b0fe098668c5ae4dfe7e97f26fa5bf1367edb2a86f7e0c7a6d801b755d912e1843c65643eab19cd39444fbdefb09cc68dc8289ab11a402feec95a55006398e648f6b470d1040d5f00249ece81ed82aea7d8583b44b25c147a2c71f34b77aa4d05786df21bca805c2e8a09d2391650dcebc5144480aceae4139230d4a95731e38f44fdcc5c1b3978b309f0c3e0055247173935b5fb94e41feb189eccabfcb24c13408c121ca2a63e80eadde625f89ce71988f4a8951a4162766fc10bab32eb815cccad3b669f957a5459f593b4c73e4ef6a4b0eef7c6700e991d98f710489969796e8469526f9f6eb6e004b04831dbb652bf770ad2e348526e443b4772fb83fde6e0a9f1a3c8e321d240581523aacec02b7886a64e0e88698c88dc3b2c506352ff783b9b2ccd71103d753a54f0b72604584101ab0cfdc468fad9b59fba20cd8c506356297eb9c6ffe250f41f13b24057d0c7b5e972261ccd103e54eaa5cb1b5921b0a2fcb33ec04c1c989c54e2df1a66c6c26d771c9b1b54304ddc6c2da5210fd1a3fa4708b75a340b0116f9587df14cc73ff4a8daa145f774bae74b9c97f5d1459aca33cbe314fae0a95984952b34f68cabe77d60dd20dbd45cfe49cb208ebd9c3a37259ac501c804d0d72c24c10d8c6e4f41a7bd4908d9997207b4a32e4cf2cc83392c8def591bf401d297da8e03a66f1c527b3751e0ccb4ca02b8dcc9102b1b4d9aabc586666204b51d67bd53dc996bfdcd0e459f8bd7a9fc809beee0f43d2c42e60ffdd4aaf7690c2a7cd5ee305edb48e7a2f47741bf187601a9d909399071eb5e58c1b135347aae50ad7700ad483d020019e099f1c4fa267a471f21cecb67b1601b75cd0afbb4fabd7ae400bd51d7fdda28f3940566251e4ff12df5c09fa32b26ab22356954987f0bcb1cc96bafd7fa3dac6248e648fe6557165df16439427cafc5ace801461b128868381f459caa9dd50ee628f88e27529ca4fc40783a6ffa9e0247e13a4e66de2f37601cfd7a83b07fb8d284aa145b35a5808456a59dd16c1b9ec3f7c1bbe38a36e7b9f575632b023934c0710e443392ce7d948cdb16e6fc2f6f1ede9061b792b128b179b029b410f62fc506e9dcd1c5c0c999a8d53866183834aeda19df319f8f34622d2feae2dc31ded66ee3441502043ac46f57aacc60b2391193e5f8a01d274adbb5bf8b4fe8f5313b0a03a378b5f5c3a8fbfe9328e6f3a3e1c4bbc404533c9df1eee2fa44ee57af2afe3696839136eacb4853", 0x1000, 0x9}, {&(0x7f0000000340)="a443dc607240a854f919e1a4d733a8e69e632e4e1fc6ebe956bc132e23bc652847c898f3856ac89d483501f76622ebc8b6118470fc2d335378674c4d9a894ca6751426c3a67f8417a63efcdc71bb9e63356a9c424a5cdc812bcf1d7df8876f2cb9b516712e", 0x65, 0x3}], 0x10001, &(0x7f0000000480)={[{@max_inline={'max_inline', 0x3d, [0x36, 0x78, 0x31, 0x67]}}, {@nossd='nossd'}, {@max_inline={'max_inline', 0x3d, [0x34, 0x67, 0x65]}}, {@notreelog='notreelog'}, {@commit={'commit', 0x3d, 0x6}}, {@nodatasum='nodatasum'}, {@inode_cache='inode_cache'}], [{@euid_lt={'euid<', r0}}, {@subj_role={'subj_role', 0x3d, 'user'}}, {@fsuuid={'fsuuid', 0x3d, {[0x0, 0x36, 0x32, 0x33, 0x7a6a0e6e3b2757d1, 0x64, 0x37, 0x6746d3defa7bb854], 0x2d, [0x0, 0x39, 0x30, 0x33], 0x2d, [0x62, 0x38, 0x62, 0x37], 0x2d, [0x34, 0x36, 0x32, 0x34], 0x2d, [0x65, 0x62, 0x62, 0x33, 0x30, 0x64, 0x62, 0xbd9104b197153b45]}}}]}) 21:25:23 executing program 4: r0 = syz_open_dev$usb(0x0, 0x40000fffffd, 0x200000000000042) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f00000000c0)={0x103a1, 0x0, 0x0, 0x0, 0x0, 0x7ff0bdbe}) [ 412.895579] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 412.895585] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 412.895591] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 412.895597] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 412.981651] print_req_error: I/O error, dev loop1, sector 128 21:25:23 executing program 4: r0 = syz_open_dev$usb(0x0, 0x40000fffffd, 0x200000000000042) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f00000000c0)={0x103a1, 0x0, 0x0, 0x0, 0x0, 0x7ff0bdbe}) 21:25:23 executing program 0: r0 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x80000001, 0x40000) r1 = gettid() ioctl$TIOCSPGRP(r0, 0x5410, &(0x7f0000000080)=r1) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r2, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r2, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) syz_open_dev$media(&(0x7f00000000c0)='/dev/media#\x00', 0x40, 0x80) 21:25:23 executing program 3 (fault-call:0 fault-nth:42): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 413.272959] FAULT_INJECTION: forcing a failure. [ 413.272959] name failslab, interval 1, probability 0, space 0, times 0 21:25:23 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) pread64(r1, &(0x7f0000000040)=""/125, 0x7d, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:25:23 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0xfff}], 0x0, 0x0) 21:25:23 executing program 2: r0 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x0, 0x20000) ioctl$INOTIFY_IOC_SETNEXTWD(r0, 0x40044900, 0xffffffff) socketpair(0x1, 0x800, 0x7fff, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_bt_hidp_HIDPGETCONNLIST(r2, 0x800448d2, &(0x7f0000000080)={0x3, &(0x7f0000000240)=[{}, {}, {}]}) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140)='TIPC\x00') sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000440)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000004}, 0xc, &(0x7f0000000400)={&(0x7f0000000180)={0x68, r3, 0x1, 0x70bd25, 0x25dfdbfe, {{}, 0x0, 0x4109, 0x0, {0x4c, 0x18, {0x3d, @link='syz1\x00'}}}, ["", "", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x90}, 0x1) setsockopt$sock_int(r1, 0x1, 0x4, &(0x7f0000000480)=0x4, 0x4) 21:25:23 executing program 4: r0 = syz_open_dev$usb(0x0, 0x40000fffffd, 0x200000000000042) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f00000000c0)={0x103a1, 0x0, 0x0, 0x0, 0x0, 0x7ff0bdbe}) 21:25:23 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) write$selinux_load(r1, &(0x7f0000000140)={0xf97cff8c, 0x8, 'SE Linux', "40e9931b610da47bcb34ef8c547108759b532d5b7acef05bbb59212d6638e68f47999d5392f2b1656ca6edfd9f35111df1dee37253d3f5eee9a22eac7f39beb2c5c81294832514a244cc94d0ce6da1c000d3aff7b32805d9aee71b6b3d78ca875feca9b2c72cd29f2ad6784ba235d78aa111b73ae9f61660cecdd3bfd04d49826f03f0a645f3a0fa154964f654215e375c8c2fc56731201b090f3db4254b7e5160acd29f15fb954bc4e0051380a99996c80c37cabe69cbe7467e77d41c2880cfb817ebf61bb5b0ca7f54c6929a91187414067fc6f79002d9c971d81dd3e3a556ca8b95342765f37d9aa39bcd6506da7c"}, 0x100) ioctl$SIOCX25SFACILITIES(r1, 0x89e3, &(0x7f0000000040)={0x28, 0x6, 0xa, 0x8, 0x370, 0x81}) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) [ 413.327151] CPU: 1 PID: 14817 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 413.334282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 413.343644] Call Trace: [ 413.346238] dump_stack+0x138/0x197 [ 413.349879] should_fail.cold+0x10f/0x159 [ 413.354039] should_failslab+0xdb/0x130 [ 413.358021] kmem_cache_alloc+0x2d7/0x780 [ 413.362171] ? __debug_object_init+0x171/0x8e0 [ 413.366756] ? ext4_alloc_inode+0x1d/0x610 [ 413.370999] selinux_inode_alloc_security+0xb6/0x2a0 [ 413.376119] security_inode_alloc+0x94/0xd0 [ 413.380436] inode_init_always+0x552/0xaf0 [ 413.384657] alloc_inode+0x81/0x180 [ 413.388270] new_inode_pseudo+0x19/0xf0 [ 413.392232] new_inode+0x1f/0x40 [ 413.395590] __ext4_new_inode+0x32c/0x4860 [ 413.399818] ? avc_has_perm+0x2df/0x4b0 [ 413.403774] ? ext4_free_inode+0x1210/0x1210 [ 413.408168] ? dquot_get_next_dqblk+0x160/0x160 [ 413.412823] ext4_mkdir+0x331/0xc20 [ 413.416436] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 413.421087] ? security_inode_mkdir+0xd0/0x110 [ 413.425653] vfs_mkdir+0x3ca/0x610 [ 413.429175] SyS_mkdir+0x1b7/0x200 [ 413.432699] ? SyS_mkdirat+0x210/0x210 [ 413.436570] ? do_syscall_64+0x53/0x640 [ 413.440522] ? SyS_mkdirat+0x210/0x210 [ 413.444394] do_syscall_64+0x1e8/0x640 [ 413.448262] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 413.453094] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 413.458281] RIP: 0033:0x458c97 [ 413.461456] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 413.469146] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000458c97 21:25:23 executing program 4: r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x0, 0x200000000000042) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f00000000c0)={0x103a1, 0x0, 0x0, 0x0, 0x0, 0x7ff0bdbe}) [ 413.476396] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 413.483647] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 413.490896] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 413.498150] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:23 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = getegid() lstat(&(0x7f0000000480)='\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$jfs(&(0x7f0000000040)='jfs\x00', &(0x7f0000000080)='./file0\x00', 0x80, 0x5, &(0x7f0000000400)=[{&(0x7f0000000240)="668079740de5ff4d8352d2be9961af7bd0f2e81d4ff144336caf462ce847769a3fe9495f4dc408bc34ffa2e98c8f6c7e5d880096fe0b360b3461f9e829d4416eecb29cc7a8ab3c71e0a0673152fd0439e10fd9d027af1e2edbf8da183d15c3e3fdd37ec070521f072ded5c0474d76133a6fef8c7afec561745c2794c3b1f0d7d89ac7fb4d43c540f3f5558e3bca5bf30602691901e625923531d4c9a3e57ec9258fefcd30b38ea89f0f7a54a95ad955cb25e9e0bfe87c8ab93e6ed77a52b195f735f9dcacb46eed07c28e6bf59b955adce34893ab4d66f647d2e04a2b5645fdb5e9980376b", 0xe5, 0x96}, {&(0x7f00000000c0), 0x0, 0x100000000000000}, {&(0x7f0000000140)="74658fa9c0922ce0197e979cb7b7f562415ff9d994cb9417c6a57b5c509d49a7aba73d8fb1f0e2fcd3ee8a31372e3af88236e6ccd3e11be0c3059dbc728ff839ed1308c7a3749457d13eed1be797fa104e58fc7302259e00d49c3bddf10172e8931af20a65810574aa03fb30c7297b2dd5dbface2eac6ef539ce588f7d6a056c965f600122daec3d8ef4353358fc68886b3305a349871eaeb060", 0x9a, 0x40}, {&(0x7f0000000340)="8edadee34291e4fe034f74311bfcb8e76807e1f77ec7bf473c6826e78a62ac34b5b138725abbd85edd17dbf17f2b908ff1e9a5a6b1e8a03c271e23", 0x3b}, {&(0x7f0000000380)="39a7b9c6ab588e01d096380015d8af4537fc1ba98d4c99e2dc1876aadf2345779d999bef64efc2e46c360eca9be7d42d265c09fe358ae7dcec0e2e0337a82a8a38cffc783a91", 0x46, 0x4}], 0x2080000, &(0x7f0000000540)={[{@discard='discard'}, {@gid={'gid', 0x3d, r0}}, {@noquota='noquota'}, {@integrity='integrity'}], [{@uid_eq={'uid', 0x3d, r1}}, {@dont_hash='dont_hash'}, {@smackfstransmute={'smackfstransmute', 0x3d, 'btrfs\x00'}}, {@pcr={'pcr', 0x3d, 0x12}}, {@context={'context', 0x3d, 'sysadm_u'}}]}) 21:25:23 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) mknod$loop(&(0x7f0000000040)='./file0\x00', 0x10, 0x0) 21:25:23 executing program 4: r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x0, 0x200000000000042) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f00000000c0)={0x103a1, 0x0, 0x0, 0x0, 0x0, 0x7ff0bdbe}) 21:25:23 executing program 3 (fault-call:0 fault-nth:43): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:23 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) syz_open_dev$cec(&(0x7f0000000040)='/dev/cec#\x00', 0x0, 0x2) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ubi_ctrl\x00', 0x80080, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r1, 0x80045530, &(0x7f0000000200)=""/127) 21:25:23 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x2, @ipv4={[], [], @rand_addr=0x5}}, 0x1c) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000000c0)={r1, 0x13, 0x1, 0x401, &(0x7f0000000080)=[0x0], 0x1}, 0x20) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:25:23 executing program 4: r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x0, 0x200000000000042) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f00000000c0)={0x103a1, 0x0, 0x0, 0x0, 0x0, 0x7ff0bdbe}) [ 413.721008] print_req_error: I/O error, dev loop1, sector 128 [ 413.755343] FAULT_INJECTION: forcing a failure. [ 413.755343] name failslab, interval 1, probability 0, space 0, times 0 [ 413.795187] CPU: 0 PID: 14863 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 413.802642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 413.811995] Call Trace: [ 413.812013] dump_stack+0x138/0x197 [ 413.812031] should_fail.cold+0x10f/0x159 [ 413.812044] should_failslab+0xdb/0x130 [ 413.812054] __kmalloc+0x2f0/0x7a0 [ 413.812064] ? check_preemption_disabled+0x3c/0x250 [ 413.812078] ? ext4_find_extent+0x709/0x960 [ 413.812089] ext4_find_extent+0x709/0x960 [ 413.818272] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 413.818286] ext4_ext_map_blocks+0x1a3/0x4fa0 [ 413.818297] ? save_trace+0x290/0x290 [ 413.818312] ? ext4_find_delalloc_cluster+0xb0/0xb0 [ 413.818321] ? __lock_is_held+0xb6/0x140 [ 413.866059] ? lock_acquire+0x16f/0x430 [ 413.870023] ? ext4_map_blocks+0x829/0x17c0 [ 413.874333] ext4_map_blocks+0x881/0x17c0 [ 413.878470] ? ext4_issue_zeroout+0x160/0x160 [ 413.882962] ? __brelse+0x50/0x60 [ 413.886402] ext4_getblk+0xac/0x450 [ 413.890013] ? ext4_iomap_begin+0x8a0/0x8a0 [ 413.894322] ? ext4_free_inode+0x1210/0x1210 [ 413.898715] ext4_bread+0x6e/0x1a0 [ 413.902239] ? ext4_getblk+0x450/0x450 [ 413.906110] ext4_append+0x14b/0x360 [ 413.909806] ext4_mkdir+0x531/0xc20 [ 413.913419] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 413.918072] ? security_inode_mkdir+0xd0/0x110 [ 413.922636] vfs_mkdir+0x3ca/0x610 [ 413.926161] SyS_mkdir+0x1b7/0x200 [ 413.929709] ? SyS_mkdirat+0x210/0x210 [ 413.933579] ? do_syscall_64+0x53/0x640 [ 413.937551] ? SyS_mkdirat+0x210/0x210 [ 413.941419] do_syscall_64+0x1e8/0x640 [ 413.945285] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 413.950115] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 413.955281] RIP: 0033:0x458c97 [ 413.958451] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 413.966143] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000458c97 [ 413.973394] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 413.980644] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 413.987894] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 21:25:24 executing program 4: r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x40000fffffd, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f00000000c0)={0x103a1, 0x0, 0x0, 0x0, 0x0, 0x7ff0bdbe}) [ 413.995144] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:24 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ff7000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:25:24 executing program 1: r0 = accept4$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @initdev}, &(0x7f0000000080)=0x10, 0x800) setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f00000000c0)=0x4, 0x4) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:24 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) pipe2(&(0x7f0000000040), 0x84800) openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x10500, 0x0) r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x9, 0x101400) openat$vsock(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vsock\x00', 0x8080, 0x0) r2 = syz_open_dev$cec(&(0x7f0000000280)='/dev/cec#\x00', 0x3, 0x2) ioctl$EVIOCGPROP(r2, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) ioctl$RTC_PIE_ON(r1, 0x7005) 21:25:24 executing program 3 (fault-call:0 fault-nth:44): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:24 executing program 2: openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x101102, 0x1c2) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x1, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x40c, 0x10000}], 0x2000, 0x0) 21:25:24 executing program 4: r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x40000fffffd, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f00000000c0)={0x103a1, 0x0, 0x0, 0x0, 0x0, 0x7ff0bdbe}) 21:25:24 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) r1 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/hash_stats\x00', 0x0, 0x0) ioctl$BLKDISCARD(r1, 0x1277, &(0x7f0000000080)=0xd2e3) ioctl$PPPIOCSACTIVE(r0, 0x40107446, &(0x7f0000000140)={0x4, &(0x7f00000000c0)=[{0x7fffffff, 0x81, 0xffffffffffffff01, 0xef02}, {0x5, 0xb1, 0x5, 0x9}, {0x1, 0xb5, 0x2, 0x1000}, {0x80, 0x9, 0x8, 0x4d}]}) getsockopt$bt_BT_POWER(r1, 0x112, 0x9, &(0x7f0000000300)=0x3, &(0x7f0000000340)=0x1) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f00000001c0)={0x1, [0x0]}, &(0x7f0000000200)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000000240)=@sack_info={r2, 0x7, 0x9}, &(0x7f0000000280)=0xc) ioctl$PPPIOCGUNIT(r0, 0x80047456, &(0x7f00000002c0)) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f0000000180)=[@in={0x2, 0x4e22, @multicast1}, @in={0x2, 0x4e21, @rand_addr=0x7}], 0x20) [ 414.230497] FAULT_INJECTION: forcing a failure. [ 414.230497] name failslab, interval 1, probability 0, space 0, times 0 [ 414.299371] CPU: 0 PID: 14893 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 414.307947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 414.307953] Call Trace: [ 414.307974] dump_stack+0x138/0x197 [ 414.307994] should_fail.cold+0x10f/0x159 [ 414.308012] should_failslab+0xdb/0x130 [ 414.319937] __kmalloc+0x2f0/0x7a0 [ 414.319950] ? check_preemption_disabled+0x3c/0x250 [ 414.319965] ? ext4_find_extent+0x709/0x960 [ 414.319977] ext4_find_extent+0x709/0x960 [ 414.319989] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 414.340226] ext4_ext_map_blocks+0x1a3/0x4fa0 [ 414.340240] ? save_trace+0x290/0x290 [ 414.340256] ? ext4_find_delalloc_cluster+0xb0/0xb0 [ 414.340265] ? __lock_is_held+0xb6/0x140 [ 414.340282] ? lock_acquire+0x16f/0x430 [ 414.340291] ? ext4_map_blocks+0x829/0x17c0 [ 414.340307] ext4_map_blocks+0x881/0x17c0 [ 414.340322] ? ext4_issue_zeroout+0x160/0x160 [ 414.340333] ? __brelse+0x50/0x60 [ 414.340347] ext4_getblk+0xac/0x450 [ 414.371633] ? ext4_iomap_begin+0x8a0/0x8a0 [ 414.371646] ? ext4_free_inode+0x1210/0x1210 [ 414.371659] ext4_bread+0x6e/0x1a0 [ 414.371668] ? ext4_getblk+0x450/0x450 [ 414.411790] ext4_append+0x14b/0x360 [ 414.415490] ext4_mkdir+0x531/0xc20 [ 414.419103] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 414.423756] ? security_inode_mkdir+0xd0/0x110 [ 414.428321] vfs_mkdir+0x3ca/0x610 [ 414.431846] SyS_mkdir+0x1b7/0x200 [ 414.435366] ? SyS_mkdirat+0x210/0x210 [ 414.439242] ? do_syscall_64+0x53/0x640 [ 414.443198] ? SyS_mkdirat+0x210/0x210 [ 414.447065] do_syscall_64+0x1e8/0x640 [ 414.450931] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 414.455776] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 414.460947] RIP: 0033:0x458c97 [ 414.464117] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 414.471808] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000458c97 [ 414.479060] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 414.486309] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 21:25:24 executing program 4: r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x40000fffffd, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f00000000c0)={0x103a1, 0x0, 0x0, 0x0, 0x0, 0x7ff0bdbe}) [ 414.493558] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 414.500809] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:24 executing program 2: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0) prctl$PR_SET_SECUREBITS(0x1c, 0x1) 21:25:24 executing program 4: syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x40000fffffd, 0x200000000000042) ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0xc0185500, &(0x7f00000000c0)={0x103a1, 0x0, 0x0, 0x0, 0x0, 0x7ff0bdbe}) 21:25:24 executing program 1: syz_mount_image$btrfs(&(0x7f00000000c0)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x831, 0x0, &(0x7f0000000080), 0x0, 0x0) r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x8080, 0x0) accept4$packet(r0, &(0x7f0000000080), &(0x7f0000000100)=0x14, 0x800) 21:25:24 executing program 3 (fault-call:0 fault-nth:45): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 414.693279] FAULT_INJECTION: forcing a failure. [ 414.693279] name failslab, interval 1, probability 0, space 0, times 0 [ 414.742628] CPU: 1 PID: 14941 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 414.749760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 414.759116] Call Trace: [ 414.761714] dump_stack+0x138/0x197 [ 414.765351] should_fail.cold+0x10f/0x159 [ 414.769508] should_failslab+0xdb/0x130 [ 414.773484] kmem_cache_alloc+0x2d7/0x780 [ 414.773497] ? rcu_read_lock_sched_held+0x110/0x130 [ 414.773507] ? __mark_inode_dirty+0x2b7/0x1040 [ 414.773521] ext4_mb_new_blocks+0x509/0x3990 [ 414.782660] ? ext4_find_extent+0x709/0x960 [ 414.782682] ext4_ext_map_blocks+0x26cd/0x4fa0 [ 414.782698] ? ext4_find_delalloc_cluster+0xb0/0xb0 [ 414.782708] ? __lock_is_held+0xb6/0x140 [ 414.782722] ? lock_acquire+0x16f/0x430 [ 414.782740] ext4_map_blocks+0x881/0x17c0 [ 414.817765] ? ext4_issue_zeroout+0x160/0x160 [ 414.822296] ? __brelse+0x50/0x60 [ 414.825736] ext4_getblk+0xac/0x450 [ 414.829345] ? ext4_iomap_begin+0x8a0/0x8a0 [ 414.833647] ? ext4_free_inode+0x1210/0x1210 [ 414.838035] ext4_bread+0x6e/0x1a0 [ 414.841554] ? ext4_getblk+0x450/0x450 [ 414.845424] ext4_append+0x14b/0x360 [ 414.849125] ext4_mkdir+0x531/0xc20 [ 414.852738] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 414.857401] ? security_inode_mkdir+0xd0/0x110 [ 414.861971] vfs_mkdir+0x3ca/0x610 [ 414.865512] SyS_mkdir+0x1b7/0x200 [ 414.869031] ? SyS_mkdirat+0x210/0x210 [ 414.872902] ? do_syscall_64+0x53/0x640 [ 414.876866] ? SyS_mkdirat+0x210/0x210 [ 414.880733] do_syscall_64+0x1e8/0x640 [ 414.884611] ? trace_hardirqs_off_thunk+0x1a/0x1c 21:25:25 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) getsockopt$bt_BT_FLUSHABLE(r1, 0x112, 0x8, &(0x7f0000000040)=0x6fa6, &(0x7f0000000080)=0x4) 21:25:25 executing program 4: syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x40000fffffd, 0x200000000000042) ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0xc0185500, &(0x7f00000000c0)={0x103a1, 0x0, 0x0, 0x0, 0x0, 0x7ff0bdbe}) 21:25:25 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x41e, 0x80) r1 = openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x400, 0x35) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000540)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:25 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x48, 0x480000) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000140)={0x0, @in={{0x2, 0x4e24, @loopback}}}, &(0x7f0000000080)=0x84) getsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f00000000c0)={r1, 0x6, 0x8, 0xce97, 0xb1a3}, &(0x7f0000000240)=0x14) [ 414.889442] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 414.894612] RIP: 0033:0x458c97 [ 414.897778] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 414.905465] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000458c97 [ 414.912715] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 414.919967] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 414.927218] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 414.934466] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:25 executing program 1: 21:25:25 executing program 3 (fault-call:0 fault-nth:46): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:25 executing program 4: syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x40000fffffd, 0x200000000000042) ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0xc0185500, &(0x7f00000000c0)={0x103a1, 0x0, 0x0, 0x0, 0x0, 0x7ff0bdbe}) 21:25:25 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_MRT6_ADD_MFC(r1, 0x29, 0xcc, &(0x7f0000000040)={{0xa, 0x4e21, 0x3, @loopback, 0x8001}, {0xa, 0x4e24, 0xffffffff, @remote, 0x7}, 0x8, [0x2, 0x400, 0x5, 0x6, 0x4a0, 0x7fffffff, 0x9, 0x2d]}, 0x5c) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) r2 = msgget$private(0x0, 0x0) msgctl$MSG_STAT(r2, 0xb, &(0x7f0000000140)=""/182) 21:25:25 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer\x00', 0x40, 0x0) setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x48a, &(0x7f00000001c0)={0x3ff, 0xfffffffffffffffc, 0x7ff}, 0xc) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x400000, 0x0) syz_extract_tcp_res$synack(&(0x7f0000000140), 0x1, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000240)={{{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in=@remote}}, &(0x7f0000000080)=0xe8) connect$packet(r1, &(0x7f00000000c0)={0x11, 0x1b, r2, 0x1, 0x1}, 0x14) [ 415.085947] FAULT_INJECTION: forcing a failure. [ 415.085947] name failslab, interval 1, probability 0, space 0, times 0 [ 415.097935] CPU: 1 PID: 14972 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 415.105045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 415.114397] Call Trace: [ 415.116980] dump_stack+0x138/0x197 [ 415.120594] should_fail.cold+0x10f/0x159 [ 415.124739] ? __es_tree_search.isra.0+0x15f/0x1c0 [ 415.129650] should_failslab+0xdb/0x130 [ 415.133607] kmem_cache_alloc+0x47/0x780 [ 415.137654] ? ext4_es_can_be_merged+0x16e/0x230 [ 415.142396] __es_insert_extent+0x26c/0xe60 [ 415.146702] ext4_es_insert_extent+0x1f0/0x590 [ 415.157697] ? ext4_es_find_delayed_extent_range+0x960/0x960 [ 415.163755] ext4_map_blocks+0xab1/0x17c0 [ 415.167887] ? ext4_issue_zeroout+0x160/0x160 [ 415.172362] ? __brelse+0x50/0x60 [ 415.175800] ext4_getblk+0xac/0x450 [ 415.179410] ? ext4_iomap_begin+0x8a0/0x8a0 [ 415.183711] ? ext4_free_inode+0x1210/0x1210 [ 415.188102] ext4_bread+0x6e/0x1a0 [ 415.191621] ? ext4_getblk+0x450/0x450 [ 415.195493] ext4_append+0x14b/0x360 [ 415.199190] ext4_mkdir+0x531/0xc20 [ 415.202801] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 415.207460] ? security_inode_mkdir+0xd0/0x110 [ 415.212029] vfs_mkdir+0x3ca/0x610 [ 415.215550] SyS_mkdir+0x1b7/0x200 [ 415.219067] ? SyS_mkdirat+0x210/0x210 [ 415.222936] ? do_syscall_64+0x53/0x640 [ 415.226890] ? SyS_mkdirat+0x210/0x210 [ 415.230763] do_syscall_64+0x1e8/0x640 [ 415.234629] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 415.239458] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 415.244629] RIP: 0033:0x458c97 [ 415.247800] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 415.255501] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000458c97 [ 415.262754] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 415.270003] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 415.277270] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 415.284617] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:25 executing program 4: r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x40000fffffd, 0x200000000000042) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, 0x0) 21:25:25 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x1000, 0x0, 0x0, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:25:25 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) r1 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/commit_pending_bools\x00', 0x1, 0x0) ioctl$LOOP_SET_BLOCK_SIZE(r1, 0x4c09, 0x7fffffff) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f0000000080)={r1}) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000140)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:25 executing program 4: r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x40000fffffd, 0x200000000000042) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, 0x0) 21:25:25 executing program 4: r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x40000fffffd, 0x200000000000042) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, 0x0) 21:25:25 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ppp\x00', 0x80, 0x0) r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0xf0000, 0x0) mq_timedreceive(r1, &(0x7f0000000640)=""/211, 0xfe86, 0x1, 0x0) mount$9p_rdma(&(0x7f00000000c0)='127.0.0.1\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x80020, &(0x7f00000001c0)={'trans=rdma,', {'port', 0x3d, 0x4e23}, 0x2c, {[{@timeout={'timeout', 0x3d, 0x3f}}], [{@dont_measure='dont_measure'}, {@hash='hash'}, {@subj_role={'subj_role', 0x3d, '/cgroup(ppp1proccpusetem1:'}}]}}) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$TIOCSBRK(r1, 0x5427) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) fsetxattr$security_ima(r0, &(0x7f0000000080)='security.ima\x00', &(0x7f0000000280)=@md5={0x1, "8c15b0fd022bca7f0a6650172270eb71"}, 0x11, 0x20e13090b6b9622e) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000040)=0x200) 21:25:26 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = syz_open_dev$vivid(&(0x7f0000000040)='/dev/video#\x00', 0x2, 0x2) ioctl$VIDIOC_SUBDEV_G_SELECTION(r0, 0xc040563d, &(0x7f0000000080)={0x1, 0x0, 0x0, 0x4, {0x1, 0x8, 0x8000, 0x4}}) 21:25:26 executing program 4: r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x40000fffffd, 0x200000000000042) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff0bdbe}) 21:25:26 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x12) ioctl$TIOCNOTTY(r1, 0x5422) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000240)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0x41) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x80, 0x0) 21:25:26 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) write$selinux_load(r1, &(0x7f0000000380)={0xf97cff8c, 0x8, 'SE Linux', "452685ddb8c5125770feacd2ef8b6813fa61f5d380c71b70ad8e73cd5b29ecd822f862434c6683db691d443d70b4d45c599d88c770d521036c244e685441212bee87aeacb962816e6e6403fa0a6212be352da6aff001218758433115e391d54e1e3ac15e4518d1f9600b39126adb2b4756a0d3aabfe0b2a744b0d966106fb44e4db84d25352d7a75d8e4161f9ee2d3fbb709ffdf6e4f25b5597dcfee5a573e095f95d257ecc6e7fb2414a925f86c7eaf9a63c9bc161b47a5c64e30c074e168e1dc0f114141f8997933ea891029ea9b70d746199b1b99b0235ba01568fd19fcc658b7e4bb619ff5965e9b"}, 0xfa) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:25:26 executing program 3 (fault-call:0 fault-nth:47): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:26 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0x8, 0x8000) ioctl$SNDRV_TIMER_IOCTL_STATUS(r0, 0x80605414, &(0x7f0000000240)=""/238) 21:25:26 executing program 4: r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x40000fffffd, 0x200000000000042) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff0bdbe}) [ 415.925655] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 415.989723] FAULT_INJECTION: forcing a failure. [ 415.989723] name failslab, interval 1, probability 0, space 0, times 0 [ 416.001303] CPU: 1 PID: 15033 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 416.008412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 416.017769] Call Trace: [ 416.020372] dump_stack+0x138/0x197 [ 416.024015] should_fail.cold+0x10f/0x159 [ 416.028171] should_failslab+0xdb/0x130 [ 416.029035] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 416.032147] kmem_cache_alloc+0x47/0x780 [ 416.042503] ? lock_downgrade+0x6e0/0x6e0 [ 416.046655] __sigqueue_alloc+0x1da/0x400 [ 416.050808] __send_signal+0x1a2/0x1280 [ 416.054787] ? lock_acquire+0x16f/0x430 [ 416.058765] send_signal+0x49/0xc0 [ 416.062311] force_sig_info+0x243/0x350 [ 416.066294] force_sig_info_fault.constprop.0+0x1c6/0x2b0 [ 416.070547] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 416.071829] ? is_prefetch.isra.0+0x350/0x350 [ 416.082613] ? trace_raw_output_x86_exceptions+0x140/0x140 21:25:26 executing program 4: r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x40000fffffd, 0x200000000000042) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff0bdbe}) [ 416.082633] __bad_area_nosemaphore+0x1dc/0x2a0 [ 416.082647] bad_area+0x69/0x80 [ 416.082657] __do_page_fault+0x86f/0xb80 [ 416.082671] ? vmalloc_fault+0xe30/0xe30 [ 416.082681] ? page_fault+0x2f/0x50 [ 416.082693] do_page_fault+0x71/0x511 [ 416.093043] ? page_fault+0x2f/0x50 [ 416.093054] page_fault+0x45/0x50 [ 416.093064] RIP: 0033:0x45347f [ 416.093069] RSP: 002b:00007f66740e0a88 EFLAGS: 00010283 [ 416.093078] RAX: 00007f66740e0b40 RBX: 0000000020000228 