ev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 03:43:21 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2", 0x24, 0x10000}], 0x0, 0x0) 03:43:21 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007116800f3051e0008000100020423dcffdf00", 0x1f) 03:43:21 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500000d450001070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:21 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xffffffffffffffff}) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)) 03:43:21 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}) 03:43:21 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500000e450001070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:21 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007116c00f3051e0008000100020423dcffdf00", 0x1f) 03:43:21 executing program 3: syz_emit_ethernet(0x4a, &(0x7f0000000240)={@broadcast, @empty, [], {@ipv6={0x86dd, {0x0, 0x6, 'd:T', 0x14, 0x2f, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x608]}, @mcast2, {[], @tcp={{0x0, 0x6558, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 03:43:21 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2", 0x24, 0x10000}], 0x0, 0x0) [ 1201.178661][T21138] __nla_validate_parse: 42 callbacks suppressed [ 1201.178668][T21138] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1201.202007][T21124] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:43:21 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}) [ 1201.220761][T21139] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:43:22 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x7f7a8c1dc6000000, 0x0, 0x0, 0x0, 0x0) 03:43:22 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500000f450001070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:22 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) close(r1) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:22 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007117400f3051e0008000100020423dcffdf00", 0x1f) 03:43:22 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0x0, 0x0) 03:43:22 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}) [ 1201.451970][T21161] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1201.471215][T21164] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:43:22 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000010450001070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:22 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007117a00f3051e0008000100020423dcffdf00", 0x1f) 03:43:22 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0x0, 0x0) [ 1201.588779][T21169] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:43:22 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}) 03:43:22 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) close(r1) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:22 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000011450001070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1201.694676][T21185] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1201.716085][T21187] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1201.836585][T21193] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1201.872059][T21205] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 03:43:22 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x8000000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:22 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110003f3051e0008000100020423dcffdf00", 0x1f) 03:43:22 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}) 03:43:22 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0x0, 0x0) 03:43:22 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) close(r1) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:22 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000012450001070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1202.020013][T21212] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:43:22 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) 03:43:22 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110005f3051e0008000100020423dcffdf00", 0x1f) 03:43:22 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000025450001070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1202.116518][T21223] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 03:43:22 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000", 0x3f, 0x10000}], 0x0, 0x0) [ 1202.235273][T21226] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:43:22 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) close(r1) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) [ 1202.276965][T21239] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:43:22 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000048450001070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1202.463044][T21254] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:43:23 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x8096980000000000, 0x0, 0x0, 0x0, 0x0) 03:43:23 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}) 03:43:23 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110006f3051e0008000100020423dcffdf00", 0x1f) 03:43:23 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500004c450001070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:23 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) close(r1) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:23 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000", 0x3f, 0x10000}], 0x0, 0x0) 03:43:23 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000060450001070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:23 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110007f3051e0008000100020423dcffdf00", 0x1f) 03:43:23 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}) 03:43:23 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) close(r1) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:23 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000", 0x3f, 0x10000}], 0x0, 0x0) [ 1202.754662][T21274] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:43:23 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000068450001070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1202.964670][T21306] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:43:23 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x8c4b050000000000, 0x0, 0x0, 0x0, 0x0) 03:43:23 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110009f3051e0008000100020423dcffdf00", 0x1f) 03:43:23 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}) 03:43:23 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) close(r1) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:23 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500006c450001070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:23 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f424852", 0x44, 0x10000}], 0x0, 0x0) 03:43:23 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000074450001070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:23 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c00711000af3051e0008000100020423dcffdf00", 0x1f) 03:43:23 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd}) 03:43:23 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:23 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f424852", 0x44, 0x10000}], 0x0, 0x0) 03:43:23 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500007a450001070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1203.343531][T21334] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1203.545607][T21360] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:43:24 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x8cffffff00000000, 0x0, 0x0, 0x0, 0x0) 03:43:24 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c00711000bf3051e0008000100020423dcffdf00", 0x1f) 03:43:24 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}) 03:43:24 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:24 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000090001070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:24 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f424852", 0x44, 0x10000}], 0x0, 0x0) 03:43:24 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450300070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:24 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}) 03:43:24 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c00711000cf3051e0008000100020423dcffdf00", 0x1f) [ 1203.831170][T21384] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:43:24 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:24 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f4248526653", 0x46, 0x10000}], 0x0, 0x0) 03:43:24 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450400070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1204.068464][T21406] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:43:24 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x994b050000000000, 0x0, 0x0, 0x0, 0x0) 03:43:24 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c00711000df3051e0008000100020423dcffdf00", 0x1f) 03:43:24 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}) 03:43:24 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450201070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:24 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f4248526653", 0x46, 0x10000}], 0x0, 0x0) 03:43:24 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) close(r1) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:24 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450301070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:24 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c00711000ef3051e0008000100020423dcffdf00", 0x1f) 03:43:25 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12}) 03:43:25 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) close(r1) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:25 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f4248526653", 0x46, 0x10000}], 0x0, 0x0) [ 1204.506063][T21439] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:43:25 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450401070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:25 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0xaf4b050000000000, 0x0, 0x0, 0x0, 0x0) 03:43:25 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25}) 03:43:25 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c00711000ff3051e0008000100020423dcffdf00", 0x1f) 03:43:25 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) close(r1) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:25 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450501070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:25 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) [ 1204.774065][T21465] REISERFS warning (device loop5): reiserfs_fill_super: Cannot allocate commit workqueue 03:43:25 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450601070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:25 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110011f3051e0008000100020423dcffdf00", 0x1f) 03:43:25 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c}) 03:43:25 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) close(0xffffffffffffffff) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:25 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 03:43:25 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110012f3051e0008000100020423dcffdf00", 0x1f) [ 1205.044506][T21497] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:43:25 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0xc403000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:25 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450701070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:25 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300}) 03:43:25 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) close(0xffffffffffffffff) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:25 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 03:43:25 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007113d1ef3051e0008000100020423dcffdf00", 0x1f) 03:43:26 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450801070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:26 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0x0, 0x0) 03:43:26 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) close(0xffffffffffffffff) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:26 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110020f3051e0008000100020423dcffdf00", 0x1f) 03:43:26 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500}) [ 1205.420309][T21543] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:43:26 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450901070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1205.681914][T21569] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:43:26 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0xc903000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:26 executing program 3: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) close(r0) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r0, r1, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:26 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x554}) 03:43:26 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110025f3051e0008000100020423dcffdf00", 0x1f) 03:43:26 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0x0, 0x0) 03:43:26 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450a01070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:26 executing program 3: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) close(r0) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r0, r1, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:26 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450b01070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:26 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007111e3df3051e0008000100020423dcffdf00", 0x1f) 03:43:26 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600}) 03:43:26 executing program 3: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) close(r0) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r0, r1, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:26 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450c01070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1206.032725][T21604] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:43:26 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0xe803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:26 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0x0, 0x0) 03:43:26 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110040f3051e0008000100020423dcffdf00", 0x1f) 03:43:26 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) close(r1) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:26 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450d01070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:26 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700}) [ 1206.184302][T21623] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:43:26 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) close(r1) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:26 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x900}) 03:43:26 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110048f3051e0008000100020423dcffdf00", 0x1f) [ 1206.281357][T21639] __nla_validate_parse: 38 callbacks suppressed [ 1206.281365][T21639] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1206.284766][T21640] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1206.375894][T21642] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:43:27 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450e01070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:27 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) close(r1) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:27 executing program 0: r0 = socket$unix(0x1, 0x400040000000001, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") poll(&(0x7f0000000340)=[{r0}], 0x1, 0x0) [ 1206.498064][T21657] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1206.566608][T21670] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1206.646494][T21672] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:43:27 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0xebffffff00000000, 0x0, 0x0, 0x0, 0x0) 03:43:27 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) close(r0) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r0, r1, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:27 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00}) 03:43:27 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c00711004cf3051e0008000100020423dcffdf00", 0x1f) 03:43:27 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450f01070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:27 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-control\x00', 0x101300, 0x0) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, 0x0, &(0x7f0000000240)) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000005c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000600)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21, 0x0, @rand_addr, 0x12000000}, {0xa, 0x0, 0xfb5, @dev={0xfe, 0x80, [], 0x1d}}, r1}}, 0x48) write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, 0x0, 0x0) 03:43:27 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) close(r0) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r0, r1, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:27 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00}) 03:43:27 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110060f3051e0008000100020423dcffdf00", 0x1f) [ 1206.785154][T21687] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1206.799961][T21688] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 03:43:27 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000451001070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:27 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-control\x00', 0x101300, 0x0) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, 0x0, &(0x7f0000000240)) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000005c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000600)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21, 0x0, @rand_addr, 0x12000000}, {0xa, 0x0, 0xfb5, @dev={0xfe, 0x80, [], 0x1d}}, r1}}, 0x48) write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, 0x0, 0x0) [ 1206.924573][T21692] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:43:27 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) close(r0) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r0, r1, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) [ 1206.974006][T21711] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1207.044605][T21717] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1207.194909][T21726] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:43:27 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0xf6ffffff00000000, 0x0, 0x0, 0x0, 0x0) 03:43:27 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc00}) 03:43:27 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) close(r1) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:27 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000451101070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:27 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f4248526653", 0x46, 0x10000}], 0x0, 0x0) 03:43:27 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110068f3051e0008000100020423dcffdf00", 0x1f) 03:43:28 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c00711006cf3051e0008000100020423dcffdf00", 0x1f) [ 1207.377241][T21744] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1207.392190][T21745] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 03:43:28 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd00}) 03:43:28 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) close(r1) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:28 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000451201070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:28 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110074f3051e0008000100020423dcffdf00", 0x1f) [ 1207.566943][T21751] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:43:28 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:28 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0xf803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:28 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000452501070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:28 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe00}) 03:43:28 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c00711007af3051e0008000100020423dcffdf00", 0x1f) 03:43:28 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) close(r1) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:28 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000454801070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1207.888980][T21784] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 03:43:28 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110002f3051e0008000100020423dcffdf00", 0x1f) 03:43:28 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000454c01070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:28 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1100}) [ 1207.943224][T21800] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:43:28 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) close(0xffffffffffffffff) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:28 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110003f3051e0008000100020423dcffdf00", 0x1f) 03:43:28 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) [ 1208.237167][T21826] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1208.297031][T21834] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 03:43:28 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0xf9fdffff00000000, 0x0, 0x0, 0x0, 0x0) 03:43:28 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000456001070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:28 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1200}) 03:43:28 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) close(0xffffffffffffffff) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:28 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110004f3051e0008000100020423dcffdf00", 0x1f) 03:43:29 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000456801070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:29 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:29 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110005f3051e0008000100020423dcffdf00", 0x1f) 03:43:29 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1254}) [ 1208.552256][T21854] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:43:29 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000456c01070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:29 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) close(0xffffffffffffffff) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) [ 1208.699546][T21868] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 03:43:29 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110006f3051e0008000100020423dcffdf00", 0x1f) 03:43:29 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0xfc01000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:29 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000457401070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:29 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2500}) 03:43:29 executing program 0: socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:29 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110007f3051e0008000100020423dcffdf00", 0x1f) 03:43:29 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) close(r1) syz_open_dev$sndtimer(0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:29 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000457a01070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:29 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}) [ 1209.021895][T21899] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:43:29 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450003070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:29 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110008f3051e0008000100020423dcffdf00", 0x1f) 03:43:29 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5405}) [ 1209.177585][T21914] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 03:43:29 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0xfc03000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:29 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) close(r1) syz_open_dev$sndtimer(0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:29 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500000045000a070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:30 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110009f3051e0008000100020423dcffdf00", 0x1f) 03:43:30 executing program 0: socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:30 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5412}) [ 1209.402532][T21938] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:43:30 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450025070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:30 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c00711000af3051e0008000100020423dcffdf00", 0x1f) 03:43:30 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c00}) 03:43:30 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) close(r1) syz_open_dev$sndtimer(0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:30 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500000045003f070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1209.648243][T21961] REISERFS warning (device loop5): reiserfs_fill_super: Cannot allocate commit workqueue [ 1209.659199][T21959] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 03:43:30 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c00711000bf3051e0008000100020423dcffdf00", 0x1f) 03:43:30 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0xff0f000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:30 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}) 03:43:30 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) close(r1) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:30 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450040070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:30 executing program 0: socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:30 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c00711000cf3051e0008000100020423dcffdf00", 0x1f) 03:43:30 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450002070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1209.983209][T22000] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 03:43:30 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}) 03:43:30 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) close(r1) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:30 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c00711000df3051e0008000100020423dcffdf00", 0x1f) [ 1210.069192][T22008] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:43:30 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450003070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:30 executing program 0: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) [ 1210.309170][T22039] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 [ 1210.320334][T22037] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:43:31 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0xffffff7f00000000, 0x0, 0x0, 0x0, 0x0) 03:43:31 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c00711000ef3051e0008000100020423dcffdf00", 0x1f) 03:43:31 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) close(r1) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:31 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450008070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:31 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000}) 03:43:31 executing program 0: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:31 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c00711000ff3051e0008000100020423dcffdf00", 0x1f) 03:43:31 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500000045000a070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:31 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) close(r1) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:31 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}) 03:43:31 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) close(r1) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) [ 1210.646498][T22058] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 [ 1210.672095][T22066] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:43:31 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110010f3051e0008000100020423dcffdf00", 0x1f) [ 1210.939566][T22096] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:43:31 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000}) 03:43:31 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450025070000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:31 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110011f3051e0008000100020423dcffdf00", 0x1f) 03:43:31 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) close(r1) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f000001e000/0x18000)=nil, 0x0, 0xfffffffffffffe4e, 0x0, 0x0, 0x0) 03:43:31 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0xffffffff00000000, 0x0, 0x0, 0x0, 0x0) 03:43:31 executing program 0: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:31 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001040000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1211.131228][T22111] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 03:43:31 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110012f3051e0008000100020423dcffdf00", 0x1f) 03:43:31 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:31 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000000}) 03:43:31 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010a0000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:31 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110025f3051e0008000100020423dcffdf00", 0x1f) 03:43:31 executing program 0: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) [ 1211.363247][T22127] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1211.376817][T22144] __nla_validate_parse: 40 callbacks suppressed [ 1211.376824][T22144] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1211.402420][T22143] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:43:32 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000}) 03:43:32 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110048f3051e0008000100020423dcffdf00", 0x1f) [ 1211.444312][T22149] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 03:43:32 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070200001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:32 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) 03:43:32 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}) 03:43:32 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0b") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 1211.622606][T22163] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:43:32 executing program 0: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) [ 1211.670923][T22172] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 03:43:32 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c00711004cf3051e0008000100020423dcffdf00", 0x1f) 03:43:32 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9000000}) 03:43:32 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070300001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1211.747156][T22180] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:43:32 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) prctl$PR_GET_TSC(0x19, &(0x7f0000000000)) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 1211.864641][T22185] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 [ 1211.902063][T22201] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:43:32 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2, 0x0, 0x0, 0x0) [ 1211.917799][T22198] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 03:43:32 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000}) 03:43:32 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110060f3051e0008000100020423dcffdf00", 0x1f) 03:43:32 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x3, 0x0, 0x0, 0x0) 03:43:32 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070400001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:32 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110068f3051e0008000100020423dcffdf00", 0x1f) 03:43:32 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb000000}) [ 1212.063519][T22215] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:43:32 executing program 0: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:32 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:32 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x4, 0x0, 0x0, 0x0) [ 1212.225530][T22231] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1212.254211][T22235] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 03:43:32 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc000000}) 03:43:33 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c00711006cf3051e0008000100020423dcffdf00", 0x1f) 03:43:33 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070500001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1212.359876][T22237] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 03:43:33 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x5, 0x0, 0x0, 0x0) 03:43:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd000000}) 03:43:33 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070600001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:33 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x6, 0x0, 0x0, 0x0) 03:43:33 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110074f3051e0008000100020423dcffdf00", 0x1f) [ 1212.470002][T22258] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:43:33 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:33 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:33 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x7, 0x0, 0x0, 0x0) 03:43:33 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c00711007af3051e0008000100020423dcffdf00", 0x1f) 03:43:33 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070700001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe000000}) [ 1212.759633][T22283] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 03:43:33 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070800001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:33 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x8, 0x0, 0x0, 0x0) 03:43:33 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}) 03:43:33 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3041e0008000100020423dcffdf00", 0x1f) 03:43:33 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x9, 0x0, 0x0, 0x0) 03:43:33 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:33 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070900001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:33 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3061e0008000100020423dcffdf00", 0x1f) 03:43:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11000000}) 03:43:33 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xa, 0x0, 0x0, 0x0) 03:43:33 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070a00001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:33 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3091e0008000100020423dcffdf00", 0x1f) 03:43:33 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 1213.159506][T22325] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 03:43:33 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070b00001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12000000}) 03:43:33 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xb, 0x0, 0x0, 0x0) 03:43:33 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f30a1e0008000100020423dcffdf00", 0x1f) 03:43:33 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:34 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:34 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070c00001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:34 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xc, 0x0, 0x0, 0x0) 03:43:34 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3050a0008000100020423dcffdf00", 0x1f) 03:43:34 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12540000}) [ 1213.516142][T22374] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 03:43:34 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f305000b08000100020423dcffdf00", 0x1f) 03:43:34 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xd, 0x0, 0x0, 0x0) 03:43:34 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:34 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070d00001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:34 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25000000}) 03:43:34 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xe, 0x0, 0x0, 0x0) 03:43:34 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:34 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0208000100020423dcffdf00", 0x1f) 03:43:34 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070e00001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:34 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x10, 0x0, 0x0, 0x0) 03:43:34 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070f00001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:34 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0308000100020423dcffdf00", 0x1f) 03:43:34 executing program 3: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:34 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000}) 03:43:34 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x11, 0x0, 0x0, 0x0) [ 1213.998358][T22435] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 03:43:34 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001071000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:34 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0408000100020423dcffdf00", 0x1f) 03:43:34 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:34 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x12, 0x0, 0x0, 0x0) 03:43:34 executing program 3: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:34 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x54050000}) 03:43:34 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001071100001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:34 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0508000100020423dcffdf00", 0x1f) 03:43:34 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x25, 0x0, 0x0, 0x0) 03:43:34 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001071200001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:34 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c000000}) 03:43:34 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0608000100020423dcffdf00", 0x1f) 03:43:35 executing program 3: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 1214.397020][T22479] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 03:43:35 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x48, 0x0, 0x0, 0x0) 03:43:35 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:35 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0708000100020423dcffdf00", 0x1f) 03:43:35 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001072500001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:35 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff}) 03:43:35 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x4c, 0x0, 0x0, 0x0) 03:43:35 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x5c, 0x0, 0x0, 0x0) 03:43:35 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001074800001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:35 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0808000100020423dcffdf00", 0x1f) 03:43:35 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd}) 03:43:35 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:35 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x60, 0x0, 0x0, 0x0) [ 1214.747523][T22522] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 03:43:35 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001074c00001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:35 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)) syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:35 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x68, 0x0, 0x0, 0x0) 03:43:35 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0908000100020423dcffdf00", 0x1f) 03:43:35 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000}) 03:43:35 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001076000001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:35 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x6c, 0x0, 0x0, 0x0) 03:43:35 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:35 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0a08000100020423dcffdf00", 0x1f) 03:43:35 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001076800001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1215.110555][T22569] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 03:43:35 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}) 03:43:35 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x74, 0x0, 0x0, 0x0) 03:43:35 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0b08000100020423dcffdf00", 0x1f) 03:43:35 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)) syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:35 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001076c00001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:35 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x7a, 0x0, 0x0, 0x0) 03:43:35 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}) 03:43:36 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:36 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001077400001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:36 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0c08000100020423dcffdf00", 0x1f) [ 1215.402211][T22605] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 03:43:36 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1fc, 0x0, 0x0, 0x0) 03:43:36 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001077a00001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:36 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300000000000000}) 03:43:36 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0d08000100020423dcffdf00", 0x1f) 03:43:36 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x204, 0x0, 0x0, 0x0) 03:43:36 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)) syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:36 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000}) 03:43:36 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:36 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070003001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:36 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x224, 0x0, 0x0, 0x0) 03:43:36 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0e08000100020423dcffdf00", 0x1f) [ 1215.713494][T22640] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 03:43:36 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070005001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:36 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500000000000000}) 03:43:36 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0f08000100020423dcffdf00", 0x1f) 03:43:36 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x300, 0x0, 0x0, 0x0) 03:43:36 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0b") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:36 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:36 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x30b, 0x0, 0x0, 0x0) 03:43:36 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070006001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:36 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600000000000000}) 03:43:36 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e1008000100020423dcffdf00", 0x1f) [ 1216.051634][T22680] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 03:43:36 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070007001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:36 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:36 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e1108000100020423dcffdf00", 0x1f) 03:43:36 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x338, 0x0, 0x0, 0x0) 03:43:36 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700000000000000}) 03:43:36 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0b") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:36 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x34e, 0x0, 0x0, 0x0) 03:43:37 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070009001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:37 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:37 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000000}) [ 1216.392382][T22731] __nla_validate_parse: 49 callbacks suppressed [ 1216.392389][T22731] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1216.408576][T22720] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 03:43:37 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e1208000100020423dcffdf00", 0x1f) 03:43:37 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x34f, 0x0, 0x0, 0x0) [ 1216.480942][T22736] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 03:43:37 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500000045000107000a001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:37 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0b") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) [ 1216.592053][T22751] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:43:37 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x3c4, 0x0, 0x0, 0x0) 03:43:37 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x900000000000000}) 03:43:37 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e2508000100020423dcffdf00", 0x1f) [ 1216.637049][T22756] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 03:43:37 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:37 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500000045000107000b001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1216.740999][T22761] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 [ 1216.766580][T22771] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:43:37 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x3c9, 0x0, 0x0, 0x0) 03:43:37 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00000000000000}) 03:43:37 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e4808000100020423dcffdf00", 0x1f) 03:43:37 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7b") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) [ 1216.849285][T22780] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 03:43:37 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500000045000107000c001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:37 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:37 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x3e8, 0x0, 0x0, 0x0) [ 1216.975838][T22796] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1216.991350][T22799] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1217.004303][T22788] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 03:43:37 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00000000000000}) 03:43:37 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500000045000107000d001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:37 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e4c08000100020423dcffdf00", 0x1f) 03:43:37 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7b") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:37 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x3f8, 0x0, 0x0, 0x0) 03:43:37 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc00000000000000}) 03:43:37 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 1217.275194][T22824] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1217.294604][T22826] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1217.315417][T22821] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 03:43:37 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x3fc, 0x0, 0x0, 0x0) 03:43:38 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500000045000107000e001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:38 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd00000000000000}) 03:43:38 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e6008000100020423dcffdf00", 0x1f) 03:43:38 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x402, 0x0, 0x0, 0x0) 03:43:38 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7b") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:38 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:38 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e6808000100020423dcffdf00", 0x1f) 03:43:38 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500000045000107000f001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:38 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x406, 0x0, 0x0, 0x0) [ 1217.619972][T22858] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 03:43:38 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe00000000000000}) 03:43:38 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x500, 0x0, 0x0, 0x0) 03:43:38 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:38 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070011001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:38 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e6c08000100020423dcffdf00", 0x1f) 03:43:38 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}) 03:43:38 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be0") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:38 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e7408000100020423dcffdf00", 0x1f) 03:43:38 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070012001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:38 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x600, 0x0, 0x0, 0x0) 03:43:38 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1100000000000000}) [ 1217.945169][T22902] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 03:43:38 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0b") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:38 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500000045000107251a001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:38 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e7a08000100020423dcffdf00", 0x1f) 03:43:38 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x604, 0x0, 0x0, 0x0) 03:43:38 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1200000000000000}) 03:43:38 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x700, 0x0, 0x0, 0x0) 03:43:38 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be0") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:38 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500000045000107001f001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:38 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1254000000000000}) 03:43:38 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0b") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:38 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e000b000100020423dcffdf00", 0x1f) 03:43:38 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x900, 0x0, 0x0, 0x0) [ 1218.351841][T22949] netlink: 'syz-executor.2': attribute type 1 has an invalid length. 