RCX: 0000000000000000 21:25:26 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000740)={&(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_retopts={{0x1c, 0x0, 0x7, {[@timestamp={0x44, 0xc, 0x9, 0x2, 0x0, [{}, {}]}]}}}], 0x20}, 0x0) 21:25:26 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x408003, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:26 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) r1 = dup2(r0, r0) setsockopt$RXRPC_SECURITY_KEY(r1, 0x110, 0x1, &(0x7f0000000040)='ppp1\'posix_acl_accesseth0\x00', 0x1a) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) getsockopt$EBT_SO_GET_INIT_INFO(r1, 0x0, 0x82, &(0x7f0000000080)={'filter\x00'}, &(0x7f0000000140)=0x78) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) [ 416.093083] RDX: 00000000000000e0 RSI: 0000000000000000 RDI: 00007f66740e0b40 [ 416.093088] RBP: 0000000000000001 R08: 00000000000000e0 R09: 000000000000000a [ 416.093093] R10: 0000000000000075 R11: 00000000004e5320 R12: 0000000000000004 [ 416.093106] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:26 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f0000000080)={0x7b, 0x5, [0x40000003], [0xc1]}) [ 416.191330] print_req_error: I/O error, dev loop1, sector 128 [ 416.342346] print_req_error: I/O error, dev loop1, sector 128 21:25:26 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000010000}], 0x100000000, 0x0) 21:25:26 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x5112c3, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x140, 0x0) ioctl$VIDIOC_ENUM_DV_TIMINGS(r1, 0xc0945662, &(0x7f0000000140)={0x100, 0x0, [], {0x0, @bt={0x699, 0x9, 0x1, 0x3, 0x7128, 0x6b7da918, 0x401, 0x8, 0x3, 0x5, 0x7, 0x8, 0x1, 0x6, 0x8, 0x10}}}) 21:25:26 executing program 3 (fault-call:0 fault-nth:48): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 416.542742] FAULT_INJECTION: forcing a failure. [ 416.542742] name failslab, interval 1, probability 0, space 0, times 0 [ 416.574169] CPU: 0 PID: 15083 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 416.581325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 416.581330] Call Trace: [ 416.581350] dump_stack+0x138/0x197 [ 416.581369] should_fail.cold+0x10f/0x159 [ 416.581385] should_failslab+0xdb/0x130 [ 416.581399] kmem_cache_alloc+0x2d7/0x780 [ 416.581413] ? rcu_read_lock_sched_held+0x110/0x130 [ 416.581425] ? __mark_inode_dirty+0x2b7/0x1040 [ 416.581440] ext4_mb_new_blocks+0x509/0x3990 [ 416.581453] ? ext4_find_extent+0x709/0x960 [ 416.581473] ext4_ext_map_blocks+0x26cd/0x4fa0 [ 416.581492] ? ext4_find_delalloc_cluster+0xb0/0xb0 [ 416.581501] ? __lock_is_held+0xb6/0x140 [ 416.581518] ? lock_acquire+0x16f/0x430 [ 416.581537] ext4_map_blocks+0x881/0x17c0 [ 416.581551] ? ext4_issue_zeroout+0x160/0x160 [ 416.653899] ? __brelse+0x50/0x60 [ 416.657449] ext4_getblk+0xac/0x450 [ 416.661114] ? ext4_iomap_begin+0x8a0/0x8a0 [ 416.665435] ? ext4_free_inode+0x1210/0x1210 [ 416.669839] ext4_bread+0x6e/0x1a0 [ 416.669850] ? ext4_getblk+0x450/0x450 [ 416.669866] ext4_append+0x14b/0x360 [ 416.669883] ext4_mkdir+0x531/0xc20 [ 416.684604] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 416.689278] ? security_inode_mkdir+0xd0/0x110 [ 416.693867] vfs_mkdir+0x3ca/0x610 [ 416.697407] SyS_mkdir+0x1b7/0x200 [ 416.700943] ? SyS_mkdirat+0x210/0x210 [ 416.704821] ? do_syscall_64+0x53/0x640 [ 416.708784] ? SyS_mkdirat+0x210/0x210 [ 416.712672] do_syscall_64+0x1e8/0x640 [ 416.716548] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 416.721389] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 416.726568] RIP: 0033:0x458c97 [ 416.729745] RSP: 002b:00007f66740e0a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 21:25:26 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r4, 0xae80, 0x0) getsockopt$IP_VS_SO_GET_INFO(r1, 0x0, 0x481, &(0x7f0000000040), &(0x7f0000000080)=0xc) 21:25:26 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f0000000080)={0x7b, 0x5, [0x40000003], [0xc1]}) 21:25:26 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x100, 0x0) ioctl$sock_bt_hidp_HIDPGETCONNLIST(r1, 0x800448d2, &(0x7f0000000080)={0x4, &(0x7f0000000140)=[{}, {}, {}, {}]}) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:26 executing program 1: r0 = accept4(0xffffffffffffffff, &(0x7f0000001580)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000001600)=0x80, 0x800) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000001640)={0x6, 0x7, 0x100000000, 0x6, 0x20}, 0x14) syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x703, 0x1, &(0x7f0000000200)=[{&(0x7f0000000080)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000002d2b423fb753324b4c807926523eb29850c2bad85eced84ea2f058447f22a10000005f42485266535f4d", 0x9e, 0x10000}], 0x0, 0x0) [ 416.737446] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000458c97 [ 416.744702] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 416.751969] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 416.759226] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 416.766486] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:26 executing program 3 (fault-call:0 fault-nth:49): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:27 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0xffffffffffffffaf, 0x10000}], 0x0, 0x0) [ 416.988835] FAULT_INJECTION: forcing a failure. [ 416.988835] name failslab, interval 1, probability 0, space 0, times 0 [ 417.000086] CPU: 0 PID: 15122 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 417.007190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 417.016551] Call Trace: [ 417.019145] dump_stack+0x138/0x197 [ 417.022783] should_fail.cold+0x10f/0x159 [ 417.026941] should_failslab+0xdb/0x130 [ 417.030919] kmem_cache_alloc+0x47/0x780 [ 417.034985] ? lock_downgrade+0x6e0/0x6e0 [ 417.039144] __sigqueue_alloc+0x1da/0x400 [ 417.043298] __send_signal+0x1a2/0x1280 [ 417.047294] ? lock_acquire+0x16f/0x430 [ 417.051278] send_signal+0x49/0xc0 [ 417.054827] force_sig_info+0x243/0x350 [ 417.058820] force_sig_info_fault.constprop.0+0x1c6/0x2b0 [ 417.064362] ? is_prefetch.isra.0+0x350/0x350 [ 417.068867] ? trace_raw_output_x86_exceptions+0x140/0x140 [ 417.074500] ? retint_kernel+0x23/0x2d [ 417.074518] __bad_area_nosemaphore+0x1dc/0x2a0 [ 417.074539] bad_area+0x69/0x80 21:25:27 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f0000000080)={0x7b, 0x5, [0x40000003], [0xc1]}) [ 417.074550] __do_page_fault+0x86f/0xb80 [ 417.083080] ? vmalloc_fault+0xe30/0xe30 [ 417.083092] ? page_fault+0x2f/0x50 [ 417.083105] do_page_fault+0x71/0x511 [ 417.083114] ? page_fault+0x2f/0x50 [ 417.083123] page_fault+0x45/0x50 [ 417.083130] RIP: 0033:0x45347f [ 417.083135] RSP: 002b:00007f66740e0a88 EFLAGS: 00010283 [ 417.083143] RAX: 00007f66740e0b40 RBX: 0000000020000228 RCX: 0000000000000000 [ 417.083148] RDX: 00000000000000e0 RSI: 0000000000000000 RDI: 00007f66740e0b40 21:25:27 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x0, 0x0) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0xcc, r1, 0x100, 0x70bd27, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DEST={0x6c, 0x2, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@local}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@dev={0xac, 0x14, 0x14, 0x1e}}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x60}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x2}, @IPVS_DEST_ATTR_TUN_PORT={0x8, 0xe, 0x4e23}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x1}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x40}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x28000000000}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x400}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x3ff}, @IPVS_CMD_ATTR_DEST={0x2c, 0x2, [@IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xbbcb6b0598951a15}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x4}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x8db}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x8e}, @IPVS_DEST_ATTR_TUN_PORT={0x8, 0xe, 0x4e24}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xff}]}, 0xcc}, 0x1, 0x0, 0x0, 0x4}, 0x10) 21:25:27 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000040)={0xf000, 0xd000, 0x2, 0x3, 0x6}) ioctl$KVM_SET_PIT2(r3, 0x4070aea0, &(0x7f0000000080)={[{0x8, 0x80000000, 0x101, 0x4, 0x1, 0x9, 0x8, 0x2, 0x3df5, 0x80000000, 0x7, 0x3, 0x5}, {0x7ff, 0x2, 0xff, 0x6, 0x7fffffff, 0x6, 0x1, 0x5, 0xff, 0x6, 0x8001, 0x1, 0x5}, {0x3, 0x8, 0x3, 0x6740, 0x5, 0xae, 0x69e, 0x1, 0x8, 0x2, 0x4, 0x2ef, 0x5}], 0x35}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 417.083153] RBP: 0000000000000001 R08: 00000000000000e0 R09: 000000000000000a [ 417.083158] R10: 0000000000000075 R11: 00000000004e5320 R12: 0000000000000004 [ 417.083162] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 417.155850] print_req_error: I/O error, dev loop1, sector 128 21:25:27 executing program 3 (fault-call:0 fault-nth:50): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:27 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x2000, 0x0) ioctl$EVIOCGREP(r1, 0x80084503, &(0x7f0000000080)=""/67) 21:25:27 executing program 4: [ 417.337841] FAULT_INJECTION: forcing a failure. [ 417.337841] name failslab, interval 1, probability 0, space 0, times 0 [ 417.397804] CPU: 1 PID: 15152 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 417.404942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 417.414284] Call Trace: [ 417.416861] dump_stack+0x138/0x197 [ 417.420476] should_fail.cold+0x10f/0x159 [ 417.424610] should_failslab+0xdb/0x130 [ 417.428570] kmem_cache_alloc_trace+0x2e9/0x790 [ 417.433395] ? kasan_check_write+0x14/0x20 [ 417.437612] ? _copy_from_user+0x99/0x110 [ 417.441743] copy_mount_options+0x5c/0x2f0 [ 417.445974] SyS_mount+0x87/0x120 [ 417.449410] ? copy_mnt_ns+0x8c0/0x8c0 [ 417.453284] do_syscall_64+0x1e8/0x640 [ 417.457153] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 417.461982] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 417.467150] RIP: 0033:0x45c2ca [ 417.470322] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 417.478014] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca [ 417.485267] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 21:25:27 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) syz_open_dev$vbi(&(0x7f0000000140)='/dev/vbi#\x00', 0x2, 0x2) setxattr$trusted_overlay_redirect(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='trusted.overlay.redirect\x00', &(0x7f00000000c0)='./file0\x00', 0x8, 0x2) 21:25:27 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x2) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 417.492518] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 [ 417.499768] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 417.507022] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:27 executing program 4: 21:25:27 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = syz_open_dev$adsp(&(0x7f00000001c0)='/dev/adsp#\x00', 0x1, 0x10000) clock_gettime(0x0, &(0x7f0000000540)={0x0, 0x0}) futimesat(r0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000580)={{}, {r1, r2/1000+10000}}) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000001680)={0x0, 0x3e, "9f369d1a7f68e2e0ec0840128647c691fd762aa000d53fec9048ea2435106d094610dd170fa178076a95075f7d624c1dbc523aaea49fd65287de69e6080e"}, &(0x7f0000001780)=0x46) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000001700)={r3, 0x7f}, &(0x7f0000001740)=0x8) syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000080)='./file0\x00', 0x8001, 0x4, &(0x7f0000000140)=[{&(0x7f0000000240)="5d903044a341bfa959c80f9e0557821d0177a93e29f42cd7034d3d5ef33c86b19a8ff86c916ca175ba82fef368b1e43bd0e1e5461ee5b629d810f0da29ecba5a29272fbd506eecf9956575db7784562f11be7eced99c939412d0c62ff5094d04b2cfb0b3211a8daba3187f50c704f2013f0cd863d8ebd93c0f94a97d6517a03592810fc45778f16de571580e20e44565e693e77d14ef2c9d6c4dff5e1565265a5707ba92bf36827ba4d13c59000bbb7ffbe194c92358660d76dd74ddd26ff46f13efc8de3362523a6baa85716022de3f8a9dc287ac568577c7dae8bee694214c640662eee74550d97a01", 0xea, 0x101}, {&(0x7f0000000340)="6f039a00f663c7a0c3febc448c598370105c272a74affbbab27e13353a1aa196e0e7eac4ade9cc604d262664aaf715c3a7e679bd5db4780ba773586af156798bbc62206668910d9b2b6933396200e477d115383e77cb564fbef588a21546e622b1877b110055e232792a31d5aedde2cc6a3ce37057fa2adc68d6dedcc8355841406b0ce2af0fd4dd5a31efe9f30bad402b5d49227c2590277885a8bc33fabfdb89770ea1ba7e0063ed3ad010d8d4784186bc252c06c4f895fca1411c4fdb05771f91eda2753e3aba37ffb769e4ed5979830a7a89e09de1c490e7406944ec1833facb", 0xe2, 0x9}, {&(0x7f00000000c0)="1238710877224f9ed75acc0f0c1aae630412fa83b7919f22e24597147ca08b86f4f834bf678dfbb1422008259c56f102", 0x30, 0xed46}, {&(0x7f0000000680)="5f4205ed5505cf3c2317b8c261a58070508a5fb4c26081c61f9a8b2704db92e35cf97fdb5628eb6661e1631b55fbe7fca0e9111f6a345c470117125df9f474475e085a82387df47200a6762bc6f246246ac9658138d1ac4fd7268620f55e69bb73a53889d0a45d8f76582dc4d3ac0c829c310ec7450c162bb9d5f0f35e101373fb8d166b50644002e55a297c2bf86307371ff4dbda719000229753471a2350b93ed78a288a05ee46ce1e8cb998391e99468dbe8a823cf2b9a9f0c5bc516ee4b79875465f29a88775fbc6fcdc8b73bcb9d847aa99d815589e589b5f9f648d03f8385c0c79c3c92a6d528b72235e5864c13be5b9f98c91b07730a0fc561e0aa92e7f031033c37245b899f11a4d8f0c5a02a709c7764e78e30fc7c0da3f6eb72bf8382b731d9b5682ce2b26fd7a0f4a2c6c5d5e298cc8d4bc07945cc3d21feffbde60678ad41e2678e8a0848823b9201fe9f759c30d014bb22e8da23c5713b0b7f40d3629b3a85e355746ecea2e076f1cc66fecb0dffc290e4fe6f0e3ea26f3137513aacd39317845782b9e4cc208964f8b3e52dcd460d9075649cb7cda04a709645d1a516e060c473fdd0463bd83fd93a7b469b3f2fe69e1b77b2660cd24a51ccda81a6a18bb7126e5c45631f01a9b9161dc289cbfe4d264bb70bba1855399147737d8aa98d4a9263073d1dde55c89b90abc31f2081a04e57a49570291b54bfadaff75a0f1f944fb94658a1a7f6199938acc61c7a11a04db89a4b1251418dafe305332c1f88886eaec86e9107816c8843a0452d9d621ae510685bcc61f5c54e241e8fdeab081c1097c6e225775153ff8217ab7588d2566ad7b3a0fe0312c805c7e2bfc471912d188d54645659dfd9421087f6debec142a2555f2d214ef0a995278c0efc70707e78f70304a0c39e50ef0b35f24c9376d8dbf47903efb46b67ddead9498d51451544c08fcc0f743cd4bcc732dc39b893fb35c1f666425591becb8074decf284965cf9580fa9ea347a3127b9ffb7e2af25d19ce0bab44990012e0e8ceef394ed2324d549159a38cd7db7a14c962cb4840a64a948c8c618f709ac42f8e146597d0e094bb499d5109bcbd3e44167bd00222debfda4852b466cee45512bff12c0f14aa27ad750a18eb088d594d677fecb9a0ee0254388e589740519c1bd9711cc9d9f4c1ba391f8e02478c1161d26a2f7764132393a1d6a79767fbf6e77258beb1c006a1f466c555c6f3d86820388f3729591f5e04f962084d355288c5a33f28a864396f8507cef4d23393606b0d7ea7c90dcc4ef24cdf31d2b28e1ec511beaf9e85ee67560cc1862b466d566d50657a5d65f0483d9aa38180af4853fd9aa577643e8740ba30b50922cc938b328f3fecbefada5abdf49f39311278da63b64cdf013286a4ac87e0777522750b94cdfcac7f5c62a7a1f1592753c74861bfe66e89abb9152a4874c2c849cf49c53f661953958e6efc0c6daf9a33541e7a18d5bd2d6bb9454d0c1fab61b61077fa62d549cd1a5c4ae5eea92f126e1499c4cccaf22969f433411981465cbe5febf247dee8919e6a285c664fb94899670739b1593c693f0bb3cc79ec437eada10124a3ad8ec2d0620dbf4c4f89169754a3bb7d6354aebfb1c7be26639a7999b9cd96391ad0dc8ac35949c7e0d420fa9781b77efaec19afe51e6405d462569326b2002670874771e4e0b61b070ac498e35c35491d14e70b7a7e8daca1f0fd6159f158dbf4695448a6d0dcafd76203f9cc51cb07317ba06d3d63d16db29552c781f1841055f2d045ea0e8b1da077a4d2dcf05fe4ee5b4de194a123277df0dd5438740fa48c10171d96fed710aeb7185a089ada4a1e35419cfb4df48cf6fc52d1d6669a1a0453d82fb8d31348b7644471d8f160c9421e989f5ca9af87385cabfa498ebe9e3f864a6a104ec7cd95f2d5cd49140b705c4480627efed395f3a0c30546a54b402d393e9c1dcb8e14cca0ba3d81f613e494d99de77a99ab344658641f14ade122ed501e4f9dc42be6a4bc21c9eb55d97fba279aa68f850382e76ee67876a8f399e91a538db308b215dc8bf9be8f2d99827f2f49077896e51ce05cd1b8715b8c6dd8444e401ad883771eba4e32b3e2b6fc1b1d11c8721665e46ecc34479d3cccc875d944ae398c561e3cf4681555a0c6a5cef5915624516497ef3692fb40336db05a58b8b3e1ecdecddaff718c9c8c71aa5a038455a4e7a907c5b7e9d4fd83cd5989faf43c77560be91c202d755aa0ca4056e3550ab66d7fab392ed966e6e4963eb5ee9de501f45b90e05fa07342bb4ea4fcb921f38f3a974c805e4c95171e537199bfda1ec17b0b31459dd41713c0be20fd5aa4f7e15ac79db03e66dab57c58f92e61f3ea325078545368c688b8e96aac1516ba1272deedad2d016a71a5dd9da8585bb604dedbfb533c20084d7fa05a5cc652596f318f72ae595b299acfb3c1371141ffab1537e334a5f6f4265c3cc8ffc277040007c90ee7118843f7f05a2bc1cce7a7e511cbee46c89fb6cbd954bbb7a49f8929cc9d923a8083879ec755d7372d06778646da7c6b92a3cf8657758c7ac5315433326f8980bed850db7df5686613ae4c2b2671977069d9a1b636b89b0ed53a5821a048b3be8e7ef7bf76eeb1204337294f09317b2012ee01b66736c97489f3d03286252bc991bdb3e8e7526fdab513d6c8e2564b35f3a8b8452ff15861b6db4cd56cc5f7f23da87faa7dadeac274c57a5dcaf4a38f01f4a03fdc1635ab07b6f14083d1e7a0b10f6310177787aa225f80da514aac83aff2deb395b15df9ece8ce2503a271fef3ff355ee2cae08785f4ee672abf943f4f1398ab90d3986600af397a34c06c398d0a1618c44d5fb64fe0c6a1c423bfb3a333422f4dc9c9d5e9679e376a254ec5b5af082d74ccee94d2081d4c227eb37eb67a4216cc60e85656761df02d3bf75cc8646c40d1d3e354cf13716f0bb5e6983b0d0b14be24f173833576be419c66063cae114ef2f38100e819d881be0656e0a2f6844d603d848025d49d5da07dc95a56b5d951f9c4e713dd42b7b21f54f306b9134a5065590cb9de49697bb09b6e10eded8db5c8ed4ad26cab17b42b68bf14226b1dda5b47ee31a5d9c030bb4aafecbddb6b87246254fb89a59c0344df72d8006172b5db561c845354530004e8973ce1ec97e5c1e932f7a9b7078fa00ee3b78cd816491fa0ebdde22aeccfc1f25d547da5ee4e27e9ccc6c7f4996bcaad14cfa25392df023ee964cd09f34980a1d0dcb51db4e80ceb722221af6c6d0365888af5bdfc77ddcf19a4e72b674ecb952d0cc9e01501ca9d980998561123280060ad53bc8ab87d9ac3b5dbd31389381a9cf8207ef50b7ed9f6ce6b2b1a988a2fe32e95f369fa93aebb35a06133a52f4030d7743a954ba33764b1869d5ae4381cd96c0e263c20c7764fbc552175ea2198e5b1df19eeb855cdcf20681a749ffd480bd7ea9f93b46e63fc200cb4dcc7fcdf273d831a2a94b91c782168df28d962367ab2dacf91c2cdede6eeff69d8223860990495c44a6a083b20d1983a2d4556502e8ad59a31b7e71a5ae9d2e68c745597f111600c7293f70a6360a36c88b7c475715f591dd5ba646d84d47dc9351d4db25dc5cf0563aa5689d91bc44dd444942d3580df83c14aa96ad56f1aefc4601f85548c7a2b0cef32be56afa9d58281fe6fd46c20529ba5e55303a8a8d1c055e39439fdb769d55f05cd411396a274e7bce7ce403b62ae42c538bfd026096284bdc8e598dd9e20deb772438d3dbdad6623d2bef751c64161bc8b8dcb27a48d78102f69a1c06a671e04badb0ecfd6908190183110beea3eaced47414265ded8b62c534e48760bde86b7ff74d439e5468ace53cfda3407578ac24d9c9e05f62cc9473b90d168a4118b87a501b421a72be7872b775217d014afc314f4ff1b01a5ddd0c4711c7853400aa531fcb784eaaab7ed04ac238c8dd6ddebe53c194a739d440264623f3ab494fa2cb9591e7a19dc89fcb08a6e3741bb4ef0630e3c70174de93d2b5a177d67798333dc527f26227f746ef34cd15480742c802e9c38ca86a554845bc442020ea0c39fa229cb9d324d9af30853ec414a48d78def221e1d89ebf5899dc4735df05abb2e476ae17f926665ea3643db56ca15feadc1273ab8a4fc78fb40ef78e766c80bff4495261148c7b57880ccbd5e5b22e4a8d870a6e1e35fd89c3d10518fa3e5ad86d405ac7d706752d61f81e43beff67235732515457d9a75cb0f3b4404d9530ab2270f233b50ea54d620979f07a4d4e8f1c76156e597815d806cdd466c06987a7d82355d198f91a325dc9c6bbc0c17be6e9152096c61a2a79704422f3db7129fea5416a4e8635cff7a7d273cfecc7752e813a84888423c04fa85c5102271abc37a1134a6669d6ca4396bb63fb1af2f50ad8eb62565b296d50c6014acedd7146b26f39f3f95534e69ca05ab1d6fe7c915212476a794d25f9b5d50de22e1b4e49f51570af65bf1de7022bf1ea3f71f4af415f3a675d143f285fb3eb2cdf663b958bcf470c1103b36fae8dfad0fdb730cad6ef2fd3df7e19eab49b27e742733aa28a1f9ec074956cb1cb05a7d5bc43df6aad646b43bb5dff5252bcba85f826ccebde4890062c2e2d3ce487a068d0a463b0f964fe226c7c8c8fa843fd268097eb2e993ccd6212d86291165b17d8c209aa375b1bec4ab3bf245ce06742512678a92dfbdd3759bfeb2ec710b56ee76369531d4dd86f21c9b053c942b1b5e8fe10057ff07e9d7c9ffa429b32061e7ecf047117ee86f105fa81c7b3d78aa782e9301a9c4829a364b10006a83d9b883a13ab4a4f050630cd9b3229740de2c34e5c1f4e1e5ce8a32e0c1716c4c4be7cf0574acf3d5026f937b0da9db1bab7cd68c1b60a27ed06862dc9850b861793810175e7a803987493d4b57b59fbb46ad21bf1e7c36ac5f88ce9a70458c91a39d9ecfce700b3817d4180991355c54aa84ddcb4c1ee914f2312833ce2c45ef6b7f970f29986b6c8f1bb3b917bf6bdf0f37f2ede3d2522a542b66037f9f8e418b50fd30c32c536bb21473b8148d5eb54e76130d3006483a59c76b421ba3552bed885861026dfcc852e2e8bb098928a770369ae34f899ff40bdcaa3d7d856a02c4c2aa5624c5e959c66940bd6170f1aa100da853e388b18ef12dcc39ef49bfa11a1506342abab01865d493a2acc2b7f1981be7c1584d449f547707e53d002211bdf56923b23957c9f976d2cb32fd7656d210f7e17720707df64705fa187a5e147751ac883b3ac1400d969dc88f3f25c4c19de4fdee72e5b73d1688c29e962f69b0f1ba8196d78167c0d620636ccfd0d9e271c08084a30f6c9f12ca63fb7fb57f13b938c4ea8712ff08a8b6f987c0a2311e2e4d9d62d2f11860ffecc3f44eba44aebc37ce60f08fb12d41596df50e3ac803f9d514647d54f565ae1bcd1edf9a1f1fcbc1d73b26b11e710df3111210c880e785d7dacdc11be1415345abaddd47712186b3a5397a892633fe0371f6467ffe42973ab3c4e7af8d269c9a7e338a92576b9d89d8fe96fe734dc5c9083c2517c6153f277dbecd8a6debdb6082559933b35876821e568a2222164693a2fa69a45d2d1c854a240a386fb3d130c26f5cb096b8b9fdf838889f58ed1696be1683a7c6beff703f89d50f43ea43e1add8f9b2ff8d553f1fb29373361a39e03bf525e6fd95e5d77c8678cd5fe203c6e1d4d91c2cb1a177353d788811cc229dd81dd68b50ebea3544358d05f3677b755f4a40221b793e35ac07e31c7851ae3b348", 0x1000, 0x9}], 0x8400, &(0x7f0000000440)={[{@ikeep='ikeep'}, {@nobarrier='nobarrier'}, {@sunit={'sunit', 0x3d, 0x400}}, {@swalloc='swalloc'}, {@inode64='inode64'}, {@noalign='noalign'}], [{@defcontext={'defcontext', 0x3d, 'sysadm_u'}}, {@obj_user={'obj_user', 0x3d, 'btrfs\x00'}}, {@smackfsroot={'smackfsroot', 0x3d, 'vboxnet0.%nodev'}}, {@fsmagic={'fsmagic', 0x3d, 0x100}}, {@context={'context', 0x3d, 'staff_u'}}, {@measure='measure'}, {@audit='audit'}]}) 21:25:27 executing program 4: 21:25:27 executing program 4: 21:25:27 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_X86_SET_MCE(r1, 0x4040ae9e, &(0x7f0000000040)={0x180000000000000, 0x1000, 0x8, 0x1, 0x18}) fchmod(r0, 0x8) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r4, 0x84, 0x65, &(0x7f0000000380)=[@in6={0xa, 0x4e22, 0x3cbd, @rand_addr="950caf0a4173d45497fa013534973da7", 0x3}, @in6={0xa, 0x4e21, 0xfff, @dev={0xfe, 0x80, [], 0x1e}, 0x1}, @in6={0xa, 0x4e21, 0x7, @remote, 0xfffffffffffffc00}, @in6={0xa, 0x4e22, 0x1, @ipv4={[], [], @loopback}, 0x100}, @in6={0xa, 0x4e23, 0x3f7, @mcast1}, @in6={0xa, 0x4e24, 0x101, @local, 0x20}, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0xb8) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:25:27 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/btrfs-control\x00', 0xe62ace509a0867c6, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000140)={{{@in=@multicast1, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in6=@remote}}, &(0x7f00000000c0)=0xe8) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000240)={{{@in6, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in=@local}}, &(0x7f0000000340)=0xe8) sendmsg$nl_xfrm(r1, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f0000000540)=@newsa={0x240, 0x10, 0x400, 0x70bd25, 0x25dfdbff, {{@in=@broadcast, @in=@loopback, 0x4e23, 0x1, 0x4e20, 0x7f, 0x7e8bfe750d9bbb, 0x80, 0xa0, 0x2f, r2, r3}, {@in6=@mcast2, 0x4d3, 0xee2c1e7e8d4a7bc4}, @in6=@mcast2, {0x8, 0xe, 0xffffffffffffffff, 0x374, 0x6, 0x4, 0x1, 0x10000}, {0x0, 0x4, 0x1e1a, 0xffffffffffffff3b}, {0xcca, 0x3, 0x2d}, 0x70bd27, 0x0, 0x2, 0x0, 0x3, 0x8}, [@address_filter={0x28, 0x1a, {@in=@dev={0xac, 0x14, 0x14, 0x10}, @in6=@loopback, 0x2, 0x7, 0x81}}, @output_mark={0x8, 0x1d, 0xb849}, @extra_flags={0x8, 0x18, 0xca}, @ipv4_hthresh={0x8, 0x3, {0x10, 0x1e}}, @encap={0x1c, 0x4, {0x1, 0x4e22, 0x4e21, @in6=@empty}}, @mark={0xc, 0x15, {0x35075d, 0x80000001}}, @etimer_thresh={0x8, 0xc, 0x4}, @algo_aead={0xd8, 0x12, {{'ccm(des-generic)\x00'}, 0x450, 0x60, "963a385785e10edab30ad905876d782b51baa08e3bafceef8f2c922e3dd1a37c9ea9a7aa5920a92d4ef823d00bee0b5757e68f6d1fed5067000f629522b3b0e7f04bc9e800b9bcd6d79a75e2b2288c6b07448c20f8dcd80966e45cff6658d466fac0cb833f76178b32d55c4ac1bf060d9baafc7f43f633b59a92e04bd6ce6b8f106189005563e150f06d"}}, @output_mark={0x8, 0x1d, 0x100}]}, 0x240}, 0x1, 0x0, 0x0, 0x40800}, 0x41) 21:25:27 executing program 3 (fault-call:0 fault-nth:51): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:27 executing program 4: 21:25:27 executing program 1: pause() syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:28 executing program 2: r0 = syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0xffff, 0x400000) fchmodat(r0, &(0x7f00000001c0)='./file0\x00', 0x42) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) accept4$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, &(0x7f0000000140)=0x1c, 0x80000) 21:25:28 executing program 4: [ 417.969018] FAULT_INJECTION: forcing a failure. [ 417.969018] name failslab, interval 1, probability 0, space 0, times 0 [ 418.019604] CPU: 0 PID: 15215 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 418.026743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 418.036096] Call Trace: [ 418.038695] dump_stack+0x138/0x197 [ 418.042333] should_fail.cold+0x10f/0x159 [ 418.046499] should_failslab+0xdb/0x130 [ 418.050487] kmem_cache_alloc+0x2d7/0x780 [ 418.054646] ? fs_reclaim_acquire+0x20/0x20 [ 418.058976] ? find_held_lock+0x35/0x130 [ 418.063042] getname_flags+0xcb/0x580 [ 418.066858] user_path_at_empty+0x2f/0x50 [ 418.071012] do_mount+0x12b/0x27d0 [ 418.074556] ? copy_mount_options+0x5c/0x2f0 [ 418.078962] ? rcu_read_lock_sched_held+0x110/0x130 [ 418.083977] ? copy_mount_string+0x40/0x40 [ 418.088213] ? _copy_from_user+0x99/0x110 [ 418.092368] ? copy_mount_options+0x1fe/0x2f0 [ 418.096862] SyS_mount+0xab/0x120 [ 418.100312] ? copy_mnt_ns+0x8c0/0x8c0 [ 418.104202] do_syscall_64+0x1e8/0x640 [ 418.108095] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 418.112944] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 418.118131] RIP: 0033:0x45c2ca [ 418.121314] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 418.129022] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca [ 418.137808] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 [ 418.145076] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 [ 418.152517] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 21:25:28 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm_plock\x00', 0x200000, 0x0) ioctl$SIOCAX25NOUID(r1, 0x89e3, &(0x7f00000000c0)) ioctl$ASHMEM_GET_PROT_MASK(r1, 0x7706, &(0x7f0000000080)) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000240)=""/246) ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000340)=ANY=[@ANYBLOB="01000800aaaaaaaaaabbffffffffffffaaaaaaaaaaaaaaaaaaaaaabb0180f4a05e400180c2000eaaaaaaaaaaaa0000000000000084cd51195851a457466a94800d841a0de9b06e0dc919cacadefc88e67e58bf855757d29f73a251e4aceb8b0addf5647d64a4ea08d77ef87664a67130302874c9a6cf6ced2a7bc098126a024d22a53c7a50baddc26b0576317873c7eb360674f5b1aab377a0bf0d3a6c437572daddc4f77e8a31311e59a3980d5416191d1830afadfa8e04a41d925d28f571bbf189ce"]) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) [ 418.164429] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:28 executing program 4: 21:25:28 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) fsync(r0) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000040)=0xffffffffffff0000) 21:25:28 executing program 4: 21:25:28 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0xf7, &(0x7f0000000080), 0x8, 0x0) 21:25:28 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = fcntl$getown(r2, 0x9) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x10001, 0x9, 0x8, 0x4829, 0x0, 0x101, 0xd0402, 0x0, 0x3, 0x4d7, 0x3, 0x7, 0x2e1c00000, 0x2, 0x711, 0x5, 0x2, 0x6, 0x3, 0x45f3, 0x8, 0x6, 0x8, 0x80, 0x81, 0x9e89, 0x71dd7494, 0x6, 0x6, 0x6, 0x3f, 0x7, 0x1000000000, 0x9b, 0x7fffffff, 0x9, 0x0, 0xcb, 0x1, @perf_config_ext={0x7f, 0x7}, 0x6020, 0xfff, 0x3ff, 0x6, 0xffff, 0x357, 0x80000001}, r3, 0x4, r1, 0x8) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) fcntl$setflags(r0, 0x2, 0xa8afd328ef91d3e0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) rt_tgsigqueueinfo(r3, r3, 0xb, &(0x7f00000001c0)={0xe, 0x7, 0x8}) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 21:25:28 executing program 4: 21:25:28 executing program 3 (fault-call:0 fault-nth:52): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:28 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x400000, 0x0) ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0x7fffffff) [ 418.562390] FAULT_INJECTION: forcing a failure. [ 418.562390] name failslab, interval 1, probability 0, space 0, times 0 [ 418.585746] CPU: 1 PID: 15260 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 418.592969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 418.602330] Call Trace: [ 418.604907] dump_stack+0x138/0x197 [ 418.608522] should_fail.cold+0x10f/0x159 [ 418.612659] should_failslab+0xdb/0x130 [ 418.616619] __kmalloc_track_caller+0x2ec/0x790 [ 418.621270] ? kasan_check_write+0x14/0x20 [ 418.625482] ? strndup_user+0x62/0xf0 [ 418.629263] memdup_user+0x26/0xa0 [ 418.632781] strndup_user+0x62/0xf0 [ 418.636391] SyS_mount+0x6b/0x120 [ 418.639825] ? copy_mnt_ns+0x8c0/0x8c0 [ 418.643697] do_syscall_64+0x1e8/0x640 [ 418.647579] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 418.652407] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 418.657579] RIP: 0033:0x45c2ca [ 418.660747] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 418.668525] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca [ 418.675774] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 [ 418.683023] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 [ 418.690282] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 418.697532] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:28 executing program 1: syz_mount_image$btrfs(&(0x7f00000000c0)='btrfs\x00', &(0x7f0000000100)='./file1\x00', 0x0, 0xaaaac4b, &(0x7f0000000200)=[{&(0x7f0000000040)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0x0, 0x0) stat(&(0x7f0000000240)='./file1\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000300)={{{@in=@empty, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000400)=0xe8) getresuid(&(0x7f0000000440)=0x0, &(0x7f0000000480), &(0x7f00000004c0)) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000500)={{{@in6=@mcast1, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in6=@local}}, &(0x7f0000000600)=0xe8) r5 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000740)='/dev/autofs\x00', 0x100c0, 0x0) setsockopt$inet_mreqn(r5, 0x0, 0x23, &(0x7f0000000780)={@dev={0xac, 0x14, 0x14, 0xe}, @broadcast, r3}, 0xc) syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f0000000140)='./file1\x00', 0x7, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000180)="b2b673afe6a465ec6a2137d5e31f78609358ca214479663ae145d801ccab", 0x1e}], 0x8, &(0x7f0000000980)=ANY=[@ANYBLOB="6572726f72733d77697400000000772c6c6f6903000000000000007b6572092c626172726965722c657569643d89503220ea28f1ee5d2e24986bc7f6b84d352597ae7cded6b9983a243db760c069bdc871d07de9bba5794bf32bc98e3e0c600c2a395abbdfa78a1c000000000000", @ANYRESDEC=r0, @ANYBLOB=',seclabel,dont_hash,fowner<', @ANYRESDEC=r1, @ANYBLOB=',measure,uid>', @ANYRESDEC=r2, @ANYBLOB=',smackfshat=btrfs\x00,fowner<', @ANYRESDEC=r4, @ANYBLOB="2c7373002c736d61636b6673726f6f743d6274726673002c008c2705a3cdc7b65991930fb9a1207b1307a497edba8e1658866a678f3d2b7bbec03106a302f0b9a3f45c8b2a8b4c1f95ade33446a71daba4c12a21d6bf3189e5a12069e9e88192f5c9fb60d3f3f4a17fc4390934a233f3dd2ba948dd6725370e6457210ba484c1e2def80c3076cb2dd31eb6c2832779f561578b964450"]) ioctl$TUNATTACHFILTER(r5, 