03:43:39 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2500000000000000}) 03:43:39 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070020001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:39 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0029000100020423dcffdf00", 0x1f) 03:43:39 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xa00, 0x0, 0x0, 0x0) [ 1218.504865][T22963] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 03:43:39 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0b") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:39 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xb00, 0x0, 0x0, 0x0) 03:43:39 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be0") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:39 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000}) 03:43:39 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0040000100020423dcffdf00", 0x1f) 03:43:39 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070025001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:39 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001071a25001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:39 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0004000100020423dcffdf00", 0x1f) 03:43:39 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xb03, 0x0, 0x0, 0x0) 03:43:39 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5405000000000000}) [ 1218.748020][T23000] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 03:43:39 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7b") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:39 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500000045000107003f001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1218.802705][T23011] netlink: 'syz-executor.2': attribute type 1 has an invalid length. 03:43:39 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xc00, 0x0, 0x0, 0x0) 03:43:39 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(0x0, &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:39 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e000b000100020423dcffdf00", 0x1f) 03:43:39 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c00000000000000}) 03:43:39 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070040001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:39 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7b") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:39 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xd00, 0x0, 0x0, 0x0) [ 1219.034537][T23038] netlink: 'syz-executor.2': attribute type 1 has an invalid length. 03:43:39 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001078847001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:39 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000}) 03:43:39 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xe00, 0x0, 0x0, 0x0) 03:43:39 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0029000100020423dcffdf00", 0x1f) 03:43:39 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(0x0, &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:39 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008040000020423dcffdf00", 0x1f) 03:43:39 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070048001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:39 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1020, 0x0, 0x0, 0x0) 03:43:39 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000}) 03:43:40 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(0x0, &(0x7f0000000080)='./file0\x00', 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:40 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7b") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:40 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001078848001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:40 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008020100020423dcffdf00", 0x1f) 03:43:40 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1100, 0x0, 0x0, 0x0) 03:43:40 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000}) 03:43:40 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500000045000107004c001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:40 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008030100020423dcffdf00", 0x1f) 03:43:40 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1200, 0x0, 0x0, 0x0) 03:43:40 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be0") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:40 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', 0x0, 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:40 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008040100020423dcffdf00", 0x1f) 03:43:40 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001076558001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:40 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}) 03:43:40 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be0") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:40 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2000, 0x0, 0x0, 0x0) 03:43:40 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070060001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:40 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008050100020423dcffdf00", 0x1f) 03:43:40 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', 0x0, 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:40 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 03:43:40 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2010, 0x0, 0x0, 0x0) 03:43:40 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be0") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:40 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001075865001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:40 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', 0x0, 0x3803000000000000, 0x0, 0x0, 0x0, 0x0) 03:43:40 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2402, 0x0, 0x0, 0x0) 03:43:40 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008060100020423dcffdf00", 0x1f) 03:43:40 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070068001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:40 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}) 03:43:40 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 03:43:41 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2500, 0x0, 0x0, 0x0) 03:43:41 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:41 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008070100020423dcffdf00", 0x1f) [ 1220.478190][T23208] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 03:43:41 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}) 03:43:41 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500000045000107006c001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:41 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x3803, 0x0, 0x0, 0x0) 03:43:41 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008080100020423dcffdf00", 0x1f) 03:43:41 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 03:43:41 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070074001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:41 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x3f00, 0x0, 0x0, 0x0) 03:43:41 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}) 03:43:41 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:41 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008090100020423dcffdf00", 0x1f) [ 1220.832420][T23240] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 03:43:41 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e00080a0100020423dcffdf00", 0x1f) 03:43:41 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500000045000107007a001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:41 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x4000, 0x0, 0x0, 0x0) 03:43:41 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}) 03:43:41 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:41 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 03:43:41 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x4800, 0x0, 0x0, 0x0) 03:43:41 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070081001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:41 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e00080b0100020423dcffdf00", 0x1f) [ 1221.140573][T23284] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0 03:43:41 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', 0x0, 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:41 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}) 03:43:41 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x4c00, 0x0, 0x0, 0x0) 03:43:41 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001074788001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:41 executing program 0: pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xffffffea) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x208200) r3 = open(&(0x7f0000000780)='./bus\x00', 0x14103e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r3, 0x0) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r4, 0x0, 0x2a, 0x0, 0x0) write(r5, &(0x7f0000000340), 0x10000014c) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) 03:43:42 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e00080c0100020423dcffdf00", 0x1f) 03:43:42 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', 0x0, 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 1221.469429][T23319] __nla_validate_parse: 42 callbacks suppressed [ 1221.469437][T23319] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1221.542228][T23326] netlink: 11 bytes leftover after parsing attributes in process `syz-executor.2'. 03:43:42 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) 03:43:42 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x4e03, 0x0, 0x0, 0x0) 03:43:42 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001074888001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:42 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e00080d0100020423dcffdf00", 0x1f) 03:43:42 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', 0x0, 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 1221.712618][T23346] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 03:43:42 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x4f03, 0x0, 0x0, 0x0) 03:43:42 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}) [ 1221.785256][T23351] netlink: 11 bytes leftover after parsing attributes in process `syz-executor.2'. 03:43:42 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x5c00, 0x0, 0x0, 0x0) 03:43:42 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000022419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1221.974553][T23370] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 03:43:42 executing program 0: mount(0x0, 0x0, 0x0, 0x0, 0x0) syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x100, 0x80) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$P9_RUNLINKAT(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x74005900, &(0x7f00000001c0)={&(0x7f0000000040)={0x14, 0x23, 0x1, 0x9effffff00000000, 0x0, {0x20000000004, 0xe00000000000000}}, 0x14}}, 0x0) 03:43:42 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 03:43:42 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e00080e0100020423dcffdf00", 0x1f) 03:43:42 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}) 03:43:42 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x6000, 0x0, 0x0, 0x0) 03:43:42 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000004019001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:42 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070002001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:42 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x6800, 0x0, 0x0, 0x0) [ 1222.222934][T23378] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1222.232953][T23380] netlink: 11 bytes leftover after parsing attributes in process `syz-executor.2'. 03:43:42 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}) [ 1222.291606][T23389] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 03:43:42 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e00080f0100020423dcffdf00", 0x1f) 03:43:42 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 03:43:43 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x6c00, 0x0, 0x0, 0x0) [ 1222.482841][T23409] netlink: 11 bytes leftover after parsing attributes in process `syz-executor.2'. 03:43:43 executing program 0: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000080)=ANY=[@ANYBLOB="07009edc"]) 03:43:43 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070003001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:43 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x7400, 0x0, 0x0, 0x0) 03:43:43 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd}) 03:43:43 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008100100020423dcffdf00", 0x1f) 03:43:43 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 03:43:43 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x7a00, 0x0, 0x0, 0x0) [ 1222.632845][T23422] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 03:43:43 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070004001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:43 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}) 03:43:43 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008110100020423dcffdf00", 0x1f) 03:43:43 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xc403, 0x0, 0x0, 0x0) 03:43:43 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0) 03:43:43 executing program 0: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000080)=ANY=[@ANYBLOB="07009edc"]) 03:43:43 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xc903, 0x0, 0x0, 0x0) 03:43:43 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070005001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:43 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}) 03:43:43 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008120100020423dcffdf00", 0x1f) 03:43:43 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0) 03:43:43 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xe803, 0x0, 0x0, 0x0) 03:43:43 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070006001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:43 executing program 0: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000080)=ANY=[@ANYBLOB="07009edc"]) 03:43:43 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008250100020423dcffdf00", 0x1f) 03:43:43 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xedc0, 0x0, 0x0, 0x0) 03:43:43 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}) 03:43:43 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070007001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:43 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070008001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:43 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0) 03:43:43 executing program 0: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000080)=ANY=[@ANYBLOB="07009edc"]) 03:43:43 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xf803, 0x0, 0x0, 0x0) 03:43:43 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12}) 03:43:43 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008480100020423dcffdf00", 0x1f) 03:43:43 executing program 0: ioctl$RNDADDENTROPY(0xffffffffffffffff, 0x40085203, &(0x7f0000000080)=ANY=[@ANYBLOB="07009edc"]) 03:43:43 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070009001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:44 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e00084c0100020423dcffdf00", 0x1f) 03:43:44 executing program 0: ioctl$RNDADDENTROPY(0xffffffffffffffff, 0x40085203, &(0x7f0000000080)=ANY=[@ANYBLOB="07009edc"]) 03:43:44 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, 0x0) 03:43:44 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xfc01, 0x0, 0x0, 0x0) 03:43:44 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500000045000107000a001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:44 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25}) 03:43:44 executing program 0: ioctl$RNDADDENTROPY(0xffffffffffffffff, 0x40085203, &(0x7f0000000080)=ANY=[@ANYBLOB="07009edc"]) 03:43:44 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, 0x0) 03:43:44 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500000045000107000b001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:44 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008600100020423dcffdf00", 0x1f) 03:43:44 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xfc03, 0x0, 0x0, 0x0) 03:43:44 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c}) 03:43:44 executing program 0: r0 = openat$random(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000080)=ANY=[@ANYBLOB="07009edc"]) 03:43:44 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008680100020423dcffdf00", 0x1f) 03:43:44 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, 0x0) 03:43:44 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500000045000107000c001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:44 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xff0f, 0x0, 0x0, 0x0) 03:43:44 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300}) 03:43:44 executing program 0: r0 = openat$random(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000080)=ANY=[@ANYBLOB="07009edc"]) 03:43:44 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500000045000107000d001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:44 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e00086c0100020423dcffdf00", 0x1f) 03:43:44 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0), 0x0, 0x10000}], 0x0, 0x0) 03:43:44 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x54b65, 0x0, 0x0, 0x0) 03:43:44 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500}) 03:43:44 executing program 0: r0 = openat$random(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000080)=ANY=[@ANYBLOB="07009edc"]) 03:43:44 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500000045000107000e001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:44 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x54b72, 0x0, 0x0, 0x0) 03:43:44 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0), 0x0, 0x10000}], 0x0, 0x0) 03:43:44 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008740100020423dcffdf00", 0x1f) 03:43:44 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e00087a0100020423dcffdf00", 0x1f) 03:43:44 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x554}) 03:43:44 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500000045000107000f001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:44 executing program 0: openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(0xffffffffffffffff, 0x40085203, &(0x7f0000000080)=ANY=[@ANYBLOB="07009edc"]) 03:43:44 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x54b7f, 0x0, 0x0, 0x0) 03:43:44 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070010001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:44 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600}) 03:43:45 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0), 0x0, 0x10000}], 0x0, 0x0) 03:43:45 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x54b8c, 0x0, 0x0, 0x0) 03:43:45 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070011001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:45 executing program 0: openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(0xffffffffffffffff, 0x40085203, &(0x7f0000000080)=ANY=[@ANYBLOB="07009edc"]) 03:43:45 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000300020423dcffdf00", 0x1f) 03:43:45 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700}) 03:43:45 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x54b99, 0x0, 0x0, 0x0) 03:43:45 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070012001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:45 executing program 0: openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(0xffffffffffffffff, 0x40085203, &(0x7f0000000080)=ANY=[@ANYBLOB="07009edc"]) 03:43:45 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000a00020423dcffdf00", 0x1f) 03:43:45 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2", 0x24, 0x10000}], 0x0, 0x0) 03:43:45 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x54baf, 0x0, 0x0, 0x0) 03:43:45 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x900}) 03:43:45 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008022400020423dcffdf00", 0x1f) 03:43:45 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070025001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:45 executing program 0: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, 0x0) 03:43:45 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2", 0x24, 0x10000}], 0x0, 0x0) 03:43:45 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x200000, 0x0, 0x0, 0x0) 03:43:45 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00}) 03:43:45 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008002500020423dcffdf00", 0x1f) 03:43:45 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070048001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:45 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x800000, 0x0, 0x0, 0x0) 03:43:45 executing program 0: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, 0x0) 03:43:45 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00}) 03:43:45 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008003f00020423dcffdf00", 0x1f) 03:43:45 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2", 0x24, 0x10000}], 0x0, 0x0) 03:43:45 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x989680, 0x0, 0x0, 0x0) 03:43:45 executing program 0: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, 0x0) 03:43:45 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500000045000107004c001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:45 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008004000020423dcffdf00", 0x1f) 03:43:45 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0x0, 0x0) 03:43:45 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc00}) 03:43:45 executing program 0: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000080)=ANY=[]) 03:43:45 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1000000, 0x0, 0x0, 0x0) 03:43:45 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070060001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:46 executing program 0: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000080)=ANY=[]) 03:43:46 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd00}) 03:43:46 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008006400020423dcffdf00", 0x1f) 03:43:46 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0x0, 0x0) 03:43:46 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2000000, 0x0, 0x0, 0x0) 03:43:46 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000200020423dcffdf00", 0x1f) 03:43:46 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070068001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:46 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2040000, 0x0, 0x0, 0x0) 03:43:46 executing program 0: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000080)=ANY=[]) 03:43:46 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe00}) 03:43:46 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0x0, 0x0) 03:43:46 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x3000000, 0x0, 0x0, 0x0) 03:43:46 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000300020423dcffdf00", 0x1f) 03:43:46 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500000045000107006c001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:46 executing program 0: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000080)=ANY=[@ANYBLOB]) 03:43:46 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000a00020423dcffdf00", 0x1f) 03:43:46 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1100}) 03:43:46 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000", 0x3f, 0x10000}], 0x0, 0x0) 03:43:46 executing program 0: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000080)=ANY=[@ANYBLOB]) 03:43:46 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x4000000, 0x0, 0x0, 0x0) 03:43:46 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070074001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:46 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000", 0x3f, 0x10000}], 0x0, 0x0) 03:43:46 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008002500020423dcffdf00", 0x1f) 03:43:46 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x5000000, 0x0, 0x0, 0x0) 03:43:46 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1200}) 03:43:46 executing program 0: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000080)=ANY=[@ANYBLOB]) 03:43:46 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500000045000107007a001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:46 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x6000000, 0x0, 0x0, 0x0) 03:43:46 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008006400020423dcffdf00", 0x1f) 03:43:46 executing program 0: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000080)=ANY=[@ANYBLOB='\a\x00']) 03:43:46 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1254}) 03:43:46 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000", 0x3f, 0x10000}], 0x0, 0x0) 03:43:46 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000031419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:46 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x6040000, 0x0, 0x0, 0x0) 03:43:46 executing program 0: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000080)=ANY=[@ANYBLOB='\a\x00']) 03:43:46 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008002402020423dcffdf00", 0x1f) 03:43:47 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x7000000, 0x0, 0x0, 0x0) 03:43:47 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f424852", 0x44, 0x10000}], 0x0, 0x0) 03:43:47 executing program 0: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000080)=ANY=[@ANYBLOB='\a\x00']) 03:43:47 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000102020423dcffdf00", 0x1f) 03:43:47 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000051419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:47 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2500}) 03:43:47 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x8000000, 0x0, 0x0, 0x0) 03:43:47 executing program 0: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000080)=ANY=[@ANYBLOB="07009e"]) 03:43:47 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}) 03:43:47 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000061419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:47 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000103020423dcffdf00", 0x1f) [ 1226.576660][T23928] __nla_validate_parse: 48 callbacks suppressed [ 1226.576666][T23928] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1226.598110][T23930] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:43:47 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x9000000, 0x0, 0x0, 0x0) 03:43:47 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f424852", 0x44, 0x10000}], 0x0, 0x0) 03:43:47 executing program 0: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000080)=ANY=[@ANYBLOB="07009e"]) 03:43:47 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5405}) [ 1226.729724][T23944] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1226.751052][T23946] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 03:43:47 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000071419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:47 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xa000000, 0x0, 0x0, 0x0) 03:43:47 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000104020423dcffdf00", 0x1f) 03:43:47 executing program 0: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000080)=ANY=[@ANYBLOB="07009e"]) [ 1226.893503][T23965] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 03:43:47 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f424852", 0x44, 0x10000}], 0x0, 0x0) 03:43:47 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000091419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:47 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5412}) 03:43:47 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xb000000, 0x0, 0x0, 0x0) 03:43:47 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) recvmsg(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000680), 0x1000000000000169}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r1, 0x0, 0xccf3, 0x0, 0x0, 0x800e0053d) shutdown(r0, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = socket$inet_udplite(0x2, 0x2, 0x88) readv(r2, &(0x7f0000001800)=[{&(0x7f0000000000)=""/18, 0x12}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9) recvfrom$inet(r3, 0x0, 0xa1a2, 0x0, 0x0, 0x800e00545) shutdown(r2, 0x0) r4 = socket$inet6_sctp(0x1c, 0x800000000000005, 0x84) recvmsg(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000c40)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4}, 0x0) shutdown(r3, 0x0) shutdown(r1, 0x0) 03:43:47 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010700000a1419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1227.042623][T23983] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1227.072708][T23986] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:43:47 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000105020423dcffdf00", 0x1f) 03:43:47 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c00}) 03:43:47 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f4248526653", 0x46, 0x10000}], 0x0, 0x0) [ 1227.171890][T24001] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 03:43:47 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xb030000, 0x0, 0x0, 0x0) [ 1227.216433][T24003] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:43:47 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010700000b1419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:47 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}) 03:43:47 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000106020423dcffdf00", 0x1f) 03:43:47 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f4248526653", 0x46, 0x10000}], 0x0, 0x0) 03:43:48 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xc000000, 0x0, 0x0, 0x0) [ 1227.364167][T24022] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 03:43:48 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000107020423dcffdf00", 0x1f) 03:43:48 executing program 0: r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) kcmp(r1, r2, 0x2, 0xffffffffffffffff, 0xffffffffffffffff) creat(0x0, 0x0) 03:43:48 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f4248526653", 0x46, 0x10000}], 0x0, 0x0) 03:43:48 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}) 03:43:48 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xd000000, 0x0, 0x0, 0x0) 03:43:48 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010700000c1419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:48 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000108020423dcffdf00", 0x1f) 03:43:48 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000}) 03:43:48 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xe000000, 0x0, 0x0, 0x0) 03:43:48 executing program 0: lremovexattr(0x0, 0x0) inotify_init1(0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x50000}]}) r0 = socket$nl_route(0x10, 0x3, 0x0) getpeername$netlink(r0, 0x0, 0x0) syz_open_procfs(0x0, 0x0) 03:43:48 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010700000d1419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:48 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x10000000, 0x0, 0x0, 0x0) 03:43:48 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 03:43:48 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010700000e1419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:48 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000109020423dcffdf00", 0x1f) 03:43:48 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}) 03:43:48 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 03:43:48 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010700000f1419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:48 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x11000000, 0x0, 0x0, 0x0) 03:43:48 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e000800010a020423dcffdf00", 0x1f) 03:43:48 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x12000000, 0x0, 0x0, 0x0) 03:43:48 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x50000}]}) r0 = syz_open_pts(0xffffffffffffff9c, 0x0) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) 03:43:48 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000}) 03:43:48 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000111419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:48 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e000800010b020423dcffdf00", 0x1f) 03:43:48 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x20000000, 0x0, 0x0, 0x0) 03:43:48 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 03:43:48 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000121419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:48 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x20100000, 0x0, 0x0, 0x0) 03:43:48 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e000800010c020423dcffdf00", 0x1f) 03:43:48 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0x0, 0x0) 03:43:48 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000000}) 03:43:49 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x24020000, 0x0, 0x0, 0x0) 03:43:49 executing program 0: 03:43:49 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010700251a1419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:49 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000}) 03:43:49 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e000800010d020423dcffdf00", 0x1f) 03:43:49 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0x0, 0x0) 03:43:49 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x25000000, 0x0, 0x0, 0x0) 03:43:49 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010700001f1419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:49 executing program 0: 03:43:49 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48}], 0x0, 0x0) 03:43:49 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e000800010e020423dcffdf00", 0x1f) 03:43:49 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}) 03:43:49 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x38030000, 0x0, 0x0, 0x0) 03:43:49 executing program 0: 03:43:49 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000201419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:49 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x3f000000, 0x0, 0x0, 0x0) 03:43:49 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e000800010f020423dcffdf00", 0x1f) 03:43:49 executing program 3: 03:43:49 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9000000}) 03:43:49 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x40000000, 0x0, 0x0, 0x0) 03:43:49 executing program 0: 03:43:49 executing program 3: 03:43:49 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000110020423dcffdf00", 0x1f) 03:43:49 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000251419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:49 executing program 3: 03:43:49 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000}) 03:43:49 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x48000000, 0x0, 0x0, 0x0) 03:43:49 executing program 0: 03:43:49 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500000045000107001a251419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:49 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000111020423dcffdf00", 0x1f) 03:43:49 executing program 3: 03:43:49 executing program 0: 03:43:49 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000112020423dcffdf00", 0x1f) 03:43:49 executing program 3: 03:43:50 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb000000}) 03:43:50 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x4c000000, 0x0, 0x0, 0x0) 03:43:50 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000125020423dcffdf00", 0x1f) 03:43:50 executing program 0: 03:43:50 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010700003f1419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:50 executing program 3: 03:43:50 executing program 0: 03:43:50 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x4e030000, 0x0, 0x0, 0x0) 03:43:50 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000148020423dcffdf00", 0x1f) 03:43:50 executing program 3: 03:43:50 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc000000}) 03:43:50 executing program 0: 03:43:50 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000401419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:50 executing program 3: 03:43:50 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x4f030000, 0x0, 0x0, 0x0) 03:43:50 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e000800014c020423dcffdf00", 0x1f) 03:43:50 executing program 3: 03:43:50 executing program 0: 03:43:50 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070088471419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:50 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000160020423dcffdf00", 0x1f) 03:43:50 executing program 3: 03:43:50 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd000000}) 03:43:50 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x5c000000, 0x0, 0x0, 0x0) 03:43:50 executing program 0: 03:43:50 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x60000000, 0x0, 0x0, 0x0) 03:43:50 executing program 0: 03:43:50 executing program 3: 03:43:50 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000168020423dcffdf00", 0x1f) 03:43:50 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000481419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:50 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe000000}) 03:43:50 executing program 3: 03:43:50 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x654b0500, 0x0, 0x0, 0x0) 03:43:50 executing program 0: 03:43:50 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e000800016c020423dcffdf00", 0x1f) 03:43:50 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}) 03:43:50 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070088481419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:50 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x68000000, 0x0, 0x0, 0x0) 03:43:50 executing program 3: 03:43:50 executing program 0: 03:43:51 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000174020423dcffdf00", 0x1f) 03:43:51 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x6c000000, 0x0, 0x0, 0x0) 03:43:51 executing program 3: 03:43:51 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010700004c1419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:51 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11000000}) 03:43:51 executing program 0: 03:43:51 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e000800017a020423dcffdf00", 0x1f) 03:43:51 executing program 3: 03:43:51 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x724b0500, 0x0, 0x0, 0x0) 03:43:51 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070065581419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:51 executing program 0: 03:43:51 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x74000000, 0x0, 0x0, 0x0) 03:43:51 executing program 3: 03:43:51 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100050423dcffdf00", 0x1f) 03:43:51 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12000000}) 03:43:51 executing program 3: 03:43:51 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000601419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:51 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x7a000000, 0x0, 0x0, 0x0) 03:43:51 executing program 0: 03:43:51 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100400423dcffdf00", 0x1f) 03:43:51 executing program 3: 03:43:51 executing program 0: 03:43:51 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070058651419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:51 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x7f4b0500, 0x0, 0x0, 0x0) 03:43:51 executing program 3: 03:43:51 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12540000}) 03:43:51 executing program 0: 03:43:51 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100050423dcffdf00", 0x1f) 03:43:51 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000681419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:51 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x80969800, 0x0, 0x0, 0x0) 03:43:51 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25000000}) 03:43:51 executing program 0: 03:43:51 executing program 3: 03:43:51 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020223dcffdf00", 0x1f) 03:43:51 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010700006c1419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:51 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x8c4b0500, 0x0, 0x0, 0x0) 03:43:51 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:43:51 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x339) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:43:51 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x8cffffff, 0x0, 0x0, 0x0) 03:43:52 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000}) 03:43:52 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020323dcffdf00", 0x1f) 03:43:52 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000741419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:52 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020523dcffdf00", 0x1f) 03:43:52 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x54050000}) 03:43:52 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x994b0500, 0x0, 0x0, 0x0) 03:43:52 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020623dcffdf00", 0x1f) 03:43:52 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010700007a1419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:52 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xaf4b0500, 0x0, 0x0, 0x0) [ 1231.684252][T24519] __nla_validate_parse: 50 callbacks suppressed [ 1231.684259][T24519] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1231.791525][T24521] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 03:43:52 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:43:52 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020723dcffdf00", 0x1f) 03:43:52 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c000000}) 03:43:52 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xc0ed0000, 0x0, 0x0, 0x0) 03:43:52 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000811419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:52 executing program 0: perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x24, &(0x7f00000000c0), 0x4) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0) r2 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0) mkdir(0x0, 0x0) r3 = socket$kcm(0xa, 0x922000000003, 0x11) setsockopt$sock_attach_bpf(r3, 0x29, 0x24, &(0x7f00000000c0), 0x4) sendmsg$kcm(r3, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000003800)=[{&(0x7f00000018c0)="f4001100002b2c25e994efd18498d66205baa68754a3000000000200000000000000000004ffffff8400000000000000c00195c1e2d4f32ebdbed8280238dd308252644135333a847bbaeb4e91", 0x4d}], 0x1}, 0x0) bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x24000001) openat$cgroup_int(r1, &(0x7f00000003c0)='cpuset.sched_load_balance\x00', 0x2, 0x0) getsockopt$EBT_SO_GET_INIT_INFO(r2, 0x0, 0x82, &(0x7f0000000300)={'nat\x00'}, &(0x7f0000000380)=0x50) 03:43:52 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xc4030000, 0x0, 0x0, 0x0) [ 1231.905070][T24540] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1231.915994][T24544] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 03:43:52 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020823dcffdf00", 0x1f) 03:43:52 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff}) 03:43:52 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070047881419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:52 executing program 0: r0 = syz_open_dev$video(&(0x7f0000000040)='/dev/video#\x00', 0x6287, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0285629, &(0x7f0000000200)={0x3, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}}) [ 1232.010047][T24556] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:43:52 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xc9030000, 0x0, 0x0, 0x0) 03:43:52 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:43:52 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020923dcffdf00", 0x1f) 03:43:52 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd}) [ 1232.128816][T24567] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 03:43:52 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800b5055e0bcfe87b0071") r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000180)=0x2c, 0x190) connect$inet(r1, &(0x7f0000000140)={0x2, 0x0, @broadcast}, 0x10) ioctl$sock_ifreq(r1, 0x8937, &(0x7f0000000100)={'veth0\x00', @ifru_settings={0x10001, 0x0, @fr=0x0}}) setsockopt$inet_int(r1, 0x0, 0x31, &(0x7f0000000080), 0x4) 03:43:52 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070048881419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:52 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xe8030000, 0x0, 0x0, 0x0) [ 1232.210262][T24580] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:43:52 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000}) 03:43:52 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020a23dcffdf00", 0x1f) [ 1232.324322][T24592] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 03:43:52 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xebffffff, 0x0, 0x0, 0x0) 03:43:53 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:43:53 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff072500000045000107000a001419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1232.399966][T24601] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:43:53 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000021419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:53 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xf6ffffff, 0x0, 0x0, 0x0) 03:43:53 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}) 03:43:53 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020b23dcffdf00", 0x1f) [ 1232.530237][T24615] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.0'. 