0x401054d5, &(0x7f00000006c0)={0x3, &(0x7f0000000680)=[{0x8000, 0x7, 0x0, 0x7}, {0x80000000, 0x0, 0xebc, 0x8}, {0x1c0000, 0x1, 0x5bed, 0x4}]}) r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$sock_int(r6, 0x1, 0x1d, &(0x7f0000000640)=0xc7a, 0x4) 21:25:28 executing program 4: 21:25:28 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) r1 = dup2(r0, r0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000200)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000340)=0xfffffffffbff0000) mount(&(0x7f0000000080)=@nullb='/dev/nullb0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='exofs\x00', 0x10010, &(0x7f0000000180)='/dev/ppp\x00') r2 = dup(r0) setsockopt$llc_int(r2, 0x10c, 0x8, &(0x7f0000000040)=0x8, 0x4) ioctl$PPPIOCGFLAGS1(r0, 0x8004745a, &(0x7f00000001c0)) 21:25:28 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) getpeername$llc(r1, &(0x7f0000000040), &(0x7f0000000080)=0x10) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_KVMCLOCK_CTRL(r1, 0xaead) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x10000) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:25:28 executing program 3 (fault-call:0 fault-nth:53): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:28 executing program 4: 21:25:28 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x800000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:29 executing program 4: [ 418.927126] FAULT_INJECTION: forcing a failure. [ 418.927126] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 418.938974] CPU: 1 PID: 15289 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 418.946084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 418.946090] Call Trace: [ 418.946108] dump_stack+0x138/0x197 [ 418.946127] should_fail.cold+0x10f/0x159 [ 418.946146] __alloc_pages_nodemask+0x1d6/0x7a0 [ 418.958071] ? fs_reclaim_acquire+0x20/0x20 [ 418.965841] ? __alloc_pages_slowpath+0x2930/0x2930 [ 418.965867] cache_grow_begin+0x80/0x400 [ 418.983880] kmem_cache_alloc+0x6a6/0x780 [ 418.983892] ? kmem_cache_alloc_trace+0x57a/0x790 [ 418.983911] getname_flags+0xcb/0x580 [ 418.994028] gfs2: invalid mount option: errors=wit [ 418.996686] ? trace_hardirqs_on_caller+0x400/0x590 [ 418.996701] user_path_at_empty+0x2f/0x50 [ 418.996713] do_mount+0x12b/0x27d0 [ 418.996723] ? retint_kernel+0x2d/0x2d [ 418.996736] ? copy_mount_string+0x40/0x40 [ 419.022553] ? copy_mount_options+0x18a/0x2f0 [ 419.027030] ? copy_mount_options+0x1fe/0x2f0 [ 419.031511] SyS_mount+0xab/0x120 [ 419.034945] ? copy_mnt_ns+0x8c0/0x8c0 [ 419.038817] do_syscall_64+0x1e8/0x640 [ 419.042686] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 419.047511] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 419.052679] RIP: 0033:0x45c2ca [ 419.055852] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 419.063556] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca 21:25:29 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) r1 = syz_open_dev$swradio(&(0x7f0000000080)='/dev/swradio#\x00', 0x0, 0x2) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x40000, 0x0) syz_open_pts(r2, 0x40400) [ 419.070806] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 [ 419.078058] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 [ 419.085322] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 419.092573] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:29 executing program 4: [ 419.146454] gfs2: can't parse mount arguments 21:25:29 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = getpgrp(0x0) ptrace$setsig(0x4203, r3, 0x800, &(0x7f0000000040)={0x18, 0x93c, 0x1}) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:25:29 executing program 3 (fault-call:0 fault-nth:54): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 419.264152] gfs2: invalid mount option: errors=wit [ 419.269394] gfs2: can't parse mount arguments [ 419.294863] FAULT_INJECTION: forcing a failure. [ 419.294863] name failslab, interval 1, probability 0, space 0, times 0 [ 419.348771] CPU: 1 PID: 15323 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 419.355913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 419.365263] Call Trace: [ 419.365283] dump_stack+0x138/0x197 [ 419.365304] should_fail.cold+0x10f/0x159 [ 419.365317] should_failslab+0xdb/0x130 [ 419.365329] kmem_cache_alloc+0x2d7/0x780 [ 419.371556] ? cache_grow_end.part.0+0x92/0x160 [ 419.371574] getname_flags+0xcb/0x580 [ 419.371586] ? lock_downgrade+0x6e0/0x6e0 [ 419.371597] user_path_at_empty+0x2f/0x50 [ 419.371608] do_mount+0x12b/0x27d0 [ 419.371617] ? copy_mount_options+0x5c/0x2f0 [ 419.371627] ? rcu_read_lock_sched_held+0x110/0x130 [ 419.371639] ? copy_mount_string+0x40/0x40 [ 419.417647] ? copy_mount_options+0x1fe/0x2f0 [ 419.422128] SyS_mount+0xab/0x120 [ 419.425564] ? copy_mnt_ns+0x8c0/0x8c0 [ 419.429448] do_syscall_64+0x1e8/0x640 [ 419.433317] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 419.438148] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 419.443317] RIP: 0033:0x45c2ca 21:25:29 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x400940, 0x0) setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000080)=0x10001, 0x4) 21:25:29 executing program 4: 21:25:29 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x82000, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r1, 0x80dc5521, &(0x7f0000000140)=""/248) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:29 executing program 4: [ 419.446486] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 419.454177] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca [ 419.461425] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 [ 419.468675] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 [ 419.475924] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 419.483173] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:29 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) getpid() syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:25:29 executing program 4: 21:25:29 executing program 2: r0 = socket$isdn(0x22, 0x3, 0x27) ioctl$IMHOLD_L1(r0, 0x80044948, &(0x7f0000000080)=0x7) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/policy\x00', 0x0, 0x0) getsockopt$rose(r1, 0x104, 0x85761ff77a197b00, &(0x7f00000000c0), &(0x7f0000000140)=0x4) 21:25:29 executing program 3 (fault-call:0 fault-nth:55): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:29 executing program 4: 21:25:29 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x2000, 0x0) 21:25:29 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) r1 = getpgid(0x0) fcntl$getown(r0, 0x9) r2 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) ioctl$KVM_HAS_DEVICE_ATTR(r2, 0x4018aee3, &(0x7f0000000180)={0x0, 0x80000000, 0x0, &(0x7f0000000140)=0x7cd}) bind$tipc(r0, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x2, {0x41, 0x2, 0x1}}, 0x10) fcntl$lock(r0, 0x24, &(0x7f0000000040)={0x0, 0x4, 0x4, 0x7f, r1}) [ 419.737010] FAULT_INJECTION: forcing a failure. [ 419.737010] name failslab, interval 1, probability 0, space 0, times 0 [ 419.823262] CPU: 0 PID: 15351 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 419.830407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 419.839758] Call Trace: [ 419.839779] dump_stack+0x138/0x197 [ 419.839797] should_fail.cold+0x10f/0x159 [ 419.839813] should_failslab+0xdb/0x130 [ 419.846009] kmem_cache_alloc+0x2d7/0x780 [ 419.846023] ? cache_grow_end.part.0+0x92/0x160 [ 419.846039] getname_flags+0xcb/0x580 [ 419.854130] ? lock_downgrade+0x6e0/0x6e0 [ 419.854147] user_path_at_empty+0x2f/0x50 [ 419.854159] do_mount+0x12b/0x27d0 [ 419.854171] ? copy_mount_options+0x5c/0x2f0 [ 419.866751] ? rcu_read_lock_sched_held+0x110/0x130 [ 419.866768] ? copy_mount_string+0x40/0x40 [ 419.866782] ? copy_mount_options+0x1fe/0x2f0 [ 419.875053] SyS_mount+0xab/0x120 [ 419.875064] ? copy_mnt_ns+0x8c0/0x8c0 [ 419.875076] do_syscall_64+0x1e8/0x640 [ 419.875088] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 419.883005] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 419.883014] RIP: 0033:0x45c2ca 21:25:30 executing program 4: 21:25:30 executing program 2: r0 = syz_open_dev$audion(&(0x7f00000000c0)='/dev/audio#\x00', 0xe21b64f, 0x103800) accept4$unix(r0, 0x0, &(0x7f0000000140), 0x80000) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="8d37d018f39491e40b5298a4363ac0ed0000000000000001004d01000000000000001e00000000000000fff669807872f2a2299748aeb81e1b00920efd9a000082ba1db76e4f6d394ff803339fa22a01000000000001000000000000005f42485266535f4d", 0x65, 0x10000}], 0x0, 0x0) [ 419.883019] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 419.883029] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca [ 419.883033] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 [ 419.883038] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 [ 419.883043] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 419.883048] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:30 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) 21:25:30 executing program 4: 21:25:30 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x800, 0x0) write$FUSE_INIT(r1, &(0x7f0000000080)={0x50, 0x0, 0x7, {0x7, 0x1f, 0x100000000, 0x2320011, 0x9, 0x100000000, 0x10000, 0x80000000}}, 0x50) 21:25:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ubi_ctrl\x00', 0x402641, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:25:30 executing program 4: 21:25:30 executing program 3 (fault-call:0 fault-nth:56): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:30 executing program 2: r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x100000000, 0x8000) getsockopt$bt_rfcomm_RFCOMM_CONNINFO(r0, 0x12, 0x2, &(0x7f0000000140)=""/155, &(0x7f0000000080)=0x9b) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000240)={{{@in=@loopback, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@initdev}, 0x0, @in6=@loopback}}, &(0x7f00000000c0)=0xe8) getgroups(0x3, &(0x7f0000000340)=[0xffffffffffffffff, 0xffffffffffffffff, 0xee00]) write$FUSE_ENTRY(r0, &(0x7f0000000380)={0x90, 0x0, 0x5, {0x2, 0x1, 0x3ff, 0x0, 0xa0b, 0x2, {0x0, 0xffff, 0x81, 0x7ff, 0x4, 0x3a9, 0x7, 0x0, 0x38, 0x1f, 0x1000, r1, r2, 0x2, 0x2}}}, 0x90) 21:25:30 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) r1 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x400) getsockopt$IP6T_SO_GET_REVISION_TARGET(r1, 0x29, 0x45, &(0x7f00000000c0)={'icmp\x00'}, &(0x7f0000000140)=0x1e) openat$uhid(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uhid\x00', 0x802, 0x0) 21:25:30 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000080)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005fc15b1c3c081f587de7907e2eda7f9e42485266535f4d", 0x57, 0x10000}], 0x0, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100)='/dev/hwrng\x00', 0x80, 0x0) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000380)={r0, &(0x7f0000000300)="bb0cc085ae3aac2127ba18953ccd3a41d5ca932d75fb0e42b2e5e57beb5e931db218424e3c29a29b59bab5948155dd192c36c497593c4301e05d18a9b5b2866e71c86483b471ee268aa058be48f0ccbeb61388b6", &(0x7f0000000240)=""/129}, 0xffffffffffffff15) clock_nanosleep(0x8d7a07580c7e154d, 0x0, &(0x7f0000000140)={0x0, 0x989680}, &(0x7f0000000180)) 21:25:30 executing program 4: [ 420.502076] FAULT_INJECTION: forcing a failure. [ 420.502076] name failslab, interval 1, probability 0, space 0, times 0 [ 420.516050] CPU: 0 PID: 15424 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 420.523177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 420.532534] Call Trace: [ 420.535118] dump_stack+0x138/0x197 [ 420.538733] should_fail.cold+0x10f/0x159 [ 420.542898] should_failslab+0xdb/0x130 [ 420.546856] __kmalloc_track_caller+0x2ec/0x790 [ 420.551510] ? unwind_get_return_address+0x61/0xa0 [ 420.556421] ? __save_stack_trace+0x7b/0xd0 [ 420.560724] ? btrfs_parse_early_options+0xa3/0x310 [ 420.565722] kstrdup+0x3a/0x70 [ 420.568896] btrfs_parse_early_options+0xa3/0x310 [ 420.573724] ? btrfs_freeze+0xc0/0xc0 [ 420.577548] ? pcpu_alloc+0xcf0/0x1050 [ 420.581417] ? find_held_lock+0x35/0x130 [ 420.585455] ? pcpu_alloc+0xcf0/0x1050 [ 420.589327] btrfs_mount+0x11d/0x2b28 [ 420.593110] ? lock_downgrade+0x6e0/0x6e0 [ 420.597237] ? find_held_lock+0x35/0x130 [ 420.601276] ? pcpu_alloc+0x3af/0x1050 [ 420.605190] ? _find_next_bit+0xee/0x120 [ 420.609228] ? check_preemption_disabled+0x3c/0x250 [ 420.614229] ? btrfs_remount+0x11f0/0x11f0 [ 420.618448] ? rcu_read_lock_sched_held+0x110/0x130 [ 420.623452] ? __lockdep_init_map+0x10c/0x570 [ 420.627928] ? __lockdep_init_map+0x10c/0x570 [ 420.632405] mount_fs+0x97/0x2a1 [ 420.635753] vfs_kern_mount.part.0+0x5e/0x3d0 [ 420.640229] do_mount+0x417/0x27d0 [ 420.643749] ? copy_mount_options+0x5c/0x2f0 [ 420.648137] ? rcu_read_lock_sched_held+0x110/0x130 [ 420.653135] ? copy_mount_string+0x40/0x40 [ 420.657364] ? copy_mount_options+0x1fe/0x2f0 [ 420.661843] SyS_mount+0xab/0x120 [ 420.665273] ? copy_mnt_ns+0x8c0/0x8c0 [ 420.669170] do_syscall_64+0x1e8/0x640 [ 420.673038] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 420.677868] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 420.683040] RIP: 0033:0x45c2ca [ 420.686208] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 420.693897] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca 21:25:30 executing program 4: [ 420.701149] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 [ 420.708400] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 [ 420.715649] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 420.722905] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:30 executing program 0: ioctl$EVIOCGPROP(0xffffffffffffffff, 0xc004743e, &(0x7f0000000440)=""/246) r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x100000000, 0x10002) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x4, 0x4d8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000540], 0x0, &(0x7f0000000040), &(0x7f0000000540)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xb5afa704370e71ca}, {0x0, '\x00', 0x0, 0xfffffffffffffffe, 0x2, [{0x37f04dc9714797d2, 0x26, 0x892f, 'bcsf0\x00', 'veth1_to_hsr\x00', 'eql\x00', 'nr0\x00', @broadcast, [0x0, 0x0, 0x0, 0xff, 0x0, 0xff], @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xf}, [0x0, 0x0, 0xe707fb503802c2d5, 0xff], 0x6e, 0xb6, 0x106, [], [@common=@RATEEST={'RATEEST\x00', 0x20, {{'syz1\x00', 0x8, 0xfffffffffffff801, 0x8bd}}}], @common=@LED={'LED\x00', 0x28, {{'syz0\x00', 0x1, 0x800, 0x200}}}}, {0x5, 0x20, 0x888e, 'netdevsim0\x00', 'netdevsim0\x00', 'veth0_to_hsr\x00', 'syz_tun\x00', @random="7689294a5ca1", [0x0, 0x0, 0x0, 0xff], @remote, [0xff, 0xff, 0xff, 0x0, 0x0, 0xff], 0x6e, 0x6e, 0xa6, [], [], @common=@dnat={'dnat\x00', 0x10, {{@broadcast, 0xfffffffffffffffe}}}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x2, [{0xb, 0x10, 0x15, 'vlan0\x00', 'bridge_slave_1\x00', 'hsr0\x00', 'bridge_slave_1\x00', @link_local, [0x0, 0x0, 0xff, 0xff, 0xff, 0xff], @random="0d4e55605aee", [0xff, 0xff, 0xff, 0xff, 0xff, 0xff], 0x156, 0x186, 0x1b6, [@physdev={'physdev\x00', 0x70, {{'bond0\x00', {0xff}, 'gre0\x00', {}, 0x2, 0x14}}}, @helper={'helper\x00', 0x28, {{0x1, 'H.245\x00'}}}], [@common=@STANDARD={'\x00', 0x8, {0xffffffffffffffff}}], @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x1}}}}, {0x11, 0x1, 0x8917, 'veth0_to_team\x00', 'team0\x00', 'syzkaller0\x00', 'veth1_to_bond\x00', @dev={[], 0x2a}, [0x0, 0xff, 0x0, 0xff, 0xff], @link_local, [0xff, 0xff, 0x0, 0x0, 0x0, 0xff], 0x6e, 0x6e, 0xb6, [], [], @common=@ERROR={'ERROR\x00', 0x20, {"afc38d6bd3f0cb5b27a733c37eacf7f292eb41711a8ca8a751f51bd4168c"}}}]}]}, 0x550) ioctl$PPPIOCSMAXCID(0xffffffffffffffff, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:30 executing program 3 (fault-call:0 fault-nth:57): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:30 executing program 4: 21:25:30 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0xa67e8df534de9641, 0x0) ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f0000000080)=0x5) 21:25:31 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000001680)='/dev/ubi_ctrl\x00', 0x1, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$UI_DEV_DESTROY(r1, 0x5502) ioctl(r3, 0x5, &(0x7f00000016c0)="9f133f5d4f112dd0d23564e6347d99c123fcfdfddcf826a32d22f44c4735c022ce16add2816c501eca73831bd71cd2fd4ee6271f7460b33fc71ca04d6007d490f5eee74155927a7fccff8f50a4855a634f85cef6e8200697edf2f166634f5c609273205037f4ee67b93ff151844528967f5a9077ec1949821205f7b3de326531623138449e7e575738ae461788ef933ce657d4d40872e1f9d7b17b4160ce70f92a1130000478868b681ce9709e8a493f19f2999c065b6fee30d5cad5c4cb55") perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) fcntl$getownex(r4, 0x10, &(0x7f0000000040)={0x0, 0x0}) process_vm_readv(r5, &(0x7f0000001540)=[{&(0x7f0000000080)=""/35, 0x98}, {&(0x7f00000000c0)=""/51, 0x33}, {&(0x7f0000000380)=""/253, 0xfffffffffffffd5a}, {&(0x7f00000001c0)=""/93, 0x5d}, {&(0x7f0000000480)=""/182, 0xb6}, {&(0x7f0000000540)=""/4096, 0x1000}, {&(0x7f00000002c0)=""/8, 0x8}], 0x7, &(0x7f0000001640)=[{&(0x7f0000000300)=""/58, 0x3a}, {&(0x7f00000015c0)=""/16, 0x10}, {&(0x7f0000001600)=""/4, 0x4}], 0x3, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:25:31 executing program 4: 21:25:31 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) r1 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x3, 0x68806b2bdf18e774) write$P9_RLERROR(r1, &(0x7f0000000080)={0x9, 0x7, 0x2}, 0x9) [ 420.886882] FAULT_INJECTION: forcing a failure. [ 420.886882] name failslab, interval 1, probability 0, space 0, times 0 [ 420.924543] CPU: 0 PID: 15450 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 420.931675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 420.941024] Call Trace: [ 420.943608] dump_stack+0x138/0x197 [ 420.947235] should_fail.cold+0x10f/0x159 [ 420.951375] should_failslab+0xdb/0x130 [ 420.955342] kmem_cache_alloc+0x2d7/0x780 [ 420.959513] ? check_preemption_disabled+0x3c/0x250 [ 420.964519] alloc_vfsmnt+0x28/0x7d0 [ 420.968215] vfs_kern_mount.part.0+0x2a/0x3d0 [ 420.972856] ? find_held_lock+0x35/0x130 [ 420.976909] vfs_kern_mount+0x40/0x60 [ 420.980795] btrfs_mount+0x3ce/0x2b28 [ 420.984586] ? lock_downgrade+0x6e0/0x6e0 [ 420.988713] ? find_held_lock+0x35/0x130 [ 420.992755] ? pcpu_alloc+0x3af/0x1050 [ 420.996634] ? btrfs_remount+0x11f0/0x11f0 [ 421.000861] ? rcu_read_lock_sched_held+0x110/0x130 [ 421.005862] ? __lockdep_init_map+0x10c/0x570 [ 421.010354] ? __lockdep_init_map+0x10c/0x570 [ 421.014831] mount_fs+0x97/0x2a1 [ 421.018180] vfs_kern_mount.part.0+0x5e/0x3d0 [ 421.022655] do_mount+0x417/0x27d0 [ 421.026178] ? copy_mount_string+0x40/0x40 [ 421.030396] ? copy_mount_options+0x151/0x2f0 [ 421.034883] ? __sanitizer_cov_trace_pc+0x41/0x60 [ 421.039705] ? copy_mount_options+0x1fe/0x2f0 [ 421.044180] SyS_mount+0xab/0x120 [ 421.047614] ? copy_mnt_ns+0x8c0/0x8c0 [ 421.051481] do_syscall_64+0x1e8/0x640 [ 421.055349] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 421.060175] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 421.065344] RIP: 0033:0x45c2ca [ 421.068515] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 421.076201] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca 21:25:31 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x2, 0x0, &(0x7f0000000200), 0x0, 0x0) 21:25:31 executing program 4: [ 421.083457] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 [ 421.090706] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 [ 421.097954] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 421.105206] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:31 executing program 3 (fault-call:0 fault-nth:58): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:31 executing program 4: 21:25:31 executing program 2: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000340)={{{@in=@empty, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in=@multicast1}}, &(0x7f00000001c0)=0xe8) lstat(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) chown(&(0x7f0000000040)='./file0\x00', r0, r1) 21:25:31 executing program 4: [ 421.297429] FAULT_INJECTION: forcing a failure. [ 421.297429] name failslab, interval 1, probability 0, space 0, times 0 [ 421.309606] CPU: 1 PID: 15481 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 421.316709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 421.326052] Call Trace: [ 421.328632] dump_stack+0x138/0x197 [ 421.332251] should_fail.cold+0x10f/0x159 [ 421.336387] should_failslab+0xdb/0x130 [ 421.340348] kmem_cache_alloc+0x2d7/0x780 [ 421.344494] ? check_preemption_disabled+0x3c/0x250 [ 421.349497] alloc_vfsmnt+0x28/0x7d0 [ 421.353284] vfs_kern_mount.part.0+0x2a/0x3d0 [ 421.357761] ? find_held_lock+0x35/0x130 [ 421.361805] vfs_kern_mount+0x40/0x60 [ 421.365592] btrfs_mount+0x3ce/0x2b28 [ 421.369371] ? lock_downgrade+0x6e0/0x6e0 [ 421.373500] ? find_held_lock+0x35/0x130 [ 421.377541] ? pcpu_alloc+0x3af/0x1050 [ 421.381414] ? btrfs_remount+0x11f0/0x11f0 [ 421.385635] ? rcu_read_lock_sched_held+0x110/0x130 [ 421.390640] ? __lockdep_init_map+0x10c/0x570 [ 421.395116] ? __lockdep_init_map+0x10c/0x570 [ 421.399594] mount_fs+0x97/0x2a1 [ 421.402969] vfs_kern_mount.part.0+0x5e/0x3d0 [ 421.407461] do_mount+0x417/0x27d0 [ 421.410982] ? copy_mount_options+0x5c/0x2f0 [ 421.415372] ? rcu_read_lock_sched_held+0x110/0x130 [ 421.420372] ? copy_mount_string+0x40/0x40 [ 421.424590] ? copy_mount_options+0x1fe/0x2f0 [ 421.429068] SyS_mount+0xab/0x120 [ 421.432502] ? copy_mnt_ns+0x8c0/0x8c0 [ 421.436387] do_syscall_64+0x1e8/0x640 [ 421.440253] ? trace_hardirqs_off_thunk+0x1a/0x1c 21:25:31 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xdd) 21:25:31 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x4, 0x44000) ioctl$SIOCAX25GETINFO(r0, 0x89ed, &(0x7f00000000c0)) [ 421.445079] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 421.450249] RIP: 0033:0x45c2ca [ 421.453419] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 421.461108] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca [ 421.468359] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 [ 421.475608] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 [ 421.482873] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 421.490123] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:31 executing program 4: 21:25:31 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0x100000001, 0x10000) ioctl$SIOCGETLINKNAME(r1, 0x89e0, &(0x7f0000000080)={0x3, 0x3}) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:25:31 executing program 3 (fault-call:0 fault-nth:59): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:31 executing program 4: [ 421.704786] FAULT_INJECTION: forcing a failure. [ 421.704786] name failslab, interval 1, probability 0, space 0, times 0 [ 421.758812] CPU: 1 PID: 15510 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 421.765955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 421.775313] Call Trace: [ 421.775332] dump_stack+0x138/0x197 [ 421.775353] should_fail.cold+0x10f/0x159 [ 421.781534] should_failslab+0xdb/0x130 [ 421.781549] __kmalloc_track_caller+0x2ec/0x790 [ 421.781562] ? kstrdup_const+0x48/0x60 [ 421.781573] kstrdup+0x3a/0x70 [ 421.781585] kstrdup_const+0x48/0x60 [ 421.805090] alloc_vfsmnt+0xe5/0x7d0 [ 421.808791] vfs_kern_mount.part.0+0x2a/0x3d0 [ 421.813270] ? find_held_lock+0x35/0x130 [ 421.817315] vfs_kern_mount+0x40/0x60 [ 421.821099] btrfs_mount+0x3ce/0x2b28 [ 421.824881] ? lock_downgrade+0x6e0/0x6e0 [ 421.829007] ? find_held_lock+0x35/0x130 [ 421.833051] ? pcpu_alloc+0x3af/0x1050 [ 421.836924] ? btrfs_remount+0x11f0/0x11f0 [ 421.841142] ? rcu_read_lock_sched_held+0x110/0x130 [ 421.846146] ? __lockdep_init_map+0x10c/0x570 [ 421.850622] ? __lockdep_init_map+0x10c/0x570 [ 421.855098] mount_fs+0x97/0x2a1 [ 421.858446] vfs_kern_mount.part.0+0x5e/0x3d0 [ 421.862940] do_mount+0x417/0x27d0 [ 421.866465] ? copy_mount_string+0x40/0x40 [ 421.870680] ? copy_mount_options+0x151/0x2f0 [ 421.875167] ? __sanitizer_cov_trace_pc+0x41/0x60 [ 421.879988] ? copy_mount_options+0x1fe/0x2f0 [ 421.884467] SyS_mount+0xab/0x120 [ 421.887900] ? copy_mnt_ns+0x8c0/0x8c0 [ 421.891768] do_syscall_64+0x1e8/0x640 [ 421.895634] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 421.900463] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 421.905631] RIP: 0033:0x45c2ca 21:25:32 executing program 4: 21:25:32 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) fsetxattr$security_smack_transmute(r0, &(0x7f0000000040)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000080)='TRUE', 0x4, 0x3) [ 421.908974] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 421.916678] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca [ 421.923931] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 [ 421.931181] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 [ 421.938430] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 421.945694] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:32 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000040), 0x4) 21:25:32 executing program 4: 21:25:32 executing program 4: 21:25:32 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) connect$rose(r1, &(0x7f0000000040)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x0, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x40) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r4, 0x84, 0x4, &(0x7f0000000080)=0x6, 0x4) 21:25:32 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='.\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x2, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r0, 0xc0305602, &(0x7f0000000080)={0x0, 0x4, 0x201f, 0x1}) 21:25:32 executing program 3 (fault-call:0 fault-nth:60): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:32 executing program 4: 21:25:32 executing program 0: ioctl$EVIOCGPROP(0xffffffffffffffff, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(0xffffffffffffffff, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:32 executing program 4: [ 422.248344] FAULT_INJECTION: forcing a failure. [ 422.248344] name failslab, interval 1, probability 0, space 0, times 0 21:25:32 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x293, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x7f}], 0x0, 0x0) [ 422.311924] CPU: 1 PID: 15556 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 422.319063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 422.319069] Call Trace: [ 422.319086] dump_stack+0x138/0x197 [ 422.319105] should_fail.cold+0x10f/0x159 [ 422.331123] should_failslab+0xdb/0x130 [ 422.331137] __kmalloc+0x2f0/0x7a0 [ 422.331146] ? match_token+0x22b/0x480 [ 422.331158] ? match_strdup+0x5f/0xa0 [ 422.338902] match_strdup+0x5f/0xa0 [ 422.338915] btrfs_parse_early_options+0x241/0x310 [ 422.338929] ? btrfs_freeze+0xc0/0xc0 [ 422.366369] ? find_next_bit+0x28/0x30 [ 422.370260] ? pcpu_alloc+0xcf0/0x1050 [ 422.374148] ? pcpu_alloc+0xcf0/0x1050 [ 422.378023] btrfs_mount+0x11d/0x2b28 [ 422.381806] ? lock_downgrade+0x6e0/0x6e0 [ 422.386019] ? find_held_lock+0x35/0x130 [ 422.390059] ? pcpu_alloc+0x3af/0x1050 [ 422.393931] ? _find_next_bit+0xee/0x120 [ 422.397973] ? check_preemption_disabled+0x3c/0x250 [ 422.402972] ? btrfs_remount+0x11f0/0x11f0 [ 422.407194] ? rcu_read_lock_sched_held+0x110/0x130 [ 422.412200] ? __lockdep_init_map+0x10c/0x570 [ 422.416692] ? __lockdep_init_map+0x10c/0x570 [ 422.421173] mount_fs+0x97/0x2a1 [ 422.424525] vfs_kern_mount.part.0+0x5e/0x3d0 [ 422.429000] ? find_held_lock+0x35/0x130 [ 422.433046] vfs_kern_mount+0x40/0x60 [ 422.436829] btrfs_mount+0x3ce/0x2b28 [ 422.440618] ? lock_downgrade+0x6e0/0x6e0 [ 422.444759] ? find_held_lock+0x35/0x130 [ 422.448799] ? pcpu_alloc+0x3af/0x1050 [ 422.452678] ? btrfs_remount+0x11f0/0x11f0 [ 422.456896] ? rcu_read_lock_sched_held+0x110/0x130 [ 422.461900] ? __lockdep_init_map+0x10c/0x570 [ 422.466377] ? __lockdep_init_map+0x10c/0x570 [ 422.470856] mount_fs+0x97/0x2a1 [ 422.474209] vfs_kern_mount.part.0+0x5e/0x3d0 [ 422.478686] do_mount+0x417/0x27d0 [ 422.482213] ? copy_mount_string+0x40/0x40 [ 422.486430] ? copy_mount_options+0x151/0x2f0 [ 422.490922] ? __sanitizer_cov_trace_pc+0x41/0x60 [ 422.495754] ? copy_mount_options+0x1fe/0x2f0 [ 422.500231] SyS_mount+0xab/0x120 [ 422.503669] ? copy_mnt_ns+0x8c0/0x8c0 [ 422.507540] do_syscall_64+0x1e8/0x640 [ 422.511412] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 422.516243] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 422.521414] RIP: 0033:0x45c2ca [ 422.524599] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 422.532291] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca [ 422.539550] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 [ 422.546798] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 [ 422.554053] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 21:25:32 executing program 4: 21:25:32 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000040)=0x2000000080081) 21:25:32 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r1, 0x28, 0x2, &(0x7f0000000040)=0x59f, 0x8) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 422.561302] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:32 executing program 4: 21:25:32 executing program 3 (fault-call:0 fault-nth:61): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:32 executing program 4: 21:25:32 executing program 1: r0 = getgid() socket$isdn_base(0x22, 0x3, 0x0) semget(0x2, 0x2, 0x1b1) stat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f00000000c0)=0x0, &(0x7f0000000100), &(0x7f0000000140)) setgroups(0x3, &(0x7f0000000180)=[r0, r1, r2]) 21:25:32 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000040)=0x54498f1) [ 422.748826] FAULT_INJECTION: forcing a failure. [ 422.748826] name failslab, interval 1, probability 0, space 0, times 0 21:25:32 executing program 4: 21:25:32 executing program 2: syz_mount_image$btrfs(&(0x7f00000001c0)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = dup(0xffffffffffffffff) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00') sendmsg$TIPC_CMD_SHOW_STATS(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x500}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x1c, r1, 0x20, 0x70bd29, 0x25dfdbfd, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4008000}, 0x14) 21:25:32 executing program 1: lsetxattr$security_capability(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='security.capability\x00', &(0x7f00000000c0)=@v1={0x1000000, [{0x7ff, 0x401}]}, 0xc, 0x3) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 422.868127] CPU: 1 PID: 15592 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 422.875261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 422.884615] Call Trace: [ 422.887217] dump_stack+0x138/0x197 [ 422.890852] should_fail.cold+0x10f/0x159 [ 422.890872] should_failslab+0xdb/0x130 [ 422.890886] __kmalloc_track_caller+0x2ec/0x790 [ 422.890900] ? unwind_get_return_address+0x61/0xa0 [ 422.899002] ? __save_stack_trace+0x7b/0xd0 [ 422.912856] ? btrfs_parse_early_options+0xa3/0x310 [ 422.917863] kstrdup+0x3a/0x70 [ 422.921064] btrfs_parse_early_options+0xa3/0x310 [ 422.925890] ? save_trace+0x290/0x290 [ 422.929670] ? btrfs_freeze+0xc0/0xc0 [ 422.933452] ? pcpu_alloc+0xcf0/0x1050 [ 422.937321] ? find_held_lock+0x35/0x130 [ 422.941363] ? pcpu_alloc+0xcf0/0x1050 [ 422.945238] btrfs_mount+0x11d/0x2b28 [ 422.949118] ? lock_downgrade+0x6e0/0x6e0 [ 422.953245] ? find_held_lock+0x35/0x130 [ 422.957288] ? pcpu_alloc+0x3af/0x1050 [ 422.961159] ? _find_next_bit+0xee/0x120 [ 422.965205] ? check_preemption_disabled+0x3c/0x250 [ 422.970216] ? btrfs_remount+0x11f0/0x11f0 [ 422.974583] ? rcu_read_lock_sched_held+0x110/0x130 [ 422.979605] ? __lockdep_init_map+0x10c/0x570 [ 422.984082] ? __lockdep_init_map+0x10c/0x570 [ 422.988560] mount_fs+0x97/0x2a1 [ 422.991911] vfs_kern_mount.part.0+0x5e/0x3d0 [ 422.996560] ? find_held_lock+0x35/0x130 [ 423.000603] vfs_kern_mount+0x40/0x60 [ 423.004391] btrfs_mount+0x3ce/0x2b28 [ 423.008176] ? lock_downgrade+0x6e0/0x6e0 [ 423.012308] ? find_held_lock+0x35/0x130 [ 423.016350] ? pcpu_alloc+0x3af/0x1050 [ 423.020224] ? btrfs_remount+0x11f0/0x11f0 [ 423.024443] ? rcu_read_lock_sched_held+0x110/0x130 [ 423.029456] ? __lockdep_init_map+0x10c/0x570 [ 423.033936] ? __lockdep_init_map+0x10c/0x570 [ 423.038416] mount_fs+0x97/0x2a1 [ 423.041769] vfs_kern_mount.part.0+0x5e/0x3d0 [ 423.046259] do_mount+0x417/0x27d0 [ 423.049780] ? copy_mount_options+0x5c/0x2f0 [ 423.054170] ? rcu_read_lock_sched_held+0x110/0x130 [ 423.059169] ? copy_mount_string+0x40/0x40 [ 423.063390] ? copy_mount_options+0x1fe/0x2f0 [ 423.067867] SyS_mount+0xab/0x120 [ 423.071302] ? copy_mnt_ns+0x8c0/0x8c0 [ 423.075171] do_syscall_64+0x1e8/0x640 [ 423.079072] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 423.083932] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 423.089100] RIP: 0033:0x45c2ca [ 423.092464] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 423.100156] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca [ 423.107409] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 21:25:33 executing program 4: [ 423.114657] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 [ 423.121920] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 423.129183] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:33 executing program 4: 21:25:33 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x8000, 0x0) sendmsg$TIPC_NL_MEDIA_GET(r0, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x5c, 0x0, 0x400, 0x70bd29, 0x25dfdbff, {}, [@TIPC_NLA_NET={0x24, 0x7, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x2}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xff}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x2}]}, @TIPC_NLA_NET={0x24, 0x7, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x694}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xfffffffffffffffe}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0x4) 21:25:33 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:25:33 executing program 4: 21:25:33 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) ioctl$FIGETBSZ(r0, 0x2, &(0x7f0000000040)) 21:25:33 executing program 3 (fault-call:0 fault-nth:62): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:33 executing program 4: [ 423.345077] print_req_error: I/O error, dev loop1, sector 128 [ 423.376150] FAULT_INJECTION: forcing a failure. [ 423.376150] name fail_page_alloc, interval 1, probability 0, space 0, times 0 21:25:33 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x4, 0x111000) ioctl$ASHMEM_GET_PROT_MASK(r0, 0x7706, &(0x7f0000000080)) 21:25:33 executing program 4: 21:25:33 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x2, 0x0) [ 423.448020] CPU: 1 PID: 15642 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 423.455157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 423.464502] Call Trace: [ 423.467085] dump_stack+0x138/0x197 [ 423.470703] should_fail.cold+0x10f/0x159 [ 423.474835] ? __might_sleep+0x93/0xb0 [ 423.478707] __alloc_pages_nodemask+0x1d6/0x7a0 [ 423.483361] ? check_preemption_disabled+0x3c/0x250 [ 423.488360] ? __alloc_pages_slowpath+0x2930/0x2930 [ 423.493358] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 423.498792] ? __alloc_pages_nodemask+0x639/0x7a0 [ 423.503617] alloc_pages_current+0xec/0x1e0 [ 423.507921] ? btrfs_parse_early_options+0x1a2/0x310 [ 423.513007] __get_free_pages+0xf/0x40 [ 423.516891] get_zeroed_page+0x11/0x20 [ 423.520759] selinux_sb_copy_data+0x2a/0x390 [ 423.525149] security_sb_copy_data+0x75/0xb0 [ 423.529538] parse_security_options+0x37/0xa0 [ 423.534018] btrfs_mount+0x2bb/0x2b28 [ 423.537802] ? lock_downgrade+0x6e0/0x6e0 [ 423.541932] ? find_held_lock+0x35/0x130 [ 423.545992] ? pcpu_alloc+0x3af/0x1050 [ 423.549865] ? btrfs_remount+0x11f0/0x11f0 [ 423.554086] ? rcu_read_lock_sched_held+0x110/0x130 [ 423.559088] ? __lockdep_init_map+0x10c/0x570 [ 423.563574] mount_fs+0x97/0x2a1 [ 423.567251] vfs_kern_mount.part.0+0x5e/0x3d0 [ 423.571831] ? find_held_lock+0x35/0x130 [ 423.575873] vfs_kern_mount+0x40/0x60 [ 423.579653] btrfs_mount+0x3ce/0x2b28 [ 423.583437] ? lock_downgrade+0x6e0/0x6e0 [ 423.587566] ? find_held_lock+0x35/0x130 [ 423.591608] ? pcpu_alloc+0x3af/0x1050 [ 423.595483] ? btrfs_remount+0x11f0/0x11f0 [ 423.599703] ? rcu_read_lock_sched_held+0x110/0x130 [ 423.604705] ? __lockdep_init_map+0x10c/0x570 [ 423.609183] ? __lockdep_init_map+0x10c/0x570 [ 423.613661] mount_fs+0x97/0x2a1 [ 423.617011] vfs_kern_mount.part.0+0x5e/0x3d0 [ 423.621491] do_mount+0x417/0x27d0 [ 423.625015] ? retint_kernel+0x2d/0x2d [ 423.628884] ? copy_mount_string+0x40/0x40 [ 423.633103] ? copy_mount_options+0x199/0x2f0 [ 423.637578] ? copy_mount_options+0x1fe/0x2f0 [ 423.642074] SyS_mount+0xab/0x120 [ 423.645511] ? copy_mnt_ns+0x8c0/0x8c0 [ 423.649381] do_syscall_64+0x1e8/0x640 [ 423.653248] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 423.658076] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 423.663249] RIP: 0033:0x45c2ca [ 423.666428] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 423.674129] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca [ 423.681382] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 [ 423.688630] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 21:25:33 executing program 3 (fault-call:0 fault-nth:63): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:33 executing program 4: [ 423.695883] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 423.703133] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:33 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) sync_file_range(r0, 0x2, 0x2, 0x7) r1 = syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x3, 0x2) ioctl$UI_SET_KEYBIT(r1, 0x40045565, 0xea) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f00000000c0)=0x3) unlink(&(0x7f0000000080)='./file0\x00') [ 423.831639] FAULT_INJECTION: forcing a failure. [ 423.831639] name failslab, interval 1, probability 0, space 0, times 0 [ 423.855539] CPU: 1 PID: 15669 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 423.862683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 423.862689] Call Trace: [ 423.862709] dump_stack+0x138/0x197 [ 423.862728] should_fail.cold+0x10f/0x159 [ 423.862744] should_failslab+0xdb/0x130 [ 423.862756] kmem_cache_alloc_trace+0x2e9/0x790 [ 423.862774] selinux_parse_opts_str+0x42c/0xa30 [ 423.862791] ? selinux_sb_show_options+0xd50/0xd50 [ 423.862805] ? free_pages+0x46/0x50 [ 423.862815] ? selinux_sb_copy_data+0x21e/0x390 [ 423.862830] security_sb_parse_opts_str+0x75/0xb0 [ 423.862846] parse_security_options+0x4e/0xa0 [ 423.882532] btrfs_mount+0x2bb/0x2b28 [ 423.891139] ? lock_downgrade+0x6e0/0x6e0 [ 423.891146] ? find_held_lock+0x35/0x130 [ 423.891156] ? pcpu_alloc+0x3af/0x1050 [ 423.891171] ? btrfs_remount+0x11f0/0x11f0 [ 423.891186] ? rcu_read_lock_sched_held+0x110/0x130 [ 423.891205] ? __lockdep_init_map+0x10c/0x570 [ 423.900766] mount_fs+0x97/0x2a1 [ 423.912157] print_req_error: I/O error, dev loop1, sector 128 [ 423.913863] vfs_kern_mount.part.0+0x5e/0x3d0 [ 423.913876] ? find_held_lock+0x35/0x130 [ 423.965538] vfs_kern_mount+0x40/0x60 [ 423.969378] btrfs_mount+0x3ce/0x2b28 [ 423.973160] ? lock_downgrade+0x6e0/0x6e0 [ 423.977288] ? find_held_lock+0x35/0x130 [ 423.981330] ? pcpu_alloc+0x3af/0x1050 [ 423.985204] ? btrfs_remount+0x11f0/0x11f0 [ 423.989421] ? rcu_read_lock_sched_held+0x110/0x130 [ 423.994423] ? __lockdep_init_map+0x10c/0x570 [ 423.998905] ? __lockdep_init_map+0x10c/0x570 [ 424.003384] mount_fs+0x97/0x2a1 [ 424.006741] vfs_kern_mount.part.0+0x5e/0x3d0 [ 424.011217] do_mount+0x417/0x27d0 [ 424.014740] ? copy_mount_options+0x5c/0x2f0 [ 424.019130] ? rcu_read_lock_sched_held+0x110/0x130 [ 424.024137] ? copy_mount_string+0x40/0x40 [ 424.028369] ? copy_mount_options+0x1fe/0x2f0 [ 424.032846] SyS_mount+0xab/0x120 [ 424.036281] ? copy_mnt_ns+0x8c0/0x8c0 [ 424.040225] do_syscall_64+0x1e8/0x640 [ 424.044094] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 424.048923] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 424.054096] RIP: 0033:0x45c2ca [ 424.057266] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 424.064953] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca [ 424.072205] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 21:25:34 executing program 4: 21:25:34 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r2, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f00000000c0)="b8c2000f00d066b8010000000f01c1b899000f00d8b81a018ec8ba4000ecb828008ee0640ffa4102b808000f00d8ab2e660f611f"}], 0x0, 0x0, 0x0, 0xffffffffffffffa2) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 424.079454] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 [ 424.086705] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 424.093956] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:34 executing program 4: 21:25:34 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) r1 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/mls\x00', 0x0, 0x0) syz_emit_ethernet(0x26, &(0x7f00000001c0)=ANY=[@ANYBLOB="252388af71d5aaaaaaaaaabb9100380081003500000c02000060080100009599baec73a0f892116644e146e3238a496257cbcc62782bac990337db1cbc18454b14de1302b4d2bdaa10d226733a2354b625a3597d1e4ceb02752980e91cd41f20500022854346dec0eb8f41c0fcee7e0c919fdf3b04741f61ddfa10996746dd4cd2ee217b3c3e70726d82c7537267f141d75a44c7d5e7151a45c660fc444e5902793a08515eaaa3444692ba8f98d1b8f43031b27eec52555161373065"], &(0x7f0000000140)={0x1, 0x3, [0x8dd, 0xb48, 0x156, 0x2c0]}) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS(r1, 0xc0385720, &(0x7f0000000180)={0x0, {0x77359400}, 0xfffffffffffffffc, 0x5f}) ioctl$TUNSETVNETBE(r1, 0x400454de, &(0x7f0000000080)=0x1) 21:25:34 executing program 4: 21:25:34 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$TIOCSBRK(r1, 0x5427) 21:25:34 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) socket(0xb, 0x5, 0x5) 21:25:34 executing program 4: 21:25:34 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f0000000140)={0xfffffffffffffffe, 0x1, 0x0, 0x7ff, 0x800, 0x8000}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f0000000040)={0x800, 0x100000001, 0x5d, 0xea, 0x0, 0x7}) 21:25:34 executing program 3 (fault-call:0 fault-nth:64): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:34 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000240)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x101880, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000080)={0x7, 0x4d, 0x2}, 0x7) pipe(&(0x7f00000000c0)={0xffffffffffffffff}) fcntl$setflags(r2, 0x2, 0x1) 21:25:34 executing program 4: [ 424.493460] FAULT_INJECTION: forcing a failure. [ 424.493460] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 424.516528] CPU: 1 PID: 15711 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 424.523659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 424.523666] Call Trace: [ 424.523685] dump_stack+0x138/0x197 [ 424.523703] should_fail.cold+0x10f/0x159 [ 424.523715] ? __might_sleep+0x93/0xb0 [ 424.523729] __alloc_pages_nodemask+0x1d6/0x7a0 [ 424.523739] ? check_preemption_disabled+0x3c/0x250 [ 424.523750] ? __alloc_pages_slowpath+0x2930/0x2930 [ 424.523759] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 424.523770] ? __alloc_pages_nodemask+0x639/0x7a0 [ 424.523786] alloc_pages_current+0xec/0x1e0 [ 424.523795] ? btrfs_parse_early_options+0x1a2/0x310 [ 424.523808] __get_free_pages+0xf/0x40 [ 424.523817] get_zeroed_page+0x11/0x20 [ 424.523827] selinux_sb_copy_data+0x2a/0x390 [ 424.523840] security_sb_copy_data+0x75/0xb0 [ 424.523852] parse_security_options+0x37/0xa0 [ 424.523863] btrfs_mount+0x2bb/0x2b28 [ 424.523871] ? lock_downgrade+0x6e0/0x6e0 [ 424.523884] ? find_held_lock+0x35/0x130 [ 424.543569] ? pcpu_alloc+0x3af/0x1050 [ 424.543591] ? btrfs_remount+0x11f0/0x11f0 [ 424.543609] ? rcu_read_lock_sched_held+0x110/0x130 [ 424.552145] ? __lockdep_init_map+0x10c/0x570 [ 424.552165] mount_fs+0x97/0x2a1 [ 424.552178] vfs_kern_mount.part.0+0x5e/0x3d0 [ 424.552186] ? find_held_lock+0x35/0x130 [ 424.552197] vfs_kern_mount+0x40/0x60 [ 424.552211] btrfs_mount+0x3ce/0x2b28 [ 424.651710] ? lock_downgrade+0x6e0/0x6e0 [ 424.655839] ? find_held_lock+0x35/0x130 [ 424.659880] ? pcpu_alloc+0x3af/0x1050 [ 424.663759] ? btrfs_remount+0x11f0/0x11f0 [ 424.667978] ? rcu_read_lock_sched_held+0x110/0x130 [ 424.672981] ? __lockdep_init_map+0x10c/0x570 [ 424.677460] ? __lockdep_init_map+0x10c/0x570 [ 424.681941] mount_fs+0x97/0x2a1 [ 424.685293] vfs_kern_mount.part.0+0x5e/0x3d0 [ 424.689773] do_mount+0x417/0x27d0 [ 424.693294] ? copy_mount_options+0x5c/0x2f0 [ 424.697682] ? rcu_read_lock_sched_held+0x110/0x130 [ 424.702684] ? copy_mount_string+0x40/0x40 [ 424.706905] ? copy_mount_options+0x1fe/0x2f0 [ 424.711383] SyS_mount+0xab/0x120 [ 424.714816] ? copy_mnt_ns+0x8c0/0x8c0 [ 424.718687] do_syscall_64+0x1e8/0x640 [ 424.722553] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 424.727380] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 424.732551] RIP: 0033:0x45c2ca [ 424.735720] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 21:25:34 executing program 4: [ 424.743407] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca [ 424.750658] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 [ 424.757909] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 [ 424.765158] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 424.772408] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:34 executing program 3 (fault-call:0 fault-nth:65): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:34 executing program 4: 21:25:34 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000100)='/dev/zero\x00', 0x422000, 0x0) unlink(&(0x7f0000000280)='./file0\x00') write$FUSE_NOTIFY_INVAL_INODE(r0, &(0x7f0000000200)={0x28, 0x2, 0x0, {0x2, 0x4}}, 0x28) lsetxattr$security_selinux(&(0x7f0000000240)='./file0\x00', &(0x7f0000000180)='security.selinux\x00', &(0x7f00000001c0)='system_u:object_r:hald_sonypic_exec_t:s0\x00', 0x29, 0x2) ioctl$FS_IOC_GETFSLABEL(r0, 0x81009431, &(0x7f00000003c0)) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000d00)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x9134}], 0x0, 0x0) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000800)='./file0/file0/file0\x00', 0x9, 0x5, &(0x7f0000000ac0)=[{&(0x7f0000000840)="8b5398286a21a77c5d4e6a4c324102911b3c56f761075c660469f9e1f9cc568e7d680668e794008f27dc3b9f9d372cee8439dd5fe05f0f28ee64c28e11c35abc7a74b9b83ac27c92ade2c1cd5713971bd8f436265837f9c991b88d0d41f0dd6fb272c37abcc875ef72ed4f26e952099a5e0064e3b24abf90d69f162df583e43736", 0x81, 0x3}, {&(0x7f0000000900)="bc1a838bfe62c4eca9ebefba1d4798a98c7ee1c3e8775391b13dbef76c4e2c80278f91076856fbccf85a306e6d96ce7edf3a85145d601bfea2bee3", 0x3b, 0x6}, {&(0x7f0000000940)="ed75f5c54fc36f46cc71b3d24c50d6fbe03e951d0719ab53ed61a49254f6a9865f8a3e029d932dad5a47aa27f2e1408f963702447a557a696314796aaa4509b0d1d8272edf28fb625a8cc2f71294814bff41260c393e7159662e3d52477a571609eb55d12dc05cc2efaafb8902600ed845ed6326cd6d6520c404efdea2337d087ff27a7ec8e031c78c90a870188a10fbc1c4ec5964a89fabc8330849ef20c42ec5e085723cad", 0xa6, 0x44d}, {&(0x7f0000000a00)="41a800", 0x3, 0x4}, {&(0x7f0000000a40)="809da4c5d24b9012a425452ac8529ba807a2ceea9a621894b3c5b75244bb689e909bc83d05adaf608e84eefc45b0b58fb9de6257ed0b4338d5fd820fe424e09c9182f99f5afd3a15745a9cbf6b126315d490d492e51e740126335c29d5c0774348", 0x61, 0xcd9c}], 0x208040, &(0x7f0000000b40)={[{@treelog='treelog'}], [{@pcr={'pcr', 0x3d, 0x14}}, {@func={'func', 0x3d, 'KEXEC_KERNEL_CHECK'}}]}) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000b80)={0x1ff, 0x1, 0xf1, 0xffffffff80000001, 0x0}, &(0x7f0000000bc0)=0x10) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000c00)={r1, 0x74db}, &(0x7f0000000c40)=0x8) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000007c0)='overlay\x00', 0x800004, &(0x7f0000000d80)=ANY=[@ANYBLOB="78696e6f396f66662c72656469726563745f6469723d2e2f66696c65302c78696e200000002c64656661756c745f7065726d690973696fe5f6a22a3a65b0f48abd106e732c6e66735f6578706f72743d6f66662c78696e6fd53d6f6e2c78696e6f3d6f66662c776f726b6469723d2e2f66696c65302c7375626a5f757365723d6274726673002c6d6561737772652c009ff273d76069ce4586a392a26d607eb068b1c3889541769c8a268ffd422454191b30eb6c0585744d17d7ef35560d7e4dde031e02501183d2d4fde2f1b727fa9d0d5378304cd032f016f8ff0e28ca99905459d93f56c42f1a59fc9dea59054274f1fb7630c245911b7c80ef72ba0f5ea6fd1128c7"]) stat(&(0x7f0000000500)='./file0\x00', &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000005c0)={{{@in6=@loopback, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@mcast2}}, &(0x7f00000006c0)=0xe8) mount$9p_tcp(&(0x7f0000000140)='127.0.0.1\x00', &(0x7f0000000380)='./file0/file0/file0\x00', &(0x7f00000004c0)='9p\x00', 0x410, &(0x7f0000000700)={'trans=tcp,', {'port', 0x3d, 0x4e23}, 0x2c, {[{@loose='loose'}, {@access_any='access=any'}, {@cache_none='cache=none'}, {@nodevmap='nodevmap'}, {@dfltgid={'dfltgid', 0x3d, r2}}, {@version_L='version=9p2000.L'}], [{@dont_appraise='dont_appraise'}, {@fsname={'fsname', 0x3d, '^'}}, {@fowner_eq={'fowner', 0x3d, r3}}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}]}}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000300)={'netdevsim0\x00', &(0x7f00000002c0)=@ethtool_modinfo={0x42, 0x8, 0x2, "cc5c306fa74be190"}}) [ 424.915076] FAULT_INJECTION: forcing a failure. [ 424.915076] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 424.944053] CPU: 1 PID: 15739 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 424.951178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 424.960530] Call Trace: [ 424.960550] dump_stack+0x138/0x197 [ 424.960569] should_fail.cold+0x10f/0x159 [ 424.960580] ? __might_sleep+0x93/0xb0 [ 424.960595] __alloc_pages_nodemask+0x1d6/0x7a0 [ 424.960608] ? check_preemption_disabled+0x3c/0x250 [ 424.960619] ? __alloc_pages_slowpath+0x2930/0x2930 [ 424.989610] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 424.995078] ? __alloc_pages_nodemask+0x639/0x7a0 [ 424.999923] alloc_pages_current+0xec/0x1e0 [ 425.004243] ? btrfs_parse_early_options+0x1a2/0x310 [ 425.009348] __get_free_pages+0xf/0x40 [ 425.013239] get_zeroed_page+0x11/0x20 [ 425.017131] selinux_sb_copy_data+0x2a/0x390 [ 425.021580] security_sb_copy_data+0x75/0xb0 [ 425.025990] parse_security_options+0x37/0xa0 [ 425.030490] btrfs_mount+0x2bb/0x2b28 [ 425.034293] ? lock_downgrade+0x6e0/0x6e0 [ 425.038447] ? find_held_lock+0x35/0x130 [ 425.042516] ? pcpu_alloc+0x3af/0x1050 [ 425.046497] ? btrfs_remount+0x11f0/0x11f0 [ 425.050748] ? rcu_read_lock_sched_held+0x110/0x130 [ 425.055770] ? __lockdep_init_map+0x10c/0x570 [ 425.060275] mount_fs+0x97/0x2a1 [ 425.063733] vfs_kern_mount.part.0+0x5e/0x3d0 [ 425.068223] ? find_held_lock+0x35/0x130 [ 425.072290] vfs_kern_mount+0x40/0x60 [ 425.076093] btrfs_mount+0x3ce/0x2b28 [ 425.079901] ? lock_downgrade+0x6e0/0x6e0 [ 425.084051] ? find_held_lock+0x35/0x130 [ 425.088108] ? pcpu_alloc+0x3af/0x1050 [ 425.091997] ? btrfs_remount+0x11f0/0x11f0 [ 425.096233] ? rcu_read_lock_sched_held+0x110/0x130 [ 425.101259] ? __lockdep_init_map+0x10c/0x570 [ 425.105758] ? __lockdep_init_map+0x10c/0x570 [ 425.110271] mount_fs+0x97/0x2a1 [ 425.113654] vfs_kern_mount.part.0+0x5e/0x3d0 [ 425.118163] do_mount+0x417/0x27d0 [ 425.121722] ? copy_mount_options+0x5c/0x2f0 [ 425.126127] ? rcu_read_lock_sched_held+0x110/0x130 [ 425.131164] ? copy_mount_string+0x40/0x40 [ 425.135408] ? copy_mount_options+0x1fe/0x2f0 [ 425.139912] SyS_mount+0xab/0x120 [ 425.143368] ? copy_mnt_ns+0x8c0/0x8c0 [ 425.147263] do_syscall_64+0x1e8/0x640 [ 425.151154] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 425.156803] entry_SYSCALL_64_after_hwframe+0x42/0xb7 21:25:35 executing program 0: openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cgroup.events\x00', 0x0, 0x0) openat$dlm_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-control\x00', 0x200000, 0x0) openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) syz_open_dev$vcsn(&(0x7f00000002c0)='/dev/vcs#\x00', 0x7ab, 0x200100) r0 = syz_open_dev$vbi(&(0x7f0000000300)='/dev/vbi#\x00', 0x1, 0x2) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000540)=""/246) openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ppp\x00', 0x10000, 0x0) r1 = syz_open_dev$vcsa(&(0x7f0000000180)='/dev/vcsa#\x00', 0x2, 0x0) write$P9_RWSTAT(r1, &(0x7f0000000040)={0x7, 0x7f, 0x1}, 0x7) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) [ 425.163376] RIP: 0033:0x45c2ca [ 425.163382] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 425.163393] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca [ 425.163399] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 [ 425.163407] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 [ 425.174272] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 425.174278] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:35 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$TCGETX(r1, 0x5432, &(0x7f0000000040)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:25:35 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000240)=[{&(0x7f0000000280)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x40, 0x10000}], 0xa0020, 0x0) prctl$PR_GET_THP_DISABLE(0x2a) openat$selinux_create(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/create\x00', 0x2, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000180)='/selinux/checkreqprot\x00', 0x4000, 0x0) r1 = syz_open_dev$vcsn(&(0x7f0000000440)='/dev/vcs#\x00', 0x3, 0x404000) r2 = dup2(r1, r0) r3 = syz_genetlink_get_family_id$fou(&(0x7f0000000080)='fou\x00') r4 = socket$caif_stream(0x25, 0x1, 0x1) sendmsg$FOU_CMD_ADD(r2, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x43040001}, 0xc, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="00000000a0f7932cb90089b9", @ANYRES16=r3, @ANYBLOB="000425bd7000fedbdf2501168fe8e623d60824000000080001080000000000000000fe800000000000000000006509824ac1d06d7900fe80000000000000"], 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x10) lstat(&(0x7f0000000200)='./file0\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioprio_get$uid(0x3, r5) getgroups(0x3, &(0x7f0000000380)=[r6, r6, r6]) ioctl$sock_TIOCINQ(r4, 0x541b, &(0x7f0000000480)) 21:25:35 executing program 4: 21:25:35 executing program 1: r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x2000, 0x0) getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x41, &(0x7f0000000680)=ANY=[@ANYBLOB="66696c746572000000000000000000000000000000000000000000000000000000100000582ecdd5443c322c8bde98e00f480792e75012d03e712a30995991d3de932a9329afcb90ac68a97364eb1f0514c47b958be1892e23ec18b76cf635da91b3ae765ca04c340a11e6061d1d25a8230e47e84fe95af5cfe472c868ce628a3e36863ca9bff07948c56c41c7a8b8f092eb389c00b91daee7e5bfdcdfa64dd4f4558804fd7bc9860a31aa694c706b1f3bb99979127efd05353877ae3850bb0addbffe949b0bc671fe92ed49074a38fab68e57b2eec4e46ec1d8bc6f00402e5cd94b24e07c82df070b94a96591db9c5d7d065207fa52da69f062b10605ad997c4fcbacc61962c3439ba88754209fdf13872b12b346830e44788d201cc80cf3813b0fadeb0ac5ab2888bb7341638d199645f8c3a63d496e56d886e5325534ab625969a988308b16e51bce84ce56de835a267a3c3136f89966f3c5fc5d391c3d63c17d620c30531f8edbd34ca63c5bf37b8b47436854bff8393f4d4abb039f2c0acc04abd86a4888b5f20afae723058dcd9da24b5bcc7d51d597bdc7927424d18db0092f817ba25e2702b6da628108fa438bfe63fccf09f64966a7f8cbc2fc3a49f8b571b55528145d64a040291120d10e04889b6282ecae9d684994463e889557c19ebcc480c5b0e8ee09995ba329e1968339b64cb35a05b12736de7d3d8269fbaf4bf1de23c0f87ca99c56876d9521f5666afb0d4781b18457bd81f1651ff313de7721c50233fae6bfc181270cb38bd977dd3ae750baba35e6997a211d64472f3e5169132097628a1b7c66c55e6d63b30a30a56918f61e3f7af6705acd389e23db3150a6b66a7565c22334a4a81bac83dda43d399694ac152197c49d1130fd6284b6b99c9622953d76727ad59a9c7f3c52d49792287d19c7261d3b9340b4d96c61c735750a980efe3e41302c7d942ae6512b9eba6204d082131a6e4759b7e28bf63a74c09d1c3e005a4cad15e8e8a55e583f9ec19fb01ee441d769a9f773aa0f458ac544217365f663d48b5beff7782742f93abd7e9d7398cdaee67902f1fdd5eb0c3db4c87ce110e2d1a02beea8a2a5b449c4035d20c62db5214b8ed8299ffeb465fe97190df3af164506893c9d1aaaa1352a1089e6a2bcbf7c3081683a0f65259cbeb6692fc2c5ca90fe0bfdbac1c43691596366fa0153edcd826c73f8e9b27eb6f7beccdb39b9e8014a90faac4c264eeee4972ac4afedf3e23ffdb09c9ce7938b8f48fe41bd35d095d8272a2ac6425b485cf6e605796dc35ca4d00a46fed8a6fb5cc71d3e633495abec9172c40effe79ef96b6ea3fe01c33b9f6948baf8ec63b437ce0d8193ac5560c0aaa24c326dd33aa2c88095557d4ea408b1b415f3726303180809286511ef3cbe8caf854148b291e692c27348fdb42b66ff80c0842831727ab660ddc4764ea7106781fc3489d34f080dbdbec647b7da9d632829f19a5b26ff1a2c727d2acdf64b5cafa937a38750c78183c7ab5bf9aa8b4511d1f5db495efaaad53acf91c558d7d3aa49d0939edce871116fe0e9fba80d3c8e67b57110276f7c235e77abf04355f00195ed501c7ac33f407d5f91766af3b0b0eebf2b9d70b3e7cb24ab6fae740a4cb13c7614c5cd72e002b877a4ce4bb7f68b725a0593c45b7d8e488f94e92921033d6df908094b6574be3c7edd2a0505b9ca11e7ea303745afd6e309c025f8df4784f43ed690a1edce63ba96b54419fed2db9fafb6248cd639eb15d2ccefc87aa24e34514546fa95418522ef8c2e2ad0ff4088f2a30fe706f02ad071873fe457e394aaa7d654d02cddbb3160d890bdee6a1f64882bc4480fa529fbbf209365ef864ccd874adaf9e79eca4b56bf02379f43d05ab97c2e4c94e9f4e9be0f2f84067a3c89f938d5841c784749d29c3facd2dac5a81fbb9fdc90b1eef27fc3bb9bd4fce4300c69bad52bcd9ce98c2dcc3bd22d19a093a2b61a11dc4d342d76d67cf32f4eca986160c8803dce6de06aebdff67286c0a19bb08384dc0fc57e4134cd56b4b04d369196ec28c2778f9c7d616c9595fc272078be010a3150f7f567df75960066163735d915cf6f7386d0fca365f690e421dbd26120e9ec0f21ef674b1d4128fda1e20aff8183bd3e64829628949885e94c0df740a3c2b380e85784371bbb43c44f88d9410953759428d235c2de4ea09e8c960a8b8c9e395f4edeb539516791b652d15b6567108f3b7f790dc59c17a49c3f3fea4df301f1c62f5c45fbc0c34fc912a26b0d14de565c3de6723b9684863bc1b22aaa503a7c560cbf2044501453d6f932f30ba7e94e6fb43a379d59fefc25d6cb6790baef573f1a145a23189881d750441bf27d9b95a4f98f262061c2050143a6e2c05a7256779dfea6c2c3b3a0bc5654407799f4954cf0af79ea4209e51b66be47b805694c21ef3b8cc0b65c972aea783cf282404aafb0886cd1d22647ee2642d5a68cfc9b941ef67f71aeb1a7cd5a35a19fd400eca587c5bdb20213cd9a57a675cf5afe1106cef96cc04a98d6f3e2551742a51880effec6828a3dd48654ac3ab91187b92a589de9f72ea226d394dc6226ab795a02f3f60422cf372342316509f6e83ca0fca40e4b69d6403f65d8ed8486e5e3348714b6bb8b70ccc004d7bcb6b25314040927cec4265792791830e29806fad62df5adb6e550dd33ba33b85f24f63b1b4d134a2ed4ce9d8ddf4ac9ac20a6617758b9a395d91691c35c69db91cd72678766907e6208bfab26dcfe8efb7b7b66dcd3ba9f49393e52959d7849dc12f31c084ae288cbb36a15bf3eed1628d0791ce4d30535ad1c08c892e47638be8c2e57045f8e7edc265ee9c50274118787a29d26caca087489e15f672137686ff6e62424b10fb123c8f98a09b7c41ad1e83c62f71d76a1a24b5bd956df94fd135a14184cd76977e565a5f8213d3b9c8ce214cee1f62cb1299a8d5d24330af470aec34695656923e25d4f3f106020e4137008776bf9de6027a474fe6ec528b2e5e5c52aa797b46f6b3bf3a62b0f85536095f7bba7899832f9038604a53318a4c6ed239299108d448b6b1fa145c470858aba895e4caa8992c43c9a6ab4317b8a03006e9a63681fe9ffdbd4d75412257b7dfddb8646ddc3cd65d544552fad18c0412626cba15829c75f6a7d8e66e974717bcf1d9b0656ba97c20351c314bb63c3e19060330c3c121f4a073f206114bcc67cd97facf39903870e0347c0abca04b7b86947fc107d4167071b4ca51208dd8dbcb06e8018bafd00609db33c94eed32bd819a142cb433e66dc2f0c1236ed0a7e754f4d9759978719005137781e682c61df6288a1ca7c8a4ba7a90c3b0ecc00652a114e9846820bf1e9a0105253ddfb788b893f63767dffad5a9465be9644b80b08fc286a422887b335eec5307bb164318e19a77f74d2e2361bf132282a78c7f406ed999ced9c038348ad3a57c488f6d68e80a3c5fe484f97de2d12daa91a09690e907d51ceea7cd5a58b4ba19858eae1312f50f08b4f0491918b2cd7cf47ddfb584820fcf99706dfadaf48b1489aa1d395720b38e919a0e96b90a0dea35f8510e488f1d88cc5dfa8f96099027ccaef4d94ef41061383186690cdae6e9daa59ff3333cf23cfcb1c8aa1456de1438a51b9a0b0cc76cafb42c9b4cbb3727a8104fbfb52358516d179ec82e4f79ef7ac25c80ba4a752f6e71663405e3bfc7b937ab3e88100af6b9585ffd48908735c4534705b1035724956342eb9e32b190918f7cd61c7eb3780ec1ea1f8b56ebb9e2a42cc661d157442aca06c19dbe7e76eb64ef113a2e78875a1830bd0a84f565b356d38a3ca342f0257c0e6e197ed4bb8e56c0a4697f80ebfdda9773c522b81a0d1cdef4ed3ba24e88359e810983177b01dac4a7729ebf8792481fe951890d20ae7eca4e87cdbba0c86db914bcd508d75b9202b8e1fd057e372ac642506fb550f1fe98ea852225441abafde84ce38ed15a2466d4a707688e3d6517d3bd423de1bb56b9a2559fe717cf9937cf41fd4d4cab7fbcc89bd4bd3cc859205cc058ec72ede45e68b5c8542c228f1c3f3c20558b2b373a2a28a509aecfa6f2467871fe6c67f4b321c307e112cacfd8c1a202e1a7c3ad3f020c9914e2c465795cb6d1fbf07dd43d0e6030ab77abf53fbd104c8a5a9a9a9b81bb3b46e0cc9c5a0be5153064f9a172d539c44b20500ed2bb4dce35d235c9a974af1627bb10d48a986f1e94028b35ef79386fa6e8cbe8a030ca211c2c659dcd6ec763efd4d70378fd7d6c8ac29154e3b631fa860ca5c5a9df0c741bb4bd2dcf2928219c856100a233f862415156c8fafab31e5cea0330a8b9238e1a46f1988f81f25a4f13ebe815469cf6fd046ff84789d9b6001d8e867e30968abf225f8b1c3e34656f80882d8402b3cd01c6f6b8b913f94f635ec6d6efe966ce43227b3ee2a6e7d351108a1d1ea248cc58123a2010891e391631e046100f216f6bc901f7f7e65ec544ddc49379ed2880272a4cdf374a1ed405c4a6f0f0b607fe099400bd83f221c892089f4abd6dfc8a3bf51cf72b45cc206ab56222d05fff94dce99c94d00af544baf478a00c1b4bc5040a357ccf6a88064abd2e53c028db10af3592081bfbf7fbd7a5baa6083b97a5db0ed082542f302eb80a9eddd516abfbd3763780662de4aa71e014e672b453f1e9cf0b90a7fbdc6b11b1f17f6ecbb2dd1dcfb8276d646a440a4ac49aa47debeb981763d09d6cbda4a8d7498a792ec9b4720edf249fba28894da265ae6fcfb993bb6da119d9940be01627ee314240e7cca46d58f9619b10febdaa899d2940491c1f4511042977c91d276bdb78055b85c7ada246a104c78076b753a6f819dd415f41172fbbaa5d8645dd04670c52bbda75dcc29a09a7d31edc00de1dc75dc11ef460e7886f1649ca85e4b497ab79e98e5215673c572143fad5df2a5c647948d1ee0144ee5fc6a312d65775b44171be2e3d7cc7a7748edc039ce90f2297a076fac7012d09cf168c3ca363839aea63187811f075996c041f6a771f7496f8e9ca2bdc50dd17aa65afe22fdac1fee791c08299c41f98b5055712042622967c07ddda56efa90597a095c4012cc62364db6e9ef807fdb5313f64d09d897fdac277e68b54871353b2dac1a4be95e3681f7d6c43c548788b7042f1b5a865873890754ab3292e0b2653e424b96de8c0db22464cce636310ed90961bc208210343e0ce925282dc0d9a8e2ade8d809435da1528a0580081a0a23bf9dec2e5c65531fb1f1688ec3cd37b532d9112822ac7a4fda0b48f5216dc167b060e2d1ba67ec1a65dc2b5e6645f974cd03f8d0117bf606c639ab83db7134ce636256857b42c092e3eaa4e4557c9a6eebe9da019518000234db874f46b11da9dc13844ceac02ce48486fa2b4171d7cc4b1c04fc52c71a77758d95f08c5fd71f7a56ae49d1443720b02ed958694098c682f9d5d5cc144865694d2fe898c71b111939891abb6e77c3b9073147a06d88009506f9388a8285dafd913d26edabe93b9e0bf7c26aeaad9eac3d16e2d944409336c2f6cd75a66f6975c3817c0f8e62293b85e68b3b8ad5b7f902228668ac6e18b0d43c06aef7a9dbd0f9856d481ab323a384367cb22f9d449e4e244136e32ca7bd005ced91db496844bf6e32d4995dcecee3e9fd02ca464de3df9d0aea737e03fe2df1b447771e6c701e39a6398baf09c1460b64454beb78a49b4f9f954d6dee733cc6b456c2b386bea19102b07f1c35eb1dd69a0e76f575de45cbcd5ebe380f0e78bce397343ae4831d6b1c82b43749e08aca61eff88e610c03ab7604db44d389ac8314c12d894e3b"], &(0x7f0000000080)=0x1024) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) sendto$netrom(r0, &(0x7f00000000c0)="c052f4", 