03:43:53 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020c23dcffdf00", 0x1f) 03:43:53 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) dup2(r1, r2) 03:43:53 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000031419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:53 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}) 03:43:53 executing program 0: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:53 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xf8030000, 0x0, 0x0, 0x0) 03:43:53 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xf9fdffff, 0x0, 0x0, 0x0) 03:43:53 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020d23dcffdf00", 0x1f) 03:43:53 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000041419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:53 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300000000000000}) 03:43:53 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xfc010000, 0x0, 0x0, 0x0) 03:43:53 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) dup2(r1, r2) 03:43:53 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x339) r2 = syz_open_dev$sndpcmc(&(0x7f0000000100)='/dev/snd/pcmC#D#c\x00', 0xfff, 0x20000) ioctl$BLKRESETZONE(r2, 0x40101283, &(0x7f0000000080)={0x9, 0x3}) dup2(r0, r1) 03:43:53 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xfc030000, 0x0, 0x0, 0x0) 03:43:53 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020e23dcffdf00", 0x1f) 03:43:53 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000051419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:53 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) dup2(r1, r2) 03:43:53 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000}) 03:43:53 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xff0f0000, 0x0, 0x0, 0x0) 03:43:53 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000061419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:53 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100021023dcffdf00", 0x1f) 03:43:53 executing program 0 (fault-call:2 fault-nth:0): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:53 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xfffffdf9, 0x0, 0x0, 0x0) 03:43:53 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500000000000000}) 03:43:53 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000071419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:53 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100021123dcffdf00", 0x1f) [ 1233.233149][T24701] FAULT_INJECTION: forcing a failure. [ 1233.233149][T24701] name failslab, interval 1, probability 0, space 0, times 0 [ 1233.282542][T24701] CPU: 0 PID: 24701 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1233.290465][T24701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1233.300506][T24701] Call Trace: [ 1233.303788][T24701] dump_stack+0x1d8/0x2f8 [ 1233.308121][T24701] should_fail+0x608/0x860 [ 1233.312543][T24701] ? setup_fault_attr+0x2b0/0x2b0 [ 1233.317574][T24701] __should_failslab+0x11a/0x160 [ 1233.322520][T24701] ? __se_sys_memfd_create+0x153/0x560 [ 1233.327961][T24701] should_failslab+0x9/0x20 [ 1233.327970][T24701] __kmalloc+0x7a/0x310 [ 1233.327980][T24701] ? strnlen_user+0x1e0/0x260 [ 1233.327992][T24701] __se_sys_memfd_create+0x153/0x560 [ 1233.328003][T24701] ? __x64_sys_memfd_create+0x70/0x70 [ 1233.328013][T24701] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 1233.328024][T24701] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1233.328034][T24701] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1233.328046][T24701] ? do_syscall_64+0x1d/0x140 [ 1233.373419][T24701] __x64_sys_memfd_create+0x5b/0x70 [ 1233.378624][T24701] do_syscall_64+0xfe/0x140 [ 1233.383129][T24701] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1233.389021][T24701] RIP: 0033:0x459519 [ 1233.392914][T24701] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1233.412513][T24701] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1233.420918][T24701] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000459519 03:43:54 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000081419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:54 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) [ 1233.428883][T24701] RDX: 0000000020000228 RSI: 0000000000000000 RDI: 00000000004be40c [ 1233.436847][T24701] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 1233.444809][T24701] R10: 0000000000010000 R11: 0000000000000246 R12: 00007f8a799b46d4 [ 1233.452774][T24701] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:43:54 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600000000000000}) 03:43:54 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:43:54 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100021223dcffdf00", 0x1f) 03:43:54 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xffffff7f, 0x0, 0x0, 0x0) 03:43:54 executing program 0 (fault-call:2 fault-nth:1): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:54 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700000000000000}) 03:43:54 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000091419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1233.685818][T24740] FAULT_INJECTION: forcing a failure. [ 1233.685818][T24740] name failslab, interval 1, probability 0, space 0, times 0 [ 1233.703060][T24740] CPU: 0 PID: 24740 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1233.711065][T24740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1233.721118][T24740] Call Trace: [ 1233.724425][T24740] dump_stack+0x1d8/0x2f8 [ 1233.728765][T24740] should_fail+0x608/0x860 03:43:54 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020414dcffdf00", 0x1f) 03:43:54 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xffffff8c, 0x0, 0x0, 0x0) [ 1233.733182][T24740] ? setup_fault_attr+0x2b0/0x2b0 [ 1233.733208][T24740] __should_failslab+0x11a/0x160 [ 1233.733223][T24740] ? shmem_alloc_inode+0x1b/0x40 [ 1233.743152][T24740] should_failslab+0x9/0x20 [ 1233.743163][T24740] kmem_cache_alloc+0x56/0x2b0 [ 1233.743173][T24740] ? kasan_check_write+0x14/0x20 [ 1233.743186][T24740] ? shmem_fallocate+0xcd0/0xcd0 [ 1233.767174][T24740] shmem_alloc_inode+0x1b/0x40 [ 1233.771941][T24740] ? shmem_fallocate+0xcd0/0xcd0 [ 1233.776871][T24740] new_inode_pseudo+0x68/0x240 [ 1233.776881][T24740] new_inode+0x28/0x1c0 03:43:54 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf02", 0x1f) [ 1233.776893][T24740] ? kasan_check_read+0x11/0x20 [ 1233.776908][T24740] shmem_get_inode+0x11b/0x700 [ 1233.776918][T24740] ? __alloc_fd+0x523/0x5d0 [ 1233.776928][T24740] __shmem_file_setup+0x129/0x280 [ 1233.776940][T24740] shmem_file_setup+0x2f/0x40 [ 1233.776952][T24740] __se_sys_memfd_create+0x32f/0x560 [ 1233.776963][T24740] ? __x64_sys_memfd_create+0x70/0x70 [ 1233.776972][T24740] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 1233.776984][T24740] ? trace_hardirqs_on_thunk+0x1a/0x1c 03:43:54 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010700000a1419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1233.776997][T24740] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1233.837010][T24740] ? do_syscall_64+0x1d/0x140 [ 1233.841701][T24740] __x64_sys_memfd_create+0x5b/0x70 [ 1233.846906][T24740] do_syscall_64+0xfe/0x140 [ 1233.851399][T24740] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1233.857278][T24740] RIP: 0033:0x459519 [ 1233.857287][T24740] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:43:54 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xffffffeb, 0x0, 0x0, 0x0) [ 1233.857292][T24740] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1233.857301][T24740] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000459519 [ 1233.857306][T24740] RDX: 0000000020000228 RSI: 0000000000000000 RDI: 00000000004be40c [ 1233.857311][T24740] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 1233.857317][T24740] R10: 0000000000010000 R11: 0000000000000246 R12: 00007f8a799b46d4 [ 1233.857322][T24740] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:43:54 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000000}) 03:43:54 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:43:54 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf03", 0x1f) 03:43:54 executing program 0 (fault-call:2 fault-nth:2): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 1234.031414][T24772] FAULT_INJECTION: forcing a failure. [ 1234.031414][T24772] name failslab, interval 1, probability 0, space 0, times 0 03:43:54 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010700000b1419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:54 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xfffffff6, 0x0, 0x0, 0x0) 03:43:54 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x900000000000000}) [ 1234.195774][T24772] CPU: 1 PID: 24772 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1234.203706][T24772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1234.213766][T24772] Call Trace: [ 1234.217067][T24772] dump_stack+0x1d8/0x2f8 [ 1234.221483][T24772] should_fail+0x608/0x860 [ 1234.225912][T24772] ? setup_fault_attr+0x2b0/0x2b0 [ 1234.230952][T24772] __should_failslab+0x11a/0x160 [ 1234.235900][T24772] ? security_inode_alloc+0x36/0x1e0 [ 1234.241305][T24772] should_failslab+0x9/0x20 [ 1234.245805][T24772] kmem_cache_alloc+0x56/0x2b0 [ 1234.250595][T24772] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1234.256315][T24772] security_inode_alloc+0x36/0x1e0 [ 1234.261445][T24772] inode_init_always+0x3b5/0x8d0 [ 1234.266402][T24772] ? shmem_fallocate+0xcd0/0xcd0 [ 1234.271347][T24772] new_inode_pseudo+0x7f/0x240 [ 1234.276116][T24772] new_inode+0x28/0x1c0 [ 1234.280270][T24772] ? kasan_check_read+0x11/0x20 [ 1234.285129][T24772] shmem_get_inode+0x11b/0x700 [ 1234.289899][T24772] ? __alloc_fd+0x523/0x5d0 [ 1234.294493][T24772] __shmem_file_setup+0x129/0x280 [ 1234.299518][T24772] shmem_file_setup+0x2f/0x40 [ 1234.304314][T24772] __se_sys_memfd_create+0x32f/0x560 [ 1234.309605][T24772] ? __x64_sys_memfd_create+0x70/0x70 [ 1234.314982][T24772] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 1234.320629][T24772] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1234.326091][T24772] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1234.331808][T24772] ? do_syscall_64+0x1d/0x140 [ 1234.336510][T24772] __x64_sys_memfd_create+0x5b/0x70 [ 1234.336520][T24772] do_syscall_64+0xfe/0x140 [ 1234.336536][T24772] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1234.336545][T24772] RIP: 0033:0x459519 [ 1234.336554][T24772] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1234.336559][T24772] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1234.383991][T24772] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000459519 03:43:54 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:43:54 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:43:54 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:43:55 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, 0xffffffffffffffff) 03:43:55 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf04", 0x1f) 03:43:55 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010700000c1419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:55 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xc61d8c7a7f, 0x0, 0x0, 0x0) 03:43:55 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf05", 0x1f) [ 1234.391966][T24772] RDX: 0000000020000228 RSI: 0000000000000000 RDI: 00000000004be40c [ 1234.400045][T24772] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 1234.408014][T24772] R10: 0000000000010000 R11: 0000000000000246 R12: 00007f8a799b46d4 [ 1234.415977][T24772] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:43:55 executing program 0 (fault-call:2 fault-nth:3): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:55 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00000000000000}) 03:43:55 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010700000d1419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:55 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x200000000000, 0x0, 0x0, 0x0) 03:43:55 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, 0xffffffffffffffff) 03:43:55 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf06", 0x1f) 03:43:55 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xedc000000000, 0x0, 0x0, 0x0) 03:43:55 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00000000000000}) 03:43:55 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010700000e1419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1234.729976][T24832] FAULT_INJECTION: forcing a failure. [ 1234.729976][T24832] name failslab, interval 1, probability 0, space 0, times 0 03:43:55 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf07", 0x1f) 03:43:55 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, 0xffffffffffffffff) 03:43:55 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1000000000000, 0x0, 0x0, 0x0) [ 1234.939886][T24832] CPU: 0 PID: 24832 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1234.947807][T24832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1234.957846][T24832] Call Trace: [ 1234.957865][T24832] dump_stack+0x1d8/0x2f8 [ 1234.957882][T24832] should_fail+0x608/0x860 [ 1234.957894][T24832] ? setup_fault_attr+0x2b0/0x2b0 [ 1234.957911][T24832] __should_failslab+0x11a/0x160 [ 1234.957923][T24832] ? __d_alloc+0x2d/0x6e0 [ 1234.984151][T24832] should_failslab+0x9/0x20 [ 1234.984162][T24832] kmem_cache_alloc+0x56/0x2b0 [ 1234.984176][T24832] __d_alloc+0x2d/0x6e0 [ 1234.984189][T24832] ? ktime_get_coarse_real_ts64+0xaf/0xc0 [ 1234.984200][T24832] d_alloc_pseudo+0x1d/0x70 [ 1234.993424][T24832] alloc_file_pseudo+0x128/0x310 [ 1235.012654][T24832] ? lockdep_init_map+0x2a/0x680 [ 1235.017590][T24832] ? alloc_empty_file_noaccount+0x80/0x80 [ 1235.023306][T24832] ? lockdep_annotate_inode_mutex_key+0xc2/0x130 [ 1235.029634][T24832] ? kasan_check_write+0x14/0x20 [ 1235.034567][T24832] ? clear_nlink+0x87/0xe0 [ 1235.038985][T24832] __shmem_file_setup+0x1a2/0x280 [ 1235.044013][T24832] shmem_file_setup+0x2f/0x40 [ 1235.048677][T24832] __se_sys_memfd_create+0x32f/0x560 [ 1235.053953][T24832] ? __x64_sys_memfd_create+0x70/0x70 [ 1235.059296][T24832] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 1235.064899][T24832] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1235.070331][T24832] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1235.076021][T24832] ? do_syscall_64+0x1d/0x140 [ 1235.080670][T24832] __x64_sys_memfd_create+0x5b/0x70 [ 1235.085841][T24832] do_syscall_64+0xfe/0x140 [ 1235.090326][T24832] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1235.096191][T24832] RIP: 0033:0x459519 [ 1235.100074][T24832] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1235.119652][T24832] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1235.128035][T24832] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000459519 03:43:55 executing program 0 (fault-call:2 fault-nth:4): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:55 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010700000f1419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:55 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc00000000000000}) 03:43:55 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x80000000000000, 0x0, 0x0, 0x0) 03:43:55 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf08", 0x1f) 03:43:55 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(0xffffffffffffffff, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(0xffffffffffffffff, r1) [ 1235.135978][T24832] RDX: 0000000020000228 RSI: 0000000000000000 RDI: 00000000004be40c [ 1235.143927][T24832] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 1235.151870][T24832] R10: 0000000000010000 R11: 0000000000000246 R12: 00007f8a799b46d4 [ 1235.159819][T24832] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:43:55 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000101419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:55 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf09", 0x1f) 03:43:55 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd00000000000000}) 03:43:55 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x100000000000000, 0x0, 0x0, 0x0) 03:43:55 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(0xffffffffffffffff, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(0xffffffffffffffff, r1) [ 1235.315548][T24891] FAULT_INJECTION: forcing a failure. [ 1235.315548][T24891] name failslab, interval 1, probability 0, space 0, times 0 [ 1235.370837][T24891] CPU: 1 PID: 24891 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1235.378750][T24891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1235.378760][T24891] Call Trace: [ 1235.392096][T24891] dump_stack+0x1d8/0x2f8 [ 1235.396430][T24891] should_fail+0x608/0x860 [ 1235.400855][T24891] ? setup_fault_attr+0x2b0/0x2b0 [ 1235.405889][T24891] __should_failslab+0x11a/0x160 [ 1235.410825][T24891] ? __alloc_file+0x29/0x350 [ 1235.415410][T24891] should_failslab+0x9/0x20 [ 1235.419912][T24891] kmem_cache_alloc+0x56/0x2b0 [ 1235.424669][T24891] __alloc_file+0x29/0x350 [ 1235.424678][T24891] ? alloc_empty_file+0x4c/0x1b0 [ 1235.424688][T24891] alloc_empty_file+0xac/0x1b0 [ 1235.424700][T24891] alloc_file+0x60/0x4c0 [ 1235.443001][T24891] alloc_file_pseudo+0x25b/0x310 [ 1235.443016][T24891] ? alloc_empty_file_noaccount+0x80/0x80 [ 1235.453639][T24891] ? lockdep_annotate_inode_mutex_key+0xc2/0x130 [ 1235.459973][T24891] ? kasan_check_write+0x14/0x20 [ 1235.464903][T24891] ? clear_nlink+0x87/0xe0 03:43:56 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x200000000000000, 0x0, 0x0, 0x0) [ 1235.464917][T24891] __shmem_file_setup+0x1a2/0x280 [ 1235.464930][T24891] shmem_file_setup+0x2f/0x40 [ 1235.464940][T24891] __se_sys_memfd_create+0x32f/0x560 [ 1235.464953][T24891] ? __x64_sys_memfd_create+0x70/0x70 [ 1235.474357][T24891] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 1235.474370][T24891] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1235.474381][T24891] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1235.474390][T24891] ? do_syscall_64+0x1d/0x140 [ 1235.474404][T24891] __x64_sys_memfd_create+0x5b/0x70 [ 1235.484326][T24891] do_syscall_64+0xfe/0x140 [ 1235.484343][T24891] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1235.484353][T24891] RIP: 0033:0x459519 [ 1235.484365][T24891] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1235.495308][T24891] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1235.495318][T24891] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000459519 [ 1235.495324][T24891] RDX: 0000000020000228 RSI: 0000000000000000 RDI: 00000000004be40c [ 1235.495329][T24891] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 1235.495334][T24891] R10: 0000000000010000 R11: 0000000000000246 R12: 00007f8a799b46d4 [ 1235.495340][T24891] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:43:56 executing program 0 (fault-call:2 fault-nth:5): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:56 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000111419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:56 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe00000000000000}) 03:43:56 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf0a", 0x1f) 03:43:56 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x204000000000000, 0x0, 0x0, 0x0) 03:43:56 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(0xffffffffffffffff, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(0xffffffffffffffff, r1) 03:43:56 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000121419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:56 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf0b", 0x1f) [ 1235.717992][T24924] FAULT_INJECTION: forcing a failure. [ 1235.717992][T24924] name failslab, interval 1, probability 0, space 0, times 0 [ 1235.762292][T24924] CPU: 1 PID: 24924 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1235.770212][T24924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1235.780262][T24924] Call Trace: [ 1235.780285][T24924] dump_stack+0x1d8/0x2f8 [ 1235.780299][T24924] should_fail+0x608/0x860 [ 1235.780313][T24924] ? setup_fault_attr+0x2b0/0x2b0 [ 1235.797336][T24924] __should_failslab+0x11a/0x160 [ 1235.802286][T24924] ? security_file_alloc+0x36/0x200 [ 1235.807482][T24924] should_failslab+0x9/0x20 [ 1235.807493][T24924] kmem_cache_alloc+0x56/0x2b0 [ 1235.807508][T24924] security_file_alloc+0x36/0x200 [ 1235.807521][T24924] __alloc_file+0xb1/0x350 [ 1235.807534][T24924] alloc_empty_file+0xac/0x1b0 [ 1235.816759][T24924] alloc_file+0x60/0x4c0 [ 1235.816771][T24924] alloc_file_pseudo+0x25b/0x310 [ 1235.816784][T24924] ? alloc_empty_file_noaccount+0x80/0x80 [ 1235.816794][T24924] ? lockdep_annotate_inode_mutex_key+0xc2/0x130 [ 1235.816808][T24924] ? kasan_check_write+0x14/0x20 [ 1235.826193][T24924] ? clear_nlink+0x87/0xe0 [ 1235.826206][T24924] __shmem_file_setup+0x1a2/0x280 [ 1235.826219][T24924] shmem_file_setup+0x2f/0x40 [ 1235.835188][T24924] __se_sys_memfd_create+0x32f/0x560 [ 1235.835200][T24924] ? __x64_sys_memfd_create+0x70/0x70 [ 1235.835210][T24924] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 1235.835223][T24924] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1235.835232][T24924] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1235.835245][T24924] ? do_syscall_64+0x1d/0x140 [ 1235.845856][T24924] __x64_sys_memfd_create+0x5b/0x70 [ 1235.845869][T24924] do_syscall_64+0xfe/0x140 [ 1235.845886][T24924] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1235.845895][T24924] RIP: 0033:0x459519 [ 1235.845907][T24924] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1235.857116][T24924] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1235.857127][T24924] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000459519 03:43:56 executing program 0 (fault-call:2 fault-nth:6): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:56 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf0c", 0x1f) 03:43:56 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}) 03:43:56 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x300000000000000, 0x0, 0x0, 0x0) [ 1235.857132][T24924] RDX: 0000000020000228 RSI: 0000000000000000 RDI: 00000000004be40c [ 1235.857138][T24924] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 1235.857143][T24924] R10: 0000000000010000 R11: 0000000000000246 R12: 00007f8a799b46d4 [ 1235.857149][T24924] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1236.016227][T24949] FAULT_INJECTION: forcing a failure. [ 1236.016227][T24949] name failslab, interval 1, probability 0, space 0, times 0 [ 1236.037801][T24949] CPU: 0 PID: 24949 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1236.045713][T24949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1236.055764][T24949] Call Trace: [ 1236.059061][T24949] dump_stack+0x1d8/0x2f8 [ 1236.063392][T24949] should_fail+0x608/0x860 [ 1236.063406][T24949] ? setup_fault_attr+0x2b0/0x2b0 [ 1236.063423][T24949] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 1236.072839][T24949] __should_failslab+0x11a/0x160 [ 1236.072853][T24949] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 1236.072869][T24949] should_failslab+0x9/0x20 [ 1236.083473][T24949] __kmalloc+0x7a/0x310 [ 1236.083485][T24949] ? tomoyo_realpath_from_path+0xca/0x7c0 [ 1236.083497][T24949] tomoyo_realpath_from_path+0xdc/0x7c0 [ 1236.083513][T24949] tomoyo_path_perm+0x218/0x8b0 [ 1236.093684][T24949] ? tomoyo_check_open_permission+0x9e0/0x9e0 [ 1236.093701][T24949] ? trace_lock_acquire+0x190/0x190 [ 1236.093736][T24949] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1236.103547][T24949] tomoyo_path_truncate+0x1c/0x20 [ 1236.103561][T24949] security_path_truncate+0xd5/0x150 [ 1236.103573][T24949] do_sys_ftruncate+0x3b1/0x6b0 [ 1236.103587][T24949] ? __x32_compat_sys_truncate+0x1b0/0x1b0 [ 1236.119997][T24949] ? debug_smp_processor_id+0x1c/0x20 [ 1236.120009][T24949] ? fpregs_assert_state_consistent+0xaa/0xe0 03:43:56 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1100000000000000}) 03:43:56 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf0d", 0x1f) 03:43:56 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x400000000000000, 0x0, 0x0, 0x0) 03:43:56 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000251419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1236.120029][T24949] ? prepare_exit_to_usermode+0x1e1/0x4f0 [ 1236.135916][T24949] ? __x64_sys_memfd_create+0x70/0x70 [ 1236.135928][T24949] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 1236.135942][T24949] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1236.135954][T24949] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1236.135964][T24949] ? do_syscall_64+0x1d/0x140 [ 1236.135975][T24949] __x64_sys_ftruncate+0x60/0x70 [ 1236.135987][T24949] do_syscall_64+0xfe/0x140 [ 1236.151862][T24949] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1236.151873][T24949] RIP: 0033:0x4594e7 [ 1236.151883][T24949] Code: 24 29 d7 48 69 ff e8 03 00 00 48 89 7c 24 08 48 89 e7 e8 dc e4 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 b8 4d 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1236.151892][T24949] RSP: 002b:00007f8a79992a88 EFLAGS: 00000217 ORIG_RAX: 000000000000004d [ 1236.163314][T24949] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004594e7 [ 1236.163320][T24949] RDX: 0000000020000228 RSI: 0000000000020000 RDI: 0000000000000005 [ 1236.163326][T24949] RBP: 000000000075bfc8 R08: fe03f80fe03f80ff R09: 00000000fbad8001 03:43:56 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf0e", 0x1f) [ 1236.163332][T24949] R10: 0000000000010000 R11: 0000000000000217 R12: 0000000000000005 [ 1236.163338][T24949] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1236.179099][T24949] ERROR: Out of memory at tomoyo_realpath_from_path. 03:43:56 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:43:56 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1200000000000000}) 03:43:56 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x500000000000000, 0x0, 0x0, 0x0) 03:43:57 executing program 0 (fault-call:2 fault-nth:7): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:57 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000481419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:57 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x600000000000000, 0x0, 0x0, 0x0) 03:43:57 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf0f", 0x1f) 03:43:57 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1254000000000000}) [ 1236.531902][T24992] FAULT_INJECTION: forcing a failure. [ 1236.531902][T24992] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1236.545139][T24992] CPU: 0 PID: 24992 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1236.545146][T24992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1236.545150][T24992] Call Trace: [ 1236.545188][T24992] dump_stack+0x1d8/0x2f8 [ 1236.545204][T24992] should_fail+0x608/0x860 [ 1236.545215][T24992] ? setup_fault_attr+0x2b0/0x2b0 03:43:57 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010700004c1419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1236.545231][T24992] ? __bfs+0x550/0x550 [ 1236.545247][T24992] should_fail_alloc_page+0x55/0x60 [ 1236.545256][T24992] prepare_alloc_pages+0x283/0x460 [ 1236.545270][T24992] __alloc_pages_nodemask+0x11c/0x790 [ 1236.545284][T24992] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1236.545298][T24992] ? __lock_acquire+0xcf7/0x1a40 [ 1236.575235][T24992] kmem_getpages+0x46/0x480 [ 1236.575248][T24992] cache_grow_begin+0x7e/0x2c0 [ 1236.614941][T24992] cache_alloc_refill+0x311/0x3f0 [ 1236.624695][T24992] ? check_preemption_disabled+0xb7/0x280 03:43:57 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x604000000000000, 0x0, 0x0, 0x0) [ 1236.630419][T24992] __kmalloc+0x2e5/0x310 [ 1236.634654][T24992] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 1236.640378][T24992] tomoyo_realpath_from_path+0xdc/0x7c0 [ 1236.645926][T24992] tomoyo_path_perm+0x218/0x8b0 [ 1236.650781][T24992] ? tomoyo_check_open_permission+0x9e0/0x9e0 [ 1236.656851][T24992] ? trace_lock_acquire+0x190/0x190 [ 1236.662084][T24992] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1236.667809][T24992] tomoyo_path_truncate+0x1c/0x20 [ 1236.672829][T24992] security_path_truncate+0xd5/0x150 03:43:57 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2500000000000000}) [ 1236.678113][T24992] do_sys_ftruncate+0x3b1/0x6b0 [ 1236.682974][T24992] ? __x32_compat_sys_truncate+0x1b0/0x1b0 [ 1236.688786][T24992] ? debug_smp_processor_id+0x1c/0x20 [ 1236.694156][T24992] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 1236.700221][T24992] ? prepare_exit_to_usermode+0x1e1/0x4f0 [ 1236.705921][T24992] ? __x64_sys_memfd_create+0x70/0x70 [ 1236.705931][T24992] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 1236.705939][T24992] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1236.705949][T24992] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1236.705959][T24992] ? do_syscall_64+0x1d/0x140 03:43:57 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000601419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1236.705969][T24992] __x64_sys_ftruncate+0x60/0x70 [ 1236.705979][T24992] do_syscall_64+0xfe/0x140 [ 1236.705994][T24992] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1236.706003][T24992] RIP: 0033:0x4594e7 [ 1236.706013][T24992] Code: 24 29 d7 48 69 ff e8 03 00 00 48 89 7c 24 08 48 89 e7 e8 dc e4 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 b8 4d 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1236.706018][T24992] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000217 ORIG_RAX: 000000000000004d [ 1236.706028][T24992] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004594e7 [ 1236.706033][T24992] RDX: 0000000020000228 RSI: 0000000000020000 RDI: 0000000000000005 [ 1236.706038][T24992] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 1236.706043][T24992] R10: 0000000000010000 R11: 0000000000000217 R12: 0000000000000005 [ 1236.706052][T24992] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1236.787395][T25011] __nla_validate_parse: 41 callbacks suppressed [ 1236.787402][T25011] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1236.840434][T25005] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:43:57 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:43:57 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf10", 0x1f) 03:43:57 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x700000000000000, 0x0, 0x0, 0x0) [ 1236.930935][T25020] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:43:57 executing program 0 (fault-call:2 fault-nth:8): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:57 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000}) 03:43:57 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000681419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:57 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf11", 0x1f) 03:43:57 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x800000000000000, 0x0, 0x0, 0x0) 03:43:57 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) [ 1237.088483][T25036] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1237.120394][T25037] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 03:43:57 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5405000000000000}) 03:43:57 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf12", 0x1f) 03:43:57 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x900000000000000, 0x0, 0x0, 0x0) [ 1237.173464][T25040] FAULT_INJECTION: forcing a failure. [ 1237.173464][T25040] name failslab, interval 1, probability 0, space 0, times 0 [ 1237.237505][T25040] CPU: 0 PID: 25040 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1237.245422][T25040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1237.245428][T25040] Call Trace: [ 1237.245447][T25040] dump_stack+0x1d8/0x2f8 [ 1237.245463][T25040] should_fail+0x608/0x860 [ 1237.245476][T25040] ? setup_fault_attr+0x2b0/0x2b0 [ 1237.245489][T25040] ? tomoyo_encode2+0x273/0x5a0 [ 1237.245508][T25040] __should_failslab+0x11a/0x160 [ 1237.245518][T25040] ? tomoyo_encode2+0x273/0x5a0 [ 1237.245533][T25040] should_failslab+0x9/0x20 [ 1237.291647][T25040] __kmalloc+0x7a/0x310 [ 1237.291667][T25040] tomoyo_encode2+0x273/0x5a0 [ 1237.291680][T25040] ? dynamic_dname+0x1a0/0x1a0 [ 1237.291693][T25040] tomoyo_realpath_from_path+0x769/0x7c0 [ 1237.310865][T25040] tomoyo_path_perm+0x218/0x8b0 [ 1237.315725][T25040] ? tomoyo_check_open_permission+0x9e0/0x9e0 [ 1237.321794][T25040] ? trace_lock_acquire+0x190/0x190 [ 1237.327028][T25040] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1237.332840][T25040] tomoyo_path_truncate+0x1c/0x20 [ 1237.337866][T25040] security_path_truncate+0xd5/0x150 [ 1237.343141][T25040] do_sys_ftruncate+0x3b1/0x6b0 [ 1237.343157][T25040] ? __x32_compat_sys_truncate+0x1b0/0x1b0 [ 1237.343172][T25040] ? debug_smp_processor_id+0x1c/0x20 [ 1237.343185][T25040] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 1237.365230][T25040] ? prepare_exit_to_usermode+0x1e1/0x4f0 [ 1237.370947][T25040] ? __x64_sys_memfd_create+0x70/0x70 [ 1237.370958][T25040] ? __x64_sys_clock_gettime+0x1c5/0x220 [ 1237.370969][T25040] ? trace_hardirqs_on_thunk+0x1a/0x1c 03:43:57 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c00000000000000}) 03:43:58 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010700006c1419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1237.370981][T25040] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1237.370991][T25040] ? do_syscall_64+0x1d/0x140 [ 1237.371007][T25040] __x64_sys_ftruncate+0x60/0x70 [ 1237.397779][T25040] do_syscall_64+0xfe/0x140 [ 1237.407199][T25040] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1237.413088][T25040] RIP: 0033:0x4594e7 [ 1237.416966][T25040] Code: 24 29 d7 48 69 ff e8 03 00 00 48 89 7c 24 08 48 89 e7 e8 dc e4 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 b8 4d 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:43:58 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xa00000000000000, 0x0, 0x0, 0x0) [ 1237.416972][T25040] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000217 ORIG_RAX: 000000000000004d [ 1237.416981][T25040] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004594e7 [ 1237.416986][T25040] RDX: 0000000020000228 RSI: 0000000000020000 RDI: 0000000000000005 [ 1237.416991][T25040] RBP: 000000000075bf20 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 1237.416997][T25040] R10: 0000000000010000 R11: 0000000000000217 R12: 0000000000000005 [ 1237.417002][T25040] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1237.437653][T25062] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1237.494844][T25065] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1237.545450][T25040] ERROR: Out of memory at tomoyo_realpath_from_path. 03:43:58 executing program 0 (fault-call:2 fault-nth:9): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:58 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xb00000000000000, 0x0, 0x0, 0x0) 03:43:58 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000741419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:58 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000}) 03:43:58 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf25", 0x1f) 03:43:58 executing program 3: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) [ 1237.697583][T25083] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1237.704498][T25085] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1237.730692][T25091] FAULT_INJECTION: forcing a failure. [ 1237.730692][T25091] name fail_page_alloc, interval 1, probability 0, space 0, times 0 03:43:58 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xb03000000000000, 0x0, 0x0, 0x0) 03:43:58 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf48", 0x1f) [ 1237.756834][T25091] CPU: 0 PID: 25091 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1237.764752][T25091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1237.774807][T25091] Call Trace: [ 1237.778098][T25091] dump_stack+0x1d8/0x2f8 [ 1237.782427][T25091] should_fail+0x608/0x860 [ 1237.786847][T25091] ? setup_fault_attr+0x2b0/0x2b0 [ 1237.791880][T25091] should_fail_alloc_page+0x55/0x60 [ 1237.797082][T25091] prepare_alloc_pages+0x283/0x460 03:43:58 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf4c", 0x1f) [ 1237.802206][T25091] __alloc_pages_nodemask+0x11c/0x790 [ 1237.807585][T25091] ? __lock_acquire+0xcf7/0x1a40 [ 1237.812521][T25091] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1237.817034][T25097] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1237.818070][T25091] ? percpu_counter_add_batch+0x169/0x190 [ 1237.818104][T25091] alloc_pages_vma+0x4f7/0xc50 [ 1237.818119][T25091] shmem_alloc_and_acct_page+0x6f0/0xd80 [ 1237.843361][T25091] ? shmem_add_to_page_cache+0x1370/0x1370 [ 1237.849187][T25091] ? rcu_lock_release+0x26/0x30 03:43:58 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf60", 0x1f) [ 1237.854041][T25091] ? find_get_entry+0x6fa/0x7d0 [ 1237.858897][T25091] ? page_cache_prev_miss+0x4a0/0x4a0 [ 1237.864276][T25091] ? arch_stack_walk+0x98/0xe0 [ 1237.869038][T25091] ? find_lock_entry+0x36/0x540 [ 1237.873892][T25091] shmem_getpage_gfp+0x2098/0x2dd0 [ 1237.878999][T25091] ? __bfs+0x550/0x550 [ 1237.883077][T25091] ? shmem_getpage+0xa0/0xa0 [ 1237.887661][T25091] ? trace_hardirqs_on+0x74/0x80 [ 1237.887675][T25091] ? iov_iter_fault_in_readable+0x2ba/0x5c0 [ 1237.887689][T25091] shmem_write_begin+0xcb/0x1b0 [ 1237.887703][T25091] generic_perform_write+0x2ac/0x550 [ 1237.887721][T25091] ? grab_cache_page_write_begin+0xa0/0xa0 [ 1237.887733][T25091] ? file_remove_privs+0x600/0x600 [ 1237.887746][T25091] ? lock_acquire+0x158/0x250 [ 1237.887765][T25091] __generic_file_write_iter+0x24b/0x520 [ 1237.887779][T25091] generic_file_write_iter+0x41d/0x5a0 [ 1237.887799][T25091] __vfs_write+0x617/0x7d0 [ 1237.887813][T25091] ? __kernel_write+0x330/0x330 [ 1237.887836][T25091] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1237.887849][T25091] ? __sb_start_write+0x199/0x360 03:43:58 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010700007a1419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:58 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000}) [ 1237.887861][T25091] vfs_write+0x227/0x510 [ 1237.887877][T25091] __x64_sys_pwrite64+0x1af/0x240 [ 1237.887890][T25091] ? prepare_exit_to_usermode+0x1e1/0x4f0 [ 1237.887900][T25091] ? ksys_pwrite64+0x1d0/0x1d0 [ 1237.887909][T25091] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1237.887918][T25091] ? do_syscall_64+0x1d/0x140 [ 1237.887936][T25091] do_syscall_64+0xfe/0x140 [ 1237.908837][T25091] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1237.908848][T25091] RIP: 0033:0x413467 [ 1237.908859][T25091] Code: 12 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 a1 18 00 00 c3 48 83 ec 08 e8 a7 f9 ff ff 48 89 04 24 49 89 ca b8 12 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 ed f9 ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 1237.908865][T25091] RSP: 002b:00007f8a799b3a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1237.908875][T25091] RAX: ffffffffffffffda RBX: 0000000020000210 RCX: 0000000000413467 [ 1237.908885][T25091] RDX: 0000000000000048 RSI: 00000000200008c0 RDI: 0000000000000005 [ 1237.930120][T25091] RBP: 0000000000000000 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 1237.930126][T25091] R10: 0000000000010000 R11: 0000000000000293 R12: 0000000000000005 [ 1237.930132][T25091] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:43:58 executing program 0 (fault-call:2 fault-nth:10): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:58 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf68", 0x1f) 03:43:58 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000}) 03:43:58 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xc00000000000000, 0x0, 0x0, 0x0) 03:43:58 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000022419001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:58 executing program 3: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) [ 1238.258399][T25134] FAULT_INJECTION: forcing a failure. [ 1238.258399][T25134] name failslab, interval 1, probability 0, space 0, times 0 [ 1238.271405][T25134] CPU: 0 PID: 25134 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1238.279309][T25134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1238.289369][T25134] Call Trace: [ 1238.292665][T25134] dump_stack+0x1d8/0x2f8 [ 1238.296997][T25134] should_fail+0x608/0x860 [ 1238.301416][T25134] ? setup_fault_attr+0x2b0/0x2b0 [ 1238.306442][T25134] ? __lock_acquire+0xcf7/0x1a40 [ 1238.311391][T25134] __should_failslab+0x11a/0x160 [ 1238.316330][T25134] ? xas_create+0x11a7/0x1920 [ 1238.321008][T25134] should_failslab+0x9/0x20 [ 1238.325505][T25134] kmem_cache_alloc+0x56/0x2b0 [ 1238.330373][T25134] ? e1000_configure+0x1250/0x4160 [ 1238.335482][T25134] xas_create+0x11a7/0x1920 [ 1238.339994][T25134] xas_create_range+0x142/0x700 [ 1238.344842][T25134] shmem_add_to_page_cache+0x96d/0x1370 [ 1238.350387][T25134] ? count_memcg_event_mm+0x2f0/0x2f0 [ 1238.355756][T25134] ? rcu_lock_release+0x26/0x30 [ 1238.360601][T25134] ? mem_cgroup_throttle_swaprate+0x373/0x4d0 [ 1238.366667][T25134] ? mem_cgroup_try_charge_delay+0x78/0xa0 [ 1238.372474][T25134] shmem_getpage_gfp+0x10a3/0x2dd0 [ 1238.377669][T25134] ? __bfs+0x550/0x550 [ 1238.381766][T25134] ? shmem_getpage+0xa0/0xa0 [ 1238.386356][T25134] ? trace_hardirqs_on+0x74/0x80 [ 1238.391289][T25134] ? iov_iter_fault_in_readable+0x2ba/0x5c0 [ 1238.397187][T25134] shmem_write_begin+0xcb/0x1b0 [ 1238.402041][T25134] generic_perform_write+0x2ac/0x550 [ 1238.407337][T25134] ? grab_cache_page_write_begin+0xa0/0xa0 [ 1238.413139][T25134] ? file_remove_privs+0x600/0x600 [ 1238.418252][T25134] ? lock_acquire+0x158/0x250 [ 1238.422927][T25134] __generic_file_write_iter+0x24b/0x520 [ 1238.428564][T25134] generic_file_write_iter+0x41d/0x5a0 [ 1238.434033][T25134] __vfs_write+0x617/0x7d0 [ 1238.438446][T25134] ? __kernel_write+0x330/0x330 [ 1238.443300][T25134] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1238.449025][T25134] ? __sb_start_write+0x199/0x360 [ 1238.454057][T25134] vfs_write+0x227/0x510 03:43:58 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xd00000000000000, 0x0, 0x0, 0x0) 03:43:58 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000004019001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:58 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xe00000000000000, 0x0, 0x0, 0x0) 03:43:58 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001403001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:58 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}) 03:43:59 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1000000000000000, 0x0, 0x0, 0x0) [ 1238.458301][T25134] __x64_sys_pwrite64+0x1af/0x240 [ 1238.463325][T25134] ? prepare_exit_to_usermode+0x1e1/0x4f0 [ 1238.469143][T25134] ? ksys_pwrite64+0x1d0/0x1d0 [ 1238.473900][T25134] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1238.479618][T25134] ? do_syscall_64+0x1d/0x140 [ 1238.484296][T25134] do_syscall_64+0xfe/0x140 [ 1238.488803][T25134] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1238.494689][T25134] RIP: 0033:0x413467 [ 1238.498586][T25134] Code: 12 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 a1 18 00 00 c3 48 83 ec 08 e8 a7 f9 ff ff 48 89 04 24 49 89 ca b8 12 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 ed f9 ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 1238.518180][T25134] RSP: 002b:00007f8a799b3a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 1238.526700][T25134] RAX: ffffffffffffffda RBX: 0000000020000210 RCX: 0000000000413467 [ 1238.534663][T25134] RDX: 0000000000000048 RSI: 00000000200008c0 RDI: 0000000000000005 [ 1238.534670][T25134] RBP: 0000000000000000 R08: fe03f80fe03f80ff R09: 00000000fbad8001 [ 1238.534676][T25134] R10: 0000000000010000 R11: 0000000000000293 R12: 0000000000000005 [ 1238.534683][T25134] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:43:59 executing program 0 (fault-call:2 fault-nth:11): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:59 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001404001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:59 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1100000000000000, 0x0, 0x0, 0x0) 03:43:59 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 03:43:59 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf6c", 0x1f) 03:43:59 executing program 3: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:43:59 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1200000000000000, 0x0, 0x0, 0x0) [ 1238.778156][T25174] FAULT_INJECTION: forcing a failure. [ 1238.778156][T25174] name failslab, interval 1, probability 0, space 0, times 0 [ 1238.791500][T25174] CPU: 0 PID: 25174 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1238.799405][T25174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1238.810918][T25174] Call Trace: [ 1238.814211][T25174] dump_stack+0x1d8/0x2f8 [ 1238.818548][T25174] should_fail+0x608/0x860 [ 1238.822961][T25174] ? setup_fault_attr+0x2b0/0x2b0 03:43:59 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419021a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1238.827975][T25174] __should_failslab+0x11a/0x160 [ 1238.827987][T25174] ? getname_flags+0xba/0x640 [ 1238.827998][T25174] should_failslab+0x9/0x20 [ 1238.828007][T25174] kmem_cache_alloc+0x56/0x2b0 [ 1238.828017][T25174] ? vfs_write+0x448/0x510 [ 1238.828029][T25174] getname_flags+0xba/0x640 [ 1238.828040][T25174] getname+0x19/0x20 [ 1238.828049][T25174] do_sys_open+0x2fc/0x620 [ 1238.828061][T25174] ? file_open_root+0x440/0x440 [ 1238.828075][T25174] ? fpregs_assert_state_consistent+0xaa/0xe0 03:43:59 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2000000000000000, 0x0, 0x0, 0x0) 03:43:59 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}) [ 1238.874934][T25174] ? prepare_exit_to_usermode+0x1e1/0x4f0 [ 1238.880664][T25174] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1238.886122][T25174] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1238.891828][T25174] ? do_syscall_64+0x1d/0x140 [ 1238.896501][T25174] __x64_sys_open+0x87/0x90 [ 1238.900995][T25174] do_syscall_64+0xfe/0x140 [ 1238.905502][T25174] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1238.911388][T25174] RIP: 0033:0x413401 [ 1238.915273][T25174] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 1238.915280][T25174] RSP: 002b:00007f8a799b3a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 1238.915289][T25174] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000413401 [ 1238.915295][T25174] RDX: 00007f8a799b3b0a RSI: 0000000000000002 RDI: 00007f8a799b3b00 [ 1238.915300][T25174] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1238.915305][T25174] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000005 03:43:59 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf74", 0x1f) 03:43:59 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419031a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1238.915311][T25174] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:43:59 executing program 0 (fault-call:2 fault-nth:12): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:43:59 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf7a", 0x1f) 03:43:59 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:43:59 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2010000000000000, 0x0, 0x0, 0x0) 03:43:59 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419041a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:43:59 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}) 03:43:59 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2402000000000000, 0x0, 0x0, 0x0) 03:43:59 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}) 03:43:59 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) [ 1239.199338][T25209] FAULT_INJECTION: forcing a failure. [ 1239.199338][T25209] name failslab, interval 1, probability 0, space 0, times 0 03:43:59 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:43:59 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419051a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1239.274004][T25209] CPU: 0 PID: 25209 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1239.281924][T25209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1239.291967][T25209] Call Trace: [ 1239.291989][T25209] dump_stack+0x1d8/0x2f8 [ 1239.292005][T25209] should_fail+0x608/0x860 [ 1239.292018][T25209] ? setup_fault_attr+0x2b0/0x2b0 [ 1239.292036][T25209] __should_failslab+0x11a/0x160 [ 1239.292049][T25209] ? __alloc_file+0x29/0x350 [ 1239.292062][T25209] should_failslab+0x9/0x20 [ 1239.292071][T25209] kmem_cache_alloc+0x56/0x2b0 [ 1239.292086][T25209] ? stack_trace_save+0x1e0/0x1e0 [ 1239.292098][T25209] __alloc_file+0x29/0x350 [ 1239.292106][T25209] ? alloc_empty_file+0x4c/0x1b0 [ 1239.292117][T25209] alloc_empty_file+0xac/0x1b0 [ 1239.292128][T25209] path_openat+0x12b/0x4400 [ 1239.292139][T25209] ? arch_stack_walk+0x98/0xe0 [ 1239.292153][T25209] ? __bfs+0x550/0x550 [ 1239.292168][T25209] ? stack_trace_save+0x111/0x1e0 [ 1239.318647][T25209] ? __lock_acquire+0xcf7/0x1a40 03:44:00 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1239.318664][T25209] ? check_preemption_disabled+0x47/0x280 [ 1239.327886][T25209] ? do_filp_open+0x430/0x430 [ 1239.327895][T25209] ? __lock_acquire+0xcf7/0x1a40 [ 1239.327909][T25209] ? kmem_cache_alloc+0x1dd/0x2b0 [ 1239.327933][T25209] ? expand_files+0x511/0xa90 [ 1239.327945][T25209] do_filp_open+0x1f7/0x430 [ 1239.399638][T25209] ? vfs_tmpfile+0x230/0x230 [ 1239.404243][T25209] ? kasan_check_read+0x11/0x20 [ 1239.409097][T25209] ? do_raw_spin_unlock+0x49/0x260 [ 1239.414217][T25209] ? _raw_spin_unlock+0x2c/0x50 [ 1239.419082][T25209] ? get_unused_fd_flags+0x97/0xb0 [ 1239.424195][T25209] do_sys_open+0x343/0x620 [ 1239.428613][T25209] ? file_open_root+0x440/0x440 [ 1239.433459][T25209] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 1239.433475][T25209] ? prepare_exit_to_usermode+0x1e1/0x4f0 [ 1239.433488][T25209] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1239.445234][T25209] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1239.445247][T25209] ? do_syscall_64+0x1d/0x140 [ 1239.445260][T25209] __x64_sys_open+0x87/0x90 [ 1239.445269][T25209] do_syscall_64+0xfe/0x140 [ 1239.445284][T25209] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1239.445292][T25209] RIP: 0033:0x413401 [ 1239.445301][T25209] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 1239.445310][T25209] RSP: 002b:00007f8a799b3a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 1239.456433][T25209] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000413401 [ 1239.456440][T25209] RDX: 00007f8a799b3b0a RSI: 0000000000000002 RDI: 00007f8a799b3b00 03:44:00 executing program 0 (fault-call:2 fault-nth:13): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:00 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419061a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:00 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}) 03:44:00 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2500000000000000, 0x0, 0x0, 0x0) [ 1239.456445][T25209] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1239.456451][T25209] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000005 [ 1239.456457][T25209] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:00 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419071a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:00 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1239.566966][T25237] FAULT_INJECTION: forcing a failure. [ 1239.566966][T25237] name failslab, interval 1, probability 0, space 0, times 0 [ 1239.601233][T25237] CPU: 0 PID: 25237 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 03:44:00 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1239.609152][T25237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1239.619205][T25237] Call Trace: [ 1239.622501][T25237] dump_stack+0x1d8/0x2f8 [ 1239.626840][T25237] should_fail+0x608/0x860 [ 1239.631263][T25237] ? setup_fault_attr+0x2b0/0x2b0 [ 1239.636294][T25237] __should_failslab+0x11a/0x160 [ 1239.641234][T25237] ? __alloc_file+0x29/0x350 [ 1239.645822][T25237] should_failslab+0x9/0x20 [ 1239.650323][T25237] kmem_cache_alloc+0x56/0x2b0 [ 1239.655089][T25237] ? stack_trace_save+0x1e0/0x1e0 [ 1239.660110][T25237] __alloc_file+0x29/0x350 [ 1239.664519][T25237] ? alloc_empty_file+0x4c/0x1b0 [ 1239.664531][T25237] alloc_empty_file+0xac/0x1b0 [ 1239.664544][T25237] path_openat+0x12b/0x4400 [ 1239.664555][T25237] ? arch_stack_walk+0x98/0xe0 [ 1239.664570][T25237] ? __bfs+0x550/0x550 [ 1239.664586][T25237] ? stack_trace_save+0x111/0x1e0 [ 1239.664598][T25237] ? __lock_acquire+0xcf7/0x1a40 [ 1239.664616][T25237] ? check_preemption_disabled+0x47/0x280 [ 1239.664629][T25237] ? do_filp_open+0x430/0x430 [ 1239.664640][T25237] ? __lock_acquire+0xcf7/0x1a40 [ 1239.683525][T25237] ? kmem_cache_alloc+0x1dd/0x2b0 03:44:00 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1239.683549][T25237] ? expand_files+0x511/0xa90 [ 1239.707882][T25237] do_filp_open+0x1f7/0x430 [ 1239.707895][T25237] ? vfs_tmpfile+0x230/0x230 [ 1239.707913][T25237] ? kasan_check_read+0x11/0x20 [ 1239.722495][T25237] ? do_raw_spin_unlock+0x49/0x260 [ 1239.722511][T25237] ? _raw_spin_unlock+0x2c/0x50 [ 1239.722531][T25237] ? get_unused_fd_flags+0x97/0xb0 [ 1239.736411][T25237] do_sys_open+0x343/0x620 [ 1239.736425][T25237] ? file_open_root+0x440/0x440 [ 1239.736434][T25237] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 1239.736449][T25237] ? prepare_exit_to_usermode+0x1e1/0x4f0 [ 1239.736459][T25237] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1239.736470][T25237] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1239.736479][T25237] ? do_syscall_64+0x1d/0x140 [ 1239.736490][T25237] __x64_sys_open+0x87/0x90 [ 1239.736501][T25237] do_syscall_64+0xfe/0x140 [ 1239.736517][T25237] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1239.736525][T25237] RIP: 0033:0x413401 [ 1239.736537][T25237] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 1239.751530][T25237] RSP: 002b:00007f8a799b3a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 1239.751541][T25237] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000413401 [ 1239.751546][T25237] RDX: 00007f8a799b3b0a RSI: 0000000000000002 RDI: 00007f8a799b3b00 [ 1239.751555][T25237] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1239.766805][T25237] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000005 [ 1239.783628][T25237] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:00 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:44:00 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:00 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}) 03:44:00 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x3803000000000000, 0x0, 0x0, 0x0) 03:44:00 executing program 0 (fault-call:2 fault-nth:14): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:00 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419081a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1240.006931][T25271] FAULT_INJECTION: forcing a failure. [ 1240.006931][T25271] name failslab, interval 1, probability 0, space 0, times 0 03:44:00 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419091a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:00 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) 03:44:00 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x3f00000000000000, 0x0, 0x0, 0x0) 03:44:00 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1240.121242][T25271] CPU: 0 PID: 25271 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1240.129193][T25271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1240.139231][T25271] Call Trace: [ 1240.142509][T25271] dump_stack+0x1d8/0x2f8 [ 1240.146822][T25271] should_fail+0x608/0x860 [ 1240.151215][T25271] ? setup_fault_attr+0x2b0/0x2b0 [ 1240.156220][T25271] __should_failslab+0x11a/0x160 [ 1240.161131][T25271] ? __alloc_file+0x29/0x350 [ 1240.165716][T25271] should_failslab+0x9/0x20 [ 1240.170196][T25271] kmem_cache_alloc+0x56/0x2b0 [ 1240.174933][T25271] ? stack_trace_save+0x1e0/0x1e0 [ 1240.179932][T25271] __alloc_file+0x29/0x350 [ 1240.184320][T25271] ? alloc_empty_file+0x4c/0x1b0 [ 1240.189232][T25271] alloc_empty_file+0xac/0x1b0 [ 1240.193969][T25271] path_openat+0x12b/0x4400 [ 1240.198458][T25271] ? arch_stack_walk+0x98/0xe0 [ 1240.203200][T25271] ? __bfs+0x550/0x550 [ 1240.207243][T25271] ? stack_trace_save+0x111/0x1e0 [ 1240.212238][T25271] ? __lock_acquire+0xcf7/0x1a40 [ 1240.217150][T25271] ? check_preemption_disabled+0x47/0x280 [ 1240.222946][T25271] ? do_filp_open+0x430/0x430 [ 1240.227595][T25271] ? __lock_acquire+0xcf7/0x1a40 [ 1240.232505][T25271] ? kmem_cache_alloc+0x1dd/0x2b0 [ 1240.237516][T25271] ? expand_files+0x511/0xa90 [ 1240.242166][T25271] do_filp_open+0x1f7/0x430 [ 1240.246644][T25271] ? vfs_tmpfile+0x230/0x230 [ 1240.251213][T25271] ? kasan_check_read+0x11/0x20 [ 1240.256038][T25271] ? do_raw_spin_unlock+0x49/0x260 [ 1240.261123][T25271] ? _raw_spin_unlock+0x2c/0x50 [ 1240.265952][T25271] ? get_unused_fd_flags+0x97/0xb0 [ 1240.271042][T25271] do_sys_open+0x343/0x620 [ 1240.275434][T25271] ? file_open_root+0x440/0x440 [ 1240.280256][T25271] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 1240.286296][T25271] ? prepare_exit_to_usermode+0x1e1/0x4f0 [ 1240.291986][T25271] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1240.297419][T25271] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1240.303110][T25271] ? do_syscall_64+0x1d/0x140 [ 1240.307763][T25271] __x64_sys_open+0x87/0x90 [ 1240.312243][T25271] do_syscall_64+0xfe/0x140 [ 1240.316723][T25271] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1240.322587][T25271] RIP: 0033:0x413401 [ 1240.326460][T25271] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 1240.346035][T25271] RSP: 002b:00007f8a799b3a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 1240.354432][T25271] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000413401 [ 1240.362375][T25271] RDX: 00007f8a799b3b0a RSI: 0000000000000002 RDI: 00007f8a799b3b00 [ 1240.370321][T25271] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1240.378268][T25271] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000005 [ 1240.386213][T25271] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:01 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x4000000000000000, 0x0, 0x0, 0x0) 03:44:01 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:01 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:01 executing program 0 (fault-call:2 fault-nth:15): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:01 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010700000014190a1a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:01 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x4800000000000000, 0x0, 0x0, 0x0) 03:44:01 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:01 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}) 03:44:01 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010700000014190b1a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:01 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x4c00000000000000, 0x0, 0x0, 0x0) 03:44:01 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:01 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:01 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}) [ 1240.746715][T25327] FAULT_INJECTION: forcing a failure. [ 1240.746715][T25327] name failslab, interval 1, probability 0, space 0, times 0 [ 1240.791453][T25327] CPU: 1 PID: 25327 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1240.799372][T25327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1240.799378][T25327] Call Trace: [ 1240.799398][T25327] dump_stack+0x1d8/0x2f8 [ 1240.799415][T25327] should_fail+0x608/0x860 [ 1240.822221][T25327] ? setup_fault_attr+0x2b0/0x2b0 [ 1240.827236][T25327] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 1240.827256][T25327] __should_failslab+0x11a/0x160 03:44:01 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010700000014190c1a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:01 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}) [ 1240.827268][T25327] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 1240.827277][T25327] should_failslab+0x9/0x20 [ 1240.827285][T25327] __kmalloc+0x7a/0x310 [ 1240.827294][T25327] ? tomoyo_realpath_from_path+0xca/0x7c0 [ 1240.827305][T25327] tomoyo_realpath_from_path+0xdc/0x7c0 [ 1240.827321][T25327] tomoyo_check_open_permission+0x1f2/0x9e0 [ 1240.869352][T25327] ? tomoyo_check_path_number_acl+0x240/0x240 [ 1240.869367][T25327] ? smk_access+0x4f0/0x4f0 [ 1240.879928][T25327] tomoyo_file_open+0x141/0x190 [ 1240.884776][T25327] security_file_open+0x65/0x2f0 [ 1240.884792][T25327] do_dentry_open+0x397/0x1060 [ 1240.884811][T25327] ? finish_open+0xe0/0xe0 [ 1240.884822][T25327] ? inode_permission+0xe3/0x580 [ 1240.884835][T25327] vfs_open+0x73/0x80 [ 1240.884847][T25327] path_openat+0x136d/0x4400 [ 1240.912354][T25327] ? arch_stack_walk+0x98/0xe0 [ 1240.917132][T25327] ? stack_trace_save+0x111/0x1e0 [ 1240.922170][T25327] ? do_filp_open+0x430/0x430 [ 1240.926845][T25327] ? __lock_acquire+0xcf7/0x1a40 [ 1240.931793][T25327] ? kmem_cache_alloc+0x1dd/0x2b0 [ 1240.936834][T25327] ? expand_files+0x511/0xa90 [ 1240.941519][T25327] do_filp_open+0x1f7/0x430 [ 1240.946025][T25327] ? vfs_tmpfile+0x230/0x230 [ 1240.950608][T25327] ? kasan_check_read+0x11/0x20 [ 1240.955444][T25327] ? do_raw_spin_unlock+0x49/0x260 [ 1240.960533][T25327] ? _raw_spin_unlock+0x2c/0x50 [ 1240.965362][T25327] ? get_unused_fd_flags+0x97/0xb0 [ 1240.970447][T25327] do_sys_open+0x343/0x620 [ 1240.974838][T25327] ? file_open_root+0x440/0x440 [ 1240.979661][T25327] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 1240.985705][T25327] ? prepare_exit_to_usermode+0x1e1/0x4f0 [ 1240.991399][T25327] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1240.996835][T25327] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1241.002537][T25327] ? do_syscall_64+0x1d/0x140 [ 1241.007201][T25327] __x64_sys_open+0x87/0x90 [ 1241.011698][T25327] do_syscall_64+0xfe/0x140 [ 1241.016186][T25327] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1241.022050][T25327] RIP: 0033:0x413401 [ 1241.025917][T25327] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 1241.045493][T25327] RSP: 002b:00007f8a799b3a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 1241.053881][T25327] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000413401 [ 1241.061834][T25327] RDX: 00007f8a799b3b0a RSI: 0000000000000002 RDI: 00007f8a799b3b00 [ 1241.069777][T25327] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1241.077722][T25327] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000005 [ 1241.085664][T25327] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1241.095308][T25327] ERROR: Out of memory at tomoyo_realpath_from_path. 03:44:01 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x4e03000000000000, 0x0, 0x0, 0x0) 03:44:01 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:01 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:01 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010700000014190d1a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:01 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd}) 03:44:01 executing program 0 (fault-call:2 fault-nth:16): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:01 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}) 03:44:01 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:01 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:01 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf3d", 0x1f) [ 1241.319189][T25367] FAULT_INJECTION: forcing a failure. [ 1241.319189][T25367] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1241.332424][T25367] CPU: 1 PID: 25367 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1241.340304][T25367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1241.350354][T25367] Call Trace: [ 1241.353667][T25367] dump_stack+0x1d8/0x2f8 [ 1241.358008][T25367] should_fail+0x608/0x860 [ 1241.362425][T25367] ? setup_fault_attr+0x2b0/0x2b0 03:44:02 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:02 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1241.367452][T25367] ? __bfs+0x550/0x550 [ 1241.371522][T25367] ? unwind_next_frame+0x415/0x870 [ 1241.376637][T25367] should_fail_alloc_page+0x55/0x60 [ 1241.381835][T25367] prepare_alloc_pages+0x283/0x460 [ 1241.386948][T25367] __alloc_pages_nodemask+0x11c/0x790 [ 1241.392329][T25367] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1241.397873][T25367] ? __lock_acquire+0xcf7/0x1a40 [ 1241.402816][T25367] kmem_getpages+0x46/0x480 [ 1241.407321][T25367] cache_grow_begin+0x7e/0x2c0 [ 1241.412090][T25367] cache_alloc_refill+0x311/0x3f0 [ 1241.417113][T25367] ? check_preemption_disabled+0xb7/0x280 [ 1241.422831][T25367] __kmalloc+0x2e5/0x310 [ 1241.427089][T25367] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 1241.432815][T25367] tomoyo_realpath_from_path+0xdc/0x7c0 [ 1241.438365][T25367] tomoyo_path_number_perm+0x1e0/0x740 [ 1241.443827][T25367] ? trace_lock_acquire+0x190/0x190 [ 1241.449025][T25367] ? tomoyo_check_path_acl+0x180/0x180 [ 1241.454507][T25367] ? fget_many+0x30/0x30 [ 1241.454522][T25367] ? debug_smp_processor_id+0x1c/0x20 [ 1241.464260][T25367] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 1241.464275][T25367] tomoyo_file_ioctl+0x23/0x30 [ 1241.464288][T25367] security_file_ioctl+0x6d/0xd0 [ 1241.464305][T25367] __x64_sys_ioctl+0xa3/0x120 [ 1241.464320][T25367] do_syscall_64+0xfe/0x140 [ 1241.464336][T25367] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1241.495038][T25367] RIP: 0033:0x459387 [ 1241.498918][T25367] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1241.498924][T25367] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1241.498935][T25367] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000459387 [ 1241.498941][T25367] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1241.498951][T25367] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1241.498956][T25367] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1241.498965][T25367] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:02 executing program 0 (fault-call:2 fault-nth:17): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:02 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf1e", 0x1f) 03:44:02 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x4f03000000000000, 0x0, 0x0, 0x0) 03:44:02 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010700000014190e1a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:02 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}) 03:44:02 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:02 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x5c00000000000000, 0x0, 0x0, 0x0) 03:44:02 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010700000014190f1a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:02 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:02 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}) [ 1241.785410][T25410] FAULT_INJECTION: forcing a failure. [ 1241.785410][T25410] name failslab, interval 1, probability 0, space 0, times 0 [ 1241.805295][T25417] __nla_validate_parse: 40 callbacks suppressed [ 1241.805301][T25417] netlink: 25 bytes leftover after parsing attributes in process `syz-executor.1'. 03:44:02 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:02 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1241.834434][T25419] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1241.836967][T25410] CPU: 1 PID: 25410 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1241.851529][T25410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1241.861590][T25410] Call Trace: [ 1241.864903][T25410] dump_stack+0x1d8/0x2f8 [ 1241.869238][T25410] should_fail+0x608/0x860 [ 1241.873654][T25410] ? setup_fault_attr+0x2b0/0x2b0 [ 1241.878684][T25410] __should_failslab+0x11a/0x160 [ 1241.883619][T25410] should_failslab+0x9/0x20 [ 1241.888122][T25410] kmem_cache_alloc_trace+0x5d/0x2c0 [ 1241.893397][T25410] ? __kthread_create_on_node+0x101/0x420 [ 1241.899092][T25410] ? loop_set_fd+0x1130/0x1130 [ 1241.903850][T25410] __kthread_create_on_node+0x101/0x420 [ 1241.909373][T25410] ? kthread_create_on_node+0x130/0x130 [ 1241.914894][T25410] ? lockdep_unregister_key+0x660/0x660 [ 1241.920424][T25410] ? blkdev_get+0x863/0x9d0 [ 1241.924901][T25410] ? loop_set_fd+0xad/0x1130 [ 1241.929465][T25410] ? loop_set_fd+0x1130/0x1130 [ 1241.934289][T25410] kthread_create_on_node+0xcc/0x130 [ 1241.939546][T25410] ? tsk_fork_get_node+0x70/0x70 [ 1241.944459][T25410] ? lockdep_init_map+0x2a/0x680 [ 1241.949373][T25410] loop_set_fd+0x67d/0x1130 [ 1241.953859][T25410] ? match_held_lock+0x280/0x280 [ 1241.958790][T25410] lo_ioctl+0x17a/0x2400 [ 1241.963017][T25410] ? match_held_lock+0x280/0x280 [ 1241.967933][T25410] ? kobj_lookup+0xc2/0x450 [ 1241.972413][T25410] ? lo_release+0x1f0/0x1f0 [ 1241.976918][T25410] ? match_held_lock+0x280/0x280 [ 1241.981847][T25410] ? __bfs+0x550/0x550 [ 1241.985897][T25410] ? __lock_acquire+0xcf7/0x1a40 [ 1241.990813][T25410] ? __bfs+0x550/0x550 [ 1241.994854][T25410] ? match_held_lock+0x280/0x280 [ 1241.999765][T25410] ? __lock_acquire+0xcf7/0x1a40 [ 1242.004674][T25410] ? __bfs+0x550/0x550 [ 1242.008716][T25410] ? __lock_acquire+0xcf7/0x1a40 [ 1242.013629][T25410] ? __lock_acquire+0xcf7/0x1a40 [ 1242.018548][T25410] ? trace_lock_acquire+0x190/0x190 [ 1242.023725][T25410] ? __read_once_size_nocheck+0x10/0x10 [ 1242.029238][T25410] ? unwind_next_frame+0x415/0x870 [ 1242.034327][T25410] ? rcu_lock_release+0x9/0x30 [ 1242.039064][T25410] ? stack_trace_save+0x1e0/0x1e0 [ 1242.044058][T25410] ? rcu_lock_release+0x26/0x30 [ 1242.048879][T25410] ? is_bpf_text_address+0x398/0x3b0 [ 1242.054143][T25410] ? stack_trace_save+0x1e0/0x1e0 [ 1242.059145][T25410] ? __kernel_text_address+0x9a/0x110 [ 1242.064495][T25410] ? unwind_get_return_address+0x4c/0x90 [ 1242.070098][T25410] ? arch_stack_walk+0x98/0xe0 [ 1242.074838][T25410] ? stack_trace_save+0x111/0x1e0 [ 1242.079844][T25410] ? lo_release+0x1f0/0x1f0 [ 1242.084464][T25410] blkdev_ioctl+0x917/0x2c10 [ 1242.089029][T25410] ? tomoyo_path_number_perm+0x587/0x740 [ 1242.094632][T25410] ? trace_hardirqs_off+0x74/0x80 [ 1242.099631][T25410] ? quarantine_put+0xb7/0x1f0 [ 1242.104365][T25410] ? tomoyo_path_number_perm+0x587/0x740 [ 1242.109972][T25410] ? __blkdev_driver_ioctl+0xc0/0xc0 [ 1242.115226][T25410] ? __kasan_slab_free+0x19d/0x1e0 [ 1242.120309][T25410] ? __kasan_slab_free+0x12a/0x1e0 [ 1242.125389][T25410] ? kasan_slab_free+0xe/0x10 [ 1242.130117][T25410] ? kfree+0xae/0x120 [ 1242.134083][T25410] ? tomoyo_path_number_perm+0x587/0x740 [ 1242.139685][T25410] ? tomoyo_file_ioctl+0x23/0x30 [ 1242.144598][T25410] ? security_file_ioctl+0x6d/0xd0 [ 1242.149685][T25410] ? __x64_sys_ioctl+0xa3/0x120 [ 1242.154509][T25410] ? do_syscall_64+0xfe/0x140 [ 1242.159156][T25410] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1242.165218][T25410] ? kasan_check_write+0x14/0x20 [ 1242.170131][T25410] ? do_raw_spin_lock+0x143/0x3a0 [ 1242.175135][T25410] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 1242.180917][T25410] ? rcu_lock_release+0x9/0x30 [ 1242.185662][T25410] ? tomoyo_path_number_perm+0x5f0/0x740 [ 1242.191267][T25410] ? trace_lock_acquire+0x190/0x190 [ 1242.196440][T25410] ? tomoyo_check_path_acl+0x180/0x180 [ 1242.201875][T25410] block_ioctl+0xbd/0x100 [ 1242.206181][T25410] ? blkdev_iopoll+0x100/0x100 [ 1242.210922][T25410] do_vfs_ioctl+0x7d4/0x1890 [ 1242.215487][T25410] ? ioctl_preallocate+0x240/0x240 [ 1242.220577][T25410] ? fget_many+0x30/0x30 [ 1242.224791][T25410] ? debug_smp_processor_id+0x1c/0x20 [ 1242.230136][T25410] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 1242.236177][T25410] ? tomoyo_file_ioctl+0x23/0x30 [ 1242.241088][T25410] ? security_file_ioctl+0xa1/0xd0 [ 1242.246189][T25410] __x64_sys_ioctl+0xe3/0x120 [ 1242.250844][T25410] do_syscall_64+0xfe/0x140 [ 1242.255321][T25410] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1242.261198][T25410] RIP: 0033:0x459387 [ 1242.265065][T25410] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1242.284648][T25410] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1242.293044][T25410] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000459387 [ 1242.300989][T25410] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1242.308932][T25410] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1242.316878][T25410] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1242.324821][T25410] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1242.382318][T25426] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:03 executing program 0 (fault-call:2 fault-nth:18): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:03 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x6000000000000000, 0x0, 0x0, 0x0) 03:44:03 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419101a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:03 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:03 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12}) 03:44:03 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x654b050000000000, 0x0, 0x0, 0x0) 03:44:03 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) [ 1242.483651][T25437] netlink: 25 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1242.551394][T25446] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1242.567291][T25448] FAULT_INJECTION: forcing a failure. [ 1242.567291][T25448] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1242.580495][T25448] CPU: 1 PID: 25448 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1242.588364][T25448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1242.598397][T25448] Call Trace: [ 1242.601667][T25448] dump_stack+0x1d8/0x2f8 [ 1242.605974][T25448] should_fail+0x608/0x860 [ 1242.610366][T25448] ? setup_fault_attr+0x2b0/0x2b0 [ 1242.615368][T25448] ? __bfs+0x550/0x550 [ 1242.619415][T25448] should_fail_alloc_page+0x55/0x60 [ 1242.624583][T25448] prepare_alloc_pages+0x283/0x460 [ 1242.629667][T25448] __alloc_pages_nodemask+0x11c/0x790 [ 1242.635015][T25448] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1242.640530][T25448] ? __lock_acquire+0xcf7/0x1a40 [ 1242.645448][T25448] kmem_getpages+0x46/0x480 [ 1242.649925][T25448] cache_grow_begin+0x7e/0x2c0 [ 1242.654662][T25448] cache_alloc_refill+0x311/0x3f0 [ 1242.659661][T25448] ? check_preemption_disabled+0xb7/0x280 [ 1242.665356][T25448] __kmalloc+0x2e5/0x310 [ 1242.669570][T25448] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 1242.675265][T25448] tomoyo_realpath_from_path+0xdc/0x7c0 [ 1242.680786][T25448] tomoyo_check_open_permission+0x1f2/0x9e0 [ 1242.686654][T25448] ? tomoyo_check_path_number_acl+0x240/0x240 [ 1242.692705][T25448] ? smk_access+0x4f0/0x4f0 [ 1242.697201][T25448] tomoyo_file_open+0x141/0x190 [ 1242.702040][T25448] security_file_open+0x65/0x2f0 [ 1242.706951][T25448] do_dentry_open+0x397/0x1060 [ 1242.711691][T25448] ? finish_open+0xe0/0xe0 [ 1242.716079][T25448] ? inode_permission+0xe3/0x580 [ 1242.720988][T25448] vfs_open+0x73/0x80 [ 1242.724943][T25448] path_openat+0x136d/0x4400 [ 1242.729509][T25448] ? arch_stack_walk+0x98/0xe0 [ 1242.734253][T25448] ? stack_trace_save+0x111/0x1e0 [ 1242.739251][T25448] ? check_preemption_disabled+0x47/0x280 [ 1242.744946][T25448] ? do_filp_open+0x430/0x430 [ 1242.749596][T25448] ? __lock_acquire+0xcf7/0x1a40 [ 1242.754507][T25448] ? kmem_cache_alloc+0x1dd/0x2b0 [ 1242.759513][T25448] ? expand_files+0x511/0xa90 [ 1242.764162][T25448] do_filp_open+0x1f7/0x430 [ 1242.768637][T25448] ? vfs_tmpfile+0x230/0x230 [ 1242.773202][T25448] ? kasan_check_read+0x11/0x20 [ 1242.778028][T25448] ? do_raw_spin_unlock+0x49/0x260 [ 1242.783113][T25448] ? _raw_spin_unlock+0x2c/0x50 [ 1242.787946][T25448] ? get_unused_fd_flags+0x97/0xb0 [ 1242.793031][T25448] do_sys_open+0x343/0x620 [ 1242.797421][T25448] ? file_open_root+0x440/0x440 [ 1242.802264][T25448] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 1242.809173][T25448] ? prepare_exit_to_usermode+0x1e1/0x4f0 [ 1242.814865][T25448] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1242.820295][T25448] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1242.825985][T25448] ? do_syscall_64+0x1d/0x140 [ 1242.830638][T25448] __x64_sys_open+0x87/0x90 [ 1242.835116][T25448] do_syscall_64+0xfe/0x140 [ 1242.839607][T25448] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1242.845472][T25448] RIP: 0033:0x413401 [ 1242.849345][T25448] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 19 00 00 c3 48 83 ec 08 e8 0a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 1242.868947][T25448] RSP: 002b:00007f8a79992a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 1242.877333][T25448] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000413401 [ 1242.885280][T25448] RDX: 00007f8a79992b0a RSI: 0000000000000002 RDI: 00007f8a79992b00 [ 1242.893222][T25448] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 03:44:03 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419111a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1242.901169][T25448] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000005 [ 1242.909114][T25448] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:03 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x6800000000000000, 0x0, 0x0, 0x0) 03:44:03 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:03 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25}) [ 1243.029564][T25465] netlink: 25 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1243.038803][T25459] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:03 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x6c00000000000000, 0x0, 0x0, 0x0) 03:44:03 executing program 0 (fault-call:2 fault-nth:19): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:03 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:03 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:03 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419121a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:03 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c}) 03:44:03 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x724b050000000000, 0x0, 0x0, 0x0) [ 1243.226854][T25484] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:03 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300}) 03:44:03 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1243.324310][T25482] netlink: 25 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1243.356050][T25491] FAULT_INJECTION: forcing a failure. [ 1243.356050][T25491] name failslab, interval 1, probability 0, space 0, times 0 03:44:03 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500}) 03:44:04 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419251a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:04 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x7400000000000000, 0x0, 0x0, 0x0) [ 1243.369303][T25491] CPU: 0 PID: 25491 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1243.377197][T25491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1243.387377][T25491] Call Trace: [ 1243.390674][T25491] dump_stack+0x1d8/0x2f8 [ 1243.395014][T25491] should_fail+0x608/0x860 [ 1243.399435][T25491] ? setup_fault_attr+0x2b0/0x2b0 [ 1243.404450][T25491] ? stack_trace_save+0x111/0x1e0 [ 1243.409477][T25491] ? stack_trace_snprint+0x150/0x150 [ 1243.414760][T25491] ? arch_stack_walk+0x98/0xe0 [ 1243.419526][T25491] __should_failslab+0x11a/0x160 [ 1243.424458][T25491] ? radix_tree_node_alloc+0x1a1/0x370 [ 1243.429910][T25491] should_failslab+0x9/0x20 [ 1243.434400][T25491] kmem_cache_alloc+0x56/0x2b0 [ 1243.439236][T25491] radix_tree_node_alloc+0x1a1/0x370 [ 1243.444504][T25491] ? __lock_acquire+0xcf7/0x1a40 [ 1243.449446][T25491] ? loop_set_fd+0xc7c/0x1130 [ 1243.454100][T25491] idr_get_free+0x2a8/0x850 [ 1243.458582][T25491] idr_alloc_cyclic+0x1ff/0x600 [ 1243.463409][T25491] ? idr_alloc+0x300/0x300 [ 1243.467808][T25491] ? __rwlock_init+0x130/0x130 [ 1243.472558][T25491] __kernfs_new_node+0x159/0x6e0 [ 1243.477471][T25491] ? kernfs_new_node+0x170/0x170 [ 1243.482388][T25491] ? trace_lock_acquire+0x190/0x190 [ 1243.487592][T25491] kernfs_create_dir_ns+0x9b/0x230 [ 1243.492708][T25491] internal_create_group+0x234/0xde0 [ 1243.497971][T25491] ? bd_set_size+0x97/0xb0 [ 1243.502369][T25491] ? sysfs_create_group+0x30/0x30 [ 1243.507375][T25491] ? up_write+0xb0/0x1b0 [ 1243.511604][T25491] sysfs_create_group+0x1f/0x30 [ 1243.516437][T25491] loop_set_fd+0xc7c/0x1130 [ 1243.520947][T25491] lo_ioctl+0x17a/0x2400 [ 1243.525181][T25491] ? match_held_lock+0x280/0x280 [ 1243.530100][T25491] ? kobj_lookup+0xc2/0x450 [ 1243.534577][T25491] ? lo_release+0x1f0/0x1f0 [ 1243.539054][T25491] ? match_held_lock+0x280/0x280 [ 1243.543974][T25491] ? __bfs+0x550/0x550 [ 1243.548031][T25491] ? __lock_acquire+0xcf7/0x1a40 [ 1243.552964][T25491] ? __bfs+0x550/0x550 [ 1243.557016][T25491] ? match_held_lock+0x280/0x280 [ 1243.561929][T25491] ? __lock_acquire+0xcf7/0x1a40 [ 1243.566849][T25491] ? __bfs+0x550/0x550 [ 1243.570904][T25491] ? __lock_acquire+0xcf7/0x1a40 [ 1243.575819][T25491] ? __lock_acquire+0xcf7/0x1a40 [ 1243.580733][T25491] ? trace_lock_acquire+0x190/0x190 [ 1243.585923][T25491] ? __read_once_size_nocheck+0x10/0x10 [ 1243.591451][T25491] ? unwind_next_frame+0x415/0x870 [ 1243.596545][T25491] ? rcu_lock_release+0x9/0x30 [ 1243.601307][T25491] ? stack_trace_save+0x1e0/0x1e0 [ 1243.606316][T25491] ? rcu_lock_release+0x26/0x30 [ 1243.611148][T25491] ? is_bpf_text_address+0x398/0x3b0 [ 1243.616406][T25491] ? stack_trace_save+0x1e0/0x1e0 [ 1243.621402][T25491] ? __kernel_text_address+0x9a/0x110 [ 1243.626757][T25491] ? unwind_get_return_address+0x4c/0x90 [ 1243.632371][T25491] ? arch_stack_walk+0x98/0xe0 [ 1243.637116][T25491] ? stack_trace_save+0x111/0x1e0 [ 1243.642113][T25491] ? lo_release+0x1f0/0x1f0 [ 1243.646609][T25491] blkdev_ioctl+0x917/0x2c10 [ 1243.651199][T25491] ? tomoyo_path_number_perm+0x587/0x740 [ 1243.656808][T25491] ? trace_hardirqs_off+0x74/0x80 [ 1243.661808][T25491] ? quarantine_put+0xb7/0x1f0 [ 1243.666626][T25491] ? tomoyo_path_number_perm+0x587/0x740 [ 1243.672239][T25491] ? __blkdev_driver_ioctl+0xc0/0xc0 [ 1243.677503][T25491] ? __kasan_slab_free+0x19d/0x1e0 [ 1243.682583][T25491] ? __kasan_slab_free+0x12a/0x1e0 [ 1243.687675][T25491] ? kasan_slab_free+0xe/0x10 [ 1243.692331][T25491] ? kfree+0xae/0x120 [ 1243.696300][T25491] ? tomoyo_path_number_perm+0x587/0x740 [ 1243.701901][T25491] ? tomoyo_file_ioctl+0x23/0x30 [ 1243.706817][T25491] ? security_file_ioctl+0x6d/0xd0 [ 1243.711910][T25491] ? __x64_sys_ioctl+0xa3/0x120 [ 1243.716733][T25491] ? do_syscall_64+0xfe/0x140 [ 1243.721385][T25491] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1243.727437][T25491] ? kasan_check_write+0x14/0x20 [ 1243.732357][T25491] ? do_raw_spin_lock+0x143/0x3a0 [ 1243.737362][T25491] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 1243.743152][T25491] ? rcu_lock_release+0x9/0x30 [ 1243.747914][T25491] ? tomoyo_path_number_perm+0x5f0/0x740 [ 1243.753529][T25491] ? trace_lock_acquire+0x190/0x190 [ 1243.758809][T25491] ? tomoyo_check_path_acl+0x180/0x180 [ 1243.764262][T25491] block_ioctl+0xbd/0x100 [ 1243.768601][T25491] ? blkdev_iopoll+0x100/0x100 [ 1243.773352][T25491] do_vfs_ioctl+0x7d4/0x1890 [ 1243.777932][T25491] ? ioctl_preallocate+0x240/0x240 [ 1243.783055][T25491] ? fget_many+0x30/0x30 [ 1243.787306][T25491] ? debug_smp_processor_id+0x1c/0x20 [ 1243.792660][T25491] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 1243.798701][T25491] ? tomoyo_file_ioctl+0x23/0x30 [ 1243.803646][T25491] ? security_file_ioctl+0xa1/0xd0 [ 1243.808753][T25491] __x64_sys_ioctl+0xe3/0x120 [ 1243.813410][T25491] do_syscall_64+0xfe/0x140 [ 1243.817893][T25491] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1243.823759][T25491] RIP: 0033:0x459387 [ 1243.827633][T25491] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1243.847312][T25491] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1243.855705][T25491] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000459387 [ 1243.863664][T25491] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1243.871611][T25491] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1243.879559][T25491] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1243.887509][T25491] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:04 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:04 executing program 0 (fault-call:2 fault-nth:20): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:04 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x7a00000000000000, 0x0, 0x0, 0x0) 03:44:04 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x554}) [ 1243.985662][T25512] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:04 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419481a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:04 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600}) 03:44:04 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:04 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x7f4b050000000000, 0x0, 0x0, 0x0) 03:44:04 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010700000014194c1a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:04 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:04 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:04 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419601a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:04 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700}) [ 1244.385834][T25557] FAULT_INJECTION: forcing a failure. [ 1244.385834][T25557] name failslab, interval 1, probability 0, space 0, times 0 [ 1244.398519][T25557] CPU: 1 PID: 25557 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1244.406409][T25557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1244.416450][T25557] Call Trace: [ 1244.419781][T25557] dump_stack+0x1d8/0x2f8 [ 1244.424091][T25557] should_fail+0x608/0x860 [ 1244.428504][T25557] ? setup_fault_attr+0x2b0/0x2b0 [ 1244.433511][T25557] __should_failslab+0x11a/0x160 [ 1244.438425][T25557] ? radix_tree_node_alloc+0x1a1/0x370 [ 1244.443874][T25557] should_failslab+0x9/0x20 [ 1244.448352][T25557] kmem_cache_alloc+0x56/0x2b0 [ 1244.453089][T25557] ? radix_tree_node_alloc+0x1a1/0x370 [ 1244.458518][T25557] radix_tree_node_alloc+0x1a1/0x370 [ 1244.463777][T25557] ? __lock_acquire+0xcf7/0x1a40 [ 1244.468701][T25557] ? loop_set_fd+0xc7c/0x1130 [ 1244.473364][T25557] idr_get_free+0x2a8/0x850 [ 1244.477844][T25557] idr_alloc_cyclic+0x1ff/0x600 [ 1244.482671][T25557] ? idr_alloc+0x300/0x300 [ 1244.487064][T25557] ? __rwlock_init+0x130/0x130 [ 1244.491806][T25557] __kernfs_new_node+0x159/0x6e0 [ 1244.496730][T25557] ? kernfs_new_node+0x170/0x170 [ 1244.501660][T25557] ? trace_lock_acquire+0x190/0x190 [ 1244.506846][T25557] kernfs_create_dir_ns+0x9b/0x230 [ 1244.511930][T25557] internal_create_group+0x234/0xde0 [ 1244.517211][T25557] ? bd_set_size+0x97/0xb0 [ 1244.521618][T25557] ? sysfs_create_group+0x30/0x30 [ 1244.526627][T25557] ? up_write+0xb0/0x1b0 [ 1244.530844][T25557] sysfs_create_group+0x1f/0x30 [ 1244.535675][T25557] loop_set_fd+0xc7c/0x1130 [ 1244.540164][T25557] lo_ioctl+0x17a/0x2400 [ 1244.544394][T25557] ? match_held_lock+0x280/0x280 [ 1244.549311][T25557] ? kobj_lookup+0xc2/0x450 [ 1244.553786][T25557] ? lo_release+0x1f0/0x1f0 [ 1244.558264][T25557] ? match_held_lock+0x280/0x280 [ 1244.563171][T25557] ? __bfs+0x550/0x550 [ 1244.567212][T25557] ? __lock_acquire+0xcf7/0x1a40 [ 1244.572130][T25557] ? __bfs+0x550/0x550 [ 1244.576170][T25557] ? match_held_lock+0x280/0x280 [ 1244.581083][T25557] ? __lock_acquire+0xcf7/0x1a40 [ 1244.585990][T25557] ? __bfs+0x550/0x550 [ 1244.590032][T25557] ? __lock_acquire+0xcf7/0x1a40 [ 1244.594944][T25557] ? __lock_acquire+0xcf7/0x1a40 [ 1244.599863][T25557] ? trace_lock_acquire+0x190/0x190 [ 1244.605051][T25557] ? __read_once_size_nocheck+0x10/0x10 [ 1244.610565][T25557] ? unwind_next_frame+0x415/0x870 [ 1244.615654][T25557] ? rcu_lock_release+0x9/0x30 [ 1244.620397][T25557] ? stack_trace_save+0x1e0/0x1e0 [ 1244.625394][T25557] ? rcu_lock_release+0x26/0x30 [ 1244.630213][T25557] ? is_bpf_text_address+0x398/0x3b0 [ 1244.635469][T25557] ? stack_trace_save+0x1e0/0x1e0 [ 1244.640476][T25557] ? __kernel_text_address+0x9a/0x110 [ 1244.645834][T25557] ? unwind_get_return_address+0x4c/0x90 [ 1244.651448][T25557] ? arch_stack_walk+0x98/0xe0 [ 1244.656201][T25557] ? stack_trace_save+0x111/0x1e0 [ 1244.661201][T25557] ? lo_release+0x1f0/0x1f0 [ 1244.665681][T25557] blkdev_ioctl+0x917/0x2c10 [ 1244.670245][T25557] ? tomoyo_path_number_perm+0x587/0x740 [ 1244.675853][T25557] ? trace_hardirqs_off+0x74/0x80 [ 1244.680851][T25557] ? quarantine_put+0xb7/0x1f0 [ 1244.685583][T25557] ? tomoyo_path_number_perm+0x587/0x740 [ 1244.691190][T25557] ? __blkdev_driver_ioctl+0xc0/0xc0 [ 1244.696452][T25557] ? __kasan_slab_free+0x19d/0x1e0 [ 1244.701555][T25557] ? __kasan_slab_free+0x12a/0x1e0 [ 1244.706642][T25557] ? kasan_slab_free+0xe/0x10 [ 1244.711293][T25557] ? kfree+0xae/0x120 [ 1244.715252][T25557] ? tomoyo_path_number_perm+0x587/0x740 [ 1244.720856][T25557] ? tomoyo_file_ioctl+0x23/0x30 [ 1244.725765][T25557] ? security_file_ioctl+0x6d/0xd0 [ 1244.730866][T25557] ? __x64_sys_ioctl+0xa3/0x120 [ 1244.735693][T25557] ? do_syscall_64+0xfe/0x140 [ 1244.740344][T25557] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1244.746386][T25557] ? kasan_check_write+0x14/0x20 [ 1244.751294][T25557] ? do_raw_spin_lock+0x143/0x3a0 [ 1244.756301][T25557] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 1244.762174][T25557] ? rcu_lock_release+0x9/0x30 [ 1244.766911][T25557] ? tomoyo_path_number_perm+0x5f0/0x740 [ 1244.772519][T25557] ? trace_lock_acquire+0x190/0x190 [ 1244.777699][T25557] ? tomoyo_check_path_acl+0x180/0x180 [ 1244.783147][T25557] block_ioctl+0xbd/0x100 [ 1244.787451][T25557] ? blkdev_iopoll+0x100/0x100 [ 1244.792193][T25557] do_vfs_ioctl+0x7d4/0x1890 [ 1244.796761][T25557] ? ioctl_preallocate+0x240/0x240 [ 1244.801856][T25557] ? fget_many+0x30/0x30 [ 1244.806074][T25557] ? debug_smp_processor_id+0x1c/0x20 [ 1244.812261][T25557] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 1244.818301][T25557] ? tomoyo_file_ioctl+0x23/0x30 [ 1244.823212][T25557] ? security_file_ioctl+0xa1/0xd0 [ 1244.828301][T25557] __x64_sys_ioctl+0xe3/0x120 [ 1244.832955][T25557] do_syscall_64+0xfe/0x140 [ 1244.837438][T25557] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1244.843310][T25557] RIP: 0033:0x459387 [ 1244.847188][T25557] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1244.866762][T25557] RSP: 002b:00007f8a79992a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1244.875147][T25557] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000459387 [ 1244.883093][T25557] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1244.891033][T25557] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1244.898995][T25557] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1244.906945][T25557] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:05 executing program 0 (fault-call:2 fault-nth:21): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:05 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x7f7a8c1dc6000000, 0x0, 0x0, 0x0) 03:44:05 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:05 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419681a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:05 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0b") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:05 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x900}) 03:44:05 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x8000000000000000, 0x0, 0x0, 0x0) 03:44:05 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010700000014196c1a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:05 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1245.076411][T25579] FAULT_INJECTION: forcing a failure. [ 1245.076411][T25579] name failslab, interval 1, probability 0, space 0, times 0 [ 1245.154313][T25579] CPU: 0 PID: 25579 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1245.162241][T25579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1245.172300][T25579] Call Trace: [ 1245.175592][T25579] dump_stack+0x1d8/0x2f8 [ 1245.179925][T25579] should_fail+0x608/0x860 [ 1245.184338][T25579] ? setup_fault_attr+0x2b0/0x2b0 [ 1245.189377][T25579] ? tomoyo_encode2+0x273/0x5a0 [ 1245.194226][T25579] __should_failslab+0x11a/0x160 [ 1245.194242][T25579] ? tomoyo_encode2+0x273/0x5a0 [ 1245.194254][T25579] should_failslab+0x9/0x20 [ 1245.194263][T25579] __kmalloc+0x7a/0x310 [ 1245.194276][T25579] tomoyo_encode2+0x273/0x5a0 [ 1245.194294][T25579] tomoyo_realpath_from_path+0x769/0x7c0 [ 1245.204048][T25579] tomoyo_path_number_perm+0x1e0/0x740 [ 1245.204060][T25579] ? trace_lock_acquire+0x190/0x190 [ 1245.204074][T25579] ? tomoyo_check_path_acl+0x180/0x180 [ 1245.204117][T25579] ? fget_many+0x30/0x30 [ 1245.233595][T25579] ? debug_smp_processor_id+0x1c/0x20 [ 1245.233605][T25579] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 1245.233619][T25579] tomoyo_file_ioctl+0x23/0x30 [ 1245.259408][T25579] security_file_ioctl+0x6d/0xd0 [ 1245.264347][T25579] __x64_sys_ioctl+0xa3/0x120 [ 1245.269026][T25579] do_syscall_64+0xfe/0x140 [ 1245.273535][T25579] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1245.279417][T25579] RIP: 0033:0x459387 [ 