0x3, 0x0, &(0x7f0000000140)={{0x3, @null, 0x8}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @null, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48) 21:25:35 executing program 0: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x100, 0x0) ioctl$TCSETX(r0, 0x5433, &(0x7f0000000200)={0xdd, 0x1ff, [0x6, 0x6, 0x8, 0x40], 0x43f}) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) r2 = syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x3, 0x2) ioctl$EVIOCGPROP(r2, 0xc004743e, &(0x7f0000000100)=""/246) ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f00000000c0)=0xffffffffffff0004) 21:25:35 executing program 3 (fault-call:0 fault-nth:66): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:35 executing program 4: 21:25:35 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x101000, 0x0) setsockopt$nfc_llcp_NFC_LLCP_RW(r1, 0x118, 0x0, &(0x7f0000000080), 0x4) [ 425.429930] FAULT_INJECTION: forcing a failure. [ 425.429930] name failslab, interval 1, probability 0, space 0, times 0 21:25:35 executing program 4: [ 425.531800] CPU: 1 PID: 15771 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 425.538925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 425.538941] Call Trace: [ 425.538959] dump_stack+0x138/0x197 [ 425.538977] should_fail.cold+0x10f/0x159 [ 425.558672] should_failslab+0xdb/0x130 [ 425.562655] kmem_cache_alloc+0x2d7/0x780 [ 425.566805] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 425.571906] ? btrfs_scan_one_device+0x89/0x400 [ 425.576580] ? trace_hardirqs_on_caller+0x400/0x590 [ 425.581607] getname_kernel+0x53/0x350 [ 425.585491] kern_path+0x20/0x40 [ 425.585504] lookup_bdev.part.0+0x63/0x160 [ 425.585511] ? blkdev_open+0x260/0x260 [ 425.585525] ? free_hot_cold_page+0x763/0xca0 [ 425.596965] blkdev_get_by_path+0x76/0xf0 [ 425.596979] btrfs_scan_one_device+0x97/0x400 [ 425.596991] ? device_list_add+0x8d0/0x8d0 [ 425.614301] ? __free_pages+0x54/0x90 [ 425.614311] ? free_pages+0x46/0x50 [ 425.614326] btrfs_mount+0x2e3/0x2b28 [ 425.621718] ? lock_downgrade+0x6e0/0x6e0 [ 425.621727] ? find_held_lock+0x35/0x130 [ 425.621735] ? pcpu_alloc+0x3af/0x1050 [ 425.621752] ? btrfs_remount+0x11f0/0x11f0 [ 425.637585] ? rcu_read_lock_sched_held+0x110/0x130 [ 425.637605] ? __lockdep_init_map+0x10c/0x570 [ 425.637621] mount_fs+0x97/0x2a1 [ 425.654767] vfs_kern_mount.part.0+0x5e/0x3d0 [ 425.654779] ? find_held_lock+0x35/0x130 [ 425.654791] vfs_kern_mount+0x40/0x60 [ 425.663332] btrfs_mount+0x3ce/0x2b28 [ 425.663344] ? lock_downgrade+0x6e0/0x6e0 [ 425.663350] ? find_held_lock+0x35/0x130 [ 425.663360] ? pcpu_alloc+0x3af/0x1050 [ 425.670932] ? btrfs_remount+0x11f0/0x11f0 [ 425.682990] ? rcu_read_lock_sched_held+0x110/0x130 [ 425.683010] ? __lockdep_init_map+0x10c/0x570 [ 425.683021] ? __lockdep_init_map+0x10c/0x570 [ 425.692237] mount_fs+0x97/0x2a1 [ 425.692253] vfs_kern_mount.part.0+0x5e/0x3d0 [ 425.692266] do_mount+0x417/0x27d0 [ 425.692275] ? retint_kernel+0x2d/0x2d [ 425.692288] ? copy_mount_string+0x40/0x40 [ 425.704591] ? __sanitizer_cov_trace_pc+0xe/0x60 [ 425.704605] ? copy_mount_options+0x1fe/0x2f0 [ 425.704616] SyS_mount+0xab/0x120 [ 425.704626] ? copy_mnt_ns+0x8c0/0x8c0 [ 425.737350] do_syscall_64+0x1e8/0x640 [ 425.741236] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 425.746085] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 425.751268] RIP: 0033:0x45c2ca [ 425.754452] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 425.762164] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca [ 425.769428] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 21:25:35 executing program 4: [ 425.776710] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 [ 425.783993] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 425.791257] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:35 executing program 4: 21:25:36 executing program 3 (fault-call:0 fault-nth:67): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 425.962363] FAULT_INJECTION: forcing a failure. [ 425.962363] name failslab, interval 1, probability 0, space 0, times 0 [ 426.000660] CPU: 1 PID: 15804 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 426.007979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 426.017337] Call Trace: [ 426.019933] dump_stack+0x138/0x197 [ 426.023569] should_fail.cold+0x10f/0x159 [ 426.027722] should_failslab+0xdb/0x130 [ 426.031702] kmem_cache_alloc+0x2d7/0x780 [ 426.035862] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 426.040976] ? btrfs_scan_one_device+0x89/0x400 [ 426.045644] ? trace_hardirqs_on_caller+0x400/0x590 [ 426.050684] getname_kernel+0x53/0x350 [ 426.054574] kern_path+0x20/0x40 [ 426.057942] lookup_bdev.part.0+0x63/0x160 [ 426.062177] ? blkdev_open+0x260/0x260 [ 426.066067] ? free_hot_cold_page+0x763/0xca0 [ 426.070561] blkdev_get_by_path+0x76/0xf0 [ 426.074720] btrfs_scan_one_device+0x97/0x400 [ 426.079224] ? device_list_add+0x8d0/0x8d0 [ 426.083455] ? __free_pages+0x54/0x90 [ 426.087251] ? free_pages+0x46/0x50 [ 426.090889] btrfs_mount+0x2e3/0x2b28 [ 426.094694] ? lock_downgrade+0x6e0/0x6e0 [ 426.098858] ? find_held_lock+0x35/0x130 [ 426.102903] ? pcpu_alloc+0x3af/0x1050 [ 426.106782] ? btrfs_remount+0x11f0/0x11f0 [ 426.111001] ? rcu_read_lock_sched_held+0x110/0x130 [ 426.116017] ? __lockdep_init_map+0x10c/0x570 [ 426.120498] mount_fs+0x97/0x2a1 [ 426.123846] vfs_kern_mount.part.0+0x5e/0x3d0 [ 426.128319] ? find_held_lock+0x35/0x130 [ 426.132376] vfs_kern_mount+0x40/0x60 [ 426.137191] btrfs_mount+0x3ce/0x2b28 [ 426.140974] ? lock_downgrade+0x6e0/0x6e0 [ 426.145102] ? find_held_lock+0x35/0x130 [ 426.149146] ? pcpu_alloc+0x3af/0x1050 [ 426.153017] ? btrfs_remount+0x11f0/0x11f0 [ 426.157242] ? rcu_read_lock_sched_held+0x110/0x130 [ 426.162259] ? __lockdep_init_map+0x10c/0x570 [ 426.166754] ? __lockdep_init_map+0x10c/0x570 [ 426.171237] mount_fs+0x97/0x2a1 [ 426.174585] vfs_kern_mount.part.0+0x5e/0x3d0 [ 426.179061] do_mount+0x417/0x27d0 [ 426.182582] ? copy_mount_options+0x5c/0x2f0 [ 426.186971] ? rcu_read_lock_sched_held+0x110/0x130 [ 426.191982] ? copy_mount_string+0x40/0x40 [ 426.196212] ? copy_mount_options+0x1fe/0x2f0 [ 426.200698] SyS_mount+0xab/0x120 [ 426.204128] ? copy_mnt_ns+0x8c0/0x8c0 [ 426.207999] do_syscall_64+0x1e8/0x640 [ 426.211867] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 426.216691] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 426.221859] RIP: 0033:0x45c2ca [ 426.225026] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 426.232727] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca [ 426.239977] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 [ 426.247273] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 [ 426.254525] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 426.261790] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:36 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:25:36 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x101, 0x101000) ioctl$ASHMEM_SET_PROT_MASK(r0, 0x40087705, &(0x7f0000000080)={0x8, 0x4}) ioctl$VFIO_IOMMU_MAP_DMA(r0, 0x3b71, &(0x7f00000000c0)={0x20, 0x1, 0xc8, 0x3, 0xa50000000000}) 21:25:36 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/btrfs-control\x00', 0x40002, 0x0) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f0000000080), &(0x7f00000000c0)=0x4) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:36 executing program 4: 21:25:36 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) msgget(0x2, 0x220) 21:25:36 executing program 3 (fault-call:0 fault-nth:68): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:36 executing program 4: [ 426.414276] FAULT_INJECTION: forcing a failure. [ 426.414276] name failslab, interval 1, probability 0, space 0, times 0 [ 426.438328] CPU: 1 PID: 15831 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 426.445481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 426.454835] Call Trace: [ 426.454856] dump_stack+0x138/0x197 [ 426.454875] should_fail.cold+0x10f/0x159 [ 426.454887] should_failslab+0xdb/0x130 [ 426.454899] kmem_cache_alloc+0x2d7/0x780 [ 426.454910] ? delete_node+0x1fb/0x690 [ 426.454922] ? save_trace+0x290/0x290 [ 426.480986] alloc_buffer_head+0x24/0xe0 [ 426.485036] alloc_page_buffers+0xb7/0x200 [ 426.489259] create_empty_buffers+0x39/0x480 [ 426.493908] ? __lock_is_held+0xb6/0x140 [ 426.497966] ? check_preemption_disabled+0x3c/0x250 [ 426.502969] create_page_buffers+0x153/0x1c0 [ 426.507358] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 426.512971] block_read_full_page+0xcd/0x960 [ 426.517365] ? set_init_blocksize+0x220/0x220 [ 426.521845] ? __lru_cache_add+0x18a/0x250 [ 426.526335] ? __bread_gfp+0x290/0x290 [ 426.530226] ? add_to_page_cache_lru+0x159/0x310 [ 426.534981] ? add_to_page_cache_locked+0x40/0x40 [ 426.539807] blkdev_readpage+0x1d/0x30 [ 426.543682] do_read_cache_page+0x671/0xfc0 [ 426.547981] ? blkdev_writepages+0xd0/0xd0 [ 426.552203] ? find_get_pages_contig+0xaa0/0xaa0 [ 426.556937] ? blkdev_get+0xb0/0x8e0 [ 426.560640] ? dput.part.0+0x170/0x750 [ 426.564514] ? bd_may_claim+0xd0/0xd0 [ 426.568389] ? path_put+0x50/0x70 [ 426.571823] ? lookup_bdev.part.0+0xe1/0x160 [ 426.576210] read_cache_page_gfp+0x6e/0x90 [ 426.580430] btrfs_read_disk_super+0xdd/0x440 [ 426.584910] btrfs_scan_one_device+0xc6/0x400 [ 426.589390] ? device_list_add+0x8d0/0x8d0 [ 426.593608] ? __free_pages+0x54/0x90 [ 426.597398] ? free_pages+0x46/0x50 [ 426.601009] btrfs_mount+0x2e3/0x2b28 [ 426.604801] ? lock_downgrade+0x6e0/0x6e0 [ 426.608931] ? find_held_lock+0x35/0x130 [ 426.612974] ? pcpu_alloc+0x3af/0x1050 [ 426.616846] ? btrfs_remount+0x11f0/0x11f0 [ 426.621066] ? rcu_read_lock_sched_held+0x110/0x130 [ 426.626073] ? __lockdep_init_map+0x10c/0x570 [ 426.630552] mount_fs+0x97/0x2a1 [ 426.633919] vfs_kern_mount.part.0+0x5e/0x3d0 [ 426.638397] ? find_held_lock+0x35/0x130 [ 426.642444] vfs_kern_mount+0x40/0x60 [ 426.646399] btrfs_mount+0x3ce/0x2b28 [ 426.650181] ? lock_downgrade+0x6e0/0x6e0 [ 426.654307] ? find_held_lock+0x35/0x130 [ 426.658357] ? pcpu_alloc+0x3af/0x1050 [ 426.662233] ? btrfs_remount+0x11f0/0x11f0 [ 426.666451] ? rcu_read_lock_sched_held+0x110/0x130 [ 426.671453] ? __lockdep_init_map+0x10c/0x570 [ 426.675932] ? __lockdep_init_map+0x10c/0x570 [ 426.680411] mount_fs+0x97/0x2a1 [ 426.683760] vfs_kern_mount.part.0+0x5e/0x3d0 [ 426.688251] do_mount+0x417/0x27d0 [ 426.691788] ? copy_mount_options+0x5c/0x2f0 [ 426.696178] ? rcu_read_lock_sched_held+0x110/0x130 [ 426.701188] ? copy_mount_string+0x40/0x40 [ 426.705451] ? copy_mount_options+0x1fe/0x2f0 [ 426.709926] SyS_mount+0xab/0x120 [ 426.713357] ? copy_mnt_ns+0x8c0/0x8c0 [ 426.717232] do_syscall_64+0x1e8/0x640 [ 426.721097] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 426.725927] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 426.731098] RIP: 0033:0x45c2ca [ 426.734268] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 426.741955] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca [ 426.749207] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 [ 426.756457] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 21:25:36 executing program 4: [ 426.763707] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 426.770961] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:36 executing program 4: 21:25:37 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:25:37 executing program 4: 21:25:37 executing program 2: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cachefiles\x00', 0x10000, 0x0) ioctl$IMCTRLREQ(r0, 0x80044945, &(0x7f0000000080)={0x400, 0x100000001, 0x5, 0x81}) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:37 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x4, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x7, 0x80000) fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f0000000080)) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:37 executing program 3 (fault-call:0 fault-nth:69): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:37 executing program 4: 21:25:37 executing program 1: r0 = syz_open_dev$sndpcmp(&(0x7f0000000300)='/dev/snd/pcmC#D#p\x00', 0x812, 0x80080) setsockopt$inet_tcp_int(r0, 0x6, 0x0, &(0x7f00000000c0)=0x20001, 0xfffffffffffffecc) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x200, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x27, &(0x7f0000000140)=0x2, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000440)={@in={{0x2, 0x0, @empty}}, 0x0, 0x9, 0x0, "70f3d0f554c3e3aa88d031bb057b60075d49df64f2b8ed24eb386634d481ae36eb76dfd2ae8d8a83ed4986c1958d6e046c00a4b0d97d3e61090a042baf51f8499ad75e0cfb2b02922406e6b0580e00"}, 0x19) ioctl$KDMKTONE(r1, 0x4b30, 0x101) delete_module(&(0x7f0000000240)='vboxnet0keyring\x00', 0x200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000180)=@filter={'filter\x00', 0xe, 0x3, 0xd5a, [0x0, 0x20000680, 0x200006b0, 0x20000a2c], 0x0, &(0x7f0000000040), &(0x7f0000001440)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff02000000ec24fd7c1000000022eb67726530000000000000000000000000736974300000000000000000000000006e7230000000000000000000000000006970365f7674693000000000000000002a56964666670000ffffffffaaaaaaaaaabb00ffff00ffff6601000096010000c6010000617270000000000000000000000000000000000000000000000000000000000038000000000000000300001000020000ac1414aaf61eeefa00000200ffffffffffffffffffff0000ff00ffff28ee807fd9a2ffff00ffff0020bb000000000000706804000000000000000000000000000000000000000000000000000000000070000000000000006e7230000000000000000000000000000000000000000000000000000000ff0000000000000000000000000000006263736630000000000000000000000000000000000000000000000000000000000000000000000000000000000f0400000000000000000000000000000000000000434c4153534946590000000000000000000000000000000000000000000000000800000000000000090000000000000072656469726563740000000000000000000000000000000000000000000000000800000000000000000000000000000003000000100000006001726f736530000000000000000000000076657468315f746f5f6873720000000073797a6b616c6c65723100000000000076657468315f746f5f7465616d000000ffffffffffff0000ff000000018f76b03a21ff00ff0000ffbe0000003e010000860100006e66616363740000000000000000000000000000000000000000000000000000280000000000000073797a3100000000000000000000000000000000000000000000000000000000da0000000000000049444c4554494d45520000000000000000000000000000000000000000000000280000000000000000660d0073797a300000000000000000000000000000000000000000000000001f000000000000004155444954000000000000000000000000000000000000000000000000000000080000000000000000000000000000005241544545535400000000000000000000000000000000000000000000000000200000000000000073797a3100000000000000000000000016090000000000000400000000000000000000000000000000997900000000000000000000000000000000000000000000000000020000005963484f01000000030000000100000065586e657464657673696d3000000000000069703665727370616e3000000000000069726c616e300000000000000000000069726c616e3000000000000000000000aaaaaaaaaa24ffffff00ffc1aaaaaaaaaaaaffffffff98002e0900002e0900007e090000616d6f6e670000000000000000000000000000000000000000000000000000009808000000000000000000000000000001000000000000000200000081000000340a00000000ffffffff0000070000003028d69d06a7270e3f000000dc00000002000000a60b00000000008000100000010000000500000008000000010000000500000007000000000000001f000000000000000100000000000000a40000000600000020000000050000000008000000100000010001003f0000000000000000000000ffff0000ffffff7fce0000000100008016ffffffff00000069eb0000321c000005000000e20200000900000000000000fdffffff04000000fa3d00000200000000020000040000009d000000000000000800000006000000ff07000000000080eedd0000fb050000800000004f0e0000feffffff03000000ffff00000000001015bf0000060000003f000000010400000000000004000000f218f940000800000500000081000000200000008e0000000700000009000000060000000004000049080000ffffff7f05000000060000004900000004000000ff0100000500000008000000e58e00000500000006000000050000000000000099030000200000009fe6000003000000c2ea000002000000010000000500000079d4ffff0600000000080000070000000200000004000000010000807f00000006000000000001007a000000000000006f82ffff04000000ff7f00000400000003000000f9ffffff030000000500000007000000050000000200000000020000000800000400000009000000000000800500000007000000ff03000008000000070000000000000000000000010400000300000001000000fffffeff56000000a7950000050000001300000006000000ff7f000003000000040000000300000000020000ffffffff000000000100000007000000920c000001ffffff03000000020000000600000007000000008000000000000002000000000000000400000008000000090000000300000001010000080000001f000000050000000100000007000000010000007d000000112300000002000009000000ffff00000700000002000000ffffffff03000000ff0100000500000009000000000000000001000007000000070000007f000000800000007f000000ff01000009000000ff0f000008000000080000000100000005000000ff0100002700000040000000a72b10f301000000ffffffffff0700000400000009000000dd0300000000000005000000ffff0000070000000900000005000000ce200000ff03000004000000090000001f050000050000000600000005000000800000008f0a00001e000000ec0500008284000000020000b2070000ffffffff0100000008000000ffffffff000200000400000000000080080000000400000062070000010400000100000004000000fdffffffffff00008d30602c0700000005000000000000000600000007000000ca000000010000007f000001ea1b000002000000e00000020400000000000006e000000205000000cf690000ac14140b0400000001000000ac141410f9ffffff04000000ac1414bb0700000009000000ac14141bff010000800300001709000007000000070000000000000004000000eb0000000600000008000000000000000600000005000000030000000001000000000000ff010000001000000300000005000000ff01000002000000000000000800000009000000f9ffffff000001007f000000fbffffff0700000002000000000a0000ff03000000000100080000000700000090060000040000000000000001000000f100000001000000070000000900000002000000040000000900000000000080000000800600000006000000050000009504000006000000f800000001000000810000007fffffff000800000300000001000000e0ffffff09000000090000005803000057000000090000000100000008000000000000005f000000ff7f00000100000004000000010000000300000002000000000400000700000002000000e807000005000000ba1a4f3b060000000100000007000000000000000100008001000000020000004b06000001000000050000006000000001040000000000000900000007000000ff0100000500000003000000070000003f0e0000d50e00000700000001000000000001000100000020000000f2000000010000000900000007000000050000000008000005000000ff7f0000d39f1f7d030000000100000001000000ff030000018000000500000001000000040000008000000000feffff030000007917000001800000d1d100005d0f0000010000000900000025e2393a030000000080000005000000020000005800000004000000f30c000096000000000800000400000000000000060000000200000000000000d10e0000040000000500000028000000cf00000000ffffff02000000090000001f00000002000000080000002000000009050000000200000100000019bcffffff010000c729000000080000faffffff49000000040000000100010001040000ff7f0000010000002e040000ff7f000020aa00007d1d0000f8ffffff0180000000000000020000000080b17bfe68000005000000010000000800000009000000000000000900000004000000000001000000000000000080ff030000ff0300005f0600000300000003000000000000000300000004000000400000000300000001000000000000000004000007000000010000000100000007000000080000000500000089920000010000000000000009000000080000000700000007000000fdffffff07000000fdffffff0080000003000000a705000074f1ffff5d000000ffffff7f0200000000000000030000000700000002000000060000000100000009000000200000000200000000000080020000000000000004000000d800000005000000ff0f0000010000005120000081000000d1090000f7ffffff5f5ffffffd00000050e5000000000100030000000700000001000100ac1414bb0900000000020000ac1414bbec0a00009b0a00007f000001000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3100000000000000000000000000000000000000000000000101000000070000000000000022b372ef6b853d976786992b46f57f190646aefc8849dbd4d09657c7419a869c746fcd5c450382886575c58af01d3312c6f947"]}, 0xe05) 21:25:37 executing program 0: ioctl$PPPIOCSMAXCID(0xffffffffffffffff, 0x40047451, &(0x7f0000000040)=0xffffffffffff0000) 21:25:37 executing program 4: [ 427.132420] FAULT_INJECTION: forcing a failure. [ 427.132420] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 427.186904] CPU: 1 PID: 15868 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 427.194035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 427.203404] Call Trace: [ 427.206000] dump_stack+0x138/0x197 [ 427.209638] should_fail.cold+0x10f/0x159 [ 427.213794] ? __might_sleep+0x93/0xb0 [ 427.217707] __alloc_pages_nodemask+0x1d6/0x7a0 [ 427.222388] ? __alloc_pages_slowpath+0x2930/0x2930 [ 427.227412] ? lock_downgrade+0x6e0/0x6e0 [ 427.231567] alloc_pages_current+0xec/0x1e0 [ 427.235900] __page_cache_alloc+0x248/0x3e0 [ 427.240219] do_read_cache_page+0x625/0xfc0 [ 427.244540] ? blkdev_writepages+0xd0/0xd0 [ 427.248781] ? find_get_pages_contig+0xaa0/0xaa0 [ 427.253548] ? blkdev_get+0xb0/0x8e0 [ 427.257260] ? dput.part.0+0x170/0x750 [ 427.261147] ? bd_may_claim+0xd0/0xd0 [ 427.261159] ? path_put+0x50/0x70 [ 427.261167] ? lookup_bdev.part.0+0xe1/0x160 [ 427.261179] read_cache_page_gfp+0x6e/0x90 [ 427.261196] btrfs_read_disk_super+0xdd/0x440 [ 427.268423] btrfs_scan_one_device+0xc6/0x400 [ 427.268438] ? device_list_add+0x8d0/0x8d0 [ 427.268448] ? __free_pages+0x54/0x90 [ 427.268460] ? free_pages+0x46/0x50 [ 427.297666] btrfs_mount+0x2e3/0x2b28 [ 427.301478] ? lock_downgrade+0x6e0/0x6e0 [ 427.305637] ? find_held_lock+0x35/0x130 [ 427.309699] ? pcpu_alloc+0x3af/0x1050 [ 427.313595] ? btrfs_remount+0x11f0/0x11f0 [ 427.317833] ? rcu_read_lock_sched_held+0x110/0x130 [ 427.322861] ? __lockdep_init_map+0x10c/0x570 [ 427.327379] mount_fs+0x97/0x2a1 [ 427.330748] vfs_kern_mount.part.0+0x5e/0x3d0 [ 427.335238] ? find_held_lock+0x35/0x130 [ 427.339300] vfs_kern_mount+0x40/0x60 [ 427.343103] btrfs_mount+0x3ce/0x2b28 [ 427.346899] ? lock_downgrade+0x6e0/0x6e0 [ 427.351040] ? find_held_lock+0x35/0x130 [ 427.355101] ? pcpu_alloc+0x3af/0x1050 [ 427.359006] ? btrfs_remount+0x11f0/0x11f0 [ 427.363247] ? rcu_read_lock_sched_held+0x110/0x130 [ 427.368289] ? __lockdep_init_map+0x10c/0x570 [ 427.372779] ? __lockdep_init_map+0x10c/0x570 [ 427.377283] mount_fs+0x97/0x2a1 [ 427.380661] vfs_kern_mount.part.0+0x5e/0x3d0 [ 427.385156] do_mount+0x417/0x27d0 [ 427.388702] ? copy_mount_options+0x5c/0x2f0 [ 427.393105] ? rcu_read_lock_sched_held+0x110/0x130 [ 427.398124] ? copy_mount_string+0x40/0x40 [ 427.402365] ? copy_mount_options+0x1fe/0x2f0 [ 427.406861] SyS_mount+0xab/0x120 [ 427.410308] ? copy_mnt_ns+0x8c0/0x8c0 [ 427.414197] do_syscall_64+0x1e8/0x640 [ 427.418080] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 427.422925] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 427.428110] RIP: 0033:0x45c2ca 21:25:37 executing program 4: 21:25:37 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cpuacct.usage_percpu\x00', 0x0, 0x0) ioctl$EVIOCGVERSION(r1, 0x80044501, &(0x7f0000000140)=""/136) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) [ 427.431296] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 427.439003] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca [ 427.446265] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 [ 427.453539] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 [ 427.460803] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 427.468070] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:37 executing program 4: 21:25:37 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) ioctl$CAPI_GET_MANUFACTURER(r1, 0xc0044306, &(0x7f00000000c0)=0x400) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/policy\x00', 0x0, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000ff3000/0x1000)=nil}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_GET_NESTED_STATE(r4, 0xc080aebe, &(0x7f0000000380)={0x0, 0x0, 0x2080}) 21:25:37 executing program 4: 21:25:37 executing program 2: lstat(&(0x7f00000002c0)='\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000380)={{{@in6, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@multicast2}}, &(0x7f0000000480)=0xe8) fstat(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$hfs(&(0x7f0000000140)='hfs\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000240)="cd8090933df9d32db07eaee966ce94c54a77685dd08f627860725237393aea7f4ab6f07e67876dd3339d59ce50b8aa6fe17499fb828120ae62056f4a2892436ca92f8f72acb139bfdf042ffd", 0x4c, 0xffffffffffffff00}], 0x4000, &(0x7f00000009c0)=ANY=[@ANYBLOB="636f6465706167653d69736f383835392d31352c696f636861727365743d63703933322c747970653da1b861812c696f636861727365743d6b6f69382d72752c636f6465706167653d63703836392c7569643d", @ANYRESHEX=r0, @ANYBLOB=',uid=', @ANYRESHEX=r1, @ANYBLOB=',part=0x0000000100000001,session=0x0000000000000008,part=0x0000000000000013,obj_role=,uid>', @ANYRESDEC=r2, @ANYBLOB="2c61d5152ee5602f5541e773652c002a1732bc401b0a3c9e030949b1711ec3e35d7107de147c70443d28841003291d9eb84eb6b852add43bc3081ef6db1d5229df51385d4eab8f2be4da6a5e62ca87270cfbf70101082d81a3f289a19f9b572d685272a405208ced64e4a6bda3a9e8f7950a2072fdc01a910054c10efb621971dfb44cefa477fd77eb54d9bf30f09ce11ce8df971252a5f8ac3abd34df60a7bfad5d2ec9c79cbd387bfe5cbcb19315fc818a055c51d43e62fcdef10b775e90da9e87b91f350e7da294ad32996be3f038b7248e48a7c97d600c101e7997056c655610d00a146d86c22b0e87f02880ee11f69e8297c7f2ab38e77aae5c68086382b5560e9d75e0b1d5cdd16c8977cd27db5a9c04c79b492ccfab5c61243792dccd32d40858dcfd483c2557984b5daa710337539726a6bc82e80ccd1497045d7cf9000000f30a9b45a44d0859be8603448774d20a297affde0872a857029fca7b0406d3432ce12f8efc4fd5df5c19410706afecb11a237c48f4fbf5a6260e6d9412b1b5f0457d087f935ea01a90064fad2cd89d1d600a0b4c9657c01a11e547e67428f966e42a84c6b25650dabd06c1b5b3fcf860732b26739997a9b96de2f4624ec5802a54ce6c119d9be19265338ce9af8d81fd70b42fd442981532785acf0e3e23ac7625f30bc91ed53724b6c6cd1fb54ffdffd738a2691817720da955c2a9ea9836e7dda8bbd1572ed81f40bd594d29c0f0d38860863d41104243e2d3659aeb8ea2131cb5eb1e3ae683dd04d282987f37bfd348120000"]) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) setxattr$security_smack_entry(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='security.SMACK64IPOUT\x00', &(0x7f00000000c0)='ppp0)\x00', 0x6, 0x3) 21:25:37 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:37 executing program 3 (fault-call:0 fault-nth:70): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:37 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x10, &(0x7f0000000080)=0x100000001, 0x4) 21:25:37 executing program 4: 21:25:37 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x200000, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) fcntl$setflags(r0, 0x2, 0x1) [ 427.776149] FAULT_INJECTION: forcing a failure. [ 427.776149] name failslab, interval 1, probability 0, space 0, times 0 [ 427.787660] CPU: 0 PID: 15913 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 427.787690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 427.787694] Call Trace: [ 427.787711] dump_stack+0x138/0x197 [ 427.787729] should_fail.cold+0x10f/0x159 [ 427.787747] should_failslab+0xdb/0x130 [ 427.787759] kmem_cache_alloc+0x47/0x780 [ 427.787777] radix_tree_node_alloc.constprop.0+0x1c7/0x310 [ 427.787791] __radix_tree_create+0x337/0x4d0 [ 427.787815] page_cache_tree_insert+0xa7/0x2d0 [ 427.804524] ? file_check_and_advance_wb_err+0x380/0x380 [ 427.804537] ? debug_smp_processor_id+0x1c/0x20 [ 427.804555] __add_to_page_cache_locked+0x2ab/0x7e0 [ 427.822901] ? find_lock_entry+0x3f0/0x3f0 [ 427.856820] add_to_page_cache_lru+0xf4/0x310 [ 427.861315] ? add_to_page_cache_locked+0x40/0x40 [ 427.866157] ? __page_cache_alloc+0xdd/0x3e0 [ 427.870565] do_read_cache_page+0x64e/0xfc0 [ 427.874880] ? blkdev_writepages+0xd0/0xd0 [ 427.879124] ? find_get_pages_contig+0xaa0/0xaa0 [ 427.883875] ? blkdev_get+0xb0/0x8e0 [ 427.883886] ? dput.part.0+0x170/0x750 [ 427.883896] ? bd_may_claim+0xd0/0xd0 [ 427.891466] ? path_put+0x50/0x70 [ 427.891475] ? lookup_bdev.part.0+0xe1/0x160 [ 427.891489] read_cache_page_gfp+0x6e/0x90 [ 427.891501] btrfs_read_disk_super+0xdd/0x440 [ 427.891513] btrfs_scan_one_device+0xc6/0x400 [ 427.891524] ? device_list_add+0x8d0/0x8d0 [ 427.891533] ? __free_pages+0x54/0x90 [ 427.891543] ? free_pages+0x46/0x50 [ 427.920558] btrfs_mount+0x2e3/0x2b28 [ 427.920572] ? lock_downgrade+0x6e0/0x6e0 [ 427.920581] ? find_held_lock+0x35/0x130 [ 427.920591] ? pcpu_alloc+0x3af/0x1050 [ 427.920609] ? btrfs_remount+0x11f0/0x11f0 [ 427.920623] ? rcu_read_lock_sched_held+0x110/0x130 [ 427.920641] ? __lockdep_init_map+0x10c/0x570 [ 427.946338] hfs: unable to change iocharset [ 427.948231] mount_fs+0x97/0x2a1 [ 427.948248] vfs_kern_mount.part.0+0x5e/0x3d0 [ 427.948259] ? find_held_lock+0x35/0x130 [ 427.948271] vfs_kern_mount+0x40/0x60 [ 427.977900] btrfs_mount+0x3ce/0x2b28 [ 427.981709] ? lock_downgrade+0x6e0/0x6e0 [ 427.985849] ? find_held_lock+0x35/0x130 [ 427.989896] ? pcpu_alloc+0x3af/0x1050 [ 427.993777] ? btrfs_remount+0x11f0/0x11f0 [ 427.998006] ? rcu_read_lock_sched_held+0x110/0x130 [ 428.003010] ? __lockdep_init_map+0x10c/0x570 [ 428.007501] ? __lockdep_init_map+0x10c/0x570 [ 428.011983] mount_fs+0x97/0x2a1 [ 428.015337] vfs_kern_mount.part.0+0x5e/0x3d0 [ 428.019815] do_mount+0x417/0x27d0 [ 428.023348] ? copy_mount_options+0x5c/0x2f0 [ 428.027739] ? rcu_read_lock_sched_held+0x110/0x130 [ 428.032764] ? copy_mount_string+0x40/0x40 [ 428.036988] ? copy_mount_options+0x1fe/0x2f0 [ 428.041464] SyS_mount+0xab/0x120 [ 428.044915] ? copy_mnt_ns+0x8c0/0x8c0 [ 428.048806] do_syscall_64+0x1e8/0x640 [ 428.052674] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 428.057502] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 428.062670] RIP: 0033:0x45c2ca [ 428.065839] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 21:25:38 executing program 4: [ 428.073527] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca [ 428.080781] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 [ 428.088031] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 [ 428.095283] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 428.102537] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 428.116181] hfs: unable to parse mount options 21:25:38 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x141002, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:38 executing program 4: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syslog(0x4, &(0x7f0000000080)=""/24, 0x559) 21:25:38 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) io_setup(0x7, &(0x7f0000000200)=0x0) io_cancel(r4, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2, 0x4, r3, &(0x7f0000000080)="2428b11fe2460acfd803c633ed6d630804bff22d3ad7b7852494", 0x1a, 0x4, 0x0, 0x0, r3}, &(0x7f00000001c0)) 21:25:38 executing program 2: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x40000, 0x0) accept4$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={[], [], @multicast1}}, &(0x7f0000000080)=0x1c, 