1245.283299][T25579] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:44:05 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0b") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:05 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:05 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00}) [ 1245.302893][T25579] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1245.311296][T25579] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000459387 [ 1245.319266][T25579] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1245.327225][T25579] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1245.335180][T25579] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1245.335186][T25579] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1245.423699][T25579] ERROR: Out of memory at tomoyo_realpath_from_path. 03:44:06 executing program 0 (fault-call:2 fault-nth:22): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:06 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x8096980000000000, 0x0, 0x0, 0x0) 03:44:06 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419741a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:06 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00}) 03:44:06 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:06 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0b") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:06 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:06 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x8c4b050000000000, 0x0, 0x0, 0x0) 03:44:06 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff07250000004500010700000014197a1a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:06 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc00}) [ 1245.646816][T25629] FAULT_INJECTION: forcing a failure. [ 1245.646816][T25629] name failslab, interval 1, probability 0, space 0, times 0 [ 1245.659523][T25629] CPU: 1 PID: 25629 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1245.667415][T25629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1245.677466][T25629] Call Trace: [ 1245.680765][T25629] dump_stack+0x1d8/0x2f8 [ 1245.685093][T25629] should_fail+0x608/0x860 [ 1245.689590][T25629] ? setup_fault_attr+0x2b0/0x2b0 [ 1245.694615][T25629] ? stack_trace_save+0x111/0x1e0 [ 1245.699644][T25629] ? stack_trace_snprint+0x150/0x150 [ 1245.704928][T25629] ? arch_stack_walk+0x98/0xe0 [ 1245.709695][T25629] __should_failslab+0x11a/0x160 [ 1245.714630][T25629] ? radix_tree_node_alloc+0x1a1/0x370 [ 1245.720086][T25629] should_failslab+0x9/0x20 [ 1245.724585][T25629] kmem_cache_alloc+0x56/0x2b0 [ 1245.729328][T25629] radix_tree_node_alloc+0x1a1/0x370 [ 1245.734590][T25629] ? __lock_acquire+0xcf7/0x1a40 [ 1245.739501][T25629] ? loop_set_fd+0xc7c/0x1130 [ 1245.744153][T25629] idr_get_free+0x2a8/0x850 [ 1245.748637][T25629] idr_alloc_cyclic+0x1ff/0x600 [ 1245.753465][T25629] ? idr_alloc+0x300/0x300 [ 1245.757860][T25629] ? __rwlock_init+0x130/0x130 [ 1245.762608][T25629] __kernfs_new_node+0x159/0x6e0 [ 1245.767525][T25629] ? kernfs_new_node+0x170/0x170 [ 1245.772442][T25629] ? trace_lock_acquire+0x190/0x190 [ 1245.777620][T25629] kernfs_create_dir_ns+0x9b/0x230 [ 1245.782710][T25629] internal_create_group+0x234/0xde0 [ 1245.787974][T25629] ? bd_set_size+0x97/0xb0 [ 1245.792364][T25629] ? sysfs_create_group+0x30/0x30 [ 1245.797361][T25629] ? up_write+0xb0/0x1b0 [ 1245.801597][T25629] sysfs_create_group+0x1f/0x30 [ 1245.806422][T25629] loop_set_fd+0xc7c/0x1130 [ 1245.810907][T25629] lo_ioctl+0x17a/0x2400 [ 1245.815126][T25629] ? match_held_lock+0x280/0x280 [ 1245.820035][T25629] ? kobj_lookup+0xc2/0x450 [ 1245.824513][T25629] ? lo_release+0x1f0/0x1f0 [ 1245.828989][T25629] ? match_held_lock+0x280/0x280 [ 1245.833899][T25629] ? __bfs+0x550/0x550 [ 1245.837946][T25629] ? __bfs+0x550/0x550 [ 1245.841989][T25629] ? __bfs+0x550/0x550 [ 1245.846031][T25629] ? match_held_lock+0x280/0x280 [ 1245.850943][T25629] ? __lock_acquire+0xcf7/0x1a40 [ 1245.855852][T25629] ? __bfs+0x550/0x550 [ 1245.859901][T25629] ? __lock_acquire+0xcf7/0x1a40 [ 1245.864820][T25629] ? __lock_acquire+0xcf7/0x1a40 [ 1245.869739][T25629] ? trace_lock_acquire+0x190/0x190 [ 1245.874920][T25629] ? __read_once_size_nocheck+0x10/0x10 [ 1245.880439][T25629] ? unwind_next_frame+0x415/0x870 [ 1245.885529][T25629] ? rcu_lock_release+0x9/0x30 [ 1245.890273][T25629] ? stack_trace_save+0x1e0/0x1e0 [ 1245.895271][T25629] ? rcu_lock_release+0x26/0x30 [ 1245.900095][T25629] ? is_bpf_text_address+0x398/0x3b0 [ 1245.905354][T25629] ? stack_trace_save+0x1e0/0x1e0 [ 1245.910368][T25629] ? __kernel_text_address+0x9a/0x110 [ 1245.915713][T25629] ? unwind_get_return_address+0x4c/0x90 [ 1245.921322][T25629] ? arch_stack_walk+0x98/0xe0 [ 1245.926067][T25629] ? stack_trace_save+0x111/0x1e0 [ 1245.931069][T25629] ? lo_release+0x1f0/0x1f0 [ 1245.935548][T25629] blkdev_ioctl+0x917/0x2c10 [ 1245.940119][T25629] ? tomoyo_path_number_perm+0x587/0x740 [ 1245.945727][T25629] ? trace_hardirqs_off+0x74/0x80 [ 1245.950724][T25629] ? quarantine_put+0xb7/0x1f0 [ 1245.955458][T25629] ? tomoyo_path_number_perm+0x587/0x740 [ 1245.961064][T25629] ? __blkdev_driver_ioctl+0xc0/0xc0 [ 1245.966321][T25629] ? __kasan_slab_free+0x19d/0x1e0 [ 1245.972944][T25629] ? __kasan_slab_free+0x12a/0x1e0 [ 1245.978042][T25629] ? kasan_slab_free+0xe/0x10 [ 1245.982689][T25629] ? kfree+0xae/0x120 [ 1245.986643][T25629] ? tomoyo_path_number_perm+0x587/0x740 [ 1245.992254][T25629] ? tomoyo_file_ioctl+0x23/0x30 [ 1245.997167][T25629] ? security_file_ioctl+0x6d/0xd0 [ 1246.002252][T25629] ? __x64_sys_ioctl+0xa3/0x120 [ 1246.007075][T25629] ? do_syscall_64+0xfe/0x140 [ 1246.011725][T25629] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1246.017767][T25629] ? kasan_check_write+0x14/0x20 [ 1246.022680][T25629] ? do_raw_spin_lock+0x143/0x3a0 [ 1246.027722][T25629] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 1246.033513][T25629] ? rcu_lock_release+0x9/0x30 [ 1246.038256][T25629] ? tomoyo_path_number_perm+0x5f0/0x740 [ 1246.043862][T25629] ? trace_lock_acquire+0x190/0x190 [ 1246.049034][T25629] ? tomoyo_check_path_acl+0x180/0x180 [ 1246.054470][T25629] block_ioctl+0xbd/0x100 [ 1246.058774][T25629] ? blkdev_iopoll+0x100/0x100 [ 1246.063511][T25629] do_vfs_ioctl+0x7d4/0x1890 [ 1246.068082][T25629] ? ioctl_preallocate+0x240/0x240 [ 1246.073175][T25629] ? fget_many+0x30/0x30 [ 1246.077396][T25629] ? debug_smp_processor_id+0x1c/0x20 [ 1246.082739][T25629] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 1246.088783][T25629] ? tomoyo_file_ioctl+0x23/0x30 [ 1246.093711][T25629] ? security_file_ioctl+0xa1/0xd0 [ 1246.098798][T25629] __x64_sys_ioctl+0xe3/0x120 [ 1246.103452][T25629] do_syscall_64+0xfe/0x140 [ 1246.107932][T25629] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1246.113799][T25629] RIP: 0033:0x459387 [ 1246.117672][T25629] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1246.137250][T25629] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 03:44:06 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:06 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419003300150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1246.145633][T25629] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000459387 [ 1246.153580][T25629] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1246.161524][T25629] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1246.169646][T25629] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1246.177594][T25629] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1246.217338][T25640] netlink: 'syz-executor.1': attribute type 51 has an invalid length. 03:44:06 executing program 0 (fault-call:2 fault-nth:23): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:06 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x8cffffff00000000, 0x0, 0x0, 0x0) 03:44:06 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7b") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:06 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd00}) 03:44:06 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419003300150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:06 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1246.388297][T25658] netlink: 'syz-executor.1': attribute type 51 has an invalid length. [ 1246.421382][T25668] FAULT_INJECTION: forcing a failure. [ 1246.421382][T25668] name failslab, interval 1, probability 0, space 0, times 0 03:44:07 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1246.434129][T25668] CPU: 1 PID: 25668 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1246.442011][T25668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1246.452073][T25668] Call Trace: [ 1246.455348][T25668] dump_stack+0x1d8/0x2f8 [ 1246.459657][T25668] should_fail+0x608/0x860 [ 1246.464061][T25668] ? setup_fault_attr+0x2b0/0x2b0 [ 1246.469077][T25668] ? stack_trace_save+0x111/0x1e0 [ 1246.474078][T25668] ? stack_trace_snprint+0x150/0x150 [ 1246.479342][T25668] __should_failslab+0x11a/0x160 [ 1246.484264][T25668] ? radix_tree_node_alloc+0x1a1/0x370 [ 1246.489693][T25668] should_failslab+0x9/0x20 [ 1246.494168][T25668] kmem_cache_alloc+0x56/0x2b0 [ 1246.498922][T25668] radix_tree_node_alloc+0x1a1/0x370 [ 1246.504181][T25668] ? __lock_acquire+0xcf7/0x1a40 [ 1246.509092][T25668] ? loop_set_fd+0xc7c/0x1130 [ 1246.513741][T25668] idr_get_free+0x2a8/0x850 [ 1246.518221][T25668] idr_alloc_cyclic+0x1ff/0x600 [ 1246.523063][T25668] ? idr_alloc+0x300/0x300 [ 1246.527473][T25668] ? __rwlock_init+0x130/0x130 [ 1246.532227][T25668] __kernfs_new_node+0x159/0x6e0 [ 1246.537180][T25668] ? kernfs_new_node+0x170/0x170 [ 1246.542095][T25668] ? trace_lock_acquire+0x190/0x190 [ 1246.547273][T25668] kernfs_create_dir_ns+0x9b/0x230 [ 1246.552359][T25668] internal_create_group+0x234/0xde0 [ 1246.557619][T25668] ? bd_set_size+0x97/0xb0 [ 1246.562028][T25668] ? sysfs_create_group+0x30/0x30 [ 1246.567027][T25668] ? up_write+0xb0/0x1b0 [ 1246.571246][T25668] sysfs_create_group+0x1f/0x30 [ 1246.576081][T25668] loop_set_fd+0xc7c/0x1130 [ 1246.580582][T25668] lo_ioctl+0x17a/0x2400 [ 1246.584799][T25668] ? match_held_lock+0x280/0x280 [ 1246.589710][T25668] ? kobj_lookup+0xc2/0x450 [ 1246.594185][T25668] ? lo_release+0x1f0/0x1f0 [ 1246.598659][T25668] ? match_held_lock+0x280/0x280 [ 1246.603568][T25668] ? __bfs+0x550/0x550 [ 1246.607612][T25668] ? __bfs+0x550/0x550 [ 1246.611653][T25668] ? __bfs+0x550/0x550 [ 1246.615695][T25668] ? match_held_lock+0x280/0x280 [ 1246.620605][T25668] ? __lock_acquire+0xcf7/0x1a40 [ 1246.625517][T25668] ? __bfs+0x550/0x550 [ 1246.629562][T25668] ? __lock_acquire+0xcf7/0x1a40 [ 1246.634473][T25668] ? __lock_acquire+0xcf7/0x1a40 [ 1246.639386][T25668] ? trace_lock_acquire+0x190/0x190 [ 1246.644579][T25668] ? __read_once_size_nocheck+0x10/0x10 [ 1246.650110][T25668] ? unwind_next_frame+0x415/0x870 [ 1246.655208][T25668] ? rcu_lock_release+0x9/0x30 [ 1246.659956][T25668] ? stack_trace_save+0x1e0/0x1e0 [ 1246.664964][T25668] ? rcu_lock_release+0x26/0x30 [ 1246.669788][T25668] ? is_bpf_text_address+0x398/0x3b0 [ 1246.675044][T25668] ? stack_trace_save+0x1e0/0x1e0 [ 1246.680058][T25668] ? __kernel_text_address+0x9a/0x110 [ 1246.685415][T25668] ? unwind_get_return_address+0x4c/0x90 [ 1246.691033][T25668] ? arch_stack_walk+0x98/0xe0 [ 1246.695773][T25668] ? stack_trace_save+0x111/0x1e0 [ 1246.700771][T25668] ? lo_release+0x1f0/0x1f0 [ 1246.705255][T25668] blkdev_ioctl+0x917/0x2c10 [ 1246.709832][T25668] ? tomoyo_path_number_perm+0x587/0x740 [ 1246.715435][T25668] ? trace_hardirqs_off+0x74/0x80 [ 1246.720441][T25668] ? quarantine_put+0xb7/0x1f0 [ 1246.725186][T25668] ? tomoyo_path_number_perm+0x587/0x740 [ 1246.730798][T25668] ? __blkdev_driver_ioctl+0xc0/0xc0 [ 1246.736055][T25668] ? __kasan_slab_free+0x19d/0x1e0 [ 1246.741136][T25668] ? __kasan_slab_free+0x12a/0x1e0 [ 1246.746216][T25668] ? kasan_slab_free+0xe/0x10 [ 1246.750862][T25668] ? kfree+0xae/0x120 [ 1246.754816][T25668] ? tomoyo_path_number_perm+0x587/0x740 [ 1246.760437][T25668] ? tomoyo_file_ioctl+0x23/0x30 [ 1246.765494][T25668] ? security_file_ioctl+0x6d/0xd0 [ 1246.770575][T25668] ? __x64_sys_ioctl+0xa3/0x120 [ 1246.775402][T25668] ? do_syscall_64+0xfe/0x140 [ 1246.780062][T25668] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1246.786103][T25668] ? kasan_check_write+0x14/0x20 [ 1246.791014][T25668] ? do_raw_spin_lock+0x143/0x3a0 [ 1246.796018][T25668] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 1246.801798][T25668] ? rcu_lock_release+0x9/0x30 [ 1246.807254][T25668] ? tomoyo_path_number_perm+0x5f0/0x740 [ 1246.812876][T25668] ? trace_lock_acquire+0x190/0x190 [ 1246.818053][T25668] ? tomoyo_check_path_acl+0x180/0x180 [ 1246.823493][T25668] block_ioctl+0xbd/0x100 [ 1246.827795][T25668] ? blkdev_iopoll+0x100/0x100 [ 1246.832532][T25668] do_vfs_ioctl+0x7d4/0x1890 [ 1246.837106][T25668] ? ioctl_preallocate+0x240/0x240 [ 1246.842199][T25668] ? fget_many+0x30/0x30 [ 1246.846415][T25668] ? debug_smp_processor_id+0x1c/0x20 [ 1246.851760][T25668] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 1246.857799][T25668] ? tomoyo_file_ioctl+0x23/0x30 [ 1246.862716][T25668] ? security_file_ioctl+0xa1/0xd0 [ 1246.867798][T25668] __x64_sys_ioctl+0xe3/0x120 [ 1246.872452][T25668] do_syscall_64+0xfe/0x140 [ 1246.876934][T25668] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1246.882806][T25668] RIP: 0033:0x459387 [ 1246.886676][T25668] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1246.906261][T25668] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1246.914643][T25668] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000459387 [ 1246.922603][T25668] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1246.930547][T25668] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 03:44:07 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x994b050000000000, 0x0, 0x0, 0x0) 03:44:07 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe00}) 03:44:07 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00030002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1246.938577][T25668] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1246.946522][T25668] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:07 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xaf4b050000000000, 0x0, 0x0, 0x0) 03:44:07 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7b") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) [ 1247.019916][T25676] __nla_validate_parse: 17 callbacks suppressed [ 1247.019924][T25676] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:07 executing program 0 (fault-call:2 fault-nth:24): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:07 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xc403000000000000, 0x0, 0x0, 0x0) 03:44:07 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a02150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:07 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:07 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xc903000000000000, 0x0, 0x0, 0x0) 03:44:07 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1100}) [ 1247.204857][T25698] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1247.212835][T25697] FAULT_INJECTION: forcing a failure. [ 1247.212835][T25697] name failslab, interval 1, probability 0, space 0, times 0 [ 1247.226850][T25697] CPU: 0 PID: 25697 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1247.234726][T25697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1247.244776][T25697] Call Trace: [ 1247.248076][T25697] dump_stack+0x1d8/0x2f8 03:44:07 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:07 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xe803000000000000, 0x0, 0x0, 0x0) 03:44:07 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a03150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1247.252409][T25697] should_fail+0x608/0x860 [ 1247.256827][T25697] ? setup_fault_attr+0x2b0/0x2b0 [ 1247.261854][T25697] ? stack_trace_save+0x111/0x1e0 [ 1247.266879][T25697] ? stack_trace_snprint+0x150/0x150 [ 1247.272165][T25697] ? arch_stack_walk+0x98/0xe0 [ 1247.276938][T25697] __should_failslab+0x11a/0x160 [ 1247.281887][T25697] ? radix_tree_node_alloc+0x1a1/0x370 [ 1247.287342][T25697] should_failslab+0x9/0x20 [ 1247.291823][T25697] kmem_cache_alloc+0x56/0x2b0 [ 1247.296581][T25697] radix_tree_node_alloc+0x1a1/0x370 [ 1247.301862][T25697] ? __lock_acquire+0xcf7/0x1a40 [ 1247.306775][T25697] ? loop_set_fd+0xc7c/0x1130 [ 1247.311429][T25697] idr_get_free+0x2a8/0x850 [ 1247.315948][T25697] idr_alloc_cyclic+0x1ff/0x600 [ 1247.320785][T25697] ? idr_alloc+0x300/0x300 [ 1247.325174][T25697] ? __rwlock_init+0x130/0x130 [ 1247.329919][T25697] __kernfs_new_node+0x159/0x6e0 [ 1247.334850][T25697] ? kernfs_new_node+0x170/0x170 [ 1247.339774][T25697] ? trace_lock_acquire+0x190/0x190 [ 1247.344953][T25697] kernfs_create_dir_ns+0x9b/0x230 [ 1247.350042][T25697] internal_create_group+0x234/0xde0 [ 1247.355319][T25697] ? bd_set_size+0x97/0xb0 [ 1247.359723][T25697] ? sysfs_create_group+0x30/0x30 [ 1247.364720][T25697] ? up_write+0xb0/0x1b0 [ 1247.368948][T25697] sysfs_create_group+0x1f/0x30 [ 1247.373771][T25697] loop_set_fd+0xc7c/0x1130 [ 1247.378269][T25697] lo_ioctl+0x17a/0x2400 [ 1247.382497][T25697] ? match_held_lock+0x280/0x280 [ 1247.387406][T25697] ? kobj_lookup+0xc2/0x450 [ 1247.391881][T25697] ? lo_release+0x1f0/0x1f0 [ 1247.396366][T25697] ? match_held_lock+0x280/0x280 [ 1247.401285][T25697] ? __bfs+0x550/0x550 [ 1247.405336][T25697] ? __bfs+0x550/0x550 [ 1247.409390][T25697] ? __bfs+0x550/0x550 [ 1247.413429][T25697] ? match_held_lock+0x280/0x280 [ 1247.418353][T25697] ? __lock_acquire+0xcf7/0x1a40 [ 1247.423272][T25697] ? __bfs+0x550/0x550 [ 1247.427319][T25697] ? __lock_acquire+0xcf7/0x1a40 [ 1247.432230][T25697] ? __lock_acquire+0xcf7/0x1a40 [ 1247.437161][T25697] ? trace_lock_acquire+0x190/0x190 [ 1247.442347][T25697] ? __read_once_size_nocheck+0x10/0x10 [ 1247.447864][T25697] ? unwind_next_frame+0x415/0x870 [ 1247.452963][T25697] ? rcu_lock_release+0x9/0x30 [ 1247.457719][T25697] ? stack_trace_save+0x1e0/0x1e0 [ 1247.462734][T25697] ? rcu_lock_release+0x26/0x30 [ 1247.467562][T25697] ? is_bpf_text_address+0x398/0x3b0 [ 1247.472819][T25697] ? stack_trace_save+0x1e0/0x1e0 [ 1247.477826][T25697] ? __kernel_text_address+0x9a/0x110 [ 1247.483182][T25697] ? unwind_get_return_address+0x4c/0x90 [ 1247.488785][T25697] ? arch_stack_walk+0x98/0xe0 [ 1247.493532][T25697] ? stack_trace_save+0x111/0x1e0 [ 1247.498542][T25697] ? lo_release+0x1f0/0x1f0 [ 1247.503032][T25697] blkdev_ioctl+0x917/0x2c10 [ 1247.507595][T25697] ? tomoyo_path_number_perm+0x587/0x740 [ 1247.513201][T25697] ? trace_hardirqs_off+0x74/0x80 [ 1247.518208][T25697] ? quarantine_put+0xb7/0x1f0 [ 1247.522949][T25697] ? tomoyo_path_number_perm+0x587/0x740 [ 1247.528553][T25697] ? __blkdev_driver_ioctl+0xc0/0xc0 [ 1247.533806][T25697] ? __kasan_slab_free+0x19d/0x1e0 [ 1247.538899][T25697] ? __kasan_slab_free+0x12a/0x1e0 [ 1247.543995][T25697] ? kasan_slab_free+0xe/0x10 [ 1247.548641][T25697] ? kfree+0xae/0x120 [ 1247.552593][T25697] ? tomoyo_path_number_perm+0x587/0x740 [ 1247.558202][T25697] ? tomoyo_file_ioctl+0x23/0x30 [ 1247.563118][T25697] ? security_file_ioctl+0x6d/0xd0 [ 1247.568205][T25697] ? __x64_sys_ioctl+0xa3/0x120 [ 1247.573029][T25697] ? do_syscall_64+0xfe/0x140 [ 1247.577692][T25697] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1247.583746][T25697] ? kasan_check_write+0x14/0x20 [ 1247.588655][T25697] ? do_raw_spin_lock+0x143/0x3a0 [ 1247.593764][T25697] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 1247.599548][T25697] ? rcu_lock_release+0x9/0x30 [ 1247.604289][T25697] ? tomoyo_path_number_perm+0x5f0/0x740 [ 1247.609896][T25697] ? trace_lock_acquire+0x190/0x190 [ 1247.615085][T25697] ? tomoyo_check_path_acl+0x180/0x180 [ 1247.620529][T25697] block_ioctl+0xbd/0x100 [ 1247.624830][T25697] ? blkdev_iopoll+0x100/0x100 [ 1247.629568][T25697] do_vfs_ioctl+0x7d4/0x1890 [ 1247.634150][T25697] ? ioctl_preallocate+0x240/0x240 [ 1247.639271][T25697] ? fget_many+0x30/0x30 [ 1247.643577][T25697] ? debug_smp_processor_id+0x1c/0x20 [ 1247.648937][T25697] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 1247.654996][T25697] ? tomoyo_file_ioctl+0x23/0x30 [ 1247.659948][T25697] ? security_file_ioctl+0xa1/0xd0 [ 1247.665045][T25697] __x64_sys_ioctl+0xe3/0x120 [ 1247.669697][T25697] do_syscall_64+0xfe/0x140 [ 1247.674188][T25697] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1247.680064][T25697] RIP: 0033:0x459387 [ 1247.683981][T25697] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1247.703604][T25697] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1247.712086][T25697] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000459387 [ 1247.720029][T25697] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1247.727974][T25697] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1247.735929][T25697] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1247.743888][T25697] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1247.771252][T25707] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:08 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7b") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:08 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1200}) 03:44:08 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xebffffff00000000, 0x0, 0x0, 0x0) 03:44:08 executing program 0 (fault-call:2 fault-nth:25): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:08 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a04150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:08 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1247.968263][T25730] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:08 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a05150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:08 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1254}) [ 1248.010085][T25736] FAULT_INJECTION: forcing a failure. [ 1248.010085][T25736] name failslab, interval 1, probability 0, space 0, times 0 [ 1248.025715][T25736] CPU: 0 PID: 25736 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1248.033731][T25736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1248.043800][T25736] Call Trace: [ 1248.047089][T25736] dump_stack+0x1d8/0x2f8 [ 1248.051419][T25736] should_fail+0x608/0x860 03:44:08 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1248.055845][T25736] ? setup_fault_attr+0x2b0/0x2b0 [ 1248.060867][T25736] __should_failslab+0x11a/0x160 [ 1248.065812][T25736] ? __kernfs_new_node+0xd9/0x6e0 [ 1248.070823][T25736] should_failslab+0x9/0x20 [ 1248.075317][T25736] kmem_cache_alloc+0x56/0x2b0 [ 1248.080069][T25736] __kernfs_new_node+0xd9/0x6e0 [ 1248.084909][T25736] ? kernfs_new_node+0x170/0x170 [ 1248.089832][T25736] ? kasan_check_write+0x14/0x20 [ 1248.094768][T25736] ? __mutex_unlock_slowpath+0x18c/0x630 [ 1248.100388][T25736] ? mutex_unlock+0x10/0x10 [ 1248.104890][T25736] kernfs_new_node+0x97/0x170 [ 1248.109567][T25736] __kernfs_create_file+0x4a/0x2f0 [ 1248.114677][T25736] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 1248.120032][T25736] internal_create_group+0x511/0xde0 [ 1248.125304][T25736] ? sysfs_create_group+0x30/0x30 [ 1248.130315][T25736] ? up_write+0xb0/0x1b0 [ 1248.134546][T25736] sysfs_create_group+0x1f/0x30 [ 1248.139381][T25736] loop_set_fd+0xc7c/0x1130 [ 1248.143879][T25736] lo_ioctl+0x17a/0x2400 [ 1248.148105][T25736] ? match_held_lock+0x280/0x280 [ 1248.153013][T25736] ? kobj_lookup+0xc2/0x450 [ 1248.157490][T25736] ? lo_release+0x1f0/0x1f0 [ 1248.161967][T25736] ? match_held_lock+0x280/0x280 [ 1248.166880][T25736] ? __bfs+0x550/0x550 [ 1248.170921][T25736] ? __bfs+0x550/0x550 [ 1248.174977][T25736] ? __bfs+0x550/0x550 [ 1248.179029][T25736] ? match_held_lock+0x280/0x280 [ 1248.183957][T25736] ? __lock_acquire+0xcf7/0x1a40 [ 1248.188881][T25736] ? __bfs+0x550/0x550 [ 1248.192924][T25736] ? __lock_acquire+0xcf7/0x1a40 [ 1248.197858][T25736] ? __lock_acquire+0xcf7/0x1a40 [ 1248.202804][T25736] ? trace_lock_acquire+0x190/0x190 [ 1248.207983][T25736] ? __read_once_size_nocheck+0x10/0x10 [ 1248.213501][T25736] ? unwind_next_frame+0x415/0x870 [ 1248.218595][T25736] ? rcu_lock_release+0x9/0x30 [ 1248.223355][T25736] ? stack_trace_save+0x1e0/0x1e0 [ 1248.228379][T25736] ? rcu_lock_release+0x26/0x30 [ 1248.233202][T25736] ? is_bpf_text_address+0x398/0x3b0 [ 1248.238461][T25736] ? stack_trace_save+0x1e0/0x1e0 [ 1248.243457][T25736] ? __kernel_text_address+0x9a/0x110 [ 1248.248803][T25736] ? unwind_get_return_address+0x4c/0x90 [ 1248.254418][T25736] ? arch_stack_walk+0x98/0xe0 [ 1248.259169][T25736] ? stack_trace_save+0x111/0x1e0 [ 1248.264180][T25736] ? lo_release+0x1f0/0x1f0 [ 1248.268664][T25736] blkdev_ioctl+0x917/0x2c10 [ 1248.273252][T25736] ? tomoyo_path_number_perm+0x587/0x740 [ 1248.278863][T25736] ? trace_hardirqs_off+0x74/0x80 [ 1248.283872][T25736] ? quarantine_put+0xb7/0x1f0 [ 1248.288619][T25736] ? tomoyo_path_number_perm+0x587/0x740 [ 1248.294233][T25736] ? __blkdev_driver_ioctl+0xc0/0xc0 [ 1248.299497][T25736] ? __kasan_slab_free+0x19d/0x1e0 [ 1248.304584][T25736] ? __kasan_slab_free+0x12a/0x1e0 [ 1248.309763][T25736] ? kasan_slab_free+0xe/0x10 [ 1248.314417][T25736] ? kfree+0xae/0x120 [ 1248.318384][T25736] ? tomoyo_path_number_perm+0x587/0x740 [ 1248.323995][T25736] ? tomoyo_file_ioctl+0x23/0x30 [ 1248.328918][T25736] ? security_file_ioctl+0x6d/0xd0 [ 1248.334010][T25736] ? __x64_sys_ioctl+0xa3/0x120 [ 1248.338847][T25736] ? do_syscall_64+0xfe/0x140 [ 1248.343507][T25736] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1248.349563][T25736] ? kasan_check_write+0x14/0x20 [ 1248.354485][T25736] ? do_raw_spin_lock+0x143/0x3a0 [ 1248.359503][T25736] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 1248.365299][T25736] ? rcu_lock_release+0x9/0x30 [ 1248.370047][T25736] ? tomoyo_path_number_perm+0x5f0/0x740 [ 1248.375662][T25736] ? trace_lock_acquire+0x190/0x190 [ 1248.380844][T25736] ? tomoyo_check_path_acl+0x180/0x180 [ 1248.386285][T25736] block_ioctl+0xbd/0x100 [ 1248.390585][T25736] ? blkdev_iopoll+0x100/0x100 [ 1248.395333][T25736] do_vfs_ioctl+0x7d4/0x1890 [ 1248.399908][T25736] ? ioctl_preallocate+0x240/0x240 [ 1248.405013][T25736] ? fget_many+0x30/0x30 [ 1248.409240][T25736] ? file_open_root+0x440/0x440 [ 1248.414073][T25736] ? tomoyo_file_ioctl+0x23/0x30 [ 1248.419002][T25736] ? security_file_ioctl+0xa1/0xd0 [ 1248.424112][T25736] __x64_sys_ioctl+0xe3/0x120 [ 1248.428792][T25736] do_syscall_64+0xfe/0x140 [ 1248.433271][T25736] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1248.439140][T25736] RIP: 0033:0x459387 03:44:09 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xf6ffffff00000000, 0x0, 0x0, 0x0) [ 1248.443009][T25736] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1248.462585][T25736] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1248.470967][T25736] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000459387 [ 1248.478911][T25736] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1248.486857][T25736] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1248.494805][T25736] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1248.502764][T25736] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:09 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be0") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:09 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a06150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:09 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2500}) [ 1248.567750][T25749] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:09 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xf803000000000000, 0x0, 0x0, 0x0) 03:44:09 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:09 executing program 0 (fault-call:2 fault-nth:26): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:09 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a07150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:09 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xf9fdffff00000000, 0x0, 0x0, 0x0) 03:44:09 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}) [ 1248.747991][T25768] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:09 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a08150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:09 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1248.793139][T25770] FAULT_INJECTION: forcing a failure. [ 1248.793139][T25770] name failslab, interval 1, probability 0, space 0, times 0 [ 1248.821160][T25770] CPU: 0 PID: 25770 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1248.829064][T25770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1248.839119][T25770] Call Trace: [ 1248.842401][T25770] dump_stack+0x1d8/0x2f8 [ 1248.846710][T25770] should_fail+0x608/0x860 [ 1248.851101][T25770] ? setup_fault_attr+0x2b0/0x2b0 [ 1248.856112][T25770] __should_failslab+0x11a/0x160 [ 1248.861026][T25770] ? __kernfs_new_node+0xd9/0x6e0 [ 1248.866031][T25770] should_failslab+0x9/0x20 [ 1248.870529][T25770] kmem_cache_alloc+0x56/0x2b0 [ 1248.875278][T25770] __kernfs_new_node+0xd9/0x6e0 [ 1248.880127][T25770] ? kernfs_new_node+0x170/0x170 [ 1248.885061][T25770] ? kasan_check_write+0x14/0x20 [ 1248.889983][T25770] ? __mutex_unlock_slowpath+0x18c/0x630 [ 1248.895597][T25770] ? mutex_unlock+0x10/0x10 [ 1248.900093][T25770] kernfs_new_node+0x97/0x170 [ 1248.904757][T25770] __kernfs_create_file+0x4a/0x2f0 [ 1248.910004][T25770] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 1248.915376][T25770] internal_create_group+0x511/0xde0 [ 1248.920644][T25770] ? sysfs_create_group+0x30/0x30 [ 1248.925651][T25770] ? up_write+0xb0/0x1b0 [ 1248.929880][T25770] sysfs_create_group+0x1f/0x30 [ 1248.934989][T25770] loop_set_fd+0xc7c/0x1130 [ 1248.939481][T25770] lo_ioctl+0x17a/0x2400 [ 1248.943701][T25770] ? match_held_lock+0x280/0x280 [ 1248.948612][T25770] ? kobj_lookup+0xc2/0x450 [ 1248.953089][T25770] ? lo_release+0x1f0/0x1f0 [ 1248.957568][T25770] ? match_held_lock+0x280/0x280 [ 1248.962478][T25770] ? __bfs+0x550/0x550 [ 1248.966535][T25770] ? __bfs+0x550/0x550 [ 1248.970590][T25770] ? __bfs+0x550/0x550 [ 1248.974643][T25770] ? match_held_lock+0x280/0x280 [ 1248.979565][T25770] ? __lock_acquire+0xcf7/0x1a40 [ 1248.984480][T25770] ? __bfs+0x550/0x550 [ 1248.988545][T25770] ? __lock_acquire+0xcf7/0x1a40 [ 1248.993578][T25770] ? __lock_acquire+0xcf7/0x1a40 [ 1248.998502][T25770] ? trace_lock_acquire+0x190/0x190 [ 1249.003681][T25770] ? __read_once_size_nocheck+0x10/0x10 [ 1249.009201][T25770] ? unwind_next_frame+0x415/0x870 [ 1249.014306][T25770] ? rcu_lock_release+0x9/0x30 [ 1249.019060][T25770] ? stack_trace_save+0x1e0/0x1e0 [ 1249.024069][T25770] ? rcu_lock_release+0x26/0x30 [ 1249.028901][T25770] ? is_bpf_text_address+0x398/0x3b0 [ 1249.034174][T25770] ? stack_trace_save+0x1e0/0x1e0 [ 1249.039183][T25770] ? __kernel_text_address+0x9a/0x110 [ 1249.044536][T25770] ? unwind_get_return_address+0x4c/0x90 [ 1249.050154][T25770] ? arch_stack_walk+0x98/0xe0 [ 1249.054914][T25770] ? stack_trace_save+0x111/0x1e0 [ 1249.059927][T25770] ? lo_release+0x1f0/0x1f0 [ 1249.064410][T25770] blkdev_ioctl+0x917/0x2c10 [ 1249.068985][T25770] ? tomoyo_path_number_perm+0x587/0x740 [ 1249.074602][T25770] ? trace_hardirqs_off+0x74/0x80 [ 1249.079609][T25770] ? quarantine_put+0xb7/0x1f0 [ 1249.084353][T25770] ? tomoyo_path_number_perm+0x587/0x740 [ 1249.089967][T25770] ? __blkdev_driver_ioctl+0xc0/0xc0 [ 1249.095234][T25770] ? __kasan_slab_free+0x19d/0x1e0 [ 1249.100340][T25770] ? __kasan_slab_free+0x12a/0x1e0 [ 1249.105427][T25770] ? kasan_slab_free+0xe/0x10 [ 1249.110083][T25770] ? kfree+0xae/0x120 [ 1249.114044][T25770] ? tomoyo_path_number_perm+0x587/0x740 [ 1249.119659][T25770] ? tomoyo_file_ioctl+0x23/0x30 [ 1249.124587][T25770] ? security_file_ioctl+0x6d/0xd0 [ 1249.129689][T25770] ? __x64_sys_ioctl+0xa3/0x120 [ 1249.134521][T25770] ? do_syscall_64+0xfe/0x140 [ 1249.139184][T25770] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1249.145232][T25770] ? kasan_check_write+0x14/0x20 [ 1249.150154][T25770] ? do_raw_spin_lock+0x143/0x3a0 [ 1249.155175][T25770] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 1249.160965][T25770] ? rcu_lock_release+0x9/0x30 [ 1249.165718][T25770] ? tomoyo_path_number_perm+0x5f0/0x740 [ 1249.171330][T25770] ? trace_lock_acquire+0x190/0x190 [ 1249.176505][T25770] ? tomoyo_check_path_acl+0x180/0x180 [ 1249.181940][T25770] block_ioctl+0xbd/0x100 [ 1249.186256][T25770] ? blkdev_iopoll+0x100/0x100 [ 1249.191002][T25770] do_vfs_ioctl+0x7d4/0x1890 [ 1249.195586][T25770] ? ioctl_preallocate+0x240/0x240 [ 1249.200688][T25770] ? fget_many+0x30/0x30 [ 1249.204913][T25770] ? debug_smp_processor_id+0x1c/0x20 [ 1249.210267][T25770] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 1249.216309][T25770] ? tomoyo_file_ioctl+0x23/0x30 [ 1249.221241][T25770] ? security_file_ioctl+0xa1/0xd0 [ 1249.226331][T25770] __x64_sys_ioctl+0xe3/0x120 [ 1249.230988][T25770] do_syscall_64+0xfe/0x140 [ 1249.235489][T25770] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1249.241360][T25770] RIP: 0033:0x459387 [ 1249.245260][T25770] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1249.264855][T25770] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1249.273247][T25770] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000459387 [ 1249.281190][T25770] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1249.289134][T25770] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1249.297081][T25770] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1249.305031][T25770] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:10 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be0") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:10 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1249.366717][T25783] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:10 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a09150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:10 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xfc01000000000000, 0x0, 0x0, 0x0) 03:44:10 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5405}) 03:44:10 executing program 0 (fault-call:2 fault-nth:27): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 1249.509975][T25796] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:10 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xfc03000000000000, 0x0, 0x0, 0x0) 03:44:10 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be0") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:10 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a0a150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:10 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5412}) 03:44:10 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:10 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a0b150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1249.675107][T25812] FAULT_INJECTION: forcing a failure. [ 1249.675107][T25812] name failslab, interval 1, probability 0, space 0, times 0 [ 1249.710781][T25812] CPU: 1 PID: 25812 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1249.718697][T25812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1249.728733][T25812] Call Trace: [ 1249.728756][T25812] dump_stack+0x1d8/0x2f8 [ 1249.736334][T25812] should_fail+0x608/0x860 [ 1249.736349][T25812] ? setup_fault_attr+0x2b0/0x2b0 [ 1249.736370][T25812] __should_failslab+0x11a/0x160 [ 1249.745768][T25812] ? __kernfs_new_node+0xd9/0x6e0 [ 1249.755674][T25812] should_failslab+0x9/0x20 [ 1249.755684][T25812] kmem_cache_alloc+0x56/0x2b0 [ 1249.755698][T25812] __kernfs_new_node+0xd9/0x6e0 [ 1249.755708][T25812] ? kasan_check_write+0x14/0x20 [ 1249.755718][T25812] ? __mutex_unlock_slowpath+0x18c/0x630 [ 1249.755729][T25812] ? mutex_unlock+0x10/0x10 [ 1249.764949][T25812] ? kernfs_new_node+0x170/0x170 [ 1249.764968][T25812] ? mutex_unlock+0xd/0x10 [ 1249.764977][T25812] ? kernfs_activate+0x4c7/0x4e0 [ 1249.764994][T25812] kernfs_new_node+0x97/0x170 [ 1249.774732][T25812] __kernfs_create_file+0x4a/0x2f0 [ 1249.774764][T25812] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 1249.774782][T25812] internal_create_group+0x511/0xde0 [ 1249.774798][T25812] ? sysfs_create_group+0x30/0x30 03:44:10 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xff0f000000000000, 0x0, 0x0, 0x0) [ 1249.784871][T25812] ? up_write+0xb0/0x1b0 [ 1249.784885][T25812] sysfs_create_group+0x1f/0x30 [ 1249.784916][T25812] loop_set_fd+0xc7c/0x1130 [ 1249.784937][T25812] lo_ioctl+0x17a/0x2400 [ 1249.794234][T25812] ? match_held_lock+0x280/0x280 [ 1249.794245][T25812] ? kobj_lookup+0xc2/0x450 [ 1249.794256][T25812] ? lo_release+0x1f0/0x1f0 [ 1249.794268][T25812] ? match_held_lock+0x280/0x280 [ 1249.803823][T25812] ? __bfs+0x550/0x550 [ 1249.803836][T25812] ? __bfs+0x550/0x550 [ 1249.803849][T25812] ? __bfs+0x550/0x550 [ 1249.803857][T25812] ? match_held_lock+0x280/0x280 [ 1249.803871][T25812] ? __lock_acquire+0xcf7/0x1a40 [ 1249.814291][T25812] ? __bfs+0x550/0x550 [ 1249.814309][T25812] ? __lock_acquire+0xcf7/0x1a40 [ 1249.814327][T25812] ? __lock_acquire+0xcf7/0x1a40 [ 1249.814347][T25812] ? trace_lock_acquire+0x190/0x190 [ 1249.824606][T25812] ? __read_once_size_nocheck+0x10/0x10 [ 1249.824632][T25812] ? unwind_next_frame+0x415/0x870 [ 1249.824653][T25812] ? rcu_lock_release+0x9/0x30 [ 1249.917565][T25812] ? stack_trace_save+0x1e0/0x1e0 [ 1249.922570][T25812] ? rcu_lock_release+0x26/0x30 [ 1249.927404][T25812] ? is_bpf_text_address+0x398/0x3b0 [ 1249.932660][T25812] ? stack_trace_save+0x1e0/0x1e0 [ 1249.937657][T25812] ? __kernel_text_address+0x9a/0x110 [ 1249.943003][T25812] ? unwind_get_return_address+0x4c/0x90 [ 1249.948608][T25812] ? arch_stack_walk+0x98/0xe0 [ 1249.953396][T25812] ? stack_trace_save+0x111/0x1e0 [ 1249.958397][T25812] ? lo_release+0x1f0/0x1f0 [ 1249.962890][T25812] blkdev_ioctl+0x917/0x2c10 [ 1249.967457][T25812] ? tomoyo_path_number_perm+0x587/0x740 [ 1249.973066][T25812] ? trace_hardirqs_off+0x74/0x80 [ 1249.978066][T25812] ? quarantine_put+0xb7/0x1f0 [ 1249.982808][T25812] ? tomoyo_path_number_perm+0x587/0x740 [ 1249.988412][T25812] ? __blkdev_driver_ioctl+0xc0/0xc0 [ 1249.993673][T25812] ? __kasan_slab_free+0x19d/0x1e0 [ 1249.998768][T25812] ? __kasan_slab_free+0x12a/0x1e0 [ 1250.003868][T25812] ? kasan_slab_free+0xe/0x10 [ 1250.008518][T25812] ? kfree+0xae/0x120 [ 1250.012477][T25812] ? tomoyo_path_number_perm+0x587/0x740 [ 1250.018090][T25812] ? tomoyo_file_ioctl+0x23/0x30 [ 1250.023005][T25812] ? security_file_ioctl+0x6d/0xd0 [ 1250.028088][T25812] ? __x64_sys_ioctl+0xa3/0x120 [ 1250.032914][T25812] ? do_syscall_64+0xfe/0x140 [ 1250.037564][T25812] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1250.043604][T25812] ? kasan_check_write+0x14/0x20 [ 1250.048516][T25812] ? do_raw_spin_lock+0x143/0x3a0 [ 1250.053522][T25812] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 1250.059306][T25812] ? rcu_lock_release+0x9/0x30 [ 1250.064044][T25812] ? tomoyo_path_number_perm+0x5f0/0x740 [ 1250.069644][T25812] ? trace_lock_acquire+0x190/0x190 [ 1250.074817][T25812] ? tomoyo_check_path_acl+0x180/0x180 [ 1250.080253][T25812] block_ioctl+0xbd/0x100 [ 1250.084553][T25812] ? blkdev_iopoll+0x100/0x100 [ 1250.089294][T25812] do_vfs_ioctl+0x7d4/0x1890 [ 1250.093868][T25812] ? ioctl_preallocate+0x240/0x240 [ 1250.098958][T25812] ? fget_many+0x30/0x30 [ 1250.103174][T25812] ? file_open_root+0x440/0x440 [ 1250.108002][T25812] ? tomoyo_file_ioctl+0x23/0x30 [ 1250.112928][T25812] ? security_file_ioctl+0xa1/0xd0 [ 1250.118013][T25812] __x64_sys_ioctl+0xe3/0x120 [ 1250.122665][T25812] do_syscall_64+0xfe/0x140 [ 1250.127144][T25812] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1250.133023][T25812] RIP: 0033:0x459387 [ 1250.136900][T25812] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1250.156488][T25812] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1250.164883][T25812] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000459387 03:44:10 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c00}) [ 1250.172931][T25812] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1250.180900][T25812] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1250.188841][T25812] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1250.196786][T25812] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:10 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a0c150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:10 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xffffff7f00000000, 0x0, 0x0, 0x0) [ 1250.268701][T25835] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:10 executing program 0 (fault-call:2 fault-nth:28): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:10 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}) 03:44:10 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:11 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:11 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0) [ 1250.437384][T25853] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:11 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a0d150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:11 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:11 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) 03:44:11 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:11 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}) 03:44:11 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:11 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a0e150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1250.714830][T25889] FAULT_INJECTION: forcing a failure. [ 1250.714830][T25889] name failslab, interval 1, probability 0, space 0, times 0 [ 1250.739966][T25889] CPU: 1 PID: 25889 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1250.747875][T25889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1250.757923][T25889] Call Trace: [ 1250.761318][T25889] dump_stack+0x1d8/0x2f8 [ 1250.765645][T25889] should_fail+0x608/0x860 [ 1250.770052][T25889] ? setup_fault_attr+0x2b0/0x2b0 [ 1250.775060][T25889] __should_failslab+0x11a/0x160 [ 1250.779972][T25889] ? __kernfs_new_node+0xd9/0x6e0 [ 1250.784969][T25889] should_failslab+0x9/0x20 [ 1250.789444][T25889] kmem_cache_alloc+0x56/0x2b0 [ 1250.794182][T25889] __kernfs_new_node+0xd9/0x6e0 [ 1250.799005][T25889] ? kasan_check_write+0x14/0x20 [ 1250.804662][T25889] ? __mutex_unlock_slowpath+0x18c/0x630 [ 1250.810267][T25889] ? mutex_unlock+0x10/0x10 [ 1250.814767][T25889] ? kernfs_new_node+0x170/0x170 [ 1250.819682][T25889] ? mutex_unlock+0xd/0x10 [ 1250.824066][T25889] ? kernfs_activate+0x4c7/0x4e0 [ 1250.828974][T25889] kernfs_new_node+0x97/0x170 [ 1250.833626][T25889] __kernfs_create_file+0x4a/0x2f0 [ 1250.838711][T25889] sysfs_add_file_mode_ns+0x2dc/0x3a0 [ 1250.844059][T25889] internal_create_group+0x511/0xde0 [ 1250.849319][T25889] ? sysfs_create_group+0x30/0x30 [ 1250.854315][T25889] ? up_write+0xb0/0x1b0 [ 1250.858529][T25889] sysfs_create_group+0x1f/0x30 [ 1250.863351][T25889] loop_set_fd+0xc7c/0x1130 [ 1250.867841][T25889] lo_ioctl+0x17a/0x2400 [ 1250.872060][T25889] ? match_held_lock+0x280/0x280 [ 1250.876969][T25889] ? kobj_lookup+0xc2/0x450 [ 1250.881444][T25889] ? lo_release+0x1f0/0x1f0 [ 1250.885931][T25889] ? match_held_lock+0x280/0x280 [ 1250.890838][T25889] ? __bfs+0x550/0x550 [ 1250.894879][T25889] ? __bfs+0x550/0x550 [ 1250.898920][T25889] ? __bfs+0x550/0x550 [ 1250.902960][T25889] ? match_held_lock+0x280/0x280 [ 1250.907881][T25889] ? __lock_acquire+0xcf7/0x1a40 [ 1250.912791][T25889] ? __bfs+0x550/0x550 [ 1250.916836][T25889] ? __lock_acquire+0xcf7/0x1a40 [ 1250.921746][T25889] ? __lock_acquire+0xcf7/0x1a40 [ 1250.926668][T25889] ? trace_lock_acquire+0x190/0x190 [ 1250.931851][T25889] ? __read_once_size_nocheck+0x10/0x10 [ 1250.937375][T25889] ? unwind_next_frame+0x415/0x870 [ 1250.942462][T25889] ? rcu_lock_release+0x9/0x30 [ 1250.947210][T25889] ? stack_trace_save+0x1e0/0x1e0 [ 1250.952205][T25889] ? rcu_lock_release+0x26/0x30 [ 1250.964101][T25889] ? is_bpf_text_address+0x398/0x3b0 [ 1250.969380][T25889] ? stack_trace_save+0x1e0/0x1e0 [ 1250.974377][T25889] ? __kernel_text_address+0x9a/0x110 [ 1250.979721][T25889] ? unwind_get_return_address+0x4c/0x90 [ 1250.985326][T25889] ? arch_stack_walk+0x98/0xe0 [ 1250.990068][T25889] ? stack_trace_save+0x111/0x1e0 [ 1250.995069][T25889] ? lo_release+0x1f0/0x1f0 [ 1250.999542][T25889] blkdev_ioctl+0x917/0x2c10 [ 1251.004102][T25889] ? tomoyo_path_number_perm+0x587/0x740 [ 1251.009716][T25889] ? trace_hardirqs_off+0x74/0x80 [ 1251.014711][T25889] ? quarantine_put+0xb7/0x1f0 [ 1251.019443][T25889] ? tomoyo_path_number_perm+0x587/0x740 [ 1251.025047][T25889] ? __blkdev_driver_ioctl+0xc0/0xc0 [ 1251.030302][T25889] ? __kasan_slab_free+0x19d/0x1e0 [ 1251.035382][T25889] ? __kasan_slab_free+0x12a/0x1e0 [ 1251.040462][T25889] ? kasan_slab_free+0xe/0x10 [ 1251.045107][T25889] ? kfree+0xae/0x120 [ 1251.049064][T25889] ? tomoyo_path_number_perm+0x587/0x740 [ 1251.054663][T25889] ? tomoyo_file_ioctl+0x23/0x30 [ 1251.059572][T25889] ? security_file_ioctl+0x6d/0xd0 [ 1251.064654][T25889] ? __x64_sys_ioctl+0xa3/0x120 [ 1251.069492][T25889] ? do_syscall_64+0xfe/0x140 [ 1251.074175][T25889] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1251.080213][T25889] ? kasan_check_write+0x14/0x20 [ 1251.085126][T25889] ? do_raw_spin_lock+0x143/0x3a0 [ 1251.090135][T25889] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 1251.095914][T25889] ? rcu_lock_release+0x9/0x30 [ 1251.100651][T25889] ? tomoyo_path_number_perm+0x5f0/0x740 [ 1251.106253][T25889] ? trace_lock_acquire+0x190/0x190 [ 1251.111426][T25889] ? tomoyo_check_path_acl+0x180/0x180 [ 1251.116947][T25889] block_ioctl+0xbd/0x100 [ 1251.121251][T25889] ? blkdev_iopoll+0x100/0x100 [ 1251.125985][T25889] do_vfs_ioctl+0x7d4/0x1890 [ 1251.130548][T25889] ? ioctl_preallocate+0x240/0x240 [ 1251.135646][T25889] ? fget_many+0x30/0x30 [ 1251.139861][T25889] ? debug_smp_processor_id+0x1c/0x20 [ 1251.145205][T25889] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 1251.151243][T25889] ? tomoyo_file_ioctl+0x23/0x30 [ 1251.156152][T25889] ? security_file_ioctl+0xa1/0xd0 [ 1251.161236][T25889] __x64_sys_ioctl+0xe3/0x120 [ 1251.165888][T25889] do_syscall_64+0xfe/0x140 [ 1251.170367][T25889] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1251.176249][T25889] RIP: 0033:0x459387 [ 1251.180119][T25889] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1251.199706][T25889] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1251.208087][T25889] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000459387 [ 1251.216032][T25889] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1251.223972][T25889] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1251.231917][T25889] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1251.239861][T25889] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:11 executing program 0 (fault-call:2 fault-nth:29): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:11 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x2, 0x0) 03:44:11 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000}) 03:44:11 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a0f150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:11 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:11 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:12 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a10150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:12 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(0xffffffffffffffff, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(0xffffffffffffffff, r1) 03:44:12 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:12 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}) [ 1251.425643][T25904] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1251.448440][T25912] FAULT_INJECTION: forcing a failure. [ 1251.448440][T25912] name failslab, interval 1, probability 0, space 0, times 0 03:44:12 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a11150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1251.491994][T25912] CPU: 0 PID: 25912 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1251.499928][T25912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1251.509998][T25912] Call Trace: [ 1251.513270][T25912] dump_stack+0x1d8/0x2f8 [ 1251.517588][T25912] should_fail+0x608/0x860 [ 1251.521981][T25912] ? setup_fault_attr+0x2b0/0x2b0 [ 1251.526988][T25912] __should_failslab+0x11a/0x160 [ 1251.531899][T25912] should_failslab+0x9/0x20 [ 1251.536376][T25912] kmem_cache_alloc_trace+0x5d/0x2c0 [ 1251.541762][T25912] ? kobject_uevent_env+0x2cd/0x1260 [ 1251.547021][T25912] ? dev_uevent_filter+0xb0/0xb0 [ 1251.551931][T25912] kobject_uevent_env+0x2cd/0x1260 [ 1251.557018][T25912] ? sysfs_create_group+0x30/0x30 [ 1251.562019][T25912] kobject_uevent+0x1f/0x30 [ 1251.566501][T25912] loop_set_fd+0xce7/0x1130 [ 1251.570996][T25912] lo_ioctl+0x17a/0x2400 [ 1251.575228][T25912] ? match_held_lock+0x280/0x280 [ 1251.580135][T25912] ? kobj_lookup+0xc2/0x450 [ 1251.584623][T25912] ? lo_release+0x1f0/0x1f0 [ 1251.589108][T25912] ? match_held_lock+0x280/0x280 [ 1251.594021][T25912] ? __bfs+0x550/0x550 [ 1251.598063][T25912] ? __bfs+0x550/0x550 [ 1251.602124][T25912] ? __bfs+0x550/0x550 [ 1251.606168][T25912] ? match_held_lock+0x280/0x280 [ 1251.611089][T25912] ? __lock_acquire+0xcf7/0x1a40 [ 1251.615999][T25912] ? __bfs+0x550/0x550 [ 1251.620041][T25912] ? __lock_acquire+0xcf7/0x1a40 [ 1251.624954][T25912] ? __lock_acquire+0xcf7/0x1a40 [ 1251.629866][T25912] ? trace_lock_acquire+0x190/0x190 [ 1251.635048][T25912] ? __read_once_size_nocheck+0x10/0x10 [ 1251.640569][T25912] ? unwind_next_frame+0x415/0x870 [ 1251.645745][T25912] ? rcu_lock_release+0x9/0x30 [ 1251.650483][T25912] ? stack_trace_save+0x1e0/0x1e0 [ 1251.655476][T25912] ? rcu_lock_release+0x26/0x30 [ 1251.660296][T25912] ? is_bpf_text_address+0x398/0x3b0 [ 1251.665552][T25912] ? stack_trace_save+0x1e0/0x1e0 [ 1251.670553][T25912] ? __kernel_text_address+0x9a/0x110 [ 1251.675907][T25912] ? unwind_get_return_address+0x4c/0x90 [ 1251.681510][T25912] ? arch_stack_walk+0x98/0xe0 [ 1251.686254][T25912] ? stack_trace_save+0x111/0x1e0 [ 1251.691253][T25912] ? lo_release+0x1f0/0x1f0 [ 1251.695742][T25912] blkdev_ioctl+0x917/0x2c10 [ 1251.700309][T25912] ? tomoyo_path_number_perm+0x587/0x740 [ 1251.705913][T25912] ? trace_hardirqs_off+0x74/0x80 [ 1251.710929][T25912] ? quarantine_put+0xb7/0x1f0 [ 1251.715662][T25912] ? tomoyo_path_number_perm+0x587/0x740 [ 1251.721263][T25912] ? __blkdev_driver_ioctl+0xc0/0xc0 [ 1251.726518][T25912] ? __kasan_slab_free+0x19d/0x1e0 [ 1251.731602][T25912] ? __kasan_slab_free+0x12a/0x1e0 [ 1251.736689][T25912] ? kasan_slab_free+0xe/0x10 [ 1251.741353][T25912] ? kfree+0xae/0x120 [ 1251.745309][T25912] ? tomoyo_path_number_perm+0x587/0x740 [ 1251.750928][T25912] ? tomoyo_file_ioctl+0x23/0x30 [ 1251.755840][T25912] ? security_file_ioctl+0x6d/0xd0 [ 1251.760922][T25912] ? __x64_sys_ioctl+0xa3/0x120 [ 1251.765746][T25912] ? do_syscall_64+0xfe/0x140 [ 1251.770393][T25912] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1251.776431][T25912] ? kasan_check_write+0x14/0x20 [ 1251.781339][T25912] ? do_raw_spin_lock+0x143/0x3a0 [ 1251.786340][T25912] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 1251.792120][T25912] ? rcu_lock_release+0x9/0x30 [ 1251.796856][T25912] ? tomoyo_path_number_perm+0x5f0/0x740 [ 1251.802457][T25912] ? trace_lock_acquire+0x190/0x190 [ 1251.807631][T25912] ? tomoyo_check_path_acl+0x180/0x180 [ 1251.813072][T25912] block_ioctl+0xbd/0x100 [ 1251.817371][T25912] ? blkdev_iopoll+0x100/0x100 [ 1251.822108][T25912] do_vfs_ioctl+0x7d4/0x1890 [ 1251.826674][T25912] ? ioctl_preallocate+0x240/0x240 [ 1251.831764][T25912] ? fget_many+0x30/0x30 [ 1251.835978][T25912] ? debug_smp_processor_id+0x1c/0x20 [ 1251.841320][T25912] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 1251.847358][T25912] ? tomoyo_file_ioctl+0x23/0x30 [ 1251.852270][T25912] ? security_file_ioctl+0xa1/0xd0 [ 1251.857358][T25912] __x64_sys_ioctl+0xe3/0x120 [ 1251.862009][T25912] do_syscall_64+0xfe/0x140 [ 1251.866485][T25912] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1251.872361][T25912] RIP: 0033:0x459387 [ 1251.876233][T25912] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1251.896071][T25912] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1251.904452][T25912] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000459387 [ 1251.912395][T25912] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1251.920337][T25912] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1251.928279][T25912] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1251.936224][T25912] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:12 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a12150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:12 executing program 0 (fault-call:2 fault-nth:30): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:12 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:12 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000}) 03:44:12 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(0xffffffffffffffff, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(0xffffffffffffffff, r1) 03:44:12 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x3, 0x0) 03:44:12 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a25150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1252.235287][T25944] __nla_validate_parse: 4 callbacks suppressed [ 1252.235293][T25944] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:12 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a48150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:12 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000000}) [ 1252.288585][T25952] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1252.302823][T25955] FAULT_INJECTION: forcing a failure. [ 1252.302823][T25955] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1252.316032][T25955] CPU: 1 PID: 25955 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1252.323912][T25955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1252.333956][T25955] Call Trace: [ 1252.337226][T25955] dump_stack+0x1d8/0x2f8 [ 1252.341535][T25955] should_fail+0x608/0x860 [ 1252.345925][T25955] ? setup_fault_attr+0x2b0/0x2b0 [ 1252.350926][T25955] ? lockdep_hardirqs_on+0x3c5/0x7d0 [ 1252.356183][T25955] ? console_unlock+0xd35/0xf20 [ 1252.361034][T25955] should_fail_alloc_page+0x55/0x60 [ 1252.366214][T25955] prepare_alloc_pages+0x283/0x460 [ 1252.371296][T25955] __alloc_pages_nodemask+0x11c/0x790 [ 1252.376649][T25955] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1252.382177][T25955] ? tick_nohz_tick_stopped+0x65/0x90 [ 1252.387526][T25955] ? irq_work_queue+0xef/0x110 [ 1252.392259][T25955] ? vprintk_emit+0x2dd/0x3a0 [ 1252.396912][T25955] kmem_getpages+0x46/0x480 [ 1252.401388][T25955] cache_grow_begin+0x7e/0x2c0 [ 1252.406123][T25955] cache_alloc_refill+0x311/0x3f0 [ 1252.411118][T25955] ? check_preemption_disabled+0xb7/0x280 [ 1252.416807][T25955] kmem_cache_alloc_trace+0x29f/0x2c0 [ 1252.422155][T25955] ? kobject_uevent_env+0x2cd/0x1260 [ 1252.427412][T25955] ? dev_uevent_filter+0xb0/0xb0 [ 1252.432322][T25955] kobject_uevent_env+0x2cd/0x1260 [ 1252.437422][T25955] ? sysfs_create_group+0x30/0x30 [ 1252.442424][T25955] kobject_uevent+0x1f/0x30 [ 1252.446898][T25955] loop_set_fd+0xce7/0x1130 [ 1252.451403][T25955] lo_ioctl+0x17a/0x2400 [ 1252.455644][T25955] ? match_held_lock+0x280/0x280 [ 1252.460554][T25955] ? kobj_lookup+0xc2/0x450 [ 1252.465042][T25955] ? lo_release+0x1f0/0x1f0 [ 1252.469517][T25955] ? match_held_lock+0x280/0x280 [ 1252.474424][T25955] ? __bfs+0x550/0x550 [ 1252.478469][T25955] ? __bfs+0x550/0x550 [ 1252.482513][T25955] ? __bfs+0x550/0x550 [ 1252.486564][T25955] ? match_held_lock+0x280/0x280 [ 1252.491486][T25955] ? __lock_acquire+0xcf7/0x1a40 [ 1252.496393][T25955] ? __bfs+0x550/0x550 [ 1252.500435][T25955] ? __lock_acquire+0xcf7/0x1a40 [ 1252.505346][T25955] ? __lock_acquire+0xcf7/0x1a40 [ 1252.510258][T25955] ? trace_lock_acquire+0x190/0x190 [ 1252.515435][T25955] ? __read_once_size_nocheck+0x10/0x10 [ 1252.520963][T25955] ? unwind_next_frame+0x415/0x870 [ 1252.526061][T25955] ? rcu_lock_release+0x9/0x30 [ 1252.530797][T25955] ? stack_trace_save+0x1e0/0x1e0 [ 1252.535794][T25955] ? rcu_lock_release+0x26/0x30 [ 1252.540617][T25955] ? is_bpf_text_address+0x398/0x3b0 [ 1252.545872][T25955] ? stack_trace_save+0x1e0/0x1e0 [ 1252.550867][T25955] ? __kernel_text_address+0x9a/0x110 [ 1252.556208][T25955] ? unwind_get_return_address+0x4c/0x90 [ 1252.561813][T25955] ? arch_stack_walk+0x98/0xe0 [ 1252.566553][T25955] ? stack_trace_save+0x111/0x1e0 [ 1252.571566][T25955] ? lo_release+0x1f0/0x1f0 [ 1252.576040][T25955] blkdev_ioctl+0x917/0x2c10 [ 1252.580604][T25955] ? tomoyo_path_number_perm+0x587/0x740 [ 1252.586209][T25955] ? trace_hardirqs_off+0x74/0x80 [ 1252.591202][T25955] ? quarantine_put+0xb7/0x1f0 [ 1252.595935][T25955] ? tomoyo_path_number_perm+0x587/0x740 [ 1252.601537][T25955] ? __blkdev_driver_ioctl+0xc0/0xc0 [ 1252.606793][T25955] ? __kasan_slab_free+0x19d/0x1e0 [ 1252.611876][T25955] ? __kasan_slab_free+0x12a/0x1e0 [ 1252.616967][T25955] ? kasan_slab_free+0xe/0x10 [ 1252.621618][T25955] ? kfree+0xae/0x120 [ 1252.625573][T25955] ? tomoyo_path_number_perm+0x587/0x740 [ 1252.631173][T25955] ? tomoyo_file_ioctl+0x23/0x30 [ 1252.636090][T25955] ? security_file_ioctl+0x6d/0xd0 [ 1252.641186][T25955] ? __x64_sys_ioctl+0xa3/0x120 [ 1252.646015][T25955] ? do_syscall_64+0xfe/0x140 [ 1252.650667][T25955] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1252.656708][T25955] ? kasan_check_write+0x14/0x20 [ 1252.661623][T25955] ? do_raw_spin_lock+0x143/0x3a0 [ 1252.666626][T25955] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 1252.672409][T25955] ? rcu_lock_release+0x9/0x30 [ 1252.677148][T25955] ? tomoyo_path_number_perm+0x5f0/0x740 [ 1252.682749][T25955] ? trace_lock_acquire+0x190/0x190 [ 1252.687921][T25955] ? tomoyo_check_path_acl+0x180/0x180 [ 1252.693354][T25955] block_ioctl+0xbd/0x100 [ 1252.697685][T25955] ? blkdev_iopoll+0x100/0x100 [ 1252.702419][T25955] do_vfs_ioctl+0x7d4/0x1890 [ 1252.706986][T25955] ? ioctl_preallocate+0x240/0x240 [ 1252.712076][T25955] ? fget_many+0x30/0x30 [ 1252.716296][T25955] ? file_open_root+0x440/0x440 [ 1252.721129][T25955] ? tomoyo_file_ioctl+0x23/0x30 [ 1252.726036][T25955] ? security_file_ioctl+0xa1/0xd0 [ 1252.731120][T25955] __x64_sys_ioctl+0xe3/0x120 [ 1252.735859][T25955] do_syscall_64+0xfe/0x140 [ 1252.740334][T25955] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1252.746198][T25955] RIP: 0033:0x459387 [ 1252.750071][T25955] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1252.769645][T25955] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1252.778038][T25955] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000459387 03:44:13 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1252.785985][T25955] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1252.793929][T25955] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1252.801873][T25955] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1252.810419][T25955] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:13 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(0xffffffffffffffff, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(0xffffffffffffffff, r1) 03:44:13 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a4c150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1252.888786][T25966] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:13 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1252.959727][T25973] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:13 executing program 0 (fault-call:2 fault-nth:31): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:13 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000}) 03:44:13 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a60150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1253.064868][T25988] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:13 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:13 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x4, 0x0) 03:44:13 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:13 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}) 03:44:13 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a68150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1253.195120][T25992] FAULT_INJECTION: forcing a failure. [ 1253.195120][T25992] name failslab, interval 1, probability 0, space 0, times 0 [ 1253.209029][T25992] CPU: 1 PID: 25992 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1253.216918][T25992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1253.226960][T25992] Call Trace: [ 1253.230228][T25992] dump_stack+0x1d8/0x2f8 [ 1253.234532][T25992] should_fail+0x608/0x860 [ 1253.238919][T25992] ? setup_fault_attr+0x2b0/0x2b0 [ 1253.243927][T25992] __should_failslab+0x11a/0x160 [ 1253.248835][T25992] should_failslab+0x9/0x20 [ 1253.253307][T25992] kmem_cache_alloc_node+0x65/0x270 [ 1253.258482][T25992] ? __alloc_skb+0x9f/0x500 [ 1253.262953][T25992] __alloc_skb+0x9f/0x500 [ 1253.267253][T25992] alloc_uevent_skb+0x7f/0x230 [ 1253.271989][T25992] kobject_uevent_env+0xcbb/0x1260 [ 1253.277086][T25992] ? sysfs_create_group+0x30/0x30 [ 1253.282091][T25992] kobject_uevent+0x1f/0x30 [ 1253.286573][T25992] loop_set_fd+0xce7/0x1130 [ 1253.291050][T25992] lo_ioctl+0x17a/0x2400 [ 1253.295274][T25992] ? match_held_lock+0x280/0x280 [ 1253.300187][T25992] ? lo_release+0x1f0/0x1f0 [ 1253.304657][T25992] ? lockdep_hardirqs_on+0x3c5/0x7d0 [ 1253.309909][T25992] ? _raw_spin_unlock_irqrestore+0x77/0xe0 [ 1253.315686][T25992] ? match_held_lock+0x280/0x280 [ 1253.320590][T25992] ? __bfs+0x550/0x550 [ 1253.324629][T25992] ? __bfs+0x550/0x550 [ 1253.328670][T25992] ? __bfs+0x550/0x550 [ 1253.332710][T25992] ? match_held_lock+0x280/0x280 [ 1253.337618][T25992] ? refcount_inc_checked+0x50/0x50 [ 1253.342787][T25992] ? __lock_acquire+0xcf7/0x1a40 [ 1253.347691][T25992] ? __bfs+0x550/0x550 [ 1253.351733][T25992] ? __lock_acquire+0xcf7/0x1a40 [ 1253.356644][T25992] ? __lock_acquire+0xcf7/0x1a40 [ 1253.361554][T25992] ? trace_lock_acquire+0x190/0x190 [ 1253.366728][T25992] ? __read_once_size_nocheck+0x10/0x10 [ 1253.372238][T25992] ? unwind_next_frame+0x415/0x870 [ 1253.377322][T25992] ? rcu_lock_release+0x9/0x30 [ 1253.382067][T25992] ? stack_trace_save+0x1e0/0x1e0 [ 1253.387064][T25992] ? rcu_lock_release+0x26/0x30 [ 1253.391881][T25992] ? is_bpf_text_address+0x398/0x3b0 [ 1253.397134][T25992] ? stack_trace_save+0x1e0/0x1e0 [ 1253.402136][T25992] ? __kernel_text_address+0x9a/0x110 [ 1253.407477][T25992] ? unwind_get_return_address+0x4c/0x90 [ 1253.413077][T25992] ? arch_stack_walk+0x98/0xe0 [ 1253.417814][T25992] ? stack_trace_save+0x111/0x1e0 [ 1253.422807][T25992] ? lo_release+0x1f0/0x1f0 [ 1253.427278][T25992] blkdev_ioctl+0x917/0x2c10 [ 1253.431838][T25992] ? tomoyo_path_number_perm+0x587/0x740 [ 1253.437442][T25992] ? trace_hardirqs_off+0x74/0x80 [ 1253.442435][T25992] ? quarantine_put+0xb7/0x1f0 [ 1253.447167][T25992] ? tomoyo_path_number_perm+0x587/0x740 [ 1253.452765][T25992] ? __blkdev_driver_ioctl+0xc0/0xc0 [ 1253.458022][T25992] ? __kasan_slab_free+0x19d/0x1e0 [ 1253.463104][T25992] ? __kasan_slab_free+0x12a/0x1e0 [ 1253.468185][T25992] ? kasan_slab_free+0xe/0x10 [ 1253.472829][T25992] ? kfree+0xae/0x120 [ 1253.476778][T25992] ? tomoyo_path_number_perm+0x587/0x740 [ 1253.482376][T25992] ? tomoyo_file_ioctl+0x23/0x30 [ 1253.487285][T25992] ? security_file_ioctl+0x6d/0xd0 [ 1253.492365][T25992] ? __x64_sys_ioctl+0xa3/0x120 [ 1253.497184][T25992] ? do_syscall_64+0xfe/0x140 [ 1253.501827][T25992] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1253.507862][T25992] ? kasan_check_write+0x14/0x20 [ 1253.512767][T25992] ? do_raw_spin_lock+0x143/0x3a0 [ 1253.517770][T25992] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 1253.523556][T25992] ? rcu_lock_release+0x9/0x30 [ 1253.528305][T25992] ? tomoyo_path_number_perm+0x5f0/0x740 [ 1253.533914][T25992] ? trace_lock_acquire+0x190/0x190 [ 1253.539085][T25992] ? tomoyo_check_path_acl+0x180/0x180 [ 1253.544516][T25992] block_ioctl+0xbd/0x100 [ 1253.548814][T25992] ? blkdev_iopoll+0x100/0x100 [ 1253.553547][T25992] do_vfs_ioctl+0x7d4/0x1890 [ 1253.558108][T25992] ? ioctl_preallocate+0x240/0x240 [ 1253.563196][T25992] ? fget_many+0x30/0x30 [ 1253.567413][T25992] ? file_open_root+0x440/0x440 [ 1253.572233][T25992] ? tomoyo_file_ioctl+0x23/0x30 [ 1253.577140][T25992] ? security_file_ioctl+0xa1/0xd0 [ 1253.582222][T25992] __x64_sys_ioctl+0xe3/0x120 [ 1253.586884][T25992] do_syscall_64+0xfe/0x140 [ 1253.591362][T25992] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1253.597226][T25992] RIP: 0033:0x459387 [ 1253.601090][T25992] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1253.620846][T25992] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1253.629227][T25992] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000459387 [ 1253.637167][T25992] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1253.645108][T25992] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1253.653049][T25992] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1253.660989][T25992] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1253.716559][T26008] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:14 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:14 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9000000}) 03:44:14 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a6c150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:14 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:14 executing program 0 (fault-call:2 fault-nth:32): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 1253.859124][T26029] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1253.877229][T26017] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:14 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a74150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:14 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000}) [ 1253.952077][T26039] FAULT_INJECTION: forcing a failure. [ 1253.952077][T26039] name failslab, interval 1, probability 0, space 0, times 0 [ 1253.968151][T26039] CPU: 1 PID: 26039 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1253.976615][T26039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1253.986655][T26039] Call Trace: [ 1253.989926][T26039] dump_stack+0x1d8/0x2f8 [ 1253.994238][T26039] should_fail+0x608/0x860 [ 1253.998631][T26039] ? setup_fault_attr+0x2b0/0x2b0 [ 1254.003650][T26039] __should_failslab+0x11a/0x160 [ 1254.008575][T26039] should_failslab+0x9/0x20 [ 1254.013052][T26039] kmem_cache_alloc_node_trace+0x6e/0x280 [ 1254.018742][T26039] ? __kmalloc_node_track_caller+0x3c/0x60 [ 1254.024520][T26039] __kmalloc_node_track_caller+0x3c/0x60 [ 1254.030126][T26039] ? alloc_uevent_skb+0x7f/0x230 [ 1254.035037][T26039] __alloc_skb+0xe8/0x500 [ 1254.039340][T26039] alloc_uevent_skb+0x7f/0x230 [ 1254.044079][T26039] kobject_uevent_env+0xcbb/0x1260 [ 1254.049164][T26039] ? sysfs_create_group+0x30/0x30 [ 1254.054164][T26039] kobject_uevent+0x1f/0x30 [ 1254.058643][T26039] loop_set_fd+0xce7/0x1130 [ 1254.063125][T26039] lo_ioctl+0x17a/0x2400 [ 1254.067345][T26039] ? match_held_lock+0x280/0x280 [ 1254.072254][T26039] ? kobj_lookup+0xc2/0x450 [ 1254.076748][T26039] ? lo_release+0x1f0/0x1f0 [ 1254.081225][T26039] ? match_held_lock+0x280/0x280 [ 1254.086134][T26039] ? __bfs+0x550/0x550 [ 1254.090177][T26039] ? __bfs+0x550/0x550 [ 1254.094226][T26039] ? __bfs+0x550/0x550 [ 1254.098267][T26039] ? match_held_lock+0x280/0x280 [ 1254.103177][T26039] ? __lock_acquire+0xcf7/0x1a40 [ 1254.108085][T26039] ? __bfs+0x550/0x550 [ 1254.112128][T26039] ? __lock_acquire+0xcf7/0x1a40 [ 1254.117061][T26039] ? __lock_acquire+0xcf7/0x1a40 [ 1254.121987][T26039] ? trace_lock_acquire+0x190/0x190 [ 1254.127163][T26039] ? __read_once_size_nocheck+0x10/0x10 [ 1254.132680][T26039] ? unwind_next_frame+0x415/0x870 [ 1254.137768][T26039] ? rcu_lock_release+0x9/0x30 [ 1254.142510][T26039] ? stack_trace_save+0x1e0/0x1e0 [ 1254.147510][T26039] ? rcu_lock_release+0x26/0x30 [ 1254.152335][T26039] ? is_bpf_text_address+0x398/0x3b0 [ 1254.157600][T26039] ? stack_trace_save+0x1e0/0x1e0 [ 1254.162598][T26039] ? __kernel_text_address+0x9a/0x110 [ 1254.167958][T26039] ? unwind_get_return_address+0x4c/0x90 [ 1254.173561][T26039] ? arch_stack_walk+0x98/0xe0 [ 1254.178302][T26039] ? stack_trace_save+0x111/0x1e0 [ 1254.183298][T26039] ? lo_release+0x1f0/0x1f0 [ 1254.187772][T26039] blkdev_ioctl+0x917/0x2c10 [ 1254.192335][T26039] ? tomoyo_path_number_perm+0x587/0x740 [ 1254.197944][T26039] ? trace_hardirqs_off+0x74/0x80 [ 1254.202961][T26039] ? quarantine_put+0xb7/0x1f0 [ 1254.207702][T26039] ? tomoyo_path_number_perm+0x587/0x740 [ 1254.213307][T26039] ? __blkdev_driver_ioctl+0xc0/0xc0 [ 1254.218562][T26039] ? __kasan_slab_free+0x19d/0x1e0 [ 1254.223642][T26039] ? __kasan_slab_free+0x12a/0x1e0 [ 1254.228733][T26039] ? kasan_slab_free+0xe/0x10 [ 1254.233390][T26039] ? kfree+0xae/0x120 [ 1254.237348][T26039] ? tomoyo_path_number_perm+0x587/0x740 [ 1254.242953][T26039] ? tomoyo_file_ioctl+0x23/0x30 [ 1254.247866][T26039] ? security_file_ioctl+0x6d/0xd0 [ 1254.252959][T26039] ? __x64_sys_ioctl+0xa3/0x120 [ 1254.257793][T26039] ? do_syscall_64+0xfe/0x140 [ 1254.262452][T26039] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1254.268492][T26039] ? kasan_check_write+0x14/0x20 [ 1254.273401][T26039] ? do_raw_spin_lock+0x143/0x3a0 [ 1254.278404][T26039] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 1254.284199][T26039] ? rcu_lock_release+0x9/0x30 [ 1254.289035][T26039] ? tomoyo_path_number_perm+0x5f0/0x740 [ 1254.294640][T26039] ? trace_lock_acquire+0x190/0x190 [ 1254.299810][T26039] ? tomoyo_check_path_acl+0x180/0x180 [ 1254.305284][T26039] block_ioctl+0xbd/0x100 [ 1254.309586][T26039] ? blkdev_iopoll+0x100/0x100 [ 1254.314329][T26039] do_vfs_ioctl+0x7d4/0x1890 [ 1254.318899][T26039] ? ioctl_preallocate+0x240/0x240 [ 1254.323989][T26039] ? fget_many+0x30/0x30 [ 1254.328212][T26039] ? debug_smp_processor_id+0x1c/0x20 [ 1254.333564][T26039] ? fpregs_assert_state_consistent+0xaa/0xe0 [ 1254.339613][T26039] ? tomoyo_file_ioctl+0x23/0x30 [ 1254.344531][T26039] ? security_file_ioctl+0xa1/0xd0 [ 1254.349618][T26039] __x64_sys_ioctl+0xe3/0x120 [ 1254.354270][T26039] do_syscall_64+0xfe/0x140 [ 1254.358761][T26039] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1254.364625][T26039] RIP: 0033:0x459387 [ 1254.368501][T26039] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1254.388084][T26039] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 03:44:15 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1254.396469][T26039] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000459387 [ 1254.404414][T26039] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1254.412361][T26039] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1254.420313][T26039] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1254.428257][T26039] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1254.466881][T26050] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1254.518662][T26053] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:15 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x5, 0x0) 03:44:15 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:15 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a7a150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:15 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb000000}) 03:44:15 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:15 executing program 0 (fault-call:2 fault-nth:33): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:15 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00400002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:15 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc000000}) [ 1254.683332][T26071] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:15 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:15 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) [ 1254.746385][T26077] FAULT_INJECTION: forcing a failure. [ 1254.746385][T26077] name failslab, interval 1, probability 0, space 0, times 0 [ 1254.783129][T26077] CPU: 1 PID: 26077 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 03:44:15 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00030002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1254.791051][T26077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1254.801103][T26077] Call Trace: [ 1254.805013][T26077] dump_stack+0x1d8/0x2f8 [ 1254.809346][T26077] should_fail+0x608/0x860 [ 1254.813763][T26077] ? setup_fault_attr+0x2b0/0x2b0 [ 1254.818782][T26077] __should_failslab+0x11a/0x160 [ 1254.823701][T26077] should_failslab+0x9/0x20 [ 1254.828181][T26077] kmem_cache_alloc_node_trace+0x6e/0x280 [ 1254.833874][T26077] ? __kmalloc_node_track_caller+0x3c/0x60 [ 1254.839656][T26077] __kmalloc_node_track_caller+0x3c/0x60 [ 1254.845350][T26077] ? alloc_uevent_skb+0x7f/0x230 [ 1254.850261][T26077] __alloc_skb+0xe8/0x500 [ 1254.854586][T26077] alloc_uevent_skb+0x7f/0x230 [ 1254.859354][T26077] kobject_uevent_env+0xcbb/0x1260 [ 1254.864454][T26077] ? sysfs_create_group+0x30/0x30 [ 1254.869451][T26077] kobject_uevent+0x1f/0x30 [ 1254.873928][T26077] loop_set_fd+0xce7/0x1130 [ 1254.878428][T26077] lo_ioctl+0x17a/0x2400 [ 1254.882643][T26077] ? kasan_check_write+0x14/0x20 [ 1254.887560][T26077] ? match_held_lock+0x280/0x280 [ 1254.892474][T26077] ? lo_release+0x1f0/0x1f0 [ 1254.896949][T26077] ? lockdep_hardirqs_on+0x3c5/0x7d0 [ 1254.902210][T26077] ? _raw_spin_unlock_irqrestore+0x77/0xe0 [ 1254.907985][T26077] ? match_held_lock+0x280/0x280 [ 1254.912891][T26077] ? __bfs+0x550/0x550 [ 1254.916937][T26077] ? __bfs+0x550/0x550 [ 1254.920977][T26077] ? __bfs+0x550/0x550 [ 1254.925276][T26077] ? match_held_lock+0x280/0x280 [ 1254.930186][T26077] ? refcount_inc_checked+0x50/0x50 [ 1254.935353][T26077] ? __lock_acquire+0xcf7/0x1a40 [ 1254.940260][T26077] ? __bfs+0x550/0x550 [ 1254.944306][T26077] ? __lock_acquire+0xcf7/0x1a40 [ 1254.949216][T26077] ? __lock_acquire+0xcf7/0x1a40 [ 1254.954129][T26077] ? trace_lock_acquire+0x190/0x190 [ 1254.959306][T26077] ? __read_once_size_nocheck+0x10/0x10 [ 1254.964834][T26077] ? unwind_next_frame+0x415/0x870 [ 1254.969919][T26077] ? rcu_lock_release+0x9/0x30 [ 1254.974658][T26077] ? stack_trace_save+0x1e0/0x1e0 [ 1254.979651][T26077] ? rcu_lock_release+0x26/0x30 [ 1254.984469][T26077] ? is_bpf_text_address+0x398/0x3b0 [ 1254.989721][T26077] ? stack_trace_save+0x1e0/0x1e0 [ 1254.994715][T26077] ? __kernel_text_address+0x9a/0x110 [ 1255.000053][T26077] ? unwind_get_return_address+0x4c/0x90 [ 1255.005654][T26077] ? arch_stack_walk+0x98/0xe0 [ 1255.010392][T26077] ? stack_trace_save+0x111/0x1e0 [ 1255.015386][T26077] ? lo_release+0x1f0/0x1f0 [ 1255.019857][T26077] blkdev_ioctl+0x917/0x2c10 [ 1255.024416][T26077] ? tomoyo_path_number_perm+0x587/0x740 [ 1255.030020][T26077] ? trace_hardirqs_off+0x74/0x80 [ 1255.035018][T26077] ? quarantine_put+0xb7/0x1f0 [ 1255.039750][T26077] ? tomoyo_path_number_perm+0x587/0x740 [ 1255.045352][T26077] ? __blkdev_driver_ioctl+0xc0/0xc0 [ 1255.050602][T26077] ? __kasan_slab_free+0x19d/0x1e0 [ 1255.055681][T26077] ? __kasan_slab_free+0x12a/0x1e0 [ 1255.060758][T26077] ? kasan_slab_free+0xe/0x10 [ 1255.065408][T26077] ? kfree+0xae/0x120 [ 1255.069358][T26077] ? tomoyo_path_number_perm+0x587/0x740 [ 1255.074960][T26077] ? tomoyo_file_ioctl+0x23/0x30 [ 1255.079865][T26077] ? security_file_ioctl+0x6d/0xd0 [ 1255.084949][T26077] ? __x64_sys_ioctl+0xa3/0x120 [ 1255.089774][T26077] ? do_syscall_64+0xfe/0x140 [ 1255.094420][T26077] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1255.100457][T26077] ? kasan_check_write+0x14/0x20 [ 1255.105381][T26077] ? do_raw_spin_lock+0x143/0x3a0 [ 1255.110392][T26077] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 1255.116178][T26077] ? rcu_lock_release+0x9/0x30 [ 1255.120914][T26077] ? tomoyo_path_number_perm+0x5f0/0x740 [ 1255.126515][T26077] ? trace_lock_acquire+0x190/0x190 [ 1255.131686][T26077] ? tomoyo_check_path_acl+0x180/0x180 [ 1255.137129][T26077] block_ioctl+0xbd/0x100 [ 1255.141437][T26077] ? blkdev_iopoll+0x100/0x100 [ 1255.146172][T26077] do_vfs_ioctl+0x7d4/0x1890 [ 1255.150736][T26077] ? ioctl_preallocate+0x240/0x240 [ 1255.155827][T26077] ? fget_many+0x30/0x30 [ 1255.160038][T26077] ? file_open_root+0x440/0x440 [ 1255.164874][T26077] ? tomoyo_file_ioctl+0x23/0x30 [ 1255.169783][T26077] ? security_file_ioctl+0xa1/0xd0 [ 1255.174864][T26077] __x64_sys_ioctl+0xe3/0x120 [ 1255.179512][T26077] do_syscall_64+0xfe/0x140 [ 1255.183987][T26077] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1255.189856][T26077] RIP: 0033:0x459387 [ 1255.193732][T26077] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1255.213323][T26077] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1255.221702][T26077] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000459387 [ 1255.229652][T26077] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1255.237607][T26077] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 03:44:15 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd000000}) [ 1255.245548][T26077] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1255.253489][T26077] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1255.309256][T26093] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1255.339836][T26091] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1255.531014][T26117] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:16 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x6, 0x0) 03:44:16 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00040002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:16 executing program 0 (fault-call:2 fault-nth:34): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:16 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:16 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:16 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe000000}) 03:44:16 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:16 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1255.656197][T26134] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:16 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150202000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:16 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}) [ 1255.713542][T26128] FAULT_INJECTION: forcing a failure. [ 1255.713542][T26128] name failslab, interval 1, probability 0, space 0, times 0 [ 1255.738665][T26128] CPU: 0 PID: 26128 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1255.746580][T26128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1255.756630][T26128] Call Trace: [ 1255.759916][T26128] dump_stack+0x1d8/0x2f8 [ 1255.764253][T26128] should_fail+0x608/0x860 [ 1255.768661][T26128] ? setup_fault_attr+0x2b0/0x2b0 [ 1255.773669][T26128] __should_failslab+0x11a/0x160 [ 1255.778585][T26128] ? skb_clone+0x1cc/0x380 [ 1255.782974][T26128] should_failslab+0x9/0x20 [ 1255.787452][T26128] kmem_cache_alloc+0x56/0x2b0 [ 1255.792211][T26128] skb_clone+0x1cc/0x380 [ 1255.796462][T26128] netlink_broadcast_filtered+0x5d1/0x1000 [ 1255.802254][T26128] ? refcount_inc_not_zero_checked+0x1ac/0x280 [ 1255.808389][T26128] netlink_broadcast+0x3a/0x50 [ 1255.813137][T26128] kobject_uevent_env+0xcf0/0x1260 [ 1255.818245][T26128] ? sysfs_create_group+0x30/0x30 [ 1255.823257][T26128] kobject_uevent+0x1f/0x30 [ 1255.827738][T26128] loop_set_fd+0xce7/0x1130 [ 1255.832228][T26128] lo_ioctl+0x17a/0x2400 [ 1255.836448][T26128] ? match_held_lock+0x280/0x280 [ 1255.841357][T26128] ? lo_release+0x1f0/0x1f0 [ 1255.845838][T26128] ? lockdep_hardirqs_on+0x3c5/0x7d0 [ 1255.851106][T26128] ? _raw_spin_unlock_irqrestore+0x77/0xe0 [ 1255.856887][T26128] ? match_held_lock+0x280/0x280 [ 1255.861801][T26128] ? __bfs+0x550/0x550 [ 1255.865846][T26128] ? __lock_acquire+0xcf7/0x1a40 [ 1255.870769][T26128] ? __bfs+0x550/0x550 [ 1255.874821][T26128] ? match_held_lock+0x280/0x280 [ 1255.879741][T26128] ? refcount_inc_checked+0x50/0x50 [ 1255.884926][T26128] ? __lock_acquire+0xcf7/0x1a40 [ 1255.889848][T26128] ? __bfs+0x550/0x550 [ 1255.893896][T26128] ? __lock_acquire+0xcf7/0x1a40 [ 1255.898809][T26128] ? __lock_acquire+0xcf7/0x1a40 [ 1255.903724][T26128] ? trace_lock_acquire+0x190/0x190 [ 1255.908910][T26128] ? __read_once_size_nocheck+0x10/0x10 [ 1255.914455][T26128] ? unwind_next_frame+0x415/0x870 [ 1255.919557][T26128] ? rcu_lock_release+0x9/0x30 [ 1255.924309][T26128] ? stack_trace_save+0x1e0/0x1e0 [ 1255.929321][T26128] ? rcu_lock_release+0x26/0x30 [ 1255.934146][T26128] ? is_bpf_text_address+0x398/0x3b0 [ 1255.939409][T26128] ? stack_trace_save+0x1e0/0x1e0 [ 1255.944418][T26128] ? __kernel_text_address+0x9a/0x110 [ 1255.949776][T26128] ? unwind_get_return_address+0x4c/0x90 [ 1255.955391][T26128] ? arch_stack_walk+0x98/0xe0 [ 1255.960133][T26128] ? stack_trace_save+0x111/0x1e0 [ 1255.965142][T26128] ? lo_release+0x1f0/0x1f0 [ 1255.970377][T26128] blkdev_ioctl+0x917/0x2c10 [ 1255.974943][T26128] ? tomoyo_path_number_perm+0x587/0x740 [ 1255.980624][T26128] ? trace_hardirqs_off+0x74/0x80 [ 1255.985649][T26128] ? quarantine_put+0xb7/0x1f0 [ 1255.990398][T26128] ? tomoyo_path_number_perm+0x587/0x740 [ 1255.996007][T26128] ? __blkdev_driver_ioctl+0xc0/0xc0 [ 1256.001264][T26128] ? __kasan_slab_free+0x19d/0x1e0 [ 1256.006354][T26128] ? __kasan_slab_free+0x12a/0x1e0 [ 1256.011546][T26128] ? kasan_slab_free+0xe/0x10 [ 1256.016207][T26128] ? kfree+0xae/0x120 [ 1256.020159][T26128] ? tomoyo_path_number_perm+0x587/0x740 [ 1256.025787][T26128] ? tomoyo_file_ioctl+0x23/0x30 [ 1256.030710][T26128] ? security_file_ioctl+0x6d/0xd0 [ 1256.035796][T26128] ? __x64_sys_ioctl+0xa3/0x120 [ 1256.040622][T26128] ? do_syscall_64+0xfe/0x140 [ 1256.045281][T26128] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1256.051348][T26128] ? kasan_check_write+0x14/0x20 [ 1256.056260][T26128] ? do_raw_spin_lock+0x143/0x3a0 [ 1256.061324][T26128] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 1256.067112][T26128] ? rcu_lock_release+0x9/0x30 [ 1256.071852][T26128] ? tomoyo_path_number_perm+0x5f0/0x740 [ 1256.077475][T26128] ? trace_lock_acquire+0x190/0x190 [ 1256.082649][T26128] ? tomoyo_check_path_acl+0x180/0x180 [ 1256.088086][T26128] block_ioctl+0xbd/0x100 [ 1256.092390][T26128] ? blkdev_iopoll+0x100/0x100 [ 1256.097131][T26128] do_vfs_ioctl+0x7d4/0x1890 [ 1256.101711][T26128] ? ioctl_preallocate+0x240/0x240 [ 1256.106820][T26128] ? fget_many+0x30/0x30 [ 1256.111058][T26128] ? file_open_root+0x440/0x440 [ 1256.115885][T26128] ? tomoyo_file_ioctl+0x23/0x30 [ 1256.120794][T26128] ? security_file_ioctl+0xa1/0xd0 [ 1256.125895][T26128] __x64_sys_ioctl+0xe3/0x120 [ 1256.130559][T26128] do_syscall_64+0xfe/0x140 [ 1256.135038][T26128] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1256.140902][T26128] RIP: 0033:0x459387 [ 1256.144778][T26128] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1256.164373][T26128] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1256.172770][T26128] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000459387 [ 1256.180715][T26128] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 1256.188665][T26128] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1256.196622][T26128] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1256.204578][T26128] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:16 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150302000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:16 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11000000}) [ 1256.230448][T26146] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1256.260790][T26143] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1256.387892][T26165] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:17 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x7, 0x0) 03:44:17 executing program 0 (fault-call:2 fault-nth:35): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:17 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdfff", 0x1f) 03:44:17 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, 0x0) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:17 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12000000}) 03:44:17 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150402000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:17 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150502000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:17 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdfff", 0x1f) [ 1256.587940][T26175] FAULT_INJECTION: forcing a failure. [ 1256.587940][T26175] name failslab, interval 1, probability 0, space 0, times 0 [ 1256.606733][T26175] CPU: 0 PID: 26175 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1256.614652][T26175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1256.624707][T26175] Call Trace: [ 1256.627998][T26175] dump_stack+0x1d8/0x2f8 [ 1256.632333][T26175] should_fail+0x608/0x860 [ 1256.636750][T26175] ? setup_fault_attr+0x2b0/0x2b0 [ 1256.641778][T26175] __should_failslab+0x11a/0x160 [ 1256.646709][T26175] ? __d_alloc+0x2d/0x6e0 [ 1256.651032][T26175] should_failslab+0x9/0x20 [ 1256.655526][T26175] kmem_cache_alloc+0x56/0x2b0 [ 1256.660291][T26175] __d_alloc+0x2d/0x6e0 [ 1256.664445][T26175] d_alloc+0x4e/0x1d0 [ 1256.668439][T26175] __lookup_hash+0xe5/0x290 [ 1256.672941][T26175] filename_create+0x1c6/0x6f0 [ 1256.677705][T26175] ? kern_path_create+0x40/0x40 [ 1256.682561][T26175] do_mkdirat+0xaf/0x390 [ 1256.686798][T26175] ? debug_smp_processor_id+0x1c/0x20 [ 1256.692168][T26175] ? vfs_mkdir+0x610/0x610 [ 1256.696580][T26175] ? kasan_check_write+0x14/0x20 [ 1256.701511][T26175] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1256.707222][T26175] ? do_syscall_64+0x1d/0x140 [ 1256.711893][T26175] __x64_sys_mkdir+0x60/0x70 [ 1256.716477][T26175] do_syscall_64+0xfe/0x140 [ 1256.720977][T26175] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1256.726859][T26175] RIP: 0033:0x458937 03:44:17 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, 0x0) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) [ 1256.730749][T26175] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1256.750343][T26175] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1256.758747][T26175] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000458937 [ 1256.766712][T26175] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000100 [ 1256.774677][T26175] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 03:44:17 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12540000}) 03:44:17 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150602000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1256.782648][T26175] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1256.790611][T26175] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:17 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150702000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1256.913917][T26186] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1257.089083][T26206] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:17 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x8, 0x0) 03:44:17 executing program 0 (fault-call:2 fault-nth:36): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:17 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdfff", 0x1f) 03:44:17 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25000000}) 03:44:17 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150802000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:17 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, 0x0) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:17 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000}) [ 1257.253444][T26218] FAULT_INJECTION: forcing a failure. [ 1257.253444][T26218] name failslab, interval 1, probability 0, space 0, times 0 [ 1257.288478][T26218] CPU: 1 PID: 26218 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1257.296416][T26218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1257.306477][T26218] Call Trace: [ 1257.309774][T26218] dump_stack+0x1d8/0x2f8 [ 1257.314105][T26218] should_fail+0x608/0x860 [ 1257.318515][T26218] ? setup_fault_attr+0x2b0/0x2b0 [ 1257.323542][T26218] __should_failslab+0x11a/0x160 [ 1257.328481][T26218] ? getname_flags+0xba/0x640 [ 1257.333150][T26218] should_failslab+0x9/0x20 [ 1257.337648][T26218] kmem_cache_alloc+0x56/0x2b0 [ 1257.342406][T26218] getname_flags+0xba/0x640 [ 1257.346912][T26218] do_mkdirat+0x91/0x390 [ 1257.351149][T26218] ? debug_smp_processor_id+0x1c/0x20 [ 1257.356518][T26218] ? vfs_mkdir+0x610/0x610 [ 1257.360922][T26218] ? kasan_check_write+0x14/0x20 [ 1257.365852][T26218] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1257.371303][T26218] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1257.377015][T26218] ? do_syscall_64+0x1d/0x140 [ 1257.381682][T26218] __x64_sys_mkdir+0x60/0x70 [ 1257.386263][T26218] do_syscall_64+0xfe/0x140 [ 1257.390761][T26218] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1257.396641][T26218] RIP: 0033:0x458937 [ 1257.400527][T26218] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1257.420119][T26218] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1257.428519][T26218] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000458937 [ 1257.436483][T26218] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000100 [ 1257.444445][T26218] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 03:44:18 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150902000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:18 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf9e", 0x1f) [ 1257.452402][T26218] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1257.460360][T26218] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:18 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00'}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:18 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150a02000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:18 executing program 0 (fault-call:2 fault-nth:37): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 1257.572968][T26229] __nla_validate_parse: 3 callbacks suppressed [ 1257.572975][T26229] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1257.589802][T26226] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1257.668373][T26244] FAULT_INJECTION: forcing a failure. [ 1257.668373][T26244] name failslab, interval 1, probability 0, space 0, times 0 [ 1257.681899][T26244] CPU: 0 PID: 26244 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1257.689801][T26244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1257.689834][T26244] Call Trace: [ 1257.689855][T26244] dump_stack+0x1d8/0x2f8 [ 1257.689873][T26244] should_fail+0x608/0x860 [ 1257.689885][T26244] ? setup_fault_attr+0x2b0/0x2b0 [ 1257.689905][T26244] __should_failslab+0x11a/0x160 [ 1257.689914][T26244] ? __d_alloc+0x2d/0x6e0 [ 1257.689925][T26244] should_failslab+0x9/0x20 [ 1257.689933][T26244] kmem_cache_alloc+0x56/0x2b0 [ 1257.689946][T26244] __d_alloc+0x2d/0x6e0 [ 1257.689959][T26244] d_alloc+0x4e/0x1d0 [ 1257.689972][T26244] __lookup_hash+0xe5/0x290 [ 1257.689985][T26244] filename_create+0x1c6/0x6f0 [ 1257.689997][T26244] ? kern_path_create+0x40/0x40 [ 1257.690015][T26244] do_mkdirat+0xaf/0x390 [ 1257.690026][T26244] ? debug_smp_processor_id+0x1c/0x20 [ 1257.690037][T26244] ? vfs_mkdir+0x610/0x610 [ 1257.690051][T26244] ? kasan_check_write+0x14/0x20 [ 1257.690064][T26244] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1257.690078][T26244] ? do_syscall_64+0x1d/0x140 [ 1257.690089][T26244] __x64_sys_mkdir+0x60/0x70 [ 1257.690099][T26244] do_syscall_64+0xfe/0x140 [ 1257.690114][T26244] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1257.722069][T26244] RIP: 0033:0x458937 [ 1257.722081][T26244] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1257.722086][T26244] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1257.722096][T26244] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000458937 [ 1257.722102][T26244] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000100 [ 1257.722108][T26244] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1257.722113][T26244] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1257.722122][T26244] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:18 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x9, 0x0) 03:44:18 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdfef", 0x1f) 03:44:18 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x54050000}) 03:44:18 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150b02000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:18 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00'}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:18 executing program 0 (fault-call:2 fault-nth:38): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:18 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c000000}) [ 1257.996363][T26255] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:18 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150c02000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:18 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00'}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) [ 1258.057576][T26260] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:18 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdff0", 0x1f) 03:44:18 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff}) [ 1258.117250][T26267] FAULT_INJECTION: forcing a failure. [ 1258.117250][T26267] name failslab, interval 1, probability 0, space 0, times 0 [ 1258.174278][T26267] CPU: 1 PID: 26267 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1258.182205][T26267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1258.182211][T26267] Call Trace: [ 1258.182234][T26267] dump_stack+0x1d8/0x2f8 [ 1258.182252][T26267] should_fail+0x608/0x860 [ 1258.204313][T26267] ? setup_fault_attr+0x2b0/0x2b0 [ 1258.209338][T26267] __should_failslab+0x11a/0x160 [ 1258.209348][T26267] ? __d_alloc+0x2d/0x6e0 [ 1258.209361][T26267] should_failslab+0x9/0x20 [ 1258.223064][T26267] kmem_cache_alloc+0x56/0x2b0 [ 1258.227822][T26267] __d_alloc+0x2d/0x6e0 [ 1258.227835][T26267] d_alloc+0x4e/0x1d0 [ 1258.235934][T26267] __lookup_hash+0xe5/0x290 [ 1258.235947][T26267] filename_create+0x1c6/0x6f0 [ 1258.235959][T26267] ? kern_path_create+0x40/0x40 [ 1258.235992][T26267] do_mkdirat+0xaf/0x390 [ 1258.254263][T26267] ? debug_smp_processor_id+0x1c/0x20 [ 1258.259628][T26267] ? vfs_mkdir+0x610/0x610 [ 1258.264039][T26267] ? kasan_check_write+0x14/0x20 [ 1258.268970][T26267] ? trace_irq_disable_rcuidle+0x23/0x1c0 03:44:18 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0xa, 0x0) [ 1258.274687][T26267] ? do_syscall_64+0x1d/0x140 [ 1258.279356][T26267] __x64_sys_mkdir+0x60/0x70 [ 1258.283938][T26267] do_syscall_64+0xfe/0x140 [ 1258.283956][T26267] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1258.283966][T26267] RIP: 0033:0x458937 [ 1258.283978][T26267] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1258.294328][T26267] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1258.294338][T26267] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000458937 [ 1258.294344][T26267] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000100 [ 1258.294350][T26267] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1258.294355][T26267] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1258.294360][T26267] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:19 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd}) [ 1258.358012][T26284] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:19 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150d02000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:19 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1258.397983][T26281] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:19 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:19 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150e02000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:19 executing program 0 (fault-call:2 fault-nth:39): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:19 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000}) [ 1258.470663][T26295] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:19 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:19 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150f02000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:19 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:19 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}) [ 1258.578453][T26302] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1258.609517][T26309] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:19 