0x80000) mmap(&(0x7f0000000000/0xc1f000)=nil, 0xc1f000, 0x0, 0x71, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) mlock2(&(0x7f0000532000/0x200000)=nil, 0x200000, 0x0) mlock2(&(0x7f0000b13000/0x2000)=nil, 0x2000, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r0, 0x80845663, &(0x7f00000000c0)={0x0, @reserved}) 21:25:38 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/net/tun\x00', 0x88009, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000100)={'rose0\x00', 0x420000015001}) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) write$tun(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="000002000000000000006031409200442c00fe800000000000000000000000228116610200000000000000000000000000010003907800000000fe8000"/74], 0xff23) 21:25:38 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffc, 0x4, &(0x7f0000000180)=[{&(0x7f0000000080)="cc1b88c4507e7c82761514501c1ac7a1955660adaf8e873e30e73f49c8ea8a84105d0f936bca3f766a154e", 0x2b, 0x5}, {&(0x7f0000000240)="05f27a34c7d393df2c2a44c998e801707f57cd16e35954ae0931e92830618b5743f2ae2dc755c75f8382f9098354590540326a9ad3bd2fa399971906ce3a416a9e7de8a6384373961335f2b6bbf70dc0a9e25e7ce30ba082d30d976521c8aad439d75db45f0240228fc24fb4cc633fae782841e88dbcd602694740d48ae450fb1688717ab343b0329f6c6bad2156b791818d33b30e18ae3727f07ec05087d2dabc0c5ac3ad3260868ead757e7cee473be9ef44702b3227b0e03b0e186541e4a63e869311bb7cdce19ad58c04ce49bbaed29bd250a21c8244c4eca5f0d7201bae4b", 0xe1, 0x101}, {&(0x7f00000000c0)="4790e25472180cc795e6c6b4cfd27ae6c6b39b82c5b74784b5ceb9b0ae7e8ad027a809bce637d8dd9aa6610796917c", 0x2f, 0x1}, {&(0x7f0000000140)="8b6c388fba59389e8a747703421e3929d1a416b2a764a4", 0x17}], 0xaba3974f3af1230e, 0x0) 21:25:38 executing program 3 (fault-call:0 fault-nth:71): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 428.409682] FAULT_INJECTION: forcing a failure. [ 428.409682] name failslab, interval 1, probability 0, space 0, times 0 [ 428.420901] CPU: 1 PID: 15965 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 428.428001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 428.437351] Call Trace: [ 428.437370] dump_stack+0x138/0x197 [ 428.437389] should_fail.cold+0x10f/0x159 [ 428.447721] should_failslab+0xdb/0x130 [ 428.447738] kmem_cache_alloc+0x47/0x780 [ 428.455755] radix_tree_node_alloc.constprop.0+0x1c7/0x310 [ 428.461365] __radix_tree_create+0x337/0x4d0 [ 428.465763] page_cache_tree_insert+0xa7/0x2d0 [ 428.470329] ? file_check_and_advance_wb_err+0x380/0x380 [ 428.475769] ? debug_smp_processor_id+0x1c/0x20 [ 428.480434] __add_to_page_cache_locked+0x2ab/0x7e0 [ 428.485434] ? find_lock_entry+0x3f0/0x3f0 [ 428.489652] add_to_page_cache_lru+0xf4/0x310 [ 428.494127] ? add_to_page_cache_locked+0x40/0x40 [ 428.498960] ? __page_cache_alloc+0xdd/0x3e0 [ 428.503351] do_read_cache_page+0x64e/0xfc0 [ 428.507667] ? blkdev_writepages+0xd0/0xd0 [ 428.511888] ? find_get_pages_contig+0xaa0/0xaa0 [ 428.516623] ? blkdev_get+0xb0/0x8e0 [ 428.520318] ? dput.part.0+0x170/0x750 [ 428.524189] ? bd_may_claim+0xd0/0xd0 [ 428.527971] ? path_put+0x50/0x70 [ 428.531406] ? lookup_bdev.part.0+0xe1/0x160 [ 428.535882] read_cache_page_gfp+0x6e/0x90 [ 428.540101] btrfs_read_disk_super+0xdd/0x440 [ 428.544579] btrfs_scan_one_device+0xc6/0x400 [ 428.549057] ? device_list_add+0x8d0/0x8d0 [ 428.553276] ? __free_pages+0x54/0x90 [ 428.557056] ? free_pages+0x46/0x50 [ 428.560669] btrfs_mount+0x2e3/0x2b28 [ 428.564455] ? lock_downgrade+0x6e0/0x6e0 [ 428.568583] ? find_held_lock+0x35/0x130 [ 428.572623] ? pcpu_alloc+0x3af/0x1050 [ 428.576497] ? btrfs_remount+0x11f0/0x11f0 [ 428.580718] ? rcu_read_lock_sched_held+0x110/0x130 [ 428.585720] ? __lockdep_init_map+0x10c/0x570 [ 428.590204] mount_fs+0x97/0x2a1 [ 428.593557] vfs_kern_mount.part.0+0x5e/0x3d0 [ 428.598032] ? find_held_lock+0x35/0x130 [ 428.602077] vfs_kern_mount+0x40/0x60 [ 428.605860] btrfs_mount+0x3ce/0x2b28 [ 428.609654] ? lock_downgrade+0x6e0/0x6e0 [ 428.613780] ? find_held_lock+0x35/0x130 [ 428.617823] ? pcpu_alloc+0x3af/0x1050 [ 428.621700] ? btrfs_remount+0x11f0/0x11f0 [ 428.625918] ? rcu_read_lock_sched_held+0x110/0x130 [ 428.630924] ? __lockdep_init_map+0x10c/0x570 [ 428.635399] ? __lockdep_init_map+0x10c/0x570 [ 428.639877] mount_fs+0x97/0x2a1 [ 428.643229] vfs_kern_mount.part.0+0x5e/0x3d0 [ 428.647714] do_mount+0x417/0x27d0 [ 428.651243] ? copy_mount_string+0x40/0x40 [ 428.655469] ? copy_mount_options+0x151/0x2f0 [ 428.659945] ? __sanitizer_cov_trace_pc+0x4e/0x60 [ 428.664772] ? copy_mount_options+0x1fe/0x2f0 [ 428.669277] SyS_mount+0xab/0x120 [ 428.672711] ? copy_mnt_ns+0x8c0/0x8c0 [ 428.676583] do_syscall_64+0x1e8/0x640 [ 428.680450] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 428.685276] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 428.690445] RIP: 0033:0x45c2ca [ 428.693612] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 428.701312] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca 21:25:38 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) r1 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x84800, 0x0) ioctl$EVIOCGRAB(r1, 0x40044590, &(0x7f0000000080)=0x4) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000440)=""/246) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000140)={0x0, @in={{0x2, 0x4e20, @local}}, 0x32c0e0be, 0x3, 0x10001, 0x100, 0xd2000000}, &(0x7f0000000040)=0x98) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f0000000200)={r2, 0x4e, "ed256e6014535a99b1fb0200f4fcda4e2e1ce84d6c7482ea530045a48fa1c7ed6969748a2c21baec7233607ba248b1e6962fde0e88f7b20b14fc4d6bc9ff3da305c89785bfaf6fc1ef61b2a9c4ce"}, &(0x7f0000000280)=0x56) ioctl$DRM_IOCTL_ADD_CTX(r1, 0xc0086420, &(0x7f00000002c0)={0x0}) ioctl$DRM_IOCTL_RM_CTX(r1, 0xc0086421, &(0x7f0000000300)={r3, 0x3}) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) [ 428.708564] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 [ 428.715815] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 [ 428.723063] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 428.730315] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:38 executing program 2: r0 = geteuid() r1 = geteuid() getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000001680)={{{@in=@local, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@empty}, 0x0, @in=@dev}}, &(0x7f0000000180)=0xe8) syz_mount_image$vfat(&(0x7f0000000040)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x6, 0x6, &(0x7f0000000540)=[{&(0x7f00000000c0)="12dae3f1335283cc089bfaa09385", 0xe, 0xec}, {&(0x7f0000000240)="0a50b31596f4eec734685c9b3e753b8d64619646b3fe97e77766c1fe54398155fc62dd39dafb97634887434a05935be01f0d5fe894a0197eb91336d8b4b018af40a4450e20b343a135412ec476da51d07995d8664cd458084f2ea198bfaa244822b85e6cf97238be7a84c12a6a24eac9ba6d19fb6e539d309ff5fba409f7d49449b2152cc0f12f19f86bd489c8a19273d3b7dc9bb2c11647f54e4fecb63ff8387fee238eee298de9eb2cbd63c326af8a9944cefffbb9fb02fc5305e660954e4d2b5d74cd3570d4b8e484dd35d528a67d54f7e5a0f5974d3492760067362f9141fb8c30b4", 0xe4, 0x5}, {&(0x7f0000000340)="f758ce2c315f2983ab05325653d2a8aa849c5e1546e61bcd1c24f462f17dda70dd9a10f95aceb9de341207a91d9b760172ceb7d00bccdd87a585d6ab0e0d6a728b1c2a70a50cc22ffdee297682df9b9ed715cf3f2e6d9b0b5ec0cd438297d18644820a72c199d8db2cecc96e14f8631a4e0434349ff93985abefad5b96496071e47b930fbf33b05a7289ae5e57f961079f2f3da68249f22cec4481789d017715635da17df0deee2fce36489cf97a9506543e93538c020d34059759eb0d56b140c73df609d499a3ab70", 0xc9, 0xad}, {&(0x7f0000000440)="f5ba76a712cb15cf17c1eca024627ba9f4eaf6c7127a17a5f5abb98929c50bf53fd2e35a11a1330ee58afcb80329398d2a829e36fb7e0b6be7f508f0da3240ba314d4e84163042b162089beb24f78e1df944f5b234be6c5c7e39cc3fac60eb573fc7d3de64a328ebefd8050c1e16c850c8cce81387550970758e6d81b4e883b18cd4e62cbf67ed281b888595ba7e8f0b67530b360895abf245387f5893d9310a50ef7d124cee7220db90a37c55ff58c340c29801908038aa8695d2fd0b5fc51dfce80c2111e9356e2012a7de3cac0c328a1dc58fa8dac08c5dff31b1384fc9147551be9523fd4f8279e9d23aa9597d2f8f64cc21da7481d9f062", 0xfa, 0x101}, {&(0x7f0000000140)="8df80fa5e3a8d3d338c2cffecee4be75e4c00d3a696d4760e19cc86c737d8833a8dc3f3b09d40fa4255eb2", 0x2b, 0xa2}, {&(0x7f0000000680)="f4252d804b07f0df798663028d598a6c35f8d1e035ad3df56669bbe69353162cfbad6405eef00b58246c476f522602f4dc31371e501de13513fdbd1bcac40499c038236a7c0c864cf7e209c775443b336f66ea0ce24aac4052debe3410b06a6d207e6f5b2e403e1bee20ad39270424baa05437b559c971744203aabd36f0810179c9f92c1a7dc7cd10934c8e768836060f5594a33d6f967cef8da1f5cf500ed85ee4a3f2427d14c1dc71b88b619a079a8dd0e09703377cd1d48737eb977050e919f08de23654f75eb1632f5e06a786632e3586ac9caddbc593812173dce86b995442ffcc343f61ff3c7467076711ac51bbe10b49d8f7ff260df06e6621d7ab7583a6ce89392cb2f1210014b5b3ce3d44ade03383318bcf2dd6835afca639cafa808eacd185c95737eb21e062f85e68e543bc9a052a516bb44c0f620f81cc3ea7ea87eac1471629d774e5e0172d6bf7137e4a34dc6ea54613777a8140c3f34fa61b656fdae6148b66719f2c424a40f21ccf28195a8025cf5c143215606de5708138d9217762bab4c8b409d68921da196df052cf054b30451895dc7c5f16cc91a67c9ec3155725f34809c374ceb5363e37f4e76939acc10c1f282f7def93f746fae0c650382add698622c304493885e271c5a9940a3735adba9e74fc30ee87e030e9c40783b7fb72f8c17c8d4385c61dd9b966e9de08e04c938a5a3af7b042d239afbb13bc8128c0149c5eae038a1f272dee6d78083393a9e28085cc368f28501634101c6f7a7b8c408f16afe8f5b6deaea35461e49455c8251ca996c5230698d2538b1d7ba1f3bdde32d4420becc007477bf92c101ffaa4d55f278b7b4fdabfeb38acca7fe45e85bf99da7d0e9a4e5f849fec45a488240af1cf2d85bf95606ceeca342e084b8b7ef3c85ca168866fda4db270f8719444f0c7c57125a04d2573d9a514bd4b11d17d3dfa9fa3f1a351ff010d66aaa56003664526c7f7857f20a45fb563439779ebdcfa40d569a4f4b8b1e74f177caa029c51ab89cc803b3aba875c3bbed6ae87ff02bd4eeb0273b8248def867e6745f34e78628663725c93949e7cbd5d582c5b1da2280543e59b92b7dd600a905216f4fdfa959bd34a4574db08401e7b4fae5d2af15b45b0e4d3de168b7f4bbbbcb81d56411fc1b18a8bd0604f32f0a2209623f555049a84b1fed6cf5854b35ed4f573a019cacfa03b64e397358bed4a83653cd2ebc5d574dd3f4a8c1f6ccc6c2ffc0bb38c5c43f4d723476449e0124cbecb6ddf5bf513b0907e1efe46b0ab64395859b640ca022a6b2234c517c4d59d323f87be1b65ada689530b4438f224daf12bf158e5f5b87be067e4f3f81b667c4091baec69d8e4520a42c6713d7487cfbec3bd4847f12d5635d68a643aeac0708ede64b66505b56056a115532778ae0ac321dfcd179899cb4a193f49cb098d4994bf6be6968125fb322793d2cb9364279604ee683cca5883327892d9b2bd265ac97df35e841c58a01d82cb564cceeab28687e30be590cf42e0d25abe467543533f74b48f4f039c4ff40f51ee390999da8129777088df5ed47b6140a808070fc61a561e34b5b6297da4c5840ac524f86552b6f8e5b46c4ba2ab6c689aa3547de8dcaa7897f41c72f2ddccd92613ec34743052213505779fa975b384b7d0993cc8e0da4c1695729f453557e33c0d93bd01ad513a2b937b8d3921d82eca30719eef5ad68a76187ed035897ab644779808ac21c9b5c5dd39056a12a0a3335f07a9b6d7094e3b3b0f4dcebebc4664b2ed5ab8e22322557e2a76da00a3c7882dcc8c6b56d5f35c0b11383dbcee6a3f4bd97038eef5c2d12bbc491d80b147373181f7a7bf0ff0ca637da0c128273144c001d5a205cb1a450a0ee9d8db573c52b3888cc1610e86e6c8347bd2b698f7e8aeccf3ab9832c22cf1d5670eab88a4f06bf766f107dd4719988e2243700e191d08139762dd0f5318c9508a74c318a18c4be3a04813b0e1e941fa1c2f758982f319ef0f3aa1f900bab7b6cdfd7dad2c2858038e550b5447763aa0fb51a84c83dc0b84f710be547b66e16412daaa18ef19c7fadd4166e92426f169f06a796b654d37fdddceeb658a16d25b73a758d1deff248ae4c6788fa911baf1ea96e9309ee9e30a6ce20f31c08f063e39b9f1f3825d29878a8cf86ae13eba2cd1002e0ce8007a51a77e97472dd852c38d18a5a1e1635bb156b1caa9e12ca9100f5360462385acb950b56b7c5837bb90d3d598b38b6b2e817164816a817f4abf6e3f7af1ab63ca61934fe240dc9d7e62ffc6ebf6e2c3f23b15886a041959ae17d199353f5a7083cf1efdf6f54583e3f11155bc03e7ccdb2f6d60dfd16dd83521f0a7f68e6fed5b359626d0f7bbc77a103dfd02d047c9695d424faf55884fbd5305c10dcf9c6631f2de107f83c4d055987477b3e9f48ce41a4a1267dc88301c0be2b7a02e23b43dc0602ff85fcfd9933d0c9bd6e10508a2b5e5b97964fd7f32454d507432f7f1eb59ff151999c4ae885a9b5f4a6ee86f831fd34dbd5b485601a5836f11d4308ff0e78838de339675ba4765f2d85cd619711940015421be455722f917925be559fb635e777a806ebf65af7b22f30379838c557028bfbab89346095f9292de173e5989395488a4bf00aac19a6fe34279d83057cde925d69ce7afb7a0bcb456352d9c6274047d2cd54515f734524b7d768cf17a77dd0ce6bfa90084b23a7ced47a7cdb0d1722cf91677e61efaccff32e02276e7f6f73456dd84fbf5e2f396f9b8f5965c08db8172827a252462b149b1bf075d98e4e6edc69d5d5f78dbe486cd07fd9f7c7d2821bbf55181a67fa5cf41bb6e98de0974e0d94910d3b06c822459d51ff7b2ef87b27a1eb5350043cbfea15a50f57aaf0b6a610ffe4e84ab43abcd4bf3f47b3092a139c129ba147f2d8800edf78acd28ef22035a87dfaab1df5e3daa0e164fe72c67df3891a0caca51e8715b0ae4e02ad606239128b05046645392ed5d8ef9387f598049bed280c35086143c41c5e31532be6ae2792c7bc1c87bcb42f429d7d5653152aeeeab3ccf455d96b990dff2133ead5e597f55254b95996f022346412fe25a651e7b39d45a4bed085975283f1453dcad796137555e74bdab96ab840936d93710f45ce7fabbcee978bdaa31abe472df9bcb3091f7be97f0a42142d77c95dbdb324a814f71cd98e86d99e22c0cdd5cf98f932a72714e76343f2f16a42f04d96c9ba0c32111ad6f536c233e7c3a019edc3bcadc093bc1509a9b078c42d48a2f8e2f326497c3fc5e2ca0592f0e3f8d976e2969de359dcb205cabb52bb8ebfd204ff2dcedc5ec4588c063464cc3fc096190655e6bd7ee1b3e84df634664e3f5436fcbd21a834baf90d23b02717d6246f5dba2d64a6355f0d425b6a42d284e1cf46654e09cc1926e9a2452e4b40e69d82a87ef980511a45362a143f0b4f43d6a8dbe1b1dbe2fd1473f9812f38f78b66aef9d12f964859866ec290546b2fe62939df79cae2322d1c541b73783c60252f25cafd4f8a31387b670241fa6590da6b0629fb5e0e128c6490915673113bc4e5aa2c19bdb4b0501ab4a852f156693fe7f09560f077a496d3e4ea91461a5fd9b27392f49209cb8030443690c62b99b841583105fb6ef006bec0b0259a2652527ba77f62b8c91dc73a8832c339df9ac8b67af52647bea84b5429b62171a4e09c15fdefa9803b09d326e6ae295823efeb383bcdbaf1a936c1aba1adfdf3059c114ee5fa47eca219f2f8e5b5e1d2ef6ecaef4e82e9dcb915fe38378d512ad2efb503e3ef7c0dcbf477271ccd8cf61fb03f6964009bf8039d0dbf63cd4fc4dd4941e1370b15044cd0f76359bd286708288b136c370e6d0cbe548e9ec0166460c9614955207da15da9ee49a410cf92bad9ed8b723ae5ec3a3e0e3cd1407ddb0864c20e45ec0f8343606735ce279178b7754ec31b407e01715205f4d9852dea43ea6a8515cb7cf703ecfa7e1fbf93fc0e6ae34755f4a24a5079674d1eebc26b7936580f6f51edc9048e6be03ddb0249c7ae1bb0296aa41acdc02aa0b90f1c516ca0689e7603fe68eee5cd32b76da912dbe7d0e9acc799b5b24c14aa1c2d605d4fe78ff5160f7a58b24cf2d6b54b5e76b732d4b437d8ed7e361e49b8dbbfcb84d3c357a466312987b012e2a03df248a3e6519f8718d31d4ada1ac8cfa32301f1b25f70d5726a5682b5727ec1a7a1c3743b2b88a62833c836ac719bf0608d6d4f7ede4cfa6116546313420d51d0ea2a5936e5ab209fca6e777d66c0c7fbf94f1ad391777023e124763d44834456e57f792a4c3b6aea379ddb764074eb2f4f56ca7032dbedbcec700449dae864b769d9991a3a13a4549f865f3930f95e899327c06c238a190253342c7b98e4de5f50d6380c43916e296aafebdb80f2fc81845e13758c83b5ec432868cb1deaef491bf062ca9c885933e704660d75b9b21d48b3c372a5aa447ca1599371428c58e0ace39bf6f838e8262bfae958c8fbc396dae584c919ae8c33aa81b68c0d48d1eb9ee9ab1f9c79d2a99c78d8300b671c565f63fd9472779d76b2534844bd31bf7ddc7b35d1ad87ac932d6c0fc9771e106fa594c9004c6a6ea060206a409f7a81b652605cbe49cd9b8d5af31d89017a44ef32150d48ebe98f100bc83a7be49ded8578ef5ecb12fadb70cfd938034b03e70196ba5cb26c3d7265ff3beabc6da3de9847b65ef2fb564824bb498cc29e698734ddce4a527b7378c4c230e409178a9d6f4925e29a49aefc53f83f6e6a89c5c61edd3bde9cce41e74a28edf34c42c6b124230d0588c45faf066a4499cac102b47476f6445d2511ae24a0ee084307f3d961a134b22e65fcf0491eebba1ce89fab44a3185cc24ef7a83a13e50f67b4b9299e9914ad22e4d9c7f6e7b55f76b6bdf1e107f0464b783affd697f567be0d3e1e8a0f724fe5655c14550078158459574ddcee29bb2d5192adbc1d762e4cbc5dd36bce1c5bfbe500a2479dee56789a58563171d7441015ee23cca6e2a3307ba1b84727e5fb6ee87302622d56a24534b44100976a91ae3be87d45c7529eaa820cab88c51ae5783b1255b62e35d86c585e145c0597353d3ff5c75e892e5ccedff03a616f2705200d9c03332339ae5ac9ef7686ae64098401c9d2dd787e7cb2edce1cab9e46562ad8293c2ed8045443c12de6007afd7d4864a20c9b767e8e74a335ca1e5e00007e70c9663dbb0017494c567d6c9971a0e5a87f0f437d4b6742f1b6ff0c1adb149063ad1102e9ffc0805ab13abdfcbc9a39b69ab60b1f50806d6195f70dd16abae2d3d16ee6dafe02ed67bf4b574dc2f4f58fb9d8c5bea3e95800b237fab07a20b35639c8d9b6f6dee7487ff4ae5142e5659a71344cd9546a63c17c43f52b2ce6e099e887b0357f12ae97880817ab157a7dd675e9c4b5659b5f76e4221d7bcd3c3f25e88b9aa1d71c15c8a26c411d8e1b21d2a9b2c5d6988677d6da0466cc52557efacb731251a6b76e3914df7c767c7fe1199cbc1efb5da592e8a774ef65fd2f2c8eed3aa2b6b071b7b6c4cfb365eb08c2585a9f2b6ac2c0c1e79fc63db6c9e0789eacd6c7d503312cde2a7a97ec98628bf1e99e287e9f093ec3d9b5c6928c1bfa94a4c2f772eba5e108c7d5cc37f967d2e25ae739e0ed4c03470bd55dcaf2455e8955a1104fb91b4170161a7e0425c7dff471f61fc4e3310ad13120ec9bffe15ae27ff2e7b178b0c1f7bbf6eb030d4c6faafe73dcbeb65e9390721e8dc30e75ca3f52682c0228db2111c35d4be571785f1b99b", 0x1000, 0x1}], 0x100020, &(0x7f0000001780)={[{@fat=@dos1xfloppy='dos1xfloppy'}, {@uni_xlateno='uni_xlate=0'}], [{@uid_lt={'uid<', r0}}, {@fsname={'fsname', 0x3d, 'btrfs\x00'}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'posix_acl_access&'}}, {@euid_gt={'euid>', r1}}, {@fowner_gt={'fowner>', r2}}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@smackfsdef={'smackfsdef', 0x3d, 'btrfs\x00'}}]}) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r3 = openat$selinux_status(0xffffffffffffff9c, &(0x7f00000001c0)='/selinux/status\x00', 0x0, 0x0) setsockopt$netlink_NETLINK_RX_RING(r3, 0x10e, 0x6, &(0x7f0000001840)={0x4, 0x0, 0x17, 0x3}, 0x10) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f0000001880)=@assoc_value={0x0, 0xff}, &(0x7f00000018c0)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x1f, &(0x7f0000001900)={r4, @in6={{0xa, 0x4e20, 0x1, @remote, 0x9}}, 0x3ff, 0x80000001}, &(0x7f00000019c0)=0x90) listxattr(&(0x7f0000001a00)='./file0\x00', &(0x7f0000001a40)=""/220, 0xdc) 21:25:38 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0xfff, 0x174439a45387017c) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x4e21, @empty}}, 0x40, 0x4, 0xffffffffffff7a81, 0x1f, 0x8}, &(0x7f0000000080)=0x98) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f00000000c0)={r1, 0x100}, &(0x7f0000000240)=0x8) 21:25:38 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) fcntl$setpipe(r0, 0x407, 0x3ff) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) [ 428.762337] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 428.791158] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 21:25:39 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x200, 0x0) getsockopt$inet_sctp_SCTP_RECVRCVINFO(r3, 0x84, 0x20, &(0x7f00000000c0), &(0x7f00000001c0)=0x4) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r3, 0x28, 0x0, &(0x7f0000000080)=0x6, 0x8) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 428.874463] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. 21:25:39 executing program 3 (fault-call:0 fault-nth:72): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 429.007494] FAULT_INJECTION: forcing a failure. [ 429.007494] name failslab, interval 1, probability 0, space 0, times 0 [ 429.019652] CPU: 0 PID: 16005 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 429.026828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 429.026833] Call Trace: [ 429.026852] dump_stack+0x138/0x197 [ 429.026871] should_fail.cold+0x10f/0x159 [ 429.026886] should_failslab+0xdb/0x130 [ 429.050527] kmem_cache_alloc+0x2d7/0x780 [ 429.054681] ? delete_node+0x1fb/0x690 [ 429.058578] ? save_trace+0x290/0x290 [ 429.062384] alloc_buffer_head+0x24/0xe0 [ 429.066465] alloc_page_buffers+0xb7/0x200 [ 429.070728] create_empty_buffers+0x39/0x480 [ 429.070740] ? __lock_is_held+0xb6/0x140 [ 429.070753] ? check_preemption_disabled+0x3c/0x250 [ 429.070766] create_page_buffers+0x153/0x1c0 [ 429.070774] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 429.070785] block_read_full_page+0xcd/0x960 [ 429.070797] ? set_init_blocksize+0x220/0x220 [ 429.070806] ? __lru_cache_add+0x18a/0x250 [ 429.070819] ? __bread_gfp+0x290/0x290 [ 429.070829] ? add_to_page_cache_lru+0x159/0x310 [ 429.070840] ? add_to_page_cache_locked+0x40/0x40 [ 429.079290] blkdev_readpage+0x1d/0x30 [ 429.079302] do_read_cache_page+0x671/0xfc0 [ 429.079311] ? blkdev_writepages+0xd0/0xd0 [ 429.079327] ? find_get_pages_contig+0xaa0/0xaa0 [ 429.079338] ? blkdev_get+0xb0/0x8e0 [ 429.142054] ? dput.part.0+0x170/0x750 [ 429.145927] ? bd_may_claim+0xd0/0xd0 [ 429.149711] ? path_put+0x50/0x70 [ 429.153147] ? lookup_bdev.part.0+0xe1/0x160 [ 429.157535] read_cache_page_gfp+0x6e/0x90 [ 429.161767] btrfs_read_disk_super+0xdd/0x440 [ 429.166245] btrfs_scan_one_device+0xc6/0x400 [ 429.170725] ? device_list_add+0x8d0/0x8d0 [ 429.174940] ? __free_pages+0x54/0x90 [ 429.178720] ? free_pages+0x46/0x50 [ 429.182334] btrfs_mount+0x2e3/0x2b28 [ 429.186118] ? lock_downgrade+0x6e0/0x6e0 [ 429.190246] ? find_held_lock+0x35/0x130 [ 429.194306] ? pcpu_alloc+0x3af/0x1050 [ 429.198178] ? btrfs_remount+0x11f0/0x11f0 [ 429.202399] ? rcu_read_lock_sched_held+0x110/0x130 [ 429.207403] ? __lockdep_init_map+0x10c/0x570 [ 429.212145] mount_fs+0x97/0x2a1 [ 429.215498] vfs_kern_mount.part.0+0x5e/0x3d0 [ 429.219973] ? find_held_lock+0x35/0x130 [ 429.224017] vfs_kern_mount+0x40/0x60 [ 429.227797] btrfs_mount+0x3ce/0x2b28 [ 429.231579] ? lock_downgrade+0x6e0/0x6e0 [ 429.235717] ? btrfs_remount+0x11f0/0x11f0 [ 429.239935] ? rcu_read_lock_sched_held+0x110/0x130 [ 429.244940] ? __lockdep_init_map+0x10c/0x570 [ 429.249416] ? __lockdep_init_map+0x10c/0x570 [ 429.253893] mount_fs+0x97/0x2a1 [ 429.257244] vfs_kern_mount.part.0+0x5e/0x3d0 [ 429.261723] do_mount+0x417/0x27d0 [ 429.265243] ? copy_mount_options+0x5c/0x2f0 [ 429.269630] ? rcu_read_lock_sched_held+0x110/0x130 [ 429.274629] ? copy_mount_string+0x40/0x40 [ 429.278848] ? copy_mount_options+0x1fe/0x2f0 [ 429.283325] SyS_mount+0xab/0x120 [ 429.286757] ? copy_mnt_ns+0x8c0/0x8c0 [ 429.290628] do_syscall_64+0x1e8/0x640 [ 429.294495] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 429.299322] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 429.304492] RIP: 0033:0x45c2ca 21:25:39 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm_plock\x00', 0x40, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000240)={{{@in6=@empty, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in=@multicast2}}, &(0x7f0000000140)=0xe8) fstat(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='fuse\x00', 0x5022, &(0x7f0000000340)={{'fd', 0x3d, r0}, 0x2c, {'rootmode'}, 0x2c, {'user_id', 0x3d, r1}, 0x2c, {'group_id', 0x3d, r2}, 0x2c, {[{@allow_other='allow_other'}, {@allow_other='allow_other'}, {@default_permissions='default_permissions'}], [{@obj_user={'obj_user', 0x3d, 'btrfs\x00'}}, {@audit='audit'}]}}) [ 429.307670] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 429.315363] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca [ 429.322612] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 [ 429.329863] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 [ 429.337114] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 429.344452] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 429.394044] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 21:25:39 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x9f5}], 0x0, 0x0) [ 429.435843] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. 21:25:39 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/net/tun\x00', 0x88009, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000100)={'rose0\x00', 0x420000015001}) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) write$tun(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="000002000000000000006031409200442c00fe800000000000000000000000228116610200000000000000000000000000010003907800000000fe8000"/74], 0xff23) 21:25:39 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000240)='/dev/autofs\x00', 0x200, 0x0) ioctl$RTC_AIE_ON(r1, 0x7001) r2 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x6, 0x8042) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000280)='/p_\xfa/\\J]Lf\xf2\x00'/33, 0x2, 0x0) setsockopt$packet_buf(r2, 0x107, 0x5, &(0x7f00000001c0)="6aa9be77408a46de21226cb617c35e080434e840bfc333", 0x17) perf_event_open$cgroup(&(0x7f0000000080)={0x4, 0x70, 0x4, 0x4, 0x9, 0x6, 0x0, 0x1464, 0x2, 0x7, 0xa35, 0x3ff, 0x1, 0x5, 0x100, 0x6, 0xb282, 0xffff, 0x5, 0x2, 0x80, 0x5, 0xd8ac, 0xfffffffffffffffe, 0x1, 0xffffffffffffffbc, 0x8, 0xff, 0x1f, 0x1, 0x2, 0x7, 0x1, 0x4, 0x8000, 0x77928d6f, 0x37, 0x9, 0x0, 0x10000, 0x1, @perf_bp={&(0x7f0000000040), 0xf}, 0x8140, 0x800, 0x30b, 0x3, 0x179, 0x7, 0x2}, r2, 0x8, r3, 0x4) ioctl$SG_SET_KEEP_ORPHAN(r3, 0x2287, &(0x7f0000000200)=0xff000000000000) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) [ 429.481372] print_req_error: I/O error, dev loop1, sector 128 21:25:39 executing program 3 (fault-call:0 fault-nth:73): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 429.613292] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 21:25:39 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x101000, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000080)='cgroup.subtree_control\x00', 0x2, 0x0) ioctl$EVIOCGEFFECTS(r0, 0x80044584, &(0x7f0000000240)=""/228) [ 429.680242] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 429.704306] FAULT_INJECTION: forcing a failure. [ 429.704306] name failslab, interval 1, probability 0, space 0, times 0 [ 429.748058] CPU: 0 PID: 16041 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 429.755182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 429.755188] Call Trace: [ 429.755206] dump_stack+0x138/0x197 [ 429.755225] should_fail.cold+0x10f/0x159 [ 429.755239] should_failslab+0xdb/0x130 [ 429.755250] kmem_cache_alloc_trace+0x2e9/0x790 [ 429.755262] ? __kmalloc_node+0x51/0x80 [ 429.755278] btrfs_mount+0x1069/0x2b28 [ 429.755289] ? lock_downgrade+0x6e0/0x6e0 [ 429.755296] ? find_held_lock+0x35/0x130 [ 429.755305] ? pcpu_alloc+0x3af/0x1050 [ 429.755320] ? btrfs_remount+0x11f0/0x11f0 [ 429.775002] ? rcu_read_lock_sched_held+0x110/0x130 [ 429.775025] ? __lockdep_init_map+0x10c/0x570 [ 429.775042] mount_fs+0x97/0x2a1 [ 429.820531] vfs_kern_mount.part.0+0x5e/0x3d0 [ 429.825010] ? find_held_lock+0x35/0x130 [ 429.829055] vfs_kern_mount+0x40/0x60 [ 429.832842] btrfs_mount+0x3ce/0x2b28 [ 429.836623] ? lock_downgrade+0x6e0/0x6e0 [ 429.840750] ? find_held_lock+0x35/0x130 [ 429.844790] ? pcpu_alloc+0x3af/0x1050 [ 429.848667] ? btrfs_remount+0x11f0/0x11f0 [ 429.852886] ? rcu_read_lock_sched_held+0x110/0x130 [ 429.857891] ? __lockdep_init_map+0x10c/0x570 [ 429.862371] ? __lockdep_init_map+0x10c/0x570 [ 429.866854] mount_fs+0x97/0x2a1 [ 429.870206] vfs_kern_mount.part.0+0x5e/0x3d0 [ 429.874681] do_mount+0x417/0x27d0 [ 429.878200] ? copy_mount_options+0x5c/0x2f0 [ 429.882588] ? rcu_read_lock_sched_held+0x110/0x130 [ 429.887588] ? copy_mount_string+0x40/0x40 [ 429.891807] ? copy_mount_options+0x1fe/0x2f0 [ 429.896284] SyS_mount+0xab/0x120 [ 429.899717] ? copy_mnt_ns+0x8c0/0x8c0 [ 429.903590] do_syscall_64+0x1e8/0x640 [ 429.907459] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 429.912288] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 429.917459] RIP: 0033:0x45c2ca [ 429.920630] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 429.928321] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca [ 429.935572] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 [ 429.942834] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 [ 429.950084] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 429.957336] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:40 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/btrfs-control\x00', 0x1a1001, 0x0) setsockopt$inet_sctp_SCTP_NODELAY(r1, 0x84, 0x3, &(0x7f0000000080)=0x80000000, 0x4) r2 = memfd_create(&(0x7f0000001fc1)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\b\xedcJ\x8e\x84\xd4N\x12\x9b\x1f\t\xbd\x11+\x86T\x16\xa3\xb3\xae0\x9f9?\xefo\xa4k\x012>\xa1\x9c\x86x\x1c\x9f\x84\x195\xde\x97_\t~\xf3Y\x12\"p^\xc1\x0f', 0x0) fallocate(r2, 0x0, 0x2000421, 0x1) write(r2, &(0x7f0000000340)='/', 0x1) sendfile(r2, r2, &(0x7f0000001000), 0xfec) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x2000000000011, r2, 0x0) sysfs$1(0x1, &(0x7f0000000000)='eth1,\x00') ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000240)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) 21:25:40 executing program 2: stat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_open_dev$swradio(&(0x7f0000000680)='/dev/swradio#\x00', 0x0, 0x2) syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0xfc61, 0x4, &(0x7f00000003c0)=[{&(0x7f0000000140)="ecf719a67ea30d79a9d5b9fefa76c48684a6f7d32df147166c1ca951e90d29d041236a324f11c43e4decda927a37ebb1809071cccffb1de4dd0b44f00fd29ce794723c99646c1439096c4d9116b23a620a37b22e97d25ed8773d755e7baf5f31462c83e2a6af1ebf1785d16ad900", 0x6e, 0x100000001}, {&(0x7f00000000c0)="cc424182f07bfd28a8329d65149b88f0aef2a38fbe79755588ee8d94f0b508c9", 0x20, 0x71}, {&(0x7f0000000240)="77ac31a3bb0d956d76dc62abffafbe8f1d210f0e090a62237832e40291af057271530467a377a3e9ce9366bd909c48a5ea2f01b1dea800b03f5e25b18828db52a28eb0d7fabc1820605ad2087d40642d186d5547e7058ce26aa458d5ec35be60014a95fcbd9d2fa9c9a72025ed82ab6bdc9c27ed6d7952f5b775c01ee8347de66f60d6de2fd1e76d992c3e3603fb295ea4ff7b81b740ca60304946ad6478024cd2f82f217bcc9aca9380d8f38f5a3fe8f998e6aa4341894e839b794fce9eecfc45af0e4acf9afaaded8280467087b1", 0xcf, 0x4}, {&(0x7f0000000340)="820741b7d51edd0affc71f3d784219736edfbad89b5c1e2070c328f83ee0ca4cd8b2df12f8e56eb5bb7a613b714925f253a9b58ab17a128272498d34fbf215c2f2f62476407ecb1180484dba102a950b8ab3ef8e54b3a0c392ac78b4", 0x5c, 0x5}], 0x2000, &(0x7f00000004c0)={[{@fragment_data='fragment=data'}, {@ref_verify='ref_verify'}], [{@seclabel='seclabel'}, {@dont_hash='dont_hash'}, {@subj_user={'subj_user', 0x3d, 'btrfs\x00'}}, {@fowner_lt={'fowner<', r0}}]}) ioctl$EXT4_IOC_SETFLAGS(r1, 0x40086602, &(0x7f00000006c0)=0x80) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x92, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x4, 0x0) r2 = syz_open_dev$sndpcmc(&(0x7f0000000540)='/dev/snd/pcmC#D#c\x00', 0xffffffffffff2b6f, 0x80) ioctl$VIDIOC_SUBDEV_G_FMT(r2, 0xc0585604, &(0x7f0000000580)={0x1, 0x0, {0x2d0, 0x400001, 0x3008, 0x4603ef124d3c0873, 0xc, 0x0, 0x6, 0x1}}) 21:25:40 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/net/tun\x00', 0x88009, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000100)={'rose0\x00', 0x420000015001}) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) write$tun(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="000002000000000000006031409200442c00fe800000000000000000000000228116610200000000000000000000000000010003907800000000fe8000"/74], 0xff23) 21:25:40 executing program 3 (fault-call:0 fault-nth:74): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 430.083966] audit: type=1400 audit(1567113940.185:65): avc: denied { map } for pid=16053 comm="syz-executor.0" path=2F6D656D66643A202864656C6574656429 dev="tmpfs" ino=73409 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:tmpfs_t:s0 tclass=file permissive=1 [ 430.134072] FAULT_INJECTION: forcing a failure. [ 430.134072] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 430.148386] CPU: 0 PID: 16068 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 430.148394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 430.148400] Call Trace: [ 430.148419] dump_stack+0x138/0x197 [ 430.148436] should_fail.cold+0x10f/0x159 [ 430.175210] __alloc_pages_nodemask+0x1d6/0x7a0 [ 430.175222] ? fs_reclaim_acquire+0x20/0x20 [ 430.175235] ? __alloc_pages_slowpath+0x2930/0x2930 [ 430.175259] cache_grow_begin+0x80/0x400 [ 430.193275] kmem_cache_alloc_node_trace+0x697/0x770 [ 430.198367] ? mutex_unlock+0xd/0x10 [ 430.202090] ? btrfs_scan_one_device+0xeb/0x400 [ 430.206748] __kmalloc_node+0x3d/0x80 [ 430.210533] kvmalloc_node+0x93/0xe0 [ 430.214229] btrfs_mount+0xf88/0x2b28 [ 430.218014] ? lock_downgrade+0x6e0/0x6e0 [ 430.222140] ? find_held_lock+0x35/0x130 [ 430.226181] ? pcpu_alloc+0x3af/0x1050 [ 430.230055] ? btrfs_remount+0x11f0/0x11f0 [ 430.234275] ? rcu_read_lock_sched_held+0x110/0x130 [ 430.239281] ? __lockdep_init_map+0x10c/0x570 [ 430.243765] mount_fs+0x97/0x2a1 [ 430.247118] vfs_kern_mount.part.0+0x5e/0x3d0 [ 430.251593] ? find_held_lock+0x35/0x130 [ 430.255639] vfs_kern_mount+0x40/0x60 [ 430.259425] btrfs_mount+0x3ce/0x2b28 [ 430.263209] ? lock_downgrade+0x6e0/0x6e0 [ 430.267337] ? find_held_lock+0x35/0x130 [ 430.271380] ? pcpu_alloc+0x3af/0x1050 [ 430.275272] ? btrfs_remount+0x11f0/0x11f0 [ 430.279491] ? rcu_read_lock_sched_held+0x110/0x130 [ 430.284503] ? __lockdep_init_map+0x10c/0x570 [ 430.288976] ? __lockdep_init_map+0x10c/0x570 [ 430.293454] mount_fs+0x97/0x2a1 [ 430.296801] vfs_kern_mount.part.0+0x5e/0x3d0 [ 430.301278] do_mount+0x417/0x27d0 [ 430.305942] ? copy_mount_options+0x5c/0x2f0 [ 430.310338] ? rcu_read_lock_sched_held+0x110/0x130 [ 430.315337] ? copy_mount_string+0x40/0x40 [ 430.319557] ? copy_mount_options+0x1fe/0x2f0 [ 430.324035] SyS_mount+0xab/0x120 [ 430.327469] ? copy_mnt_ns+0x8c0/0x8c0 [ 430.331428] do_syscall_64+0x1e8/0x640 [ 430.335295] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 430.340124] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 430.345468] RIP: 0033:0x45c2ca [ 430.348638] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 430.356327] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca [ 430.363577] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 [ 430.374910] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 21:25:40 executing program 5: syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0xe6, 0x400000) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:25:40 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/4\x00') ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000340)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) [ 430.382159] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 430.389409] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 430.411968] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 430.444273] print_req_error: I/O error, dev loop1, sector 128 [ 430.461091] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. 