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0xb, 0x0) 03:44:19 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:19 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00151002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1258.712544][T26319] FAULT_INJECTION: forcing a failure. [ 1258.712544][T26319] name failslab, interval 1, probability 0, space 0, times 0 [ 1258.735056][T26319] CPU: 0 PID: 26319 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1258.750194][T26319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1258.754054][T26325] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1258.760246][T26319] Call Trace: [ 1258.760290][T26319] dump_stack+0x1d8/0x2f8 [ 1258.760308][T26319] should_fail+0x608/0x860 [ 1258.777072][T26319] ? setup_fault_attr+0x2b0/0x2b0 [ 1258.777086][T26319] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 1258.777104][T26319] __should_failslab+0x11a/0x160 [ 1258.777113][T26319] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 1258.777123][T26319] should_failslab+0x9/0x20 [ 1258.777131][T26319] __kmalloc+0x7a/0x310 03:44:19 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}) 03:44:19 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1258.777140][T26319] ? tomoyo_realpath_from_path+0xca/0x7c0 [ 1258.777151][T26319] tomoyo_realpath_from_path+0xdc/0x7c0 [ 1258.777169][T26319] tomoyo_path_number_perm+0x1e0/0x740 [ 1258.792264][T26319] ? quarantine_put+0xb7/0x1f0 [ 1258.792276][T26319] ? __kasan_slab_free+0x19d/0x1e0 [ 1258.792284][T26319] ? __kasan_slab_free+0x12a/0x1e0 [ 1258.792295][T26319] ? filename_create+0x480/0x6f0 [ 1258.792305][T26319] ? tomoyo_check_path_acl+0x180/0x180 [ 1258.792321][T26319] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1258.804425][T26319] ? trace_kfree+0xb2/0x110 [ 1258.804444][T26319] ? do_raw_spin_lock+0x143/0x3a0 [ 1258.804475][T26319] ? filename_create+0x480/0x6f0 [ 1258.804489][T26319] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1258.804505][T26319] tomoyo_path_mkdir+0xe3/0x120 [ 1258.804515][T26319] ? tomoyo_path_unlink+0x100/0x100 [ 1258.804524][T26319] ? kern_path_create+0x40/0x40 [ 1258.804541][T26319] security_path_mkdir+0xed/0x170 [ 1258.804553][T26319] do_mkdirat+0x1ae/0x390 [ 1258.804565][T26319] ? debug_smp_processor_id+0x1c/0x20 03:44:19 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00151102000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1258.804576][T26319] ? vfs_mkdir+0x610/0x610 [ 1258.804589][T26319] ? kasan_check_write+0x14/0x20 [ 1258.920115][T26319] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1258.925840][T26319] ? do_syscall_64+0x1d/0x140 [ 1258.930516][T26319] __x64_sys_mkdir+0x60/0x70 [ 1258.935100][T26319] do_syscall_64+0xfe/0x140 [ 1258.939600][T26319] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1258.945481][T26319] RIP: 0033:0x458937 [ 1258.949366][T26319] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1258.968962][T26319] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1258.977364][T26319] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000458937 [ 1258.985328][T26319] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000100 [ 1258.993289][T26319] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1259.001251][T26319] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1259.009216][T26319] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1259.018455][T26319] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1259.074754][T26333] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1259.080346][T26337] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:19 executing program 0 (fault-call:2 fault-nth:40): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:19 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:19 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00151202000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:19 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300000000000000}) 03:44:19 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:19 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00152502000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1259.208427][T26340] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1259.221590][T26352] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1259.235759][T26348] FAULT_INJECTION: forcing a failure. [ 1259.235759][T26348] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1259.248981][T26348] CPU: 0 PID: 26348 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1259.256873][T26348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1259.266950][T26348] Call Trace: [ 1259.270254][T26348] dump_stack+0x1d8/0x2f8 [ 1259.274597][T26348] should_fail+0x608/0x860 [ 1259.279028][T26348] ? setup_fault_attr+0x2b0/0x2b0 [ 1259.284061][T26348] ? __bfs+0x550/0x550 [ 1259.288139][T26348] should_fail_alloc_page+0x55/0x60 [ 1259.293336][T26348] prepare_alloc_pages+0x283/0x460 [ 1259.298444][T26348] __alloc_pages_nodemask+0x11c/0x790 [ 1259.303827][T26348] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1259.309368][T26348] ? __lock_acquire+0xcf7/0x1a40 [ 1259.309393][T26348] kmem_getpages+0x46/0x480 [ 1259.309410][T26348] cache_grow_begin+0x7e/0x2c0 [ 1259.323572][T26348] cache_alloc_refill+0x311/0x3f0 [ 1259.328595][T26348] ? check_preemption_disabled+0xb7/0x280 [ 1259.328611][T26348] __kmalloc+0x2e5/0x310 [ 1259.328623][T26348] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 1259.328639][T26348] tomoyo_realpath_from_path+0xdc/0x7c0 [ 1259.338562][T26348] tomoyo_path_number_perm+0x1e0/0x740 [ 1259.349777][T26348] ? quarantine_put+0xb7/0x1f0 [ 1259.349789][T26348] ? __kasan_slab_free+0x19d/0x1e0 [ 1259.349798][T26348] ? __kasan_slab_free+0x12a/0x1e0 [ 1259.349809][T26348] ? filename_create+0x480/0x6f0 [ 1259.349820][T26348] ? tomoyo_check_path_acl+0x180/0x180 [ 1259.349837][T26348] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1259.360014][T26348] ? trace_kfree+0xb2/0x110 [ 1259.375113][T26348] ? do_raw_spin_lock+0x143/0x3a0 [ 1259.375147][T26348] ? filename_create+0x480/0x6f0 [ 1259.375162][T26348] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1259.375179][T26348] tomoyo_path_mkdir+0xe3/0x120 [ 1259.375190][T26348] ? tomoyo_path_unlink+0x100/0x100 [ 1259.375198][T26348] ? kern_path_create+0x40/0x40 [ 1259.375212][T26348] security_path_mkdir+0xed/0x170 [ 1259.375224][T26348] do_mkdirat+0x1ae/0x390 [ 1259.375237][T26348] ? debug_smp_processor_id+0x1c/0x20 [ 1259.375249][T26348] ? vfs_mkdir+0x610/0x610 [ 1259.375263][T26348] ? kasan_check_write+0x14/0x20 [ 1259.386747][T26348] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1259.386762][T26348] ? do_syscall_64+0x1d/0x140 [ 1259.386776][T26348] __x64_sys_mkdir+0x60/0x70 [ 1259.386788][T26348] do_syscall_64+0xfe/0x140 [ 1259.465109][T26348] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1259.470992][T26348] RIP: 0033:0x458937 [ 1259.474892][T26348] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1259.494492][T26348] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1259.502910][T26348] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000458937 [ 1259.510888][T26348] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000100 [ 1259.518862][T26348] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1259.526838][T26348] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1259.534803][T26348] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:20 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0xc, 0x0) 03:44:20 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000}) 03:44:20 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:20 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00154802000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:20 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x0) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:20 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00154c02000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1259.620707][T26361] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:20 executing program 0 (fault-call:2 fault-nth:41): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:20 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:20 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500000000000000}) 03:44:20 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x0) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) [ 1259.761833][T26379] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1259.774938][T26370] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1259.800225][T26377] FAULT_INJECTION: forcing a failure. 03:44:20 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00156002000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1259.800225][T26377] name failslab, interval 1, probability 0, space 0, times 0 03:44:20 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600000000000000}) [ 1259.873959][T26377] CPU: 0 PID: 26377 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1259.881887][T26377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1259.891940][T26377] Call Trace: [ 1259.895242][T26377] dump_stack+0x1d8/0x2f8 [ 1259.899583][T26377] should_fail+0x608/0x860 [ 1259.904005][T26377] ? setup_fault_attr+0x2b0/0x2b0 [ 1259.909049][T26377] __should_failslab+0x11a/0x160 [ 1259.913997][T26377] ? security_inode_alloc+0x36/0x1e0 [ 1259.919286][T26377] should_failslab+0x9/0x20 [ 1259.923787][T26377] kmem_cache_alloc+0x56/0x2b0 [ 1259.928545][T26377] ? memset+0x31/0x40 [ 1259.932531][T26377] security_inode_alloc+0x36/0x1e0 [ 1259.937639][T26377] inode_init_always+0x3b5/0x8d0 [ 1259.942575][T26377] ? set_qf_name+0x3c0/0x3c0 [ 1259.942590][T26377] new_inode_pseudo+0x7f/0x240 [ 1259.942601][T26377] new_inode+0x28/0x1c0 [ 1259.942616][T26377] ? trace_ext4_request_inode+0x24d/0x290 [ 1259.942628][T26377] __ext4_new_inode+0x5ea/0x5c40 [ 1259.942650][T26377] ? tomoyo_path_number_perm+0x5f0/0x740 [ 1259.951957][T26377] ? ext4_read_inode_bitmap+0x1710/0x1710 [ 1259.951968][T26377] ? smack_log+0xe3/0x4e0 [ 1259.951982][T26377] ? memset+0x31/0x40 [ 1259.951995][T26377] ? __dquot_initialize+0x228/0xdd0 [ 1259.952004][T26377] ? smk_access+0x18c/0x4f0 [ 1259.952017][T26377] ? dquot_initialize+0x20/0x20 [ 1259.966769][T26377] ? smk_tskacc+0x2ef/0x390 [ 1259.966784][T26377] ? smk_curacc+0xa3/0xe0 [ 1259.966799][T26377] ext4_mkdir+0x413/0x1460 [ 1259.966826][T26377] ? from_kgid+0x236/0x390 [ 1259.966835][T26377] ? ext4_symlink+0x1010/0x1010 [ 1259.966848][T26377] ? security_inode_permission+0xdd/0x120 [ 1259.966858][T26377] ? security_inode_mkdir+0xeb/0x130 [ 1259.966871][T26377] vfs_mkdir+0x43f/0x610 [ 1259.966885][T26377] do_mkdirat+0x22a/0x390 [ 1259.966897][T26377] ? debug_smp_processor_id+0x1c/0x20 [ 1259.966907][T26377] ? vfs_mkdir+0x610/0x610 [ 1259.966915][T26377] ? kasan_check_write+0x14/0x20 [ 1259.966926][T26377] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1259.966941][T26377] ? do_syscall_64+0x1d/0x140 [ 1259.984104][T26377] __x64_sys_mkdir+0x60/0x70 [ 1259.984118][T26377] do_syscall_64+0xfe/0x140 [ 1259.984134][T26377] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1259.984145][T26377] RIP: 0033:0x458937 [ 1259.984156][T26377] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1259.984160][T26377] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1259.984170][T26377] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000458937 [ 1259.984175][T26377] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000100 [ 1259.984181][T26377] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1259.984187][T26377] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1259.984193][T26377] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1260.221453][T26391] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:20 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0xd, 0x0) 03:44:20 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:20 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700000000000000}) 03:44:20 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00156802000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:20 executing program 0 (fault-call:2 fault-nth:42): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:20 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x0) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:21 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00156c02000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1260.384555][T26401] FAULT_INJECTION: forcing a failure. [ 1260.384555][T26401] name failslab, interval 1, probability 0, space 0, times 0 [ 1260.421715][T26401] CPU: 0 PID: 26401 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 03:44:21 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:21 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000000}) [ 1260.429649][T26401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1260.429655][T26401] Call Trace: [ 1260.429679][T26401] dump_stack+0x1d8/0x2f8 [ 1260.429698][T26401] should_fail+0x608/0x860 [ 1260.451772][T26401] ? setup_fault_attr+0x2b0/0x2b0 [ 1260.456842][T26401] __should_failslab+0x11a/0x160 [ 1260.456856][T26401] ? security_inode_alloc+0x36/0x1e0 [ 1260.456865][T26401] should_failslab+0x9/0x20 [ 1260.456874][T26401] kmem_cache_alloc+0x56/0x2b0 [ 1260.456881][T26401] ? memset+0x31/0x40 [ 1260.456891][T26401] security_inode_alloc+0x36/0x1e0 [ 1260.456904][T26401] inode_init_always+0x3b5/0x8d0 [ 1260.456914][T26401] ? set_qf_name+0x3c0/0x3c0 [ 1260.456927][T26401] new_inode_pseudo+0x7f/0x240 [ 1260.467122][T26401] new_inode+0x28/0x1c0 [ 1260.480351][T26401] ? trace_ext4_request_inode+0x24d/0x290 [ 1260.509610][T26401] __ext4_new_inode+0x5ea/0x5c40 [ 1260.514568][T26401] ? tomoyo_path_number_perm+0x5f0/0x740 [ 1260.520213][T26401] ? ext4_read_inode_bitmap+0x1710/0x1710 [ 1260.525937][T26401] ? smack_log+0xe3/0x4e0 [ 1260.530264][T26401] ? memset+0x31/0x40 03:44:21 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1260.530279][T26401] ? __dquot_initialize+0x228/0xdd0 [ 1260.530294][T26401] ? smk_access+0x18c/0x4f0 [ 1260.543932][T26401] ? dquot_initialize+0x20/0x20 [ 1260.548784][T26401] ? smk_tskacc+0x2ef/0x390 [ 1260.553301][T26401] ? smk_curacc+0xa3/0xe0 [ 1260.557638][T26401] ext4_mkdir+0x413/0x1460 [ 1260.562058][T26401] ? from_kgid+0x236/0x390 [ 1260.562078][T26401] ? ext4_symlink+0x1010/0x1010 [ 1260.571320][T26401] ? security_inode_permission+0xdd/0x120 [ 1260.577037][T26401] ? security_inode_mkdir+0xeb/0x130 03:44:21 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x900000000000000}) [ 1260.577054][T26401] vfs_mkdir+0x43f/0x610 [ 1260.577067][T26401] do_mkdirat+0x22a/0x390 [ 1260.577079][T26401] ? debug_smp_processor_id+0x1c/0x20 [ 1260.577090][T26401] ? vfs_mkdir+0x610/0x610 [ 1260.577099][T26401] ? kasan_check_write+0x14/0x20 [ 1260.577110][T26401] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1260.577122][T26401] ? do_syscall_64+0x1d/0x140 [ 1260.577136][T26401] __x64_sys_mkdir+0x60/0x70 [ 1260.586630][T26401] do_syscall_64+0xfe/0x140 [ 1260.586647][T26401] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1260.586656][T26401] RIP: 0033:0x458937 03:44:21 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00157402000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1260.586666][T26401] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1260.586671][T26401] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1260.586680][T26401] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000458937 [ 1260.586685][T26401] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000100 [ 1260.586690][T26401] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1260.586695][T26401] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1260.586699][T26401] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1260.604784][T26421] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1260.833371][T26421] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:21 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0xe, 0x0) 03:44:21 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:21 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00000000000000}) 03:44:21 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00157a02000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:21 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(0xffffffffffffffff, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:21 executing program 0 (fault-call:2 fault-nth:43): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:21 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150003000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1261.000901][T26442] FAULT_INJECTION: forcing a failure. [ 1261.000901][T26442] name failslab, interval 1, probability 0, space 0, times 0 [ 1261.024659][T26442] CPU: 0 PID: 26442 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1261.032580][T26442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1261.042631][T26442] Call Trace: [ 1261.045929][T26442] dump_stack+0x1d8/0x2f8 [ 1261.050272][T26442] should_fail+0x608/0x860 [ 1261.054693][T26442] ? setup_fault_attr+0x2b0/0x2b0 [ 1261.059720][T26442] __should_failslab+0x11a/0x160 [ 1261.064663][T26442] ? security_inode_alloc+0x36/0x1e0 [ 1261.069941][T26442] should_failslab+0x9/0x20 [ 1261.074442][T26442] kmem_cache_alloc+0x56/0x2b0 [ 1261.079197][T26442] ? memset+0x31/0x40 [ 1261.083180][T26442] security_inode_alloc+0x36/0x1e0 [ 1261.088291][T26442] inode_init_always+0x3b5/0x8d0 [ 1261.093225][T26442] ? set_qf_name+0x3c0/0x3c0 [ 1261.097819][T26442] new_inode_pseudo+0x7f/0x240 [ 1261.102575][T26442] new_inode+0x28/0x1c0 [ 1261.106721][T26442] ? trace_ext4_request_inode+0x24d/0x290 [ 1261.112442][T26442] __ext4_new_inode+0x5ea/0x5c40 [ 1261.117387][T26442] ? tomoyo_path_number_perm+0x5f0/0x740 [ 1261.123015][T26442] ? ext4_read_inode_bitmap+0x1710/0x1710 [ 1261.128729][T26442] ? smack_log+0xe3/0x4e0 [ 1261.133061][T26442] ? memset+0x31/0x40 [ 1261.133075][T26442] ? __dquot_initialize+0x228/0xdd0 [ 1261.133088][T26442] ? smk_access+0x18c/0x4f0 [ 1261.142237][T26442] ? dquot_initialize+0x20/0x20 03:44:21 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1261.142247][T26442] ? smk_tskacc+0x2ef/0x390 [ 1261.142262][T26442] ? smk_curacc+0xa3/0xe0 [ 1261.156049][T26442] ext4_mkdir+0x413/0x1460 [ 1261.164772][T26442] ? from_kgid+0x236/0x390 [ 1261.169184][T26442] ? ext4_symlink+0x1010/0x1010 [ 1261.169196][T26442] ? security_inode_permission+0xdd/0x120 [ 1261.169209][T26442] ? security_inode_mkdir+0xeb/0x130 [ 1261.184989][T26442] vfs_mkdir+0x43f/0x610 [ 1261.185004][T26442] do_mkdirat+0x22a/0x390 [ 1261.185017][T26442] ? debug_smp_processor_id+0x1c/0x20 [ 1261.185028][T26442] ? vfs_mkdir+0x610/0x610 [ 1261.185037][T26442] ? kasan_check_write+0x14/0x20 [ 1261.185049][T26442] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1261.185064][T26442] ? do_syscall_64+0x1d/0x140 [ 1261.203455][T26442] __x64_sys_mkdir+0x60/0x70 [ 1261.218805][T26442] do_syscall_64+0xfe/0x140 [ 1261.218821][T26442] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1261.218833][T26442] RIP: 0033:0x458937 03:44:21 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00000000000000}) [ 1261.237635][T26442] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1261.237642][T26442] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1261.237655][T26442] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000458937 [ 1261.273585][T26442] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000100 [ 1261.281539][T26442] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1261.281546][T26442] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1261.281551][T26442] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:22 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:22 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a0015000a000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:22 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(0xffffffffffffffff, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) [ 1261.416599][T26459] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1261.584310][T26469] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:22 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x10, 0x0) 03:44:22 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150040000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:22 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:22 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(0xffffffffffffffff, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:22 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc00000000000000}) 03:44:22 executing program 0 (fault-call:2 fault-nth:44): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 1261.724974][T26478] FAULT_INJECTION: forcing a failure. [ 1261.724974][T26478] name failslab, interval 1, probability 0, space 0, times 0 [ 1261.759384][T26478] CPU: 0 PID: 26478 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1261.767305][T26478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1261.777359][T26478] Call Trace: [ 1261.780652][T26478] dump_stack+0x1d8/0x2f8 [ 1261.784992][T26478] should_fail+0x608/0x860 [ 1261.789408][T26478] ? setup_fault_attr+0x2b0/0x2b0 [ 1261.794430][T26478] ? kcalloc+0x2f/0x50 [ 1261.798693][T26478] __should_failslab+0x11a/0x160 [ 1261.803630][T26478] ? kcalloc+0x2f/0x50 [ 1261.807697][T26478] should_failslab+0x9/0x20 [ 1261.812190][T26478] __kmalloc+0x7a/0x310 [ 1261.816343][T26478] kcalloc+0x2f/0x50 [ 1261.820238][T26478] ext4_find_extent+0x216/0xaa0 [ 1261.825085][T26478] ? trace_ext4_ext_map_blocks_enter+0x28c/0x2d0 [ 1261.831407][T26478] ext4_ext_map_blocks+0x201/0x7f30 [ 1261.836602][T26478] ? __lock_acquire+0xcf7/0x1a40 [ 1261.841553][T26478] ? ext4_ext_release+0x10/0x10 [ 1261.846405][T26478] ? kasan_check_write+0x14/0x20 [ 1261.851334][T26478] ? ext4_mark_iloc_dirty+0x23b4/0x3310 [ 1261.856888][T26478] ? trace_lock_acquire+0x11c/0x190 [ 1261.862076][T26478] ? lock_acquire+0x158/0x250 [ 1261.866746][T26478] ? ext4_map_blocks+0x300/0x1cd0 [ 1261.871780][T26478] ? kasan_check_write+0x14/0x20 [ 1261.876716][T26478] ? __down_read+0x1a/0x1a0 [ 1261.881214][T26478] ext4_map_blocks+0x480/0x1cd0 [ 1261.886070][T26478] ? ext4_issue_zeroout+0x170/0x170 [ 1261.891258][T26478] ? __brelse+0x5a/0xa0 [ 1261.895421][T26478] ext4_getblk+0xff/0x530 [ 1261.899743][T26478] ? tomoyo_path_number_perm+0x5f0/0x740 [ 1261.905366][T26478] ? ext4_get_block_trans+0x590/0x590 [ 1261.910730][T26478] ? smack_log+0xe3/0x4e0 [ 1261.915053][T26478] ? memset+0x31/0x40 [ 1261.919027][T26478] ? __dquot_initialize+0x228/0xdd0 [ 1261.924224][T26478] ext4_bread+0x91/0x240 [ 1261.928460][T26478] ? ext4_getblk+0x530/0x530 [ 1261.933041][T26478] ? smk_tskacc+0x2ef/0x390 [ 1261.937555][T26478] ext4_append+0x175/0x310 [ 1261.941973][T26478] ext4_mkdir+0x7d8/0x1460 [ 1261.946395][T26478] ? from_kgid+0x236/0x390 [ 1261.950810][T26478] ? ext4_symlink+0x1010/0x1010 [ 1261.955653][T26478] ? security_inode_permission+0xdd/0x120 [ 1261.961369][T26478] ? security_inode_mkdir+0xeb/0x130 [ 1261.966652][T26478] vfs_mkdir+0x43f/0x610 [ 1261.971599][T26478] do_mkdirat+0x22a/0x390 03:44:22 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150064000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:22 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1261.975929][T26478] ? debug_smp_processor_id+0x1c/0x20 [ 1261.981296][T26478] ? vfs_mkdir+0x610/0x610 [ 1261.985705][T26478] ? kasan_check_write+0x14/0x20 [ 1261.990759][T26478] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1261.996476][T26478] ? do_syscall_64+0x1d/0x140 [ 1262.001146][T26478] __x64_sys_mkdir+0x60/0x70 [ 1262.005737][T26478] do_syscall_64+0xfe/0x140 [ 1262.010251][T26478] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1262.016139][T26478] RIP: 0033:0x458937 [ 1262.020025][T26478] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1262.039622][T26478] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1262.048035][T26478] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000458937 [ 1262.056001][T26478] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000100 [ 1262.063965][T26478] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 03:44:22 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd00000000000000}) [ 1262.071925][T26478] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1262.079896][T26478] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:22 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x0, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:22 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150003000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:22 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1262.148465][T26490] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:22 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x11, 0x0) 03:44:22 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe00000000000000}) 03:44:22 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:22 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a0015000a000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:22 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x0, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:22 executing program 0 (fault-call:2 fault-nth:45): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:23 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150064000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:23 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}) 03:44:23 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1262.440073][T26520] FAULT_INJECTION: forcing a failure. [ 1262.440073][T26520] name failslab, interval 1, probability 0, space 0, times 0 [ 1262.459327][T26520] CPU: 0 PID: 26520 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1262.467237][T26520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1262.477288][T26520] Call Trace: [ 1262.480584][T26520] dump_stack+0x1d8/0x2f8 [ 1262.484925][T26520] should_fail+0x608/0x860 03:44:23 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002020e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1262.489333][T26520] ? setup_fault_attr+0x2b0/0x2b0 [ 1262.494383][T26520] __should_failslab+0x11a/0x160 [ 1262.499313][T26520] ? ext4_mb_new_blocks+0x30a/0x2d00 [ 1262.499326][T26520] should_failslab+0x9/0x20 [ 1262.499334][T26520] kmem_cache_alloc+0x56/0x2b0 [ 1262.499346][T26520] ext4_mb_new_blocks+0x30a/0x2d00 [ 1262.509094][T26520] ? trace_kmalloc+0xcd/0x130 [ 1262.509108][T26520] ? __kmalloc+0x254/0x310 [ 1262.509117][T26520] ? kcalloc+0x2f/0x50 [ 1262.509135][T26520] ? ext4_mb_pa_callback+0xd0/0xd0 03:44:23 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1262.537167][T26520] ? ext4_find_extent+0x8e0/0xaa0 [ 1262.537179][T26520] ? ext4_inode_to_goal_block+0x27b/0x3b0 [ 1262.537192][T26520] ext4_ext_map_blocks+0x296b/0x7f30 [ 1262.537223][T26520] ? trace_lock_acquire+0x190/0x190 [ 1262.537232][T26520] ? ext4_ext_release+0x10/0x10 [ 1262.537242][T26520] ? kasan_check_write+0x14/0x20 [ 1262.537275][T26520] ext4_map_blocks+0x94d/0x1cd0 [ 1262.558423][T26520] ? ext4_issue_zeroout+0x170/0x170 [ 1262.558434][T26520] ? __brelse+0x5a/0xa0 [ 1262.558451][T26520] ext4_getblk+0xff/0x530 [ 1262.558466][T26520] ? tomoyo_path_number_perm+0x5f0/0x740 [ 1262.558474][T26520] ? ext4_get_block_trans+0x590/0x590 [ 1262.558482][T26520] ? smack_log+0xe3/0x4e0 [ 1262.558496][T26520] ? memset+0x31/0x40 [ 1262.574753][T26533] __nla_validate_parse: 14 callbacks suppressed [ 1262.574760][T26533] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1262.578263][T26520] ? __dquot_initialize+0x228/0xdd0 [ 1262.578279][T26520] ext4_bread+0x91/0x240 [ 1262.578290][T26520] ? ext4_getblk+0x530/0x530 [ 1262.578305][T26520] ? smk_tskacc+0x2ef/0x390 03:44:23 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1100000000000000}) [ 1262.586756][T26520] ext4_append+0x175/0x310 [ 1262.586772][T26520] ext4_mkdir+0x7d8/0x1460 [ 1262.586793][T26520] ? from_kgid+0x236/0x390 [ 1262.586803][T26520] ? ext4_symlink+0x1010/0x1010 [ 1262.586813][T26520] ? security_inode_permission+0xdd/0x120 [ 1262.586823][T26520] ? security_inode_mkdir+0xeb/0x130 [ 1262.586835][T26520] vfs_mkdir+0x43f/0x610 [ 1262.586847][T26520] do_mkdirat+0x22a/0x390 [ 1262.586857][T26520] ? file_open_root+0x440/0x440 [ 1262.586866][T26520] ? vfs_mkdir+0x610/0x610 [ 1262.586874][T26520] ? kasan_check_write+0x14/0x20 [ 1262.586887][T26520] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1262.586900][T26520] ? do_syscall_64+0x1d/0x140 [ 1262.586914][T26520] __x64_sys_mkdir+0x60/0x70 [ 1262.593687][T26517] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1262.597876][T26520] do_syscall_64+0xfe/0x140 [ 1262.597892][T26520] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1262.597902][T26520] RIP: 0033:0x458937 [ 1262.597913][T26520] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1262.597918][T26520] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1262.653280][T26520] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000458937 [ 1262.653286][T26520] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000100 [ 1262.653292][T26520] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1262.653298][T26520] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1262.653304][T26520] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1262.963941][T26540] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:23 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x12, 0x0) 03:44:23 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x0, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, r2) 03:44:23 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002030e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:23 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:23 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1200000000000000}) 03:44:23 executing program 0 (fault-call:2 fault-nth:46): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:23 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002040e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1263.105335][T26549] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:23 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1263.177535][T26552] FAULT_INJECTION: forcing a failure. [ 1263.177535][T26552] name failslab, interval 1, probability 0, space 0, times 0 [ 1263.190790][T26552] CPU: 0 PID: 26552 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1263.198684][T26552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1263.208741][T26552] Call Trace: [ 1263.212034][T26552] dump_stack+0x1d8/0x2f8 [ 1263.216364][T26552] should_fail+0x608/0x860 [ 1263.220779][T26552] ? setup_fault_attr+0x2b0/0x2b0 [ 1263.223611][T26558] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1263.226067][T26552] ? trace_lock_acquire+0x190/0x190 [ 1263.226144][T26552] ? kcalloc+0x2f/0x50 [ 1263.226158][T26552] __should_failslab+0x11a/0x160 [ 1263.226172][T26552] ? __es_insert_extent+0x7ba/0x17c0 [ 1263.256004][T26552] should_failslab+0x9/0x20 [ 1263.260508][T26552] kmem_cache_alloc+0x56/0x2b0 [ 1263.265285][T26552] __es_insert_extent+0x7ba/0x17c0 [ 1263.270402][T26552] ? trace_ext4_es_insert_extent+0x290/0x290 [ 1263.276390][T26552] ext4_es_insert_extent+0x2d0/0x2f40 [ 1263.276401][T26552] ? kcalloc+0x2f/0x50 [ 1263.276418][T26552] ? ext4_es_scan_clu+0x270/0x270 [ 1263.276431][T26552] ? trace_ext4_es_find_extent_range_exit+0x24d/0x290 [ 1263.276440][T26552] ? trace_ext4_ext_convert_to_initialized_fastpath+0x2d0/0x2d0 [ 1263.276450][T26552] ? ext4_es_find_extent_range+0x63/0x80 [ 1263.276460][T26552] ext4_ext_map_blocks+0x181f/0x7f30 [ 1263.276495][T26552] ? ext4_ext_release+0x10/0x10 [ 1263.276505][T26552] ? kasan_check_write+0x14/0x20 03:44:23 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1263.276526][T26552] ? trace_lock_acquire+0x11c/0x190 [ 1263.289538][T26563] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1263.290922][T26552] ? lock_acquire+0x158/0x250 [ 1263.290934][T26552] ? ext4_map_blocks+0x300/0x1cd0 [ 1263.290948][T26552] ? kasan_check_write+0x14/0x20 [ 1263.290959][T26552] ? __down_read+0x1a/0x1a0 [ 1263.290971][T26552] ext4_map_blocks+0x480/0x1cd0 [ 1263.305346][T26552] ? ext4_issue_zeroout+0x170/0x170 [ 1263.305357][T26552] ? __brelse+0x5a/0xa0 [ 1263.305378][T26552] ext4_getblk+0xff/0x530 [ 1263.305393][T26552] ? tomoyo_path_number_perm+0x5f0/0x740 [ 1263.305401][T26552] ? ext4_get_block_trans+0x590/0x590 [ 1263.305411][T26552] ? smack_log+0xe3/0x4e0 [ 1263.305422][T26552] ? memset+0x31/0x40 [ 1263.305434][T26552] ? __dquot_initialize+0x228/0xdd0 [ 1263.305445][T26552] ext4_bread+0x91/0x240 [ 1263.305455][T26552] ? ext4_getblk+0x530/0x530 [ 1263.305462][T26552] ? smk_tskacc+0x2ef/0x390 [ 1263.305477][T26552] ext4_append+0x175/0x310 [ 1263.350123][T26552] ext4_mkdir+0x7d8/0x1460 [ 1263.350149][T26552] ? from_kgid+0x236/0x390 [ 1263.350161][T26552] ? ext4_symlink+0x1010/0x1010 [ 1263.350171][T26552] ? security_inode_permission+0xdd/0x120 [ 1263.350185][T26552] ? security_inode_mkdir+0xeb/0x130 [ 1263.378159][T26552] vfs_mkdir+0x43f/0x610 [ 1263.389125][T26552] do_mkdirat+0x22a/0x390 [ 1263.389138][T26552] ? file_open_root+0x440/0x440 [ 1263.389151][T26552] ? vfs_mkdir+0x610/0x610 [ 1263.389161][T26552] ? kasan_check_write+0x14/0x20 [ 1263.389176][T26552] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1263.397448][T26552] ? do_syscall_64+0x1d/0x140 03:44:24 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, 0x0) dup2(r1, r2) [ 1263.411413][T26552] __x64_sys_mkdir+0x60/0x70 [ 1263.426928][T26568] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1263.429078][T26552] do_syscall_64+0xfe/0x140 [ 1263.429096][T26552] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1263.429107][T26552] RIP: 0033:0x458937 [ 1263.429117][T26552] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:44:24 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1254000000000000}) 03:44:24 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2500000000000000}) [ 1263.429127][T26552] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1263.502004][T26552] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000458937 [ 1263.502011][T26552] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000100 [ 1263.502016][T26552] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1263.502022][T26552] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1263.502028][T26552] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:24 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x25, 0x0) 03:44:24 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000}) 03:44:24 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:24 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002050e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:24 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, 0x0) dup2(r1, r2) 03:44:24 executing program 0 (fault-call:2 fault-nth:47): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:24 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002060e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1263.757883][T26581] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:24 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:24 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5405000000000000}) 03:44:24 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, 0x0) dup2(r1, r2) 03:44:24 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002070e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1263.867318][T26593] FAULT_INJECTION: forcing a failure. [ 1263.867318][T26593] name failslab, interval 1, probability 0, space 0, times 0 [ 1263.902468][T26593] CPU: 1 PID: 26593 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1263.910383][T26593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1263.910389][T26593] Call Trace: [ 1263.910411][T26593] dump_stack+0x1d8/0x2f8 [ 1263.910427][T26593] should_fail+0x608/0x860 [ 1263.910440][T26593] ? setup_fault_attr+0x2b0/0x2b0 [ 1263.923802][T26593] ? kcalloc+0x2f/0x50 [ 1263.923822][T26593] __should_failslab+0x11a/0x160 [ 1263.923837][T26593] ? kcalloc+0x2f/0x50 [ 1263.932539][T26593] should_failslab+0x9/0x20 [ 1263.932550][T26593] __kmalloc+0x7a/0x310 [ 1263.932565][T26593] kcalloc+0x2f/0x50 [ 1263.932578][T26593] ext4_find_extent+0x216/0xaa0 [ 1263.941628][T26593] ? trace_ext4_ext_map_blocks_enter+0x28c/0x2d0 [ 1263.941642][T26593] ext4_ext_map_blocks+0x201/0x7f30 [ 1263.941661][T26593] ? __lock_acquire+0xcf7/0x1a40 [ 1263.950637][T26593] ? ext4_ext_release+0x10/0x10 [ 1263.950650][T26593] ? kasan_check_write+0x14/0x20 [ 1263.950660][T26593] ? ext4_mark_iloc_dirty+0x23b4/0x3310 [ 1263.950686][T26593] ? trace_lock_acquire+0x11c/0x190 [ 1263.959295][T26593] ? lock_acquire+0x158/0x250 [ 1263.959306][T26593] ? ext4_map_blocks+0x300/0x1cd0 [ 1263.959320][T26593] ? kasan_check_write+0x14/0x20 [ 1263.959333][T26593] ? __down_read+0x1a/0x1a0 [ 1263.959345][T26593] ext4_map_blocks+0x480/0x1cd0 [ 1263.968050][T26593] ? ext4_issue_zeroout+0x170/0x170 [ 1263.968059][T26593] ? __brelse+0x5a/0xa0 [ 1263.968081][T26593] ext4_getblk+0xff/0x530 [ 1263.968097][T26593] ? tomoyo_path_number_perm+0x5f0/0x740 [ 1263.968106][T26593] ? ext4_get_block_trans+0x590/0x590 [ 1263.968119][T26593] ? smack_log+0xe3/0x4e0 [ 1263.980219][T26593] ? memset+0x31/0x40 [ 1263.980233][T26593] ? __dquot_initialize+0x228/0xdd0 [ 1263.980247][T26593] ext4_bread+0x91/0x240 [ 1263.980261][T26593] ? ext4_getblk+0x530/0x530 [ 1263.990006][T26593] ? smk_tskacc+0x2ef/0x390 [ 1263.990025][T26593] ext4_append+0x175/0x310 [ 1263.990043][T26593] ext4_mkdir+0x7d8/0x1460 [ 1263.990065][T26593] ? from_kgid+0x236/0x390 [ 1264.094033][T26593] ? ext4_symlink+0x1010/0x1010 [ 1264.098878][T26593] ? security_inode_permission+0xdd/0x120 [ 1264.104589][T26593] ? security_inode_mkdir+0xeb/0x130 [ 1264.109871][T26593] vfs_mkdir+0x43f/0x610 [ 1264.114111][T26593] do_mkdirat+0x22a/0x390 [ 1264.118434][T26593] ? file_open_root+0x440/0x440 [ 1264.123275][T26593] ? vfs_mkdir+0x610/0x610 [ 1264.127678][T26593] ? kasan_check_write+0x14/0x20 [ 1264.132606][T26593] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1264.138317][T26593] ? do_syscall_64+0x1d/0x140 [ 1264.142994][T26593] __x64_sys_mkdir+0x60/0x70 [ 1264.147574][T26593] do_syscall_64+0xfe/0x140 [ 1264.152082][T26593] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1264.157975][T26593] RIP: 0033:0x458937 [ 1264.161863][T26593] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1264.181452][T26593] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1264.189850][T26593] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000458937 [ 1264.197814][T26593] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000100 [ 1264.205770][T26593] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 03:44:24 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c00000000000000}) [ 1264.213734][T26593] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1264.221695][T26593] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:24 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x48, 0x0) 03:44:24 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:24 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002080e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:24 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu}) dup2(r1, r2) 03:44:24 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000}) [ 1264.326698][T26616] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:24 executing program 0 (fault-call:2 fault-nth:48): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:25 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1264.374711][T26613] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:25 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002090e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:25 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000}) 03:44:25 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1264.418632][T26628] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:25 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a001500020a0e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:25 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu}) dup2(r1, r2) [ 1264.523712][T26641] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1264.559913][T26637] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1264.595513][T26632] FAULT_INJECTION: forcing a failure. [ 1264.595513][T26632] name failslab, interval 1, probability 0, space 0, times 0 [ 1264.622108][T26632] CPU: 0 PID: 26632 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1264.630021][T26632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1264.640065][T26632] Call Trace: [ 1264.640085][T26632] dump_stack+0x1d8/0x2f8 [ 1264.640104][T26632] should_fail+0x608/0x860 [ 1264.640117][T26632] ? setup_fault_attr+0x2b0/0x2b0 [ 1264.640131][T26632] ? kcalloc+0x2f/0x50 [ 1264.640148][T26632] __should_failslab+0x11a/0x160 [ 1264.647728][T26632] ? kcalloc+0x2f/0x50 [ 1264.647740][T26632] should_failslab+0x9/0x20 [ 1264.647750][T26632] __kmalloc+0x7a/0x310 [ 1264.647764][T26632] kcalloc+0x2f/0x50 [ 1264.647774][T26632] ext4_find_extent+0x216/0xaa0 [ 1264.647787][T26632] ? trace_ext4_ext_map_blocks_enter+0x28c/0x2d0 [ 1264.647800][T26632] ext4_ext_map_blocks+0x201/0x7f30 [ 1264.647816][T26632] ? __lock_acquire+0xcf7/0x1a40 [ 1264.647841][T26632] ? ext4_ext_release+0x10/0x10 [ 1264.647852][T26632] ? kasan_check_write+0x14/0x20 [ 1264.713702][T26632] ? ext4_mark_iloc_dirty+0x23b4/0x3310 [ 1264.719261][T26632] ? trace_lock_acquire+0x11c/0x190 [ 1264.724456][T26632] ? lock_acquire+0x158/0x250 [ 1264.729124][T26632] ? ext4_map_blocks+0x300/0x1cd0 [ 1264.734141][T26632] ? kasan_check_write+0x14/0x20 [ 1264.739069][T26632] ? __down_read+0x1a/0x1a0 [ 1264.743573][T26632] ext4_map_blocks+0x480/0x1cd0 [ 1264.748435][T26632] ? ext4_issue_zeroout+0x170/0x170 [ 1264.753624][T26632] ? __brelse+0x5a/0xa0 [ 1264.757784][T26632] ext4_getblk+0xff/0x530 [ 1264.762111][T26632] ? tomoyo_path_number_perm+0x5f0/0x740 [ 1264.767737][T26632] ? ext4_get_block_trans+0x590/0x590 [ 1264.773186][T26632] ? smack_log+0xe3/0x4e0 [ 1264.777514][T26632] ? memset+0x31/0x40 [ 1264.781487][T26632] ? __dquot_initialize+0x228/0xdd0 [ 1264.786678][T26632] ext4_bread+0x91/0x240 [ 1264.790912][T26632] ? ext4_getblk+0x530/0x530 [ 1264.795495][T26632] ? smk_tskacc+0x2ef/0x390 [ 1264.799993][T26632] ext4_append+0x175/0x310 [ 1264.805908][T26632] ext4_mkdir+0x7d8/0x1460 [ 1264.810334][T26632] ? from_kgid+0x236/0x390 [ 1264.814742][T26632] ? ext4_symlink+0x1010/0x1010 [ 1264.819581][T26632] ? security_inode_permission+0xdd/0x120 [ 1264.825298][T26632] ? security_inode_mkdir+0xeb/0x130 [ 1264.830581][T26632] vfs_mkdir+0x43f/0x610 [ 1264.834824][T26632] do_mkdirat+0x22a/0x390 [ 1264.839148][T26632] ? retint_kernel+0x2b/0x2b [ 1264.843731][T26632] ? vfs_mkdir+0x610/0x610 [ 1264.848138][T26632] ? kasan_check_write+0x14/0x20 [ 1264.853072][T26632] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1264.858788][T26632] ? do_syscall_64+0x1d/0x140 [ 1264.863463][T26632] __x64_sys_mkdir+0x60/0x70 [ 1264.868044][T26632] do_syscall_64+0xfe/0x140 [ 1264.872542][T26632] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1264.878431][T26632] RIP: 0033:0x458937 [ 1264.882339][T26632] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1264.901937][T26632] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1264.910342][T26632] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000458937 [ 1264.918305][T26632] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000100 [ 1264.926268][T26632] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1264.934228][T26632] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1264.942188][T26632] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:25 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x4c, 0x0) 03:44:25 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000}) 03:44:25 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a001500020b0e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:25 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:25 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu}) dup2(r1, r2) 03:44:25 executing program 0 (fault-call:2 fault-nth:49): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:25 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}) 03:44:25 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a001500020c0e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1265.066795][T26653] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:25 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:25 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a001500020d0e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:25 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(0xffffffffffffffff, r2) [ 1265.173797][T26664] FAULT_INJECTION: forcing a failure. [ 1265.173797][T26664] name failslab, interval 1, probability 0, space 0, times 0 [ 1265.191801][T26663] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1265.212315][T26672] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1265.229256][T26664] CPU: 0 PID: 26664 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1265.237269][T26664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1265.247314][T26664] Call Trace: [ 1265.250708][T26664] dump_stack+0x1d8/0x2f8 [ 1265.255042][T26664] should_fail+0x608/0x860 [ 1265.259462][T26664] ? setup_fault_attr+0x2b0/0x2b0 [ 1265.264484][T26664] __should_failslab+0x11a/0x160 [ 1265.264498][T26664] should_failslab+0x9/0x20 [ 1265.264507][T26664] kmem_cache_alloc_trace+0x5d/0x2c0 [ 1265.264518][T26664] ? smack_d_instantiate+0x7f4/0xe50 [ 1265.264529][T26664] smack_d_instantiate+0x7f4/0xe50 [ 1265.264546][T26664] ? smack_sem_semop+0x220/0x220 [ 1265.264561][T26664] ? lockdep_init_map+0x2a/0x680 [ 1265.264578][T26664] security_d_instantiate+0xa5/0x100 [ 1265.304716][T26664] d_instantiate_new+0x65/0x120 [ 1265.309561][T26664] ext4_mkdir+0xf8c/0x1460 [ 1265.313984][T26664] ? ext4_symlink+0x1010/0x1010 [ 1265.318825][T26664] ? security_inode_permission+0xdd/0x120 [ 1265.324537][T26664] ? security_inode_mkdir+0xeb/0x130 [ 1265.329816][T26664] vfs_mkdir+0x43f/0x610 [ 1265.334055][T26664] do_mkdirat+0x22a/0x390 [ 1265.338381][T26664] ? file_open_root+0x440/0x440 [ 1265.343225][T26664] ? vfs_mkdir+0x610/0x610 [ 1265.347631][T26664] ? kasan_check_write+0x14/0x20 [ 1265.352561][T26664] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1265.358280][T26664] ? do_syscall_64+0x1d/0x140 [ 1265.362955][T26664] __x64_sys_mkdir+0x60/0x70 [ 1265.367538][T26664] do_syscall_64+0xfe/0x140 [ 1265.372037][T26664] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1265.377922][T26664] RIP: 0033:0x458937 [ 1265.381808][T26664] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1265.401405][T26664] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1265.409809][T26664] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000458937 [ 1265.417778][T26664] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000100 03:44:26 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a001500020e0e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1265.425743][T26664] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1265.433701][T26664] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1265.433708][T26664] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1265.520770][T26680] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:26 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x5c, 0x0) 03:44:26 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 03:44:26 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:26 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a001500020f0e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:26 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(0xffffffffffffffff, r2) 03:44:26 executing program 0 (fault-call:2 fault-nth:50): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:26 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:26 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002100e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:26 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}) [ 1265.723297][T26693] FAULT_INJECTION: forcing a failure. [ 1265.723297][T26693] name failslab, interval 1, probability 0, space 0, times 0 [ 1265.736238][T26693] CPU: 