21:25:40 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x100, 0x0) 21:25:40 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f0000000080)={0x7b, 0x5, [0x40000021], [0xc1]}) 21:25:40 executing program 3 (fault-call:0 fault-nth:75): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:40 executing program 2: r0 = open(&(0x7f0000000040)='./file0\x00', 0x200100, 0x0) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000080)={0x0, r0, 0xc5, 0xe976, 0x4, 0x80000000}) write$nbd(r0, &(0x7f0000000140)={0x67446698, 0x1, 0x3, 0x4, 0x4, "592db1be9e436cd6fb547d2c701c0debbf871e86955433ea4d2bb259494bfe4118083c5494844763a3f5d22882af59aaed961369c17f35cba335bcfb400ed1dbf9440adf478969482abbfb46ee"}, 0x5d) fanotify_init(0x20, 0x400) 21:25:40 executing program 0: poll(&(0x7f0000000040)=[{}, {}, {}], 0x3, 0x4a) r0 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r0, 0x0, 0xff8c, 0x0, 0x0, 0x800e004e7) readv(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/225, 0xe1}, {0x0}, {0x0}], 0x3) shutdown(r0, 0x0) [ 430.635206] FAULT_INJECTION: forcing a failure. [ 430.635206] name failslab, interval 1, probability 0, space 0, times 0 [ 430.734176] CPU: 0 PID: 16099 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 430.741314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 430.750759] Call Trace: [ 430.753361] dump_stack+0x138/0x197 [ 430.757006] should_fail.cold+0x10f/0x159 [ 430.761162] should_failslab+0xdb/0x130 [ 430.765147] kmem_cache_alloc_trace+0x2e9/0x790 [ 430.769860] btrfs_mount+0x1069/0x2b28 [ 430.773754] ? lock_downgrade+0x6e0/0x6e0 [ 430.777900] ? find_held_lock+0x35/0x130 [ 430.781965] ? pcpu_alloc+0x3af/0x1050 [ 430.785869] ? btrfs_remount+0x11f0/0x11f0 [ 430.790111] ? rcu_read_lock_sched_held+0x110/0x130 [ 430.795137] ? __lockdep_init_map+0x10c/0x570 [ 430.799647] mount_fs+0x97/0x2a1 [ 430.803025] vfs_kern_mount.part.0+0x5e/0x3d0 [ 430.807531] ? find_held_lock+0x35/0x130 [ 430.811772] vfs_kern_mount+0x40/0x60 [ 430.815579] btrfs_mount+0x3ce/0x2b28 [ 430.819391] ? lock_downgrade+0x6e0/0x6e0 [ 430.823535] ? find_held_lock+0x35/0x130 [ 430.823548] ? pcpu_alloc+0x3af/0x1050 21:25:40 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000080)="11dca5055e0bcfe47bf070") r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r1, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @empty}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000140)='veno\x00', 0x5) sendto$inet(r1, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) [ 430.823565] ? btrfs_remount+0x11f0/0x11f0 [ 430.831504] ? rcu_read_lock_sched_held+0x110/0x130 [ 430.831522] ? __lockdep_init_map+0x10c/0x570 [ 430.831531] ? __lockdep_init_map+0x10c/0x570 [ 430.831545] mount_fs+0x97/0x2a1 [ 430.831558] vfs_kern_mount.part.0+0x5e/0x3d0 [ 430.831570] do_mount+0x417/0x27d0 [ 430.831578] ? copy_mount_options+0x5c/0x2f0 [ 430.831593] ? rcu_read_lock_sched_held+0x110/0x130 [ 430.870708] ? copy_mount_string+0x40/0x40 [ 430.874958] ? copy_mount_options+0x1fe/0x2f0 [ 430.879467] SyS_mount+0xab/0x120 [ 430.882920] ? copy_mnt_ns+0x8c0/0x8c0 [ 430.886804] do_syscall_64+0x1e8/0x640 [ 430.890681] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 430.895518] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 430.900698] RIP: 0033:0x45c2ca [ 430.903878] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 430.911575] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca [ 430.918841] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 [ 430.926185] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 21:25:41 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x0, 0x2) sendto$rxrpc(r0, &(0x7f0000000080)="c480979508eeaea4cfa954b952150d5aa3cbe9b758e2479ae6ae6c03afaa5091f0d64031f0180bbe6dbd6c6e71179cc7c90d9b365077c301c2943637954b1b5ae26c91ae74db8404043df139d560771237e377e6b7b9c26c814a65751a75a4296bb3b39a987386ffb2", 0x69, 0x8004, &(0x7f0000000140)=@in6={0x21, 0x9, 0x2, 0x1c, {0xa, 0x4e24, 0xfff, @remote, 0x400}}, 0x24) setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f0000000180), 0x4) [ 430.933441] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 430.940699] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:41 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x80100) syz_open_dev$amidi(&(0x7f0000000280)='/dev/amidi#\x00', 0x5, 0x2) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f00000000c0)='SEG6\x00') sendmsg$SEG6_CMD_SET_TUNSRC(r0, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x9000100}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x48, r1, 0x100, 0x70bd27, 0x25dfdbfd, {}, [@SEG6_ATTR_DST={0x14, 0x1, @local}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x1000}, @SEG6_ATTR_SECRETLEN={0x8, 0x5, 0x5}, @SEG6_ATTR_SECRET={0x10, 0x4, [0x6c2, 0x0, 0x5]}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x80) setsockopt$l2tp_PPPOL2TP_SO_LNSMODE(r0, 0x111, 0x4, 0x0, 0x4) 21:25:41 executing program 3 (fault-call:0 fault-nth:76): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:41 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000240)='/dev/autofs\x00', 0x200, 0x0) ioctl$RTC_AIE_ON(r1, 0x7001) r2 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x6, 0x8042) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000280)='/p_\xfa/\\J]Lf\xf2\x00'/33, 0x2, 0x0) setsockopt$packet_buf(r2, 0x107, 0x5, &(0x7f00000001c0)="6aa9be77408a46de21226cb617c35e080434e840bfc333", 0x17) perf_event_open$cgroup(&(0x7f0000000080)={0x4, 0x70, 0x4, 0x4, 0x9, 0x6, 0x0, 0x1464, 0x2, 0x7, 0xa35, 0x3ff, 0x1, 0x5, 0x100, 0x6, 0xb282, 0xffff, 0x5, 0x2, 0x80, 0x5, 0xd8ac, 0xfffffffffffffffe, 0x1, 0xffffffffffffffbc, 0x8, 0xff, 0x1f, 0x1, 0x2, 0x7, 0x1, 0x4, 0x8000, 0x77928d6f, 0x37, 0x9, 0x0, 0x10000, 0x1, @perf_bp={&(0x7f0000000040), 0xf}, 0x8140, 0x800, 0x30b, 0x3, 0x179, 0x7, 0x2}, r2, 0x8, r3, 0x4) ioctl$SG_SET_KEEP_ORPHAN(r3, 0x2287, &(0x7f0000000200)=0xff000000000000) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000440)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffffffffffff0000) [ 431.157225] FAULT_INJECTION: forcing a failure. [ 431.157225] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 431.169056] CPU: 0 PID: 16144 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 431.176171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 431.185530] Call Trace: [ 431.188134] dump_stack+0x138/0x197 [ 431.191772] should_fail.cold+0x10f/0x159 [ 431.195924] __alloc_pages_nodemask+0x1d6/0x7a0 [ 431.195936] ? fs_reclaim_acquire+0x20/0x20 [ 431.195948] ? __alloc_pages_slowpath+0x2930/0x2930 [ 431.204928] cache_grow_begin+0x80/0x400 [ 431.204946] kmem_cache_alloc_node_trace+0x697/0x770 [ 431.219084] ? mutex_unlock+0xd/0x10 [ 431.222806] ? btrfs_scan_one_device+0xeb/0x400 [ 431.227483] __kmalloc_node+0x3d/0x80 [ 431.231289] kvmalloc_node+0x93/0xe0 [ 431.235007] btrfs_mount+0xf88/0x2b28 [ 431.238810] ? lock_downgrade+0x6e0/0x6e0 [ 431.242955] ? find_held_lock+0x35/0x130 [ 431.247016] ? pcpu_alloc+0x3af/0x1050 [ 431.250913] ? btrfs_remount+0x11f0/0x11f0 [ 431.255156] ? rcu_read_lock_sched_held+0x110/0x130 [ 431.260179] ? __lockdep_init_map+0x10c/0x570 [ 431.264677] mount_fs+0x97/0x2a1 [ 431.268138] vfs_kern_mount.part.0+0x5e/0x3d0 [ 431.272618] ? find_held_lock+0x35/0x130 [ 431.276666] vfs_kern_mount+0x40/0x60 [ 431.280455] btrfs_mount+0x3ce/0x2b28 [ 431.284239] ? lock_downgrade+0x6e0/0x6e0 [ 431.288366] ? find_held_lock+0x35/0x130 [ 431.292408] ? pcpu_alloc+0x3af/0x1050 [ 431.296389] ? btrfs_remount+0x11f0/0x11f0 [ 431.300610] ? rcu_read_lock_sched_held+0x110/0x130 [ 431.305615] ? __lockdep_init_map+0x10c/0x570 [ 431.310092] ? __lockdep_init_map+0x10c/0x570 [ 431.314577] mount_fs+0x97/0x2a1 [ 431.317930] vfs_kern_mount.part.0+0x5e/0x3d0 [ 431.322407] do_mount+0x417/0x27d0 [ 431.325934] ? copy_mount_string+0x40/0x40 [ 431.330152] ? copy_mount_options+0x18f/0x2f0 [ 431.334630] ? __sanitizer_cov_trace_pc+0x45/0x60 [ 431.339453] ? copy_mount_options+0x1fe/0x2f0 [ 431.343932] SyS_mount+0xab/0x120 [ 431.347363] ? copy_mnt_ns+0x8c0/0x8c0 [ 431.351236] do_syscall_64+0x1e8/0x640 [ 431.355101] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 431.359932] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 431.365104] RIP: 0033:0x45c2ca [ 431.368274] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 431.375966] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca [ 431.383398] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 [ 431.390649] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 [ 431.397930] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 431.405178] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:41 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) epoll_pwait(r3, &(0x7f0000000040)=[{}], 0x1, 0x3, &(0x7f0000000080)={0x8001}, 0x8) 21:25:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$TCGETX(r1, 0x5432, &(0x7f0000000040)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:25:41 executing program 1: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001080000000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10002}], 0x0, 0x0) r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x101240, 0x0) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@remote, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in6=@ipv4={[], [], @loopback}}}, &(0x7f0000000340)=0xe8) syz_mount_image$f2fs(&(0x7f0000000140)='f2fs\x00', &(0x7f0000000180)='./file0\x00', 0x20, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000680)="c8300aa90ed4c2355385156f5b994fb4182a323e4d4a5047fef0e49ca78726676b61d07e0db21914cd74209e327008d9748c0feba0c789493ee514772dfdd49fa7a84198570e547d9175880be386d7a2faf8fde60395dd3da3c865b1d9a2954c60b51cfc6a6126119a708ab64e56e7ffd263563a4293a9ea17595b5784a4a7db0f48a520f5115082e66935079c4ed6472e35ffd4607f7a1159c092b4c9648fcbc3aec34e3c873da79bbbd24feba163086498176e6cf19355fefdfe199d20e50c254b33db3fd01f7d20e7f59889891c66f69fa93a9dd7fb30f666616a1a7677c030a469d0321b460b34dbc67c7815eae3bdb6200bbb8d8ca2fb56f886d64a141bff08e20660cdf643ef10a5862b60e6d939cf7a4aa77a5efdebeea3d3533061d78c8472b760a47d8da1e92bdd244dcbe561ad134e572e0a362f45b8298a055f2f96af93a4b6bf5d5d28e5ae52a4da2a3259ad9a9316c87433a229b106ac4c4b583a8f00ec94a86586915d1b7bbe33466135180eff430448d47e9e203407e046be4004536f450001675685ca73f34b6db57746981ce3f6d3e5b81eff8023f73142d8dda9da586583b8039296f22cdc9b7243a9667d10a908870c10d647f4150c16bbfe308bf46ba34874f09cdea6582da40d161eafc2d0488b500d99e1590c20c0e59aa92da8a61f16c4bf73d1081d80361f84d3f2456d4b6abd39a33d5f377abe45d4c6f8810ba0bafacba3a929c926c516674d4dedfdb6e745d3d641e0732e5f0ba6e5dd38dc0cd8b662da496312c135ba279eed9c09895d407951551de8dcffe9cd1bf7f4e2309e6262233d161d16d6ea65a516156277c8bd0b5bc24c805bf2636456a968d8fdc7b9b7990c9ffb0164826dce4e36e5ef637676f9c203e49ab1c205961bb15c1815499e3c52a40fb9bb4a4feff436cf493f4c6bfcf771c7eb145db8def02b3774655b4029e207fa9a2c3ad6c4ad7036a2278168446f95c128fb285fa6d1df37bba3f797c7259ddc15df7a1139721e9e56baa1d04820824d333decb23613c113522ff5851436302f544ff6e46f09ac23b879d656733d3597e944e5e3d210798215e7268f898fdfc33fde565d4233e915609fb7f8e441c90fd64c104a438d1d0d7ad7cf3b6b5fcbfcda24ffb5e182b4340d023e17cdf5bfdbd3f1d924f7d009e314bd3906f6ca6a08cc9ab50ad8d68480842cf45ae8f9882b3815decc6b06e40ba666d863918723325994c2deaefd23c7d5e9b65d8aed3d01d28de8f5242ff2b372904da1531e0fcecafc5ed554ee49bc93485b01c8c757043f4f6bddf3a6b3932c7225fbbda1d29bf945c2f84cf4b89f6b178f0c46d62f5353d5bc3ac25955d5bd33849ce402a2dc235e14365ee9d5270c394117ccce05e49a55e3ce807f732006ad406b433b6bef03ab8384cf190a95f90a4df506372e61722c2ca0bec86e30dbbb0c6c489f19d00a2cee4b61e3ba820a22f8fdd67ea5ebdafbdd87e8379e8d5dd59054d78a99f7b3e3632ef9055e6699cbe4681cc56cecbdbfbfa9e38928d44ad1c2b2e8d5124011f275ac163d3d544ed1f7dd445601e5c7116f7c025ae2253a7ef7970312c3aff14f7d2c1a59039bf3eb39aea572fb5192653ba7bbe7da309f8b4c91a6ee00fe368db486e3c1387b11b30a9ff67106ecceb3c97acd48d0795af5aa7e3fdfe46eda2ab511f408092b5be97d81be09212e8e5da918a2b5ccb56724ce2819e6d130b7d6428a89f93e453933a97e5ee7e73d8de664aa511046ee3d55d87e6a71debea0e5a4d2c3b74ebd5f52183d63b402570460636175fa517efa544b77d70e32c88eac03f14d2ffe10575c2450dcde6142cc328c941c401a752502b9bf22745abacb550d16fa07d5f448fea5d87459d8cd34a0959942bb19b0958f51f99f4cf5c03bb4a42eb28fade04d212735ef1d6dfb84f6d648bd90c0523b7560806c231a41c41e6eb2afec6f43c5f277dbd9cd2199fb019ac0ba38667e72c226a50e706fd675921b1c29701be733dda3198665cad3ef0fb1ac57eca44c384bba0169617ad38783bea25052c954a54f4f9278c70a1d83b9f72017d814af91344c0f08e13c7bc3503b5816c67ca29f1e81591556e7a4be9fcb66b97bacb1d687d5fd9d6eb6b139ecbcb8989accd9369857a045c2761e0e0bc39878774a7a2f844ed5de3650fc9cc659b0562d9abd968961914d0761869d4ae7c54aa304bb44dcf808527eba85a0e069eb7ef26826ae6719868d2759f50fae248e956e27dba2886ae914e049dc78b82565b34c5012bbe3845730cdae67ed685462f621c0889c598e70d509ee78287342372c7712ca74337237fe120ff53da1a557e94e7acc1856464f6672c5d57c5f3093c6189eff49562b426a7b5d2d96343bffa6514566b9f58f8bef99a6dcc665bcc7ea9441f31d2f29fe586b4741e4f700c0fd327804d39ce753a43b76fb6d00e6117a1b73089acbe3f1810433cee1fef7f73ff0f61b2eebaf284815551e317226af28f2f6be64e126cc6fa45a846503668900691427cee117967f2a305048c31cb7a182a2a664ad050cdf0064de5945defb6522e301e265b17b781f37185cdfd570be88e93eefee5b57f039bc486b058bbafbc4e1a57c86e684f76ce5f9dab481e745e32b862ebac6ce9e17374d3ddc1a9a5f05cb4b67075a5c6663953c13f059a292f43218e5c0aa6a4f374cbaabb5075f7746ec38cc2ef394ac58ccda4a4bb79f5ebf43c2cbbe2fbba83f3ffa7512f8724fe0c9348e9b4fca8e5f3b99e13a62ee8e53329288e02b7fa95c942bd39cae7a57aae77d687eb0952272ad0b5f53a9b0ad6d763df64b78c021c6d472fd07c1a04ae19ae6cac070f162f1daa861fd1b20675bd82af9d104358e13e9452de31f7d9ccd3e2f091fe2902ee977e20823a5b7dbcabdb9761e738f5e8a47b40a3fe43490b63134dbb1bc0eee1c7b282e959df5c1e2c5821f64bec7d25fc4f5b828468feb6b3ac0c5c5ecf8c5a6ebf53427bd2455c89d183ed3272c466d8af3049e4dfa5f905e5b0b7c90a404ee14d413968c70c7f9c261d4c998a863c7ea3386fbb6a44696b077f5dec9fde909bded9b14a08552e06d9b9fe6b481bb054edc886ed94c0e859be54b35a7439cf21bb7b29a77acbe9ff2851713f380983cc62901369d590f4fdccfec1751018997d4bd9e15d4daf16a755cb1dab5aea83267eaac05aa92fe27398e943d9adf32e69b51d12d9b88b8e8e1e43cf602db6cc01e71dd9cfcc272adc2911f895df3ce34efafabeaab0a12dec05c5f321d3afb752b5bd908e4a3ea53ce91565d7118cad586b4b4f0515e5004becbffbea33d1321ea5c26258cdde6b8fdf36dce8c07dd277df568dfd86f81e1299fa1ec915b9c202a50f99bb1be8d69f06cf9556aa75676bed2b62155ee7c0137c20811896fa469cd6e1af292f293abfba4c6864410c79be046135c6b742d30d59f655036b937a55128f226ce9c4a3385e922866aaceda1fe29900a561f303a0cc99f1103455bd43f5893cd35d7b28aeb5a8c726f59e42e79da1a5bd92f4d4267c28f9782a039d5528072a5754b21dea2428ba46f6207740cb23564a5085142ea054cc3f9431e71e01164caa0ea68821d6f7f8cc0913ba85900ab408a8b16a5404b724b0806506360c24c596403b4fa5c28da0fc840ada8818baf82b991106091c4dcce1e93de9f4783bc76909b3feaea888b70af052feeca4c594246f438bee2f7c472041a1ac76cabd9885d743cc01133be847cc045140233739f528c884b23678b6ce5c9319e2ac9129b55e6a4ad351273c420788b2091fb03b7e754d4582e1b09854e17708b90996f5aeb57e067f09a645249fb5f229b8650b04a2364e84bc3bd49b2b11a779402c7dd04b5af8e9518462fb608346fa853ee203dfdd175ebbf24251ad221ce6100d5d0001fc6feb95da059946baaf6c2ed94132bc72b8e7a422840262a67555095200fb1b38eed27363bf3079535392993acdc775f8a5b073583720d59ce02d15b36489999daf2742c62c44c919e2521fed82034566d2a570d0390bd717214932e915915b7b94aee260277ad50797af119b157fe498420ce277f8e4c1cc64d5fa8e85604b8a1fb5002802166d34f0a76179684927052fc1c7066dcbf77367070db3b57423de056dc79c5fd85af9eb853dfb963faa5ea637835d01702339a767cb8218f95ce0cd24b9bea958d2c3eee81f97847c96c3909069187f6ade61b8a729522016fd78d5554451928f00828d94a4b231ccc80b6e7519e2ad09f5b7201ddc2468012d0a8cc1ab2466936e26d0215755c41452d509b9d1fadd612cb11fb1eb51462af75fbb1789cc893ed13cb657ee19f762ee1ed9bb6c7483f3962697592bd60e1b429e975b594a7f2cbf18747ddecb70f77e7db42b403c3e4648667f1a594a44d6c5535106ce3b272f2c4e57fc6c892366266f9a44f3be9fbbaccc25a8b56e4514166cca1904db33f2087c41f4e0ae872e11b5de146c34e8828b636afccc371fb87476aae25f77f2f1c6c20b7fc1f5ef4e9529d721bb948e390634fe63c0f564aff3a8fd4ec04a5801d312164c2d6fb6884ce8defc90f0eeeb0a7f3ab9a5a82d6bb062d4a3dc51603b7f2fa1ebde634748ef722b1bce0b1fef122a653a25de67902712decf9c5634a492a7b04fde07a2ed4e728d6e723379480a66efe9b84cf4798259440350271f7d272edad826f655e86145d467536e67a45078b606845bfa32cdd7083b3fdf6ff476dd212c880dd9dde859ed535d9b9c2c5edbfe947b2bcb72f3de5959f555d57500e7c29de39a7d01598e4af539423d89d5a1a3615e7d843eaf05321da8a2ff191ef05eced37325bb0cbc1d4d714c0c099ee89967a8453820cbb0dd10ea8879b1ac6db58ada5e3a551f471c2bc29883da08f81b3e58d7973aca39c8c981e30f6340ade41ffed665594835a5efb6b93f19de37f810dab2c002026c9ddf2493174c1ffb269c330df14460e034abba3a1d57bed636af9f93e76b26e4eff2b81dd37ae90dbf9335bc1e11eedd4a522cadc657ee3a1f8bc1f700ffce1b97472d1b8c4c0bf95eff814cb99b4d22f9bd2bcf91eddedfd6042a470d4361469b28b8e5ed7836de1d6ac8c628b24e3c4c122decd965aba6fafd50e01f06e8652b8877b42f0a433efd55ea4f402e47fd883b44d2b6f23620a9bdef29c564510495d4c1c2810ec68bf9917b55e0625d88c0ae823c96854fb6498a94e18e6859a4177687e068cb2203667823194cb6ae8fec2d5d28dec2182b781ec52f24ffb8705dda56f9b7b02850e487c78c3dbdaa647ecc7811aeac2f6646a97e43fa7bc6025ebacafabb3796202cd8bf61d0d1b7e070fa140d2592af8ae7f2c352b665cb0bd29413ad3be429ba45f8a57ee27c950e06ab873646d9afd7617098aa6c01baec1c0aac74bf997a04864ceb787f5dd89d1838380c0686cb46b2f4a7aea879fe11c6d61e8c0b011d80bbb467619fecc58c525923d8c50fa2ac18333930565fd51cfbe87852816c0d5be6c904f3cd6d7975d39dcbf10c39612318a592eeb8d2778c00e852545fde2100f8c0a4451236aa356be9332976d1877c928ded6598ae4955b4008de2211d6260d2d1886ebf76c246f76512240cb7972097e193fe8c4094f7e9d17322addfb9dab96ba932207e7df365872c84739d51dbc242f54bbaecc2dc72277f773abdac8e252a1ca3ff0737d34fdff6d7044a203f87d52de782ac9285016b828dced2006505c2410db7d5bcd737952ca78734dc34f8aec03ca9b", 0x1000, 0xffffffffffffff9f}], 0x200400, &(0x7f0000000380)={[{@jqfmt_vfsv1='jqfmt=vfsv1'}, {@inline_data='inline_data'}], [{@fowner_lt={'fowner<', r1}}]}) connect$unix(r0, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e) 21:25:41 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm_plock\x00', 0x40, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000240)={{{@in6=@empty, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in=@multicast2}}, &(0x7f0000000140)=0xe8) fstat(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='fuse\x00', 0x5022, &(0x7f0000000340)={{'fd', 0x3d, r0}, 0x2c, {'rootmode'}, 0x2c, {'user_id', 0x3d, r1}, 0x2c, {'group_id', 0x3d, r2}, 0x2c, {[{@allow_other='allow_other'}, {@allow_other='allow_other'}, {@default_permissions='default_permissions'}], [{@obj_user={'obj_user', 0x3d, 'btrfs\x00'}}, {@audit='audit'}]}}) [ 431.648714] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0) 21:25:41 executing program 3 (fault-call:0 fault-nth:77): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:41 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm_plock\x00', 0x40, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000240)={{{@in6=@empty, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in=@multicast2}}, &(0x7f0000000140)=0xe8) fstat(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='fuse\x00', 0x5022, &(0x7f0000000340)={{'fd', 0x3d, r0}, 0x2c, {'rootmode'}, 0x2c, {'user_id', 0x3d, r1}, 0x2c, {'group_id', 0x3d, r2}, 0x2c, {[{@allow_other='allow_other'}, {@allow_other='allow_other'}, {@default_permissions='default_permissions'}], [{@obj_user={'obj_user', 0x3d, 'btrfs\x00'}}, {@audit='audit'}]}}) [ 431.728175] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 431.778100] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0) 21:25:41 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) bind$unix(r1, &(0x7f0000000040)=@abs={0x0, 0x0, 0x4e24}, 0x6e) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = getuid() sendmsg$nl_netfilter(r1, &(0x7f00000005c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x120140}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x22c, 0xa, 0x7, 0x10, 0x70bd2a, 0x25dfdbfb, {0xf, 0x0, 0x8}, [@generic="62be246d61ff275e0f58b508df746fdf118611ce68b4f6faf3f24865ca08aad9af0d6f9a2b02a9c6f39e7db13c9a0a54228588555d3c83d2f1ef8ddb1752aa28a8c4f4caf3c16fa8e6c01094f305cc2c7948ef56642e006c764b58fb0715059065b43d77d23c3823b29f3d00", @nested={0x188, 0x44, [@generic="1b0a0ab1a1f66f6a16690b7c4ef33ebd85b97facbf60fbac34cd699df211b53181cb66175531fde4e9", @typed={0x8, 0x8, @u32}, @generic="1c242a5d3fecbb1c82752892fd164f1bff3eabc92bcd5de64906e4419cada1365499943240", @generic, @generic="6b22180e940fb47256b7d8788588528c00af5e7ec23a5341a4d519e885e69e8ec1f472f291bd1a10b83f7327a8dc67264617ff644824de02a04e293a", @generic="6e7f14dab879b8ad290165102d1023d4f9b34b5cf4d43521b90e48b496cca144e529076e5c26447a8397143b5716847f4dc91d830be2e999ba7265de0214dabb316105910b944a9b6dcc222f4e34f5003fa532ebd8ed0338ff02a2862119f8374daf440fcd712e96a8fdb864f67a1928476c9d83e7c9bc09a7994fe4173907cd93418d2e90a2094980989403387b7226f9e5ff4783295dad7cf3cbe5e166e8e6ec73a6d6dd8a336427d8f62ae0197a03fc19984651d35409049e01855f5c1b50", @generic="2769395ea3a4d876f338d242c8de786f99b142e28f63b9dddde113565fd79182bf128a37977e6c054415cd6d98492e"]}, @typed={0x4, 0x3d}, @nested={0x18, 0x8d, [@typed={0x8, 0x16, @uid=r4}, @typed={0x8, 0x8a, @ipv4=@rand_addr=0x3}, @typed={0x4, 0x17}]}, @typed={0x8, 0x88, @fd=r1}]}, 0x22c}, 0x1, 0x0, 0x0, 0x1}, 0x20000000) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) times(&(0x7f0000000200)) ioctl$KVM_RUN(r3, 0xae80, 0x0) r5 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) getpeername$inet(r5, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, &(0x7f00000001c0)=0x10) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 431.823849] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 431.834719] FAULT_INJECTION: forcing a failure. [ 431.834719] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 431.846540] CPU: 1 PID: 16192 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 431.853644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 431.863000] Call Trace: [ 431.863944] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 431.865597] dump_stack+0x138/0x197 [ 431.865617] should_fail.cold+0x10f/0x159 [ 431.865633] __alloc_pages_nodemask+0x1d6/0x7a0 [ 431.865646] ? __alloc_pages_slowpath+0x2930/0x2930 [ 431.890041] cache_grow_begin+0x80/0x400 [ 431.894088] kmem_cache_alloc+0x6a6/0x780 [ 431.898217] ? save_stack_trace+0x16/0x20 [ 431.902360] ? save_stack+0x45/0xd0 [ 431.905971] ? kmem_cache_alloc_trace+0x152/0x790 [ 431.910800] getname_kernel+0x53/0x350 [ 431.914683] kern_path+0x20/0x40 [ 431.918030] lookup_bdev.part.0+0x63/0x160 [ 431.922244] ? blkdev_open+0x260/0x260 [ 431.926113] ? btrfs_open_devices+0x27/0xb0 [ 431.930416] blkdev_get_by_path+0x76/0xf0 [ 431.934563] btrfs_get_bdev_and_sb+0x38/0x2e0 [ 431.939054] __btrfs_open_devices+0x194/0xab0 [ 431.943551] ? check_preemption_disabled+0x3c/0x250 [ 431.948549] ? find_device+0x100/0x100 [ 431.952422] ? btrfs_mount+0x1069/0x2b28 [ 431.956463] ? rcu_read_lock_sched_held+0x110/0x130 [ 431.961466] btrfs_open_devices+0xa4/0xb0 [ 431.965596] btrfs_mount+0x11b4/0x2b28 [ 431.969475] ? lock_downgrade+0x6e0/0x6e0 [ 431.973601] ? find_held_lock+0x35/0x130 [ 431.977643] ? pcpu_alloc+0x3af/0x1050 [ 431.981537] ? btrfs_remount+0x11f0/0x11f0 [ 431.985756] ? rcu_read_lock_sched_held+0x110/0x130 [ 431.990761] ? __lockdep_init_map+0x10c/0x570 [ 431.995241] mount_fs+0x97/0x2a1 [ 431.998594] vfs_kern_mount.part.0+0x5e/0x3d0 [ 432.003083] ? find_held_lock+0x35/0x130 [ 432.007128] vfs_kern_mount+0x40/0x60 [ 432.010911] btrfs_mount+0x3ce/0x2b28 [ 432.014693] ? lock_downgrade+0x6e0/0x6e0 [ 432.018823] ? find_held_lock+0x35/0x130 [ 432.022863] ? pcpu_alloc+0x3af/0x1050 [ 432.026736] ? btrfs_remount+0x11f0/0x11f0 [ 432.030956] ? rcu_read_lock_sched_held+0x110/0x130 [ 432.035974] ? __lockdep_init_map+0x10c/0x570 [ 432.040452] ? __lockdep_init_map+0x10c/0x570 [ 432.044930] mount_fs+0x97/0x2a1 [ 432.048281] vfs_kern_mount.part.0+0x5e/0x3d0 [ 432.052759] do_mount+0x417/0x27d0 [ 432.056281] ? copy_mount_options+0x5c/0x2f0 [ 432.060672] ? rcu_read_lock_sched_held+0x110/0x130 [ 432.065671] ? copy_mount_string+0x40/0x40 [ 432.069888] ? copy_mount_options+0x1fe/0x2f0 [ 432.074367] SyS_mount+0xab/0x120 [ 432.077800] ? copy_mnt_ns+0x8c0/0x8c0 [ 432.081670] do_syscall_64+0x1e8/0x640 [ 432.085535] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 432.090364] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 432.095533] RIP: 0033:0x45c2ca [ 432.098702] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 432.106391] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca [ 432.113641] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 21:25:42 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/enforce\x00', 0x200, 0x0) sendto$packet(r0, &(0x7f0000000080)="829b20fd243cc3c15114be257e44908612b43772c69592a591ce9eef228c94bd88be94e5260c0cc3b683b2219276b5b89eba41003f683ca9371066b65c97b8e7553c60c1330e2cb295134f59e4eb438c39ad446434a186a2bd751ff85e4fae70f80578", 0x63, 0x1, 0x0, 0x0) [ 432.120891] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 [ 432.128145] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 432.136644] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 432.154664] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 432.191966] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 432.199253] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock 21:25:42 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$TCGETX(r1, 0x5432, &(0x7f0000000040)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:25:42 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x8002, 0x0) ioctl$EVIOCGUNIQ(r0, 0x80404508, &(0x7f0000000240)=""/247) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x200, 0x0) ioctl$EVIOCGPROP(r1, 0x80404509, &(0x7f0000000140)=""/132) 21:25:42 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm_plock\x00', 0x40, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000240)={{{@in6=@empty, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in=@multicast2}}, &(0x7f0000000140)=0xe8) fstat(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='fuse\x00', 0x5022, &(0x7f0000000340)={{'fd', 0x3d, r0}, 0x2c, {'rootmode'}, 0x2c, {'user_id', 0x3d, r1}, 0x2c, {'group_id', 0x3d, r2}, 0x2c, {[{@allow_other='allow_other'}, {@allow_other='allow_other'}, {@default_permissions='default_permissions'}], [{@obj_user={'obj_user', 0x3d, 'btrfs\x00'}}, {@audit='audit'}]}}) 21:25:42 executing program 3 (fault-call:0 fault-nth:78): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 432.523794] QAT: Invalid ioctl [ 432.571684] print_req_error: I/O error, dev loop1, sector 128 [ 432.634477] FAULT_INJECTION: forcing a failure. [ 432.634477] name failslab, interval 1, probability 0, space 0, times 0 [ 432.661156] QAT: Invalid ioctl [ 432.673045] CPU: 1 PID: 16234 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 432.680164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 432.689520] Call Trace: [ 432.692111] dump_stack+0x138/0x197 [ 432.695755] should_fail.cold+0x10f/0x159 [ 432.699911] should_failslab+0xdb/0x130 [ 432.703888] kmem_cache_alloc_node+0x56/0x780 [ 432.708394] create_task_io_context+0x31/0x3d0 [ 432.712981] generic_make_request_checks+0x1505/0x1ac0 [ 432.718259] ? rcu_read_lock_sched_held+0x110/0x130 [ 432.723272] ? blk_cleanup_queue+0x610/0x610 [ 432.727691] ? trace_hardirqs_on+0x10/0x10 [ 432.731924] generic_make_request+0x7d/0xa40 [ 432.736354] ? blk_queue_enter+0x520/0x520 [ 432.740589] ? find_held_lock+0x35/0x130 [ 432.744646] ? guard_bio_eod+0x161/0x530 [ 432.748717] submit_bio+0x1a5/0x3f0 [ 432.752337] ? submit_bio+0x1a5/0x3f0 [ 432.756138] ? generic_make_request+0xa40/0xa40 [ 432.760807] ? guard_bio_eod+0x1fd/0x530 [ 432.764868] submit_bh_wbc+0x550/0x720 [ 432.768756] __bread_gfp+0x106/0x290 [ 432.772472] btrfs_read_dev_one_super+0x9f/0x270 [ 432.777230] btrfs_read_dev_super+0x5d/0xb0 [ 432.781545] ? btrfs_read_dev_one_super+0x270/0x270 [ 432.786565] btrfs_get_bdev_and_sb+0xdc/0x2e0 [ 432.791061] __btrfs_open_devices+0x194/0xab0 [ 432.795559] ? check_preemption_disabled+0x3c/0x250 [ 432.800581] ? find_device+0x100/0x100 [ 432.804463] ? btrfs_mount+0x1069/0x2b28 [ 432.808521] ? rcu_read_lock_sched_held+0x110/0x130 [ 432.813539] btrfs_open_devices+0xa4/0xb0 [ 432.817688] btrfs_mount+0x11b4/0x2b28 [ 432.821574] ? lock_downgrade+0x6e0/0x6e0 [ 432.825719] ? find_held_lock+0x35/0x130 [ 432.829779] ? pcpu_alloc+0x3af/0x1050 [ 432.833672] ? btrfs_remount+0x11f0/0x11f0 [ 432.837909] ? rcu_read_lock_sched_held+0x110/0x130 [ 432.842937] ? __lockdep_init_map+0x10c/0x570 [ 432.847443] mount_fs+0x97/0x2a1 [ 432.850811] vfs_kern_mount.part.0+0x5e/0x3d0 [ 432.855316] ? find_held_lock+0x35/0x130 [ 432.859377] vfs_kern_mount+0x40/0x60 [ 432.863179] btrfs_mount+0x3ce/0x2b28 [ 432.866977] ? lock_downgrade+0x6e0/0x6e0 [ 432.871119] ? find_held_lock+0x35/0x130 [ 432.875180] ? pcpu_alloc+0x3af/0x1050 [ 432.879074] ? btrfs_remount+0x11f0/0x11f0 [ 432.883314] ? rcu_read_lock_sched_held+0x110/0x130 [ 432.888339] ? __lockdep_init_map+0x10c/0x570 [ 432.892834] ? __lockdep_init_map+0x10c/0x570 [ 432.897333] mount_fs+0x97/0x2a1 [ 432.900704] vfs_kern_mount.part.0+0x5e/0x3d0 [ 432.905207] do_mount+0x417/0x27d0 [ 432.908746] ? copy_mount_options+0x5c/0x2f0 [ 432.913169] ? rcu_read_lock_sched_held+0x110/0x130 [ 432.918271] ? copy_mount_string+0x40/0x40 [ 432.918287] ? copy_mount_options+0x1fe/0x2f0 [ 432.918300] SyS_mount+0xab/0x120 [ 432.926997] ? copy_mnt_ns+0x8c0/0x8c0 21:25:43 executing program 2: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0xf5f, 0x0) getsockopt$ARPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x63, &(0x7f0000000080)={'TPROXY\x00'}, &(0x7f00000000c0)=0x1e) [ 432.927012] do_syscall_64+0x1e8/0x640 [ 432.927021] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 432.927037] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 432.938215] RIP: 0033:0x45c2ca [ 432.948209] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 432.948221] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca [ 432.948227] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 [ 432.948233] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 [ 432.948239] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 432.948243] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:43 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x146) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000380)={'veth0_to_hsr\x00', 0x203}) r4 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x100000000, 0x2000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) r5 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$DRM_IOCTL_RES_CTX(r4, 0xc0106426, &(0x7f0000000440)={0xa, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}]}) ioctl$DRM_IOCTL_LOCK(r5, 0x4008642a, &(0x7f0000000480)={r6, 0x28}) ioctl$KVM_RUN(r3, 0xae80, 0x0) accept4$packet(r5, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000000c0)=0x14, 0x4f0d40754ce51e7b) sendmsg$can_raw(r2, &(0x7f0000000300)={&(0x7f00000001c0)={0x1d, r7}, 0x10, &(0x7f00000002c0)={&(0x7f0000000200)=@can={{0x3, 0x4, 0x1, 0x7fffffff}, 0x6, 0x2, 0x0, 0x0, "ba040c1c7c4b87cf"}, 0x10}, 0x1, 0x0, 0x0, 0x80}, 0x4000000) 21:25:43 executing program 1: sysfs$2(0x2, 0x101, &(0x7f0000000300)=""/137) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x400000, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x362, 0x8, 0x0, 0x1, 0x4, 0xc, "cc45d5e33c1a775a7ebeddf7f19412e5fe694767220e41cd44e1d332eb43a24d3f05398a8957e96817313d82749bd934a194b6d3d98e5ae1865838af46405fc7", "8ca0bab1c58ab4f59d7b06f92264d96a7baee7aae213c7ea26e84515fd6fd8873caf165fd60460ab18e8ee457bf95c0bcc03b0dea4411252a4faa2d42c8fdce3", "179b9b6a61b96dd7f1324adfe4ad4b2d09d32623b608049f0e1f7a169e4a648b", [0x400, 0x9]}) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0) statfs(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)=""/130) ioctl$PPPIOCGUNIT(r0, 0x80047456, &(0x7f0000000080)) 21:25:43 executing program 5: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0xa00, 0x0) bind$alg(r0, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr-twofish-3way\x00'}, 0x58) r1 = syz_open_dev$swradio(&(0x7f0000000040)='/dev/swradio#\x00', 0x0, 0x2) setsockopt$inet_mreqsrc(r1, 0x0, 0x26, &(0x7f0000000080)={@dev={0xac, 0x14, 0x14, 0x28}, @rand_addr=0x4e6a, @broadcast}, 0xc) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r3, 0xae47, 0xd000) ioctl$KVM_RUN(r4, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 21:25:43 executing program 3 (fault-call:0 fault-nth:79): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 21:25:43 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm_plock\x00', 0x40, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000240)={{{@in6=@empty, @in=@dev}}, {{@in=@remote}, 0x0, @in=@multicast2}}, &(0x7f0000000140)=0xe8) fstat(0xffffffffffffffff, &(0x7f0000000180)) 21:25:43 executing program 2: r0 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x20000, 0x10e) ioctl$ASHMEM_GET_NAME(r0, 0x81007702, &(0x7f0000000240)=""/251) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000780)={{{@in6=@empty, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000140)=0x586) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f00000000c0)={r1, 0xfffffffffffffffe, 0x83f, 0x0, 0x5, 0x9, 0x100000001}) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000340)={{{@in6=@dev, @in=@local}}, {{@in6=@dev}, 0x0, @in6=@mcast1}}, &(0x7f0000000080)=0xe8) ioctl$KVM_TPR_ACCESS_REPORTING(r0, 0xc028ae92, &(0x7f0000000180)={0x5, 0x792}) ioctl$sock_netrom_SIOCADDRT(r0, 0x890b, &(0x7f0000000540)={0x1, @default, @netrom={'nr', 0x0}, 0x9, 'syz0\x00', @default, 0x800, 0x6, [@bcast, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}) r2 = shmget$private(0x0, 0x4000, 0x400, &(0x7f0000ff9000/0x4000)=nil) shmctl$SHM_STAT(r2, 0xd, &(0x7f0000000440)=""/231) 21:25:43 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x100, 0x0) getsockopt$inet_opts(r0, 0x0, 0xd, &(0x7f0000000380)=""/213, &(0x7f0000000080)=0xd5) ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f0000000240)=ANY=[@ANYBLOB="06feff00000000000900000000000800000000000000000000000100000000000900000000000000060000000000000000000000ffffffff0900000002000000000000000000000004000000000000001f00000000000000040000000000040000000000000000000000d5260000010000000000000000003e0000000000000000000000030000000000000000000000ff0000000000000000000000000000000003000000030000000000000000000000963c00000400000000000000000000000000000000000000000000000000000093001000010000000000000000000000692000000800"/257]) [ 433.406045] FAULT_INJECTION: forcing a failure. [ 433.406045] name failslab, interval 1, probability 0, space 0, times 0 [ 433.469141] CPU: 0 PID: 16274 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 433.476406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 433.485761] Call Trace: [ 433.488355] dump_stack+0x138/0x197 [ 433.491995] should_fail.cold+0x10f/0x159 [ 433.496156] should_failslab+0xdb/0x130 [ 433.500137] kmem_cache_alloc+0x2d7/0x780 [ 433.504281] ? save_stack_trace+0x16/0x20 [ 433.504291] ? save_stack+0x45/0xd0 [ 433.504299] ? kasan_kmalloc+0xce/0xf0 [ 433.504311] ? kmem_cache_alloc_trace+0x152/0x790 [ 433.512095] ? btrfs_mount+0x1069/0x2b28 [ 433.512103] ? mount_fs+0x97/0x2a1 [ 433.512117] getname_kernel+0x53/0x350 [ 433.512128] kern_path+0x20/0x40 [ 433.512139] lookup_bdev.part.0+0x63/0x160 [ 433.512146] ? blkdev_open+0x260/0x260 [ 433.512156] ? btrfs_open_devices+0x27/0xb0 [ 433.512166] blkdev_get_by_path+0x76/0xf0 [ 433.512177] btrfs_get_bdev_and_sb+0x38/0x2e0 [ 433.512187] __btrfs_open_devices+0x194/0xab0 [ 433.512200] ? check_preemption_disabled+0x3c/0x250 [ 433.512214] ? find_device+0x100/0x100 [ 433.512223] ? btrfs_mount+0x1069/0x2b28 [ 433.552256] ? rcu_read_lock_sched_held+0x110/0x130 [ 433.552275] btrfs_open_devices+0xa4/0xb0 [ 433.552290] btrfs_mount+0x11b4/0x2b28 [ 433.552300] ? lock_downgrade+0x6e0/0x6e0 [ 433.552307] ? find_held_lock+0x35/0x130 [ 433.552316] ? pcpu_alloc+0x3af/0x1050 [ 433.552331] ? btrfs_remount+0x11f0/0x11f0 [ 433.552345] ? rcu_read_lock_sched_held+0x110/0x130 [ 433.552362] ? __lockdep_init_map+0x10c/0x570 [ 433.561344] mount_fs+0x97/0x2a1 21:25:43 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$TCGETX(r1, 0x5432, &(0x7f0000000040)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:25:43 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x20200, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 433.561360] vfs_kern_mount.part.0+0x5e/0x3d0 [ 433.561371] ? find_held_lock+0x35/0x130 [ 433.561384] vfs_kern_mount+0x40/0x60 [ 433.561402] btrfs_mount+0x3ce/0x2b28 [ 433.561411] ? lock_downgrade+0x6e0/0x6e0 [ 433.561419] ? find_held_lock+0x35/0x130 [ 433.561427] ? pcpu_alloc+0x3af/0x1050 [ 433.561443] ? btrfs_remount+0x11f0/0x11f0 [ 433.561458] ? rcu_read_lock_sched_held+0x110/0x130 [ 433.620994] ? __lockdep_init_map+0x10c/0x570 [ 433.621007] ? __lockdep_init_map+0x10c/0x570 [ 433.628840] mount_fs+0x97/0x2a1 [ 433.666192] vfs_kern_mount.part.0+0x5e/0x3d0 [ 433.670679] do_mount+0x417/0x27d0 [ 433.674202] ? copy_mount_options+0x5c/0x2f0 [ 433.678593] ? rcu_read_lock_sched_held+0x110/0x130 [ 433.683593] ? copy_mount_string+0x40/0x40 [ 433.687813] ? copy_mount_options+0x1fe/0x2f0 [ 433.692290] SyS_mount+0xab/0x120 [ 433.695725] ? copy_mnt_ns+0x8c0/0x8c0 [ 433.699594] do_syscall_64+0x1e8/0x640 [ 433.703467] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 433.708297] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 433.713465] RIP: 0033:0x45c2ca [ 433.716637] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 433.724327] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca [ 433.731576] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 [ 433.738826] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 [ 433.746078] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 433.753328] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:43 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x146) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000380)={'veth0_to_hsr\x00', 0x203}) r4 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x100000000, 0x2000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) r5 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$DRM_IOCTL_RES_CTX(r4, 0xc0106426, &(0x7f0000000440)={0xa, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}]}) ioctl$DRM_IOCTL_LOCK(r5, 0x4008642a, &(0x7f0000000480)={r6, 0x28}) ioctl$KVM_RUN(r3, 0xae80, 0x0) accept4$packet(r5, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000000c0)=0x14, 0x4f0d40754ce51e7b) sendmsg$can_raw(r2, &(0x7f0000000300)={&(0x7f00000001c0)={0x1d, r7}, 0x10, &(0x7f00000002c0)={&(0x7f0000000200)=@can={{0x3, 0x4, 0x1, 0x7fffffff}, 0x6, 0x2, 0x0, 0x0, "ba040c1c7c4b87cf"}, 0x10}, 0x1, 0x0, 0x0, 0x80}, 0x4000000) 21:25:43 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm_plock\x00', 0x40, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000240)={{{@in6=@empty, @in=@dev}}, {{@in=@remote}, 0x0, @in=@multicast2}}, &(0x7f0000000140)=0xe8) 21:25:44 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:25:44 executing program 3 (fault-call:0 fault-nth:80): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 433.941691] print_req_error: I/O error, dev loop1, sector 128 21:25:44 executing program 4: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm_plock\x00', 0x40, 0x0) 21:25:44 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x146) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000380)={'veth0_to_hsr\x00', 0x203}) r4 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x100000000, 0x2000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) r5 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$DRM_IOCTL_RES_CTX(r4, 0xc0106426, &(0x7f0000000440)={0xa, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}]}) ioctl$DRM_IOCTL_LOCK(r5, 0x4008642a, &(0x7f0000000480)={r6, 0x28}) ioctl$KVM_RUN(r3, 0xae80, 0x0) accept4$packet(r5, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000000c0)=0x14, 0x4f0d40754ce51e7b) sendmsg$can_raw(r2, &(0x7f0000000300)={&(0x7f00000001c0)={0x1d, r7}, 0x10, &(0x7f00000002c0)={&(0x7f0000000200)=@can={{0x3, 0x4, 0x1, 0x7fffffff}, 0x6, 0x2, 0x0, 0x0, "ba040c1c7c4b87cf"}, 0x10}, 0x1, 0x0, 0x0, 0x80}, 0x4000000) 21:25:44 executing program 5: ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={0xffffffffffffffff}) getsockopt$inet_buf(r0, 0x0, 0x2a, &(0x7f0000000380)=""/218, &(0x7f0000000080)=0xda) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r3, 0xae47, 0xd000) ioctl$UI_SET_ABSBIT(r2, 0x40045567, 0x3) ioctl$KVM_RUN(r4, 0xae80, 0x0) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 21:25:44 executing program 1: mount(&(0x7f0000000180)=@sg0='/dev/sg0\x00', &(0x7f00000001c0)='./file0\x00', &(0x7f0000000080)='securityfs\x00', 0x4040, 0x0) syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0xffffff70, 0x10000}], 0x0, 0x0) setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='trusted.overlay.upper\x00', &(0x7f0000000680)={0x0, 0xfb, 0x1015, 0x2, 0x100000000, "3ad4dad5f95a93c55daefac05a97bcd7", "2d65cea1c3bee762b12862513cc2bf26e4edf9e171d50db086e8cd60b71603e51f7cc498a9948ae630dbc6f11cdbd3a1d1dcdbd57a92fc65f09505c35145fb606215d4a6f899b93a3678f3be2cb9bb64c9af4e895ac97ba0e5030bb97a0afb36f5ee56fece40525fbf3f0e6de36820007f6ea0bf0b1e36a76b9ae69d22b446defc07ae0723d9ba160c4b656db60c7c06516bcff2cf72afcd81896f9dc1b0cefb34316c4e2a36b4f95a64679a3f96d1a608197e16e302a1bde2349b3252815365c87caeee8045061f9c96d61b66b939399e0e9e0b5af4e76d3235844952ad36a54b7dc69610e22a0cb20ec567e9c5a07236295ebc38515dcf7534f38cfbcf4b2b59c83146ff1d72c4307685d0124806f34e2400856a0e38cc43af224a721506c36a816a7ae92b7c6d7ec44fac63ff033938a92e2acb2386d8d70bd380a71e327d9802d07c6b892d66abf4855e1c818680beb2a81875d4130e46a468c47338c2ae10346ce3338ce2ba16c79d4c47e35d3124ab5ccf125af26f49b969552e9f3b9394edc6247aa3cae9d9fc00e8f635d756791876f0d7f5f702cc4704834ee734969e06eb0a138fd15aa08abe393830ff7cf0a75ff2efc46b3f122acbc9c11db165dc4b76b5a3a85a75b9596e0963330e838b93f07049c04ef1d8f163f452f11048fdc5db60dc82345f8b2afb924320528b2ec34cb8336ea2231192e085465d82da0ca0c13454220c6fb49f81d4d0411eb13bfde4ecbd32d7b5ceddc95a484b0fd2bd8c2151c120241fcc7c9dc3a307292a9cd412c8f0660a75a044f440ee52eeead258af6c915dd530b7d4b6d7cee2f30d52925c6342c8372827068c4235b9d5b3e58d536cd75d37c537a8f6a487325ea79b0a15ddb8413d68a2e42854624bc97cade84306649c40224b0fab863001400c6f70c241b77708ba7edfc0512ef1953a6c4ebf6f89912f2d7ac005303d0a4bfd45ed9045d48f2fb65eab4338433366f56b46a62d3241242b7e2198ae31e21d30d47d0b81d3d94fc5109ff690bda9110b8a3a9b134904d65a3d3d5f1901cff761b4ccb8abd28b50b5e8fac7bd43111b87bd9b1176efe767fd88782d201b17048af48bb7a537f6e0efa34fd1d45524a6e62ee9eb6532c451744ba4f92f138285ade15c987c46a98e575451c5ef71d9ad75a8626a22aa1a72bc8366acde068fc524143014e7beef2d4b64ab60b2a71a0e4cd584d95c80b48c679eacd69e8a3cac23d8e612bd7a0f2a7a745af368ba8df6c9280585ff0835afbb2cf2908c5366850125dc130e29ea75182e1f9053a5637ed90e40ec2dcae5deb3af043dddd3b57154ec146634449da076d2e284796900b85c31b2d0c4d2b64a457efbf78b1ca1658aa0c716b88825b16de5e776c64d6c75b21e9aa185249dc329c21088ecc695ff8b23012a73084006a3a241c1ae00356696689fd7cc3aa3e6f040a63400ed428e0c2f1c8d003b5a2679285341ef3dcd7de1d66a405a4d916b99481259340763a7327a1e5a352680b62a66af994b2024cb8273bcbc75ff7a08198150e4090fc365db38f41b9e914d3e844e64ebf23b896ad1c5d665680acb5ee1eae67f31f3c5cb4a4aba70978e586a5b4568061fea990f6ab0fa37d3de9f2ff7f6111e9670e3b8929d3bcd756612ab4f0021327fdf41515759d549a46cff1b2dede5f75e359870d16c6ba32ff5020d05b93b467396a86957e13f803d927b63d71ec9870bacc8a75367478f89050f1fec29a6505ad7e51d1373e3cd7a55c948fc7d906da7c78e79e522e0db59fd2d5841088362b7de5bcf6bd9e271b404386e8063a772feb84c33ac83f8e5ab5b6959449b84df78345337fa53d54abf416086a59ac10273d15bfe515ee1ec14349c577b393fa317de186f326c1632a339fcdaf368c5c99b1b18867f4f2b678f014f30f014490e271a2b4b2376496b0a86f84bc6fc7c85070a40135e5c7c7b9c5eebba0231bbbbd55699acf9333620a25be0ccb5003e981aa16f47f0c649777e7d6df68448bb018f701d5860f5085e7890d9cf2fb6acff390ea46665886ebc0793994a80d84e979f7844e5455545c823e38269acb190dad0b042cc413df3fdfb4dbdf5d73211324199a291d059ec4798beb4cb4cdfba33a3c05ce743ef86f2f765cae1761c0de3130a466788260f0ea63edbe007454660356c4fb0bb803f17b551a5ae4163e820dbff70a9655e53bcb861a5afd8409210fb199aded8c26a8ed3e5f3ce6b8c11874fe0470d1ceb006710b2f7c5198bc22c69acdea4933497893ae4409f7d352974cad181afef1f26f7a132e73f7197484afc69a9387a3f044aa765ad72731a3e6bc3d48721eac99dd6c82ec98403148af0c239fdcc27188e6b4622110b3265998ab93f6df2baac83be76f8858778d52cc51053d6f9905411a6efc6cf5d1d93a29f3bc278752b3bedd6c7d2f27b3466587f8b65448e2f00c5dd567c4eddaf15b8afc469bfac7d3c74c7db9b7cb4ebe950a8a32451352f0c2761adab6a04cc6d123912e511b34118382a5ef680f7cf5c136c19ab7b17d3f4c93e04a84ce19a438cbaf6ded6a691fa017daa31b47dcc0aeaf4cca4a7c410aceeddc2c88192d87f90ede7e137ad51bc8fe5e39c2def4bfcfab84fde592d2ffdc759653d0a39ce9cee7a0ac57b4a7d75a54b8e7253c00324a7282c17042e32e805d2530b8c2cdbf576c17e50a1a48c508ac48c07eb520c351cb23d1ed2d880ccb5b10b658544be43b8a2cedba830393d4a32a542fd0573f82e35a5d1c5ec42e61413bfc629759bc2e453e03c9ef970dac01b2ce811955a9a19a9a97bd6d6d2a8b78a35b28df4adf0212dd624113ec265206838374803ddeeadd35134b1af73c6b3f244489201fda7eadf19c17cb22a376a9ff2867a99ba796c4b47b64c773cafd540bef84100cf1df3b2e45e90c16c19bced228612f8932b1d5c6a39ab18e485f7fdca67268cafde3d2b8d6f35771dfcf4869b7794cd7293b234ad44c87a9cd7af874aad7ea40c59e00dc39545e1533f0b6e98411e127e14fd23e75a7537cabd8d5b9d33219424eb4583279dc0698c86a4bd34f9ba646c6d0672da182e7a66f6de5da97fd556df1ebc6c92842befc48033c663022b9fd0816f214ead7f3b64d0c78516e5e27a3a9d6cf9072781b50b69deb645a7059b0ce40ce0bd8975193974256780d95a85b09806dc7e309cc0a06f7f7fb8ff37910937e1e466d3f1395750d0668b4a437b6977786612be276c5bf7852aebcacf0bd7296cfb33efba0d063bdd5a65c1e4982d5c18a70dc02c78b229859c13b1747567279d7e1729ecbfc132f613697063c10d4cdbe1c629e62854584dd399471c1276ff87e050dfa46483445ea232057b603a84ccc41abef80993d5020e7dcaa54d001fc5f9b93ead19d61c7d0f16e422b9550bcef302bd010631cc3a388c52b1ee9f0edf1227cf61d1167a636785b58c93e4fc5bee5311c68036f6dbc1fad66f2153d9d60c4aecb25bec8cda99036e3bf93cbefc79e7caf7fcb10a1b56f869a6e59fe2c699100b55b49d103b32c1d1d3e09183a58a305f2d0169c438b26e6c2b67bacc4a43fa51091d8d55208ae53e43f6d4c1d9afbf0e042a76a18276a98850b77498ad1e38d8ab6952700a45f0153f6bcdbb7d4c37d2e92be8c7570a4277573e334606c122e397fe206ab4bb4ea0a52166885573a32968ae25e19b2f4ab27441afbb1f2c1577d85aef084b921c2b4819b961dfa1a1cc91cf9ceee45029ac9f36d9a6d0147b663634b86816c106becb746af3d2aa5849ff1a32920aa09628ddb5e47267382daed5e58b29c9049fb3de60ccdc3a6d825d467fce0a01ffde1a82fe26963008321c8c6257e57d266f787a7b7a33e79aa290ce059af7fa72da2280ba0d39e2e3d45c01c1b93f65b98a19fecad0e565ee36d175e23a42ce6f2b7c36404e97f580a35fd993f84721e13144c30a857639ddc82640ce9dc11b848c10de147743e3285c3e4a68fa3e26995b8b038a54e091b445b98db6d2312650ecf5b04c50d99b3bd6adeb229f0e2ed8e39cfc07d7392284f2bfa4376d9fea6dba8632af59476dbb479462bffef64826798e2dddb8282132eb3de434517532375cec361f42265c13905cda980b79484a120d45cc92f24eddd4a7dfe95e3e0529727b34329c0872ead44408c14d28a57310faeaeb01bf542e6213d62a3ed9fc624bbcc5556054bc8a4c26c2cac42dac3305597abd83f25b4ac72a251f385af3faf114c57a9b402da0d84fa9a42218071057fcdcd6c5dc2de5a1d563338ef477f20b3b079ed9b0f88dbd98a28b5d9ea95425b80f1b3ca985489169df108ad4091cb8a16516e45c8383c97a812c5a785a1ff3c8091ad374bdcaf2543bfb7216941e030170a26d1b7aa2bf9b6d2ac70e63e721c0d642cff664cc9a04ae55e6d7c09c440f03b6d4217d1dd5fcdc318c8e2acfabfe7c067033f72cca4bbfd960816cf1aeca45a1766547590a96a636a45cba224c9b5703dbc07394e57a87c35f62838bc1694b781399b471c16ba6ff5312f954ca189c9abbf27b16143cf22da3e858f025853b9aa621ec6aa63a6dc632896b188e94d57fb640f55e57ddf55eb8a87ed5e0a58f54635307d7b1fd5fde884e1bfab9bc89306e6dea85ead869db362cb99d3934b2c1492d155a9376baef5c57f817a5ea9bd47a141d7aea041871965e9e876ea8b736b16db2b8641ecc37f607fa7894321ce049ccf6251497801c2454ea344174831754b6579126f415f53ad7cf1e3701cc4187d309b073357ea86c957e8e64580125d9c476072b7498a69d08b9f1e1071a892d0dfe464315ca7af2a713b7df8912f449545b546b14b3b918871ac77db1549982071a8d12984d7967cbaca717fde8a8dd76fb4a41d09d26d18d3a6727bd7022b1351da73065a2149f3d80b3dafcc7f6e228adc2ab77fbf123eb0ed17e5363f4c3c753d7a78a6fbf3b64c1c705c4b418a6125386ba327500d801f290e325712247b231db7e90e6bd1d8e778e75edee2638e158bec9f39ab604dca0ca97241fb3819e5c776e6aa0f9c859ba44d36a3ffc28379e69a0accedc9e4392a4e1e9653a290db779e28a3d0591e901eb8c5aadb720766ccf75bd3ba2352b6541311e4a48f4819bf8668927a3e9b1cadb5a3f9fa5f17f60c64916c0db4616eaa34673733dce5f0d08710a85227aa6257192471dfee5b091c8c0c44224f24cc7067fe9a4e668061e4ea8a71026d0ada61dc9ee54c2b4fcaad92880c31587cab2ce68ee3fb79e4142964ef02684fe922a7e772b7444442e52f3a30d972ea3c90c2cb156023829d955780e6a515c7390ddbd9bc3f5d95a0a215d6e4dc1131bf6860d625dc88fd819a7380041f5d4635c8cb4f92e9d85bcfb23f246259039d017e242a61288a918b4f76cfbbc213d9f5cccc64fd3bec5d46d0802b2dc31d382337248d8a8eaf53c1e95f647950b87841c187249713dc88e30e469764269c653ade4baa7158b1b240bfb57a8df9872ceeec99f76e3df947609dc2f6f217883fbe2c96fc5f5131ab90ef94bcb6288573ae59e584bfea925ab801772263d427b29751eb9a3af2767cadbd6a55f41e16679dd81097a0201f89cbf984542be9d4afea0ccde1f952fdc95bead1e0fa72830ab055916276913197c14486e0be796c38db7840b8691b4a151437595096d8889d6b680ecb5c44a4c8c842dc08cc22469e48e575b6ff05d77e1749734f6bcc628dec89d9e0b4b05a505d464e8099e67c7629dc3b47269514ebadaa25458e8392f76"}, 0x1015, 0x2) utime(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)={0x579a66b6, 0x3f}) 21:25:44 executing program 2: syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000600)="8da4363ac0ed0000000000000001004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x6, 0x101080) ioctl$DRM_IOCTL_MARK_BUFS(r0, 0x40206417, &(0x7f0000000080)={0x8, 0x7, 0x2, 0xe2, 0x2, 0x3}) [ 434.111141] FAULT_INJECTION: forcing a failure. [ 434.111141] name failslab, interval 1, probability 0, space 0, times 0 [ 434.173662] CPU: 0 PID: 16332 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 434.180935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 434.190288] Call Trace: [ 434.192885] dump_stack+0x138/0x197 [ 434.196529] should_fail.cold+0x10f/0x159 [ 434.200694] should_failslab+0xdb/0x130 [ 434.204679] kmem_cache_alloc_trace+0x2e9/0x790 [ 434.209356] ? mutex_trylock+0x1c0/0x1c0 [ 434.213428] ? btrfs_close_devices+0x21/0x140 [ 434.217931] btrfs_alloc_device+0xa4/0x6a0 [ 434.222173] ? btrfs_find_device_by_devspec+0xf0/0xf0 [ 434.227376] __btrfs_close_devices+0x2c6/0xa90 [ 434.231963] ? __mutex_unlock_slowpath+0x71/0x800 [ 434.236841] ? btrfs_alloc_device+0x6a0/0x6a0 [ 434.241345] btrfs_close_devices+0x29/0x140 [ 434.245686] btrfs_mount+0x1fd9/0x2b28 [ 434.249578] ? lock_downgrade+0x6e0/0x6e0 [ 434.253729] ? find_held_lock+0x35/0x130 [ 434.257786] ? pcpu_alloc+0x3af/0x1050 [ 434.257813] ? btrfs_remount+0x11f0/0x11f0 [ 434.257830] ? rcu_read_lock_sched_held+0x110/0x130 [ 434.271041] ? __lockdep_init_map+0x10c/0x570 [ 434.275546] mount_fs+0x97/0x2a1 [ 434.278920] vfs_kern_mount.part.0+0x5e/0x3d0 [ 434.283422] ? find_held_lock+0x35/0x130 [ 434.287482] vfs_kern_mount+0x40/0x60 [ 434.291276] btrfs_mount+0x3ce/0x2b28 [ 434.295063] ? lock_downgrade+0x6e0/0x6e0 [ 434.299193] ? find_held_lock+0x35/0x130 [ 434.304769] ? pcpu_alloc+0x3af/0x1050 [ 434.308646] ? btrfs_remount+0x11f0/0x11f0 [ 434.312867] ? rcu_read_lock_sched_held+0x110/0x130 [ 434.317871] ? __lockdep_init_map+0x10c/0x570 [ 434.322353] ? __lockdep_init_map+0x10c/0x570 [ 434.326835] mount_fs+0x97/0x2a1 [ 434.330188] vfs_kern_mount.part.0+0x5e/0x3d0 [ 434.334669] do_mount+0x417/0x27d0 [ 434.338189] ? copy_mount_options+0x5c/0x2f0 [ 434.342577] ? rcu_read_lock_sched_held+0x110/0x130 [ 434.347576] ? copy_mount_string+0x40/0x40 [ 434.352255] ? copy_mount_options+0x1fe/0x2f0 [ 434.356736] SyS_mount+0xab/0x120 [ 434.360171] ? copy_mnt_ns+0x8c0/0x8c0 [ 434.364042] do_syscall_64+0x1e8/0x640 [ 434.367909] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 434.372735] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 434.377907] RIP: 0033:0x45c2ca [ 434.381077] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 434.388767] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca [ 434.396017] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 [ 434.403269] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 [ 434.410518] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 434.417766] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 21:25:44 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x146) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000380)={'veth0_to_hsr\x00', 0x203}) r4 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x100000000, 0x2000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) r5 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$DRM_IOCTL_RES_CTX(r4, 0xc0106426, &(0x7f0000000440)={0xa, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}]}) ioctl$DRM_IOCTL_LOCK(r5, 0x4008642a, &(0x7f0000000480)={r6, 0x28}) ioctl$KVM_RUN(r3, 0xae80, 0x0) accept4$packet(r5, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000000c0)=0x14, 0x4f0d40754ce51e7b) sendmsg$can_raw(r2, &(0x7f0000000300)={&(0x7f00000001c0)={0x1d, r7}, 0x10, &(0x7f00000002c0)={&(0x7f0000000200)=@can={{0x3, 0x4, 0x1, 0x7fffffff}, 0x6, 0x2, 0x0, 0x0, "ba040c1c7c4b87cf"}, 0x10}, 0x1, 0x0, 0x0, 0x80}, 0x4000000) [ 434.540108] ------------[ cut here ]------------ [ 434.544897] kernel BUG at fs/btrfs/volumes.c:890! [ 434.556037] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 434.561420] Modules linked in: [ 434.564620] CPU: 0 PID: 16332 Comm: syz-executor.3 Not tainted 4.14.141 #37 [ 434.566307] kobject: 'kvm' (ffff8880a6e8d390): kobject_uevent_env [ 434.571708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 21:25:44 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x146) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000380)={'veth0_to_hsr\x00', 0x203}) r4 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x100000000, 0x2000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) r5 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$DRM_IOCTL_RES_CTX(r4, 0xc0106426, &(0x7f0000000440)={0xa, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}]}) ioctl$DRM_IOCTL_LOCK(r5, 0x4008642a, &(0x7f0000000480)={r6, 0x28}) ioctl$KVM_RUN(r3, 0xae80, 0x0) accept4$packet(r5, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000000c0)=0x14, 0x4f0d40754ce51e7b) [ 434.571714] task: ffff8880a03f0700 task.stack: ffff888062db0000 [ 434.571742] RIP: 0010:__btrfs_close_devices+0x7d8/0xa90 [ 434.571749] RSP: 0018:ffff888062db7700 EFLAGS: 00010246 [ 434.571759] RAX: 0000000000040000 RBX: ffff8880973f24c0 RCX: ffffc90008c4c000 [ 434.571778] RDX: 0000000000040000 RSI: ffffffff8265b718 RDI: 0000000000000286 [ 434.578104] kobject: 'kvm' (ffff8880a6e8d390): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 434.587352] RBP: ffff888062db77c8 R08: ffff8880a03f0700 R09: ffff8880a03f0fc8 [ 434.587357] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888097ff1500 [ 434.587366] R13: ffff8880973f2588 R14: fffffffffffffff4 R15: dffffc0000000000 [ 434.587376] FS: 00007f66740e1700(0000) GS:ffff8880aee00000(0000) knlGS:0000000000000000 [ 434.587384] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 434.587392] CR2: 0000000000625208 CR3: 00000000a96ea000 CR4: 00000000001426f0 [ 434.587406] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 434.587410] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 434.587415] Call Trace: 21:25:44 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x0, 0x0) getpeername$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000240)="66ba4300b801380000ef0f22dc66b8a1008ec0c4e21db7eb5766baa000b093ee362e0f01ef65d9f9ea00480000aa00b98e0400000f32", 0x36}], 0x1, 0x0, 0x0, 0x146) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000380)={'veth0_to_hsr\x00', 0x203}) r4 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x100000000, 0x2000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) r5 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$DRM_IOCTL_RES_CTX(r4, 0xc0106426, &(0x7f0000000440)={0xa, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}]}) ioctl$DRM_IOCTL_LOCK(r5, 0x4008642a, &(0x7f0000000480)={r6, 0x28}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 434.609724] kobject: 'loop0' (ffff8880a494f660): kobject_uevent_env [ 434.611408] ? __mutex_unlock_slowpath+0x71/0x800 [ 434.611421] ? btrfs_alloc_device+0x6a0/0x6a0 [ 434.611431] btrfs_close_devices+0x29/0x140 [ 434.611441] btrfs_mount+0x1fd9/0x2b28 [ 434.611453] ? lock_downgrade+0x6e0/0x6e0 [ 434.619098] kobject: 'loop0' (ffff8880a494f660): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 434.627704] ? find_held_lock+0x35/0x130 [ 434.627713] ? pcpu_alloc+0x3af/0x1050 [ 434.627728] ? btrfs_remount+0x11f0/0x11f0 [ 434.627740] ? rcu_read_lock_sched_held+0x110/0x130 [ 434.627753] ? __lockdep_init_map+0x10c/0x570 [ 434.641107] kobject: 'kvm' (ffff8880a6e8d390): kobject_uevent_env [ 434.642275] mount_fs+0x97/0x2a1 [ 434.642286] vfs_kern_mount.part.0+0x5e/0x3d0 [ 434.642299] ? find_held_lock+0x35/0x130 [ 434.649645] kobject: 'kvm' (ffff8880a6e8d390): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 434.657767] vfs_kern_mount+0x40/0x60 [ 434.657779] btrfs_mount+0x3ce/0x2b28 [ 434.657789] ? lock_downgrade+0x6e0/0x6e0 [ 434.657796] ? find_held_lock+0x35/0x130 [ 434.657804] ? pcpu_alloc+0x3af/0x1050 [ 434.657815] ? btrfs_remount+0x11f0/0x11f0 [ 434.657825] ? rcu_read_lock_sched_held+0x110/0x130 [ 434.657839] ? __lockdep_init_map+0x10c/0x570 [ 434.657846] ? __lockdep_init_map+0x10c/0x570 [ 434.657857] mount_fs+0x97/0x2a1 [ 434.657867] vfs_kern_mount.part.0+0x5e/0x3d0 [ 434.657875] do_mount+0x417/0x27d0 [ 434.657881] ? copy_mount_options+0x5c/0x2f0 [ 434.657888] ? rcu_read_lock_sched_held+0x110/0x130 [ 434.657896] ? copy_mount_string+0x40/0x40 [ 434.657905] ? copy_mount_options+0x1fe/0x2f0 [ 434.657914] SyS_mount+0xab/0x120 [ 434.657921] ? copy_mnt_ns+0x8c0/0x8c0 [ 434.657931] do_syscall_64+0x1e8/0x640 [ 434.657937] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 434.657950] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 434.657956] RIP: 0033:0x45c2ca [ 434.657959] RSP: 002b:00007f66740e0a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 434.687849] kobject: 'kvm' (ffff8880a6e8d390): kobject_uevent_env [ 434.688176] RAX: ffffffffffffffda RBX: 00007f66740e0b40 RCX: 000000000045c2ca [ 434.688182] RDX: 00007f66740e0ae0 RSI: 0000000020000100 RDI: 00007f66740e0b00 [ 434.688188] RBP: 0000000000000001 R08: 00007f66740e0b40 R09: 00007f66740e0ae0 [ 434.688193] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 434.688197] R13: 00000000004c8980 R14: 00000000004df898 R15: 0000000000000003 [ 434.688207] Code: [ 434.694728] kobject: 'kvm' (ffff8880a6e8d390): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 434.699414] c1 ea 03 0f b6 04 02 84 c0 74 08 3c 03 0f [ 434.719793] kobject: 'loop0' (ffff8880a494f660): kobject_uevent_env [ 434.725645] 8e 59 02 00 00 48 8b 45 80 c7 80 10 01 00 00 00 00 00 00 e9 e2 f8 ff ff [ 434.732534] kobject: 'loop0' (ffff8880a494f660): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 434.733604] e8 58 2a f7 fe <0f> 0b e8 51 2a f7 [ 434.751567] kobject: 'kvm' (ffff8880a6e8d390): kobject_uevent_env [ 434.753545] fe 0f 0b 48 89 f7 e8 57 da 20 ff e9 ad [ 434.757025] kobject: 'kvm' (ffff8880a6e8d390): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 434.761402] f8 ff [ 434.761424] RIP: __btrfs_close_devices+0x7d8/0xa90 RSP: ffff888062db7700 [ 434.762029] ---[ end trace 237d287a0ac75082 ]--- [ 434.783474] kobject: 'kvm' (ffff8880a6e8d390): kobject_uevent_env [ 434.786606] Kernel panic - not syncing: Fatal exception [ 435.007478] Kernel Offset: disabled [ 435.011094] Rebooting in 86400 seconds..