0 PID: 26693 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1265.744231][T26693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1265.744237][T26693] Call Trace: [ 1265.744257][T26693] dump_stack+0x1d8/0x2f8 [ 1265.744276][T26693] should_fail+0x608/0x860 [ 1265.744290][T26693] ? setup_fault_attr+0x2b0/0x2b0 [ 1265.744304][T26693] ? kcalloc+0x2f/0x50 [ 1265.744321][T26693] __should_failslab+0x11a/0x160 [ 1265.744332][T26693] ? kcalloc+0x2f/0x50 [ 1265.744349][T26693] should_failslab+0x9/0x20 [ 1265.744358][T26693] __kmalloc+0x7a/0x310 [ 1265.744372][T26693] kcalloc+0x2f/0x50 [ 1265.744382][T26693] ext4_find_extent+0x216/0xaa0 [ 1265.744395][T26693] ? trace_ext4_ext_map_blocks_enter+0x28c/0x2d0 [ 1265.744408][T26693] ext4_ext_map_blocks+0x201/0x7f30 [ 1265.744424][T26693] ? __lock_acquire+0xcf7/0x1a40 [ 1265.744451][T26693] ? ext4_ext_release+0x10/0x10 03:44:26 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002110e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1265.744460][T26693] ? kasan_check_write+0x14/0x20 [ 1265.744472][T26693] ? ext4_mark_iloc_dirty+0x23b4/0x3310 [ 1265.784533][T26693] ? trace_lock_acquire+0x11c/0x190 [ 1265.784546][T26693] ? lock_acquire+0x158/0x250 [ 1265.784557][T26693] ? ext4_map_blocks+0x300/0x1cd0 [ 1265.784569][T26693] ? kasan_check_write+0x14/0x20 [ 1265.784580][T26693] ? __down_read+0x1a/0x1a0 [ 1265.784593][T26693] ext4_map_blocks+0x480/0x1cd0 [ 1265.784612][T26693] ? ext4_issue_zeroout+0x170/0x170 [ 1265.784621][T26693] ? __brelse+0x5a/0xa0 [ 1265.784640][T26693] ext4_getblk+0xff/0x530 [ 1265.784655][T26693] ? tomoyo_path_number_perm+0x5f0/0x740 [ 1265.801987][T26693] ? ext4_get_block_trans+0x590/0x590 [ 1265.801999][T26693] ? smack_log+0xe3/0x4e0 [ 1265.802013][T26693] ? memset+0x31/0x40 [ 1265.802027][T26693] ? __dquot_initialize+0x228/0xdd0 [ 1265.802037][T26693] ext4_bread+0x91/0x240 [ 1265.802049][T26693] ? ext4_getblk+0x530/0x530 [ 1265.823287][T26693] ? smk_tskacc+0x2ef/0x390 [ 1265.823306][T26693] ext4_append+0x175/0x310 [ 1265.823322][T26693] ext4_mkdir+0x7d8/0x1460 03:44:26 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002120e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1265.823350][T26693] ? from_kgid+0x236/0x390 [ 1265.843619][T26693] ? ext4_symlink+0x1010/0x1010 [ 1265.843632][T26693] ? security_inode_permission+0xdd/0x120 [ 1265.843645][T26693] ? security_inode_mkdir+0xeb/0x130 [ 1265.843660][T26693] vfs_mkdir+0x43f/0x610 [ 1265.843674][T26693] do_mkdirat+0x22a/0x390 [ 1265.843690][T26693] ? debug_smp_processor_id+0x1c/0x20 [ 1265.862925][T26693] ? vfs_mkdir+0x610/0x610 [ 1265.862938][T26693] ? kasan_check_write+0x14/0x20 [ 1265.862952][T26693] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1265.862966][T26693] ? do_syscall_64+0x1d/0x140 [ 1265.862982][T26693] __x64_sys_mkdir+0x60/0x70 [ 1265.882224][T26693] do_syscall_64+0xfe/0x140 [ 1265.882243][T26693] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1265.882253][T26693] RIP: 0033:0x458937 [ 1265.882264][T26693] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:44:26 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}) [ 1265.882269][T26693] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1265.901059][T26693] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000458937 [ 1265.901066][T26693] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000100 [ 1265.901072][T26693] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1265.901077][T26693] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1265.901084][T26693] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1266.215051][T26703] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1266.364474][T26702] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:27 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x60, 0x0) 03:44:27 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:27 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(0xffffffffffffffff, r2) 03:44:27 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}) 03:44:27 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002250e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:27 executing program 0 (fault-call:2 fault-nth:51): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 1266.530714][T26726] FAULT_INJECTION: forcing a failure. [ 1266.530714][T26726] name failslab, interval 1, probability 0, space 0, times 0 [ 1266.556851][T26726] CPU: 1 PID: 26726 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1266.564780][T26726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1266.574826][T26726] Call Trace: [ 1266.578112][T26726] dump_stack+0x1d8/0x2f8 [ 1266.582444][T26726] should_fail+0x608/0x860 [ 1266.586854][T26726] ? setup_fault_attr+0x2b0/0x2b0 [ 1266.591885][T26726] __should_failslab+0x11a/0x160 [ 1266.596821][T26726] should_failslab+0x9/0x20 [ 1266.601319][T26726] kmem_cache_alloc_trace+0x5d/0x2c0 [ 1266.606598][T26726] ? smack_d_instantiate+0x7f4/0xe50 [ 1266.611873][T26726] smack_d_instantiate+0x7f4/0xe50 [ 1266.616984][T26726] ? smack_sem_semop+0x220/0x220 [ 1266.621917][T26726] ? lockdep_init_map+0x2a/0x680 [ 1266.626848][T26726] security_d_instantiate+0xa5/0x100 [ 1266.632125][T26726] d_instantiate_new+0x65/0x120 [ 1266.636970][T26726] ext4_mkdir+0xf8c/0x1460 [ 1266.641389][T26726] ? ext4_symlink+0x1010/0x1010 [ 1266.646229][T26726] ? security_inode_permission+0xdd/0x120 [ 1266.651942][T26726] ? security_inode_mkdir+0xeb/0x130 [ 1266.657220][T26726] vfs_mkdir+0x43f/0x610 [ 1266.661460][T26726] do_mkdirat+0x22a/0x390 [ 1266.665785][T26726] ? debug_smp_processor_id+0x1c/0x20 [ 1266.671146][T26726] ? vfs_mkdir+0x610/0x610 [ 1266.675553][T26726] ? kasan_check_write+0x14/0x20 [ 1266.680482][T26726] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1266.686191][T26726] ? do_syscall_64+0x1d/0x140 [ 1266.690859][T26726] __x64_sys_mkdir+0x60/0x70 [ 1266.695441][T26726] do_syscall_64+0xfe/0x140 [ 1266.699940][T26726] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1266.705820][T26726] RIP: 0033:0x458937 [ 1266.709706][T26726] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1266.729301][T26726] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1266.744816][T26726] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000458937 [ 1266.752779][T26726] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000100 [ 1266.760737][T26726] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1266.768699][T26726] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1266.776659][T26726] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:27 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002480e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:27 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:27 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}) 03:44:27 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, 0xffffffffffffffff) 03:44:27 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}) 03:44:27 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a001500024c0e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:27 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x68, 0x0) 03:44:27 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:27 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, 0xffffffffffffffff) 03:44:27 executing program 0 (fault-call:2 fault-nth:52): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:27 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002600e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1267.009869][T26754] FAULT_INJECTION: forcing a failure. [ 1267.009869][T26754] name failslab, interval 1, probability 0, space 0, times 0 [ 1267.043134][T26754] CPU: 1 PID: 26754 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 03:44:27 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1267.051047][T26754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1267.061088][T26754] Call Trace: [ 1267.061110][T26754] dump_stack+0x1d8/0x2f8 [ 1267.061127][T26754] should_fail+0x608/0x860 [ 1267.061140][T26754] ? setup_fault_attr+0x2b0/0x2b0 [ 1267.078173][T26754] __should_failslab+0x11a/0x160 [ 1267.083108][T26754] should_failslab+0x9/0x20 [ 1267.083119][T26754] kmem_cache_alloc_trace+0x5d/0x2c0 [ 1267.083131][T26754] ? smack_d_instantiate+0x7f4/0xe50 [ 1267.083143][T26754] smack_d_instantiate+0x7f4/0xe50 [ 1267.092890][T26754] ? smack_sem_semop+0x220/0x220 03:44:27 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x10) [ 1267.092907][T26754] ? lockdep_init_map+0x2a/0x680 [ 1267.092922][T26754] security_d_instantiate+0xa5/0x100 [ 1267.108186][T26754] d_instantiate_new+0x65/0x120 [ 1267.108200][T26754] ext4_mkdir+0xf8c/0x1460 [ 1267.108221][T26754] ? ext4_symlink+0x1010/0x1010 [ 1267.118397][T26754] ? security_inode_permission+0xdd/0x120 [ 1267.118410][T26754] ? security_inode_mkdir+0xeb/0x130 [ 1267.118423][T26754] vfs_mkdir+0x43f/0x610 [ 1267.118438][T26754] do_mkdirat+0x22a/0x390 [ 1267.132506][T26754] ? debug_smp_processor_id+0x1c/0x20 [ 1267.132521][T26754] ? vfs_mkdir+0x610/0x610 [ 1267.132535][T26754] ? kasan_check_write+0x14/0x20 [ 1267.143490][T26754] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1267.143503][T26754] ? do_syscall_64+0x1d/0x140 [ 1267.143515][T26754] __x64_sys_mkdir+0x60/0x70 [ 1267.161817][T26754] do_syscall_64+0xfe/0x140 [ 1267.161834][T26754] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1267.161846][T26754] RIP: 0033:0x458937 03:44:27 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) [ 1267.172449][T26754] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1267.172455][T26754] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1267.172466][T26754] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000458937 [ 1267.172471][T26754] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000100 [ 1267.172477][T26754] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1267.172486][T26754] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 03:44:27 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x14) 03:44:27 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}) [ 1267.186275][T26754] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:27 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002680e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:27 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0xc0) 03:44:28 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x6c, 0x0) 03:44:28 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}) 03:44:28 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0xec0) 03:44:28 executing program 0 (fault-call:2 fault-nth:53): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:28 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x336) ioctl$sock_ifreq(r1, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r1, 0xffffffffffffffff) 03:44:28 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a001500026c0e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:28 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0xfdef) 03:44:28 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}) 03:44:28 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002740e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:28 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x33fe0) 03:44:28 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x74, 0x0) [ 1267.603152][T26810] FAULT_INJECTION: forcing a failure. [ 1267.603152][T26810] name failslab, interval 1, probability 0, space 0, times 0 [ 1267.640920][T26820] __nla_validate_parse: 9 callbacks suppressed [ 1267.640929][T26820] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1267.650087][T26810] CPU: 0 PID: 26810 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1267.664395][T26810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1267.674794][T26810] Call Trace: [ 1267.678084][T26810] dump_stack+0x1d8/0x2f8 [ 1267.682417][T26810] should_fail+0x608/0x860 [ 1267.686833][T26810] ? setup_fault_attr+0x2b0/0x2b0 [ 1267.691853][T26810] ? kzalloc+0x1f/0x40 [ 1267.695920][T26810] __should_failslab+0x11a/0x160 03:44:28 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a0015000a000e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1267.697420][T26823] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1267.700847][T26810] ? kzalloc+0x1f/0x40 [ 1267.700860][T26810] should_failslab+0x9/0x20 [ 1267.700869][T26810] __kmalloc+0x7a/0x310 [ 1267.700882][T26810] kzalloc+0x1f/0x40 [ 1267.700895][T26810] smk_parse_smack+0x197/0x230 [ 1267.731345][T26810] smk_import_entry+0x27/0x590 [ 1267.736098][T26810] smack_d_instantiate+0x852/0xe50 [ 1267.736116][T26810] ? smack_sem_semop+0x220/0x220 [ 1267.736131][T26810] ? lockdep_init_map+0x2a/0x680 03:44:28 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000000}) 03:44:28 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x2000005f) [ 1267.736144][T26810] security_d_instantiate+0xa5/0x100 [ 1267.736157][T26810] d_instantiate_new+0x65/0x120 [ 1267.736173][T26810] ext4_mkdir+0xf8c/0x1460 [ 1267.736196][T26810] ? ext4_symlink+0x1010/0x1010 [ 1267.736204][T26810] ? security_inode_permission+0xdd/0x120 [ 1267.736216][T26810] ? security_inode_mkdir+0xeb/0x130 [ 1267.736229][T26810] vfs_mkdir+0x43f/0x610 [ 1267.736244][T26810] do_mkdirat+0x22a/0x390 [ 1267.776287][T26810] ? file_open_root+0x440/0x440 [ 1267.794912][T26810] ? vfs_mkdir+0x610/0x610 [ 1267.794924][T26810] ? kasan_check_write+0x14/0x20 [ 1267.794938][T26810] ? trace_irq_disable_rcuidle+0x23/0x1c0 [ 1267.794950][T26810] ? do_syscall_64+0x1d/0x140 [ 1267.794961][T26810] __x64_sys_mkdir+0x60/0x70 [ 1267.794972][T26810] do_syscall_64+0xfe/0x140 [ 1267.794988][T26810] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1267.794997][T26810] RIP: 0033:0x458937 [ 1267.795009][T26810] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:44:28 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a001500027a0e0001000a0003ee001100000000000000", 0x39}], 0x1) [ 1267.853134][T26810] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1267.861549][T26810] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000458937 [ 1267.869515][T26810] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000100 [ 1267.877478][T26810] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 1267.885439][T26810] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 1267.893401][T26810] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:28 executing program 0 (fault-call:2 fault-nth:54): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:28 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd}) 03:44:28 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a0015000200110001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:28 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x7a, 0x0) 03:44:28 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001404001a00150002000e0001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:28 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x7ffff000) 03:44:28 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a0015000200400001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:28 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:44:28 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0xfffffdef) 03:44:28 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}) [ 1268.236923][T26853] netlink: 17 bytes leftover after parsing attributes in process `syz-executor.1'. 03:44:28 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0xfffffffffffffdef) 03:44:28 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a0015000200040001000a0003ee001100000000000000", 0x39}], 0x1) [ 1268.315209][T26860] FAULT_INJECTION: forcing a failure. [ 1268.315209][T26860] name failslab, interval 1, probability 0, space 0, times 0 [ 1268.333546][T26866] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1268.350960][T26860] CPU: 1 PID: 26860 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1268.358868][T26860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1268.368921][T26860] Call Trace: [ 1268.372220][T26860] dump_stack+0x1d8/0x2f8 [ 1268.376557][T26860] should_fail+0x608/0x860 [ 1268.376574][T26860] ? setup_fault_attr+0x2b0/0x2b0 [ 1268.376587][T26860] ? ksys_mount+0x6a/0x100 [ 1268.376603][T26860] __should_failslab+0x11a/0x160 [ 1268.386009][T26860] ? ksys_mount+0x6a/0x100 [ 1268.386023][T26860] should_failslab+0x9/0x20 [ 1268.386034][T26860] __kmalloc_track_caller+0x79/0x310 [ 1268.386045][T26860] ? strnlen_user+0x1e0/0x260 [ 1268.386059][T26860] strndup_user+0x76/0x130 [ 1268.386069][T26860] ksys_mount+0x6a/0x100 [ 1268.386081][T26860] __x64_sys_mount+0xbf/0xd0 [ 1268.427378][T26860] do_syscall_64+0xfe/0x140 [ 1268.431876][T26860] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1268.437758][T26860] RIP: 0033:0x45bf6a [ 1268.441640][T26860] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1268.461240][T26860] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1268.469642][T26860] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a [ 1268.478038][T26860] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1268.486003][T26860] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1268.493968][T26860] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1268.501928][T26860] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:29 executing program 0 (fault-call:2 fault-nth:55): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:29 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x1fc, 0x0) 03:44:29 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a0015000200110001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:29 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}) 03:44:29 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0xc, 0x4, 0x3) r2 = dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'ifb0\x00', 0x0}) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000000)={0xfff, 0x4, 0x1000}, 0x4) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000100)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, @loopback, @dev={0xfe, 0x80, [], 0x27}, 0x6, 0x400000000, 0xffff, 0x100, 0x2, 0x40020, r3}) 03:44:29 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:44:29 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}) 03:44:29 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0300000a0003ee001100000000000000", 0x39}], 0x1) 03:44:29 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x204, 0x0) [ 1268.720859][T26898] netlink: 17 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1268.735044][T26891] FAULT_INJECTION: forcing a failure. [ 1268.735044][T26891] name failslab, interval 1, probability 0, space 0, times 0 [ 1268.751141][T26891] CPU: 1 PID: 26891 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1268.759022][T26891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1268.769117][T26891] Call Trace: [ 1268.772414][T26891] dump_stack+0x1d8/0x2f8 [ 1268.776743][T26891] should_fail+0x608/0x860 [ 1268.781156][T26891] ? setup_fault_attr+0x2b0/0x2b0 [ 1268.786163][T26891] ? kasan_check_write+0x14/0x20 [ 1268.786181][T26891] __should_failslab+0x11a/0x160 [ 1268.786193][T26891] ? __sigqueue_alloc+0x2ce/0x440 [ 1268.786206][T26891] should_failslab+0x9/0x20 [ 1268.806192][T26891] kmem_cache_alloc+0x56/0x2b0 [ 1268.806208][T26891] __sigqueue_alloc+0x2ce/0x440 [ 1268.806220][T26891] __send_signal+0x2b2/0x1110 [ 1268.820468][T26891] force_sig_info+0x46d/0x520 [ 1268.825153][T26891] force_sig_fault+0x11d/0x1c0 [ 1268.829918][T26891] ? force_sigsegv+0xe0/0xe0 [ 1268.834516][T26891] ? __bad_area_nosemaphore+0x480/0x480 [ 1268.840065][T26891] ? __bad_area_nosemaphore+0x8d/0x480 [ 1268.845525][T26891] __bad_area_nosemaphore+0x316/0x480 [ 1268.850894][T26891] ? kasan_check_write+0x14/0x20 [ 1268.855844][T26891] bad_area+0x6b/0x80 [ 1268.859823][T26891] do_user_addr_fault+0x7d5/0xaa0 [ 1268.864831][T26891] ? kasan_check_write+0x14/0x20 [ 1268.864845][T26891] __do_page_fault+0xd3/0x1f0 [ 1268.864856][T26891] do_page_fault+0xce/0xe0 [ 1268.864869][T26891] ? page_fault+0x8/0x30 [ 1268.864881][T26891] page_fault+0x1e/0x30 [ 1268.887292][T26891] RIP: 0033:0x45311f [ 1268.887303][T26891] Code: bc d1 f3 0f 7f 27 f3 0f 7f 6f 10 f3 0f 7f 77 20 f3 0f 7f 7f 30 49 83 c0 0f 49 29 d0 48 8d 7c 17 31 e9 95 0b 00 00 66 0f ef c0 0f 6f 0e f3 0f 6f 56 10 66 0f 74 c1 66 0f d7 d0 49 83 f8 11 0f [ 1268.887312][T26891] RSP: 002b:00007f8a799b3a88 EFLAGS: 00010283 03:44:29 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:44:29 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0400000a0003ee001100000000000000", 0x39}], 0x1) 03:44:29 executing program 2: socket(0x10, 0x6, 0xc) r0 = socket(0x10, 0x2, 0x0) bind$rxrpc(r0, &(0x7f0000000000)=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e21, @empty}}, 0x24) r1 = dup2(r0, r0) getsockopt$IP_VS_SO_GET_VERSION(r1, 0x0, 0x480, &(0x7f0000000080), &(0x7f00000000c0)=0x40) write(r0, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) socket(0xf, 0x2, 0x3) [ 1268.910863][T26891] RAX: 00007f8a799b3b40 RBX: 0000000020000228 RCX: 0000000000000000 [ 1268.910870][T26891] RDX: 00000000000000e0 RSI: 0000000000000000 RDI: 00007f8a799b3b40 [ 1268.910874][T26891] RBP: 0000000000000001 R08: 00000000000000e0 R09: 000000000000000a [ 1268.910879][T26891] R10: 0000000000000075 R11: 00000000004e48c0 R12: 0000000000000005 [ 1268.910883][T26891] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1268.990144][T26904] netlink: 17 bytes leftover after parsing attributes in process `syz-executor.1'. 03:44:29 executing program 0 (fault-call:2 fault-nth:56): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:29 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12}) 03:44:29 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x4000, 0x0) r2 = socket(0x10, 0x2, 0x0) r3 = dup2(r0, r2) write(r2, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) write$binfmt_elf32(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4609080401030000000000000002003e0001000000bf02000038000000c90000003ff9ffff010020000100f00f0200008000000000000000000200000008000000faffffff0900000006000000810000000700000001000000050000003f00000080ffffff08000000010000007fffffff0000000075095bb99feaf3d87a392a4fbf586386d4c570637ee503120778ef529888eb7ebbb6336f633ecc9a4f107912bf08233be8679d9bf713da0d2fdf57c43078914673ce8ba18f9509e191791c6c8bf53989322814488cba1d41246c3dc6d0f01f4cc02f2cba2cdc6e4a410835e7315ef101924978be489ec94561c5a42bbc673825a4c19a98c4e3fd56ce00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000affddc1792a16500"/769], 0x301) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r3, 0x84, 0x6d, &(0x7f0000000400)={0x0, 0x18, "d0c1d51a9f37a819996c805ffecf4db5c294afa7f4aa618b"}, &(0x7f0000000440)=0x20) setsockopt$inet_sctp_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f0000000480)={r4, 0x5, 0x4}, 0x8) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000003c0)={0xaa, 0x40}) openat$userio(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/userio\x00', 0x40000042, 0x0) 03:44:29 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0201000a0003ee001100000000000000", 0x39}], 0x1) 03:44:29 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) dup2(r0, r1) [ 1269.108621][T26908] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1269.116237][T26920] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1269.129941][T26921] netlink: 17 bytes leftover after parsing attributes in process `syz-executor.1'. 03:44:29 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25}) 03:44:29 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0301000a0003ee001100000000000000", 0x39}], 0x1) [ 1269.181645][T26927] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:29 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c}) [ 1269.222523][T26928] FAULT_INJECTION: forcing a failure. [ 1269.222523][T26928] name failslab, interval 1, probability 0, space 0, times 0 [ 1269.226680][T26934] netlink: 17 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1269.288100][T26936] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1269.296732][T26928] CPU: 0 PID: 26928 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1269.306344][T26928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1269.316567][T26928] Call Trace: [ 1269.316589][T26928] dump_stack+0x1d8/0x2f8 [ 1269.316606][T26928] should_fail+0x608/0x860 [ 1269.316620][T26928] ? setup_fault_attr+0x2b0/0x2b0 [ 1269.324209][T26928] __should_failslab+0x11a/0x160 [ 1269.324221][T26928] ? getname_flags+0xba/0x640 [ 1269.324231][T26928] should_failslab+0x9/0x20 [ 1269.324240][T26928] kmem_cache_alloc+0x56/0x2b0 [ 1269.324248][T26928] ? kasan_check_write+0x14/0x20 [ 1269.324258][T26928] getname_flags+0xba/0x640 [ 1269.324271][T26928] user_path_at_empty+0x2d/0x50 [ 1269.324283][T26928] do_mount+0x14f/0x2730 [ 1269.370940][T26928] ? check_preemption_disabled+0x47/0x280 [ 1269.376665][T26928] ? copy_mount_string+0x30/0x30 [ 1269.381595][T26928] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1269.387310][T26928] ? trace_kmalloc+0xcd/0x130 [ 1269.391982][T26928] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1269.397532][T26928] ? copy_mount_options+0x5f/0x360 [ 1269.402640][T26928] ? copy_mount_options+0x2c8/0x360 [ 1269.407833][T26928] ksys_mount+0xcc/0x100 [ 1269.412070][T26928] __x64_sys_mount+0xbf/0xd0 [ 1269.416663][T26928] do_syscall_64+0xfe/0x140 [ 1269.421167][T26928] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1269.427048][T26928] RIP: 0033:0x45bf6a [ 1269.430935][T26928] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1269.450530][T26928] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1269.458931][T26928] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a [ 1269.466896][T26928] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1269.474858][T26928] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1269.482823][T26928] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1269.490783][T26928] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:30 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x224, 0x0) 03:44:30 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) dup2(r0, r1) 03:44:30 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0401000a0003ee001100000000000000", 0x39}], 0x1) 03:44:30 executing program 2: arch_prctl$ARCH_SET_CPUID(0x1012, 0x1) r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) r2 = dup2(r0, r1) write$UHID_DESTROY(r2, &(0x7f0000000080), 0x4) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) ioctl$TIOCGDEV(r2, 0x80045432, &(0x7f0000000000)) 03:44:30 executing program 0 (fault-call:2 fault-nth:57): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:30 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300}) 03:44:30 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0501000a0003ee001100000000000000", 0x39}], 0x1) 03:44:30 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/lblc_expiration\x00', 0x2, 0x0) ioctl$VIDIOC_S_EXT_CTRLS(r1, 0xc0205648, &(0x7f00000000c0)={0x980000, 0x0, 0x1, [], &(0x7f0000000080)={0x9b0b7f, 0x7fff, [], @ptr=0x40000000}}) r2 = socket(0x10, 0x2, 0x0) dup2(r0, r2) write(r2, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:30 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) dup2(r0, r1) 03:44:30 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0601000a0003ee001100000000000000", 0x39}], 0x1) 03:44:30 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500}) 03:44:30 executing program 2: r0 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x7, 0x480) finit_module(r0, &(0x7f0000000080)='bdev-\x00', 0x2) r1 = socket(0x10, 0x2, 0xb) r2 = socket(0x10, 0x2, 0x0) dup2(r1, r2) write(r2, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:30 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x300, 0x0) 03:44:30 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0701000a0003ee001100000000000000", 0x39}], 0x1) [ 1269.790188][T26959] FAULT_INJECTION: forcing a failure. [ 1269.790188][T26959] name failslab, interval 1, probability 0, space 0, times 0 [ 1269.802916][T26959] CPU: 0 PID: 26959 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1269.810800][T26959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1269.810805][T26959] Call Trace: [ 1269.810827][T26959] dump_stack+0x1d8/0x2f8 [ 1269.810844][T26959] should_fail+0x608/0x860 [ 1269.832876][T26959] ? setup_fault_attr+0x2b0/0x2b0 [ 1269.837898][T26959] ? ksys_mount+0x6a/0x100 [ 1269.842318][T26959] __should_failslab+0x11a/0x160 [ 1269.847251][T26959] ? ksys_mount+0x6a/0x100 [ 1269.851661][T26959] should_failslab+0x9/0x20 [ 1269.851672][T26959] __kmalloc_track_caller+0x79/0x310 [ 1269.851684][T26959] ? strnlen_user+0x1e0/0x260 [ 1269.851698][T26959] strndup_user+0x76/0x130 [ 1269.851709][T26959] ksys_mount+0x6a/0x100 [ 1269.851721][T26959] __x64_sys_mount+0xbf/0xd0 [ 1269.851737][T26959] do_syscall_64+0xfe/0x140 [ 1269.866142][T26959] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1269.866152][T26959] RIP: 0033:0x45bf6a [ 1269.866163][T26959] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1269.866169][T26959] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1269.866179][T26959] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a [ 1269.866185][T26959] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 03:44:30 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0801000a0003ee001100000000000000", 0x39}], 0x1) 03:44:30 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x554}) [ 1269.866191][T26959] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1269.866196][T26959] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1269.866202][T26959] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1269.979490][T26976] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:30 executing program 0 (fault-call:2 fault-nth:58): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:30 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0xf, 0xa, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000000)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0xfffffffffffffe55) 03:44:30 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:44:30 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0901000a0003ee001100000000000000", 0x39}], 0x1) 03:44:30 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600}) 03:44:30 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000180)={@in={{0x2, 0x4e21, @multicast2}}, 0x0, 0x2, 0x0, "eab090673c9723b8154228da381f7afa68e672940850a4c05d6e2414a4138e155f57cabd88395b9809bc9d0141d6f44162f97e17f33e40660b8c9dd46be9e33e91b2d24a0f494c351eb3dd7bdb3e13d8"}, 0xd8) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00') sendmsg$TIPC_CMD_DISABLE_BEARER(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r2, 0xc08, 0x70bd2a, 0x25dfdbfe, {{}, 0x0, 0x4102, 0x0, {0x10, 0x13, @l2={'ib', 0x3a, 'rose0\x00'}}}, [""]}, 0x2c}, 0x1, 0x0, 0x0, 0x804}, 0x10) [ 1270.107215][T26993] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:30 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:44:30 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0a01000a0003ee001100000000000000", 0x39}], 0x1) [ 1270.147542][T26996] FAULT_INJECTION: forcing a failure. [ 1270.147542][T26996] name failslab, interval 1, probability 0, space 0, times 0 [ 1270.202233][T26996] CPU: 0 PID: 26996 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1270.210145][T26996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1270.210151][T26996] Call Trace: [ 1270.210171][T26996] dump_stack+0x1d8/0x2f8 [ 1270.210187][T26996] should_fail+0x608/0x860 [ 1270.232222][T26996] ? setup_fault_attr+0x2b0/0x2b0 [ 1270.237236][T26996] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 1270.237255][T26996] __should_failslab+0x11a/0x160 [ 1270.237265][T26996] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 1270.237276][T26996] should_failslab+0x9/0x20 [ 1270.237284][T26996] __kmalloc+0x7a/0x310 [ 1270.237293][T26996] ? tomoyo_realpath_from_path+0xca/0x7c0 [ 1270.237306][T26996] tomoyo_realpath_from_path+0xdc/0x7c0 [ 1270.247926][T26996] tomoyo_mount_permission+0x9d6/0xaf0 [ 1270.247945][T26996] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 1270.258121][T26996] ? check_preemption_disabled+0x47/0x280 [ 1270.258133][T26996] ? tomoyo_get_name+0x540/0x540 [ 1270.258157][T26996] ? filename_lookup+0x4e3/0x6d0 [ 1270.258186][T26996] ? strncpy_from_user+0x33e/0x3b0 [ 1270.305903][T26996] tomoyo_sb_mount+0x35/0x40 [ 1270.310490][T26996] security_sb_mount+0x84/0xe0 [ 1270.315253][T26996] do_mount+0x186/0x2730 [ 1270.319490][T26996] ? check_preemption_disabled+0x47/0x280 [ 1270.325209][T26996] ? copy_mount_string+0x30/0x30 [ 1270.330136][T26996] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1270.335848][T26996] ? trace_kmalloc+0xcd/0x130 [ 1270.340520][T26996] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1270.346057][T26996] ? copy_mount_options+0x5f/0x360 [ 1270.351163][T26996] ? copy_mount_options+0x2c8/0x360 [ 1270.356357][T26996] ksys_mount+0xcc/0x100 [ 1270.360593][T26996] __x64_sys_mount+0xbf/0xd0 [ 1270.365180][T26996] do_syscall_64+0xfe/0x140 [ 1270.369677][T26996] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1270.375562][T26996] RIP: 0033:0x45bf6a [ 1270.379445][T26996] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1270.399038][T26996] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1270.407436][T26996] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a [ 1270.415397][T26996] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1270.423366][T26996] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1270.431330][T26996] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1270.439295][T26996] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:31 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x30b, 0x0) 03:44:31 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700}) 03:44:31 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) r2 = dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) write$P9_RSTAT(r2, &(0x7f0000000080)={0x4e, 0x7d, 0x1, {0x0, 0x47, 0xffffffff, 0x8, {0x8, 0x1}, 0x10000, 0x4, 0xc00, 0x8, 0x0, '', 0xc, ']lovboxnet1-', 0x0, '', 0x8, 'proceth1'}}, 0x4e) 03:44:31 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0b01000a0003ee001100000000000000", 0x39}], 0x1) [ 1270.462075][T26996] ERROR: Out of memory at tomoyo_realpath_from_path. 03:44:31 executing program 0 (fault-call:2 fault-nth:59): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:31 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:44:31 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x900}) 03:44:31 executing program 2: r0 = socket(0x2, 0x2, 0x3) r1 = socket(0x8, 0x2, 0x0) r2 = dup(r1) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r2, 0xc058534f, &(0x7f0000000140)={{0x3ff, 0x4ae}, 0x1, 0x8, 0x200000000005, {0x7, 0x5}, 0x100000000, 0x9}) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:31 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0c01000a0003ee001100000000000000", 0x39}], 0x1) [ 1270.616103][T27023] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1270.650648][T27027] FAULT_INJECTION: forcing a failure. [ 1270.650648][T27027] name failslab, interval 1, probability 0, space 0, times 0 [ 1270.684015][T27027] CPU: 1 PID: 27027 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1270.691940][T27027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1270.701987][T27027] Call Trace: [ 1270.705278][T27027] dump_stack+0x1d8/0x2f8 [ 1270.709610][T27027] should_fail+0x608/0x860 [ 1270.714121][T27027] ? setup_fault_attr+0x2b0/0x2b0 [ 1270.719150][T27027] __should_failslab+0x11a/0x160 [ 1270.724079][T27027] ? getname_flags+0xba/0x640 [ 1270.728754][T27027] should_failslab+0x9/0x20 [ 1270.733252][T27027] kmem_cache_alloc+0x56/0x2b0 [ 1270.738013][T27027] ? kasan_check_write+0x14/0x20 [ 1270.742948][T27027] getname_flags+0xba/0x640 [ 1270.747451][T27027] user_path_at_empty+0x2d/0x50 [ 1270.752296][T27027] do_mount+0x14f/0x2730 [ 1270.756528][T27027] ? check_preemption_disabled+0x47/0x280 [ 1270.762242][T27027] ? copy_mount_string+0x30/0x30 [ 1270.767174][T27027] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1270.772883][T27027] ? trace_kmalloc+0xcd/0x130 [ 1270.777554][T27027] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1270.783086][T27027] ? copy_mount_options+0x5f/0x360 [ 1270.788305][T27027] ? copy_mount_options+0x2c8/0x360 [ 1270.793494][T27027] ksys_mount+0xcc/0x100 [ 1270.797737][T27027] __x64_sys_mount+0xbf/0xd0 [ 1270.803034][T27027] do_syscall_64+0xfe/0x140 [ 1270.807535][T27027] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1270.813421][T27027] RIP: 0033:0x45bf6a [ 1270.817307][T27027] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1270.836904][T27027] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1270.845306][T27027] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a [ 1270.853265][T27027] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1270.861233][T27027] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1270.869193][T27027] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1270.877162][T27027] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:31 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:44:31 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00}) 03:44:31 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0d01000a0003ee001100000000000000", 0x39}], 0x1) [ 1271.000600][T27047] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:31 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x338, 0x0) 03:44:31 executing program 0 (fault-call:2 fault-nth:60): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:31 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00}) 03:44:31 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) r2 = dup2(r0, r1) recvfrom$inet6(r2, &(0x7f00000001c0)=""/150, 0x96, 0x12020, &(0x7f0000000280)={0xa, 0x4e24, 0x9, @mcast1, 0xbf}, 0x1c) r3 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000080)='NET_DM\x00') sendmsg$NET_DM_CMD_STOP(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x158020}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r3, 0x20, 0x70bd25, 0x25dfdbfc, {}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x4008081) write(r0, &(0x7f0000000000)="1f000000100036000200000000000000f3051e0008000100020423fcffdf00", 0xffffffffffffff2e) preadv(r2, &(0x7f0000001300)=[{&(0x7f00000002c0)=""/15, 0xf}, {&(0x7f0000000300)=""/4096, 0x1000}], 0x2, 0x0) accept$packet(r0, 0x0, &(0x7f0000000180)) 03:44:31 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0e01000a0003ee001100000000000000", 0x39}], 0x1) 03:44:31 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) [ 1271.189886][T27064] FAULT_INJECTION: forcing a failure. [ 1271.189886][T27064] name failslab, interval 1, probability 0, space 0, times 0 [ 1271.217196][T27064] CPU: 0 PID: 27064 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1271.225199][T27064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1271.235252][T27064] Call Trace: [ 1271.238543][T27064] dump_stack+0x1d8/0x2f8 [ 1271.242876][T27064] should_fail+0x608/0x860 [ 1271.247290][T27064] ? setup_fault_attr+0x2b0/0x2b0 [ 1271.252316][T27064] __should_failslab+0x11a/0x160 [ 1271.257248][T27064] ? getname_flags+0xba/0x640 [ 1271.261926][T27064] should_failslab+0x9/0x20 [ 1271.266424][T27064] kmem_cache_alloc+0x56/0x2b0 [ 1271.271187][T27064] getname_flags+0xba/0x640 [ 1271.275689][T27064] user_path_at_empty+0x2d/0x50 [ 1271.280538][T27064] do_mount+0x14f/0x2730 [ 1271.284779][T27064] ? trace_hardirqs_on_caller+0x74/0x80 [ 1271.290321][T27064] ? trace_hardirqs_off+0x46/0x80 [ 1271.295339][T27064] ? copy_mount_string+0x30/0x30 [ 1271.300266][T27064] ? retint_kernel+0x2b/0x2b [ 1271.304854][T27064] ? copy_mount_options+0x238/0x360 [ 1271.310043][T27064] ? copy_mount_options+0x21e/0x360 [ 1271.315231][T27064] ? copy_mount_options+0x224/0x360 [ 1271.320421][T27064] ? copy_mount_options+0x2c8/0x360 [ 1271.325610][T27064] ksys_mount+0xcc/0x100 [ 1271.329845][T27064] __x64_sys_mount+0xbf/0xd0 [ 1271.334438][T27064] do_syscall_64+0xfe/0x140 [ 1271.338934][T27064] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1271.344817][T27064] RIP: 0033:0x45bf6a [ 1271.348708][T27064] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1271.368306][T27064] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1271.376711][T27064] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a 03:44:32 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0f01000a0003ee001100000000000000", 0x39}], 0x1) 03:44:32 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc00}) [ 1271.384677][T27064] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1271.392638][T27064] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1271.400599][T27064] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1271.408559][T27064] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:32 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:44:32 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e1001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:32 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd00}) 03:44:32 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e1101000a0003ee001100000000000000", 0x39}], 0x1) 03:44:32 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x34e, 0x0) 03:44:32 executing program 0 (fault-call:2 fault-nth:61): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:32 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, 0xffffffffffffffff) [ 1271.747562][T27100] FAULT_INJECTION: forcing a failure. [ 1271.747562][T27100] name failslab, interval 1, probability 0, space 0, times 0 [ 1271.765180][T27101] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1271.768106][T27100] CPU: 1 PID: 27100 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1271.783397][T27100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1271.783403][T27100] Call Trace: [ 1271.783422][T27100] dump_stack+0x1d8/0x2f8 [ 1271.783438][T27100] should_fail+0x608/0x860 [ 1271.796748][T27100] ? setup_fault_attr+0x2b0/0x2b0 [ 1271.796769][T27100] __should_failslab+0x11a/0x160 [ 1271.796781][T27100] ? getname_flags+0xba/0x640 [ 1271.820057][T27100] should_failslab+0x9/0x20 [ 1271.824550][T27100] kmem_cache_alloc+0x56/0x2b0 [ 1271.829301][T27100] ? kasan_check_write+0x14/0x20 [ 1271.834232][T27100] getname_flags+0xba/0x640 [ 1271.838733][T27100] user_path_at_empty+0x2d/0x50 [ 1271.843573][T27100] do_mount+0x14f/0x2730 [ 1271.847809][T27100] ? check_preemption_disabled+0x47/0x280 [ 1271.853522][T27100] ? copy_mount_string+0x30/0x30 [ 1271.858454][T27100] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1271.864164][T27100] ? trace_kmalloc+0xcd/0x130 [ 1271.868833][T27100] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1271.874383][T27100] ? copy_mount_options+0x5f/0x360 [ 1271.879485][T27100] ? copy_mount_options+0x2c8/0x360 [ 1271.884674][T27100] ksys_mount+0xcc/0x100 [ 1271.888912][T27100] __x64_sys_mount+0xbf/0xd0 [ 1271.893495][T27100] do_syscall_64+0xfe/0x140 [ 1271.897991][T27100] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1271.903873][T27100] RIP: 0033:0x45bf6a [ 1271.907763][T27100] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1271.927359][T27100] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1271.935758][T27100] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a 03:44:32 executing program 2: r0 = syz_open_dev$mouse(&(0x7f0000000240)='/dev/input/mouse#\x00', 0x4, 0x100) ioctl$sock_bt_hidp_HIDPGETCONNLIST(r0, 0x800448d2, &(0x7f00000003c0)={0x2, &(0x7f0000000280)=[{}, {}]}) r1 = socket(0x10, 0x2, 0xc) r2 = socket(0x10, 0x2, 0x0) ioctl$BLKREPORTZONE(r0, 0xc0101282, &(0x7f00000005c0)={0xb1, 0x1, 0x0, [{0x5461, 0x5, 0x20, 0x8, 0x745, 0x131, 0x2}]}) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f0000000080)={0x0, @in={{0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0xd}}}, 0x9, 0x1000}, &(0x7f0000000000)=0x90) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000140)={r3, @in={{0x2, 0x4e20, @remote}}, 0x3, 0x9, 0x4, 0x101, 0x10000}, &(0x7f0000000200)=0x98) r4 = dup2(r2, r1) getsockopt$IP_VS_SO_GET_SERVICE(r2, 0x0, 0x483, &(0x7f0000000500), &(0x7f0000000580)=0x68) getsockname(r1, &(0x7f0000000400)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000480)=0x80) bind$packet(r2, &(0x7f00000004c0)={0x11, 0x1f, r5, 0x1, 0x0, 0x6, @dev={[], 0x14}}, 0x14) write(r2, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) write$FUSE_IOCTL(r4, &(0x7f0000000640)={0x20, 0xfffffffffffffff5, 0x4, {0x6, 0x4, 0x3, 0x4fa}}, 0x20) 03:44:32 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e1201000a0003ee001100000000000000", 0x39}], 0x1) 03:44:32 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe00}) 03:44:32 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, 0xffffffffffffffff) [ 1271.943718][T27100] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1271.951680][T27100] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1271.959640][T27100] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1271.967609][T27100] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:32 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e2501000a0003ee001100000000000000", 0x39}], 0x1) 03:44:32 executing program 0 (fault-call:2 fault-nth:62): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:32 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1100}) 03:44:32 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) r2 = dup2(r0, r1) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000180)={{{@in6=@local, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in=@broadcast}}, &(0x7f0000000280)=0xe8) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xa, &(0x7f0000000080)=@raw=[@alu={0x4, 0x9000000000000, 0x8, 0x6, 0x3, 0xbb179925378e152, 0x10}, @alu={0x7, 0x6, 0x0, 0x0, 0xb, 0x10, 0xffffffffffffffff}, @generic={0x51, 0x7, 0x81, 0x5, 0x20}, @initr0={0x18, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x5}, @call={0x85, 0x0, 0x0, 0xb}, @initr0={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfff}, @generic={0x101, 0x5, 0x1, 0x21, 0x80}, @exit], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x4f, &(0x7f0000000100)=""/79, 0x41100, 0x2, [], r3, 0x17, r2, 0x8, &(0x7f00000002c0)={0x4, 0x5}, 0x8, 0x10, &(0x7f0000000300)={0x5, 0xc, 0x3, 0x1}, 0x10}, 0x70) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1272.081975][T27118] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:32 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, 0xffffffffffffffff) [ 1272.148195][T27124] FAULT_INJECTION: forcing a failure. [ 1272.148195][T27124] name failslab, interval 1, probability 0, space 0, times 0 [ 1272.184336][T27124] CPU: 1 PID: 27124 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1272.192258][T27124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1272.202315][T27124] Call Trace: [ 1272.205605][T27124] dump_stack+0x1d8/0x2f8 [ 1272.209937][T27124] should_fail+0x608/0x860 [ 1272.214352][T27124] ? setup_fault_attr+0x2b0/0x2b0 [ 1272.219368][T27124] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 1272.225086][T27124] __should_failslab+0x11a/0x160 [ 1272.230018][T27124] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 1272.235731][T27124] should_failslab+0x9/0x20 [ 1272.240227][T27124] __kmalloc+0x7a/0x310 [ 1272.244375][T27124] ? tomoyo_realpath_from_path+0xca/0x7c0 [ 1272.250085][T27124] tomoyo_realpath_from_path+0xdc/0x7c0 [ 1272.255636][T27124] tomoyo_mount_permission+0x312/0xaf0 [ 1272.261092][T27124] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 1272.266890][T27124] ? check_preemption_disabled+0x47/0x280 [ 1272.272599][T27124] ? tomoyo_get_name+0x540/0x540 [ 1272.277542][T27124] ? filename_lookup+0x4e3/0x6d0 [ 1272.282492][T27124] ? strncpy_from_user+0x33e/0x3b0 [ 1272.287603][T27124] tomoyo_sb_mount+0x35/0x40 [ 1272.292188][T27124] security_sb_mount+0x84/0xe0 [ 1272.296947][T27124] do_mount+0x186/0x2730 [ 1272.301188][T27124] ? check_preemption_disabled+0x47/0x280 [ 1272.306945][T27124] ? copy_mount_string+0x30/0x30 [ 1272.311876][T27124] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1272.317583][T27124] ? trace_kmalloc+0xcd/0x130 [ 1272.322251][T27124] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1272.327785][T27124] ? copy_mount_options+0x5f/0x360 [ 1272.332890][T27124] ? copy_mount_options+0x2c8/0x360 [ 1272.338083][T27124] ksys_mount+0xcc/0x100 [ 1272.342320][T27124] __x64_sys_mount+0xbf/0xd0 [ 1272.346908][T27124] do_syscall_64+0xfe/0x140 [ 1272.351404][T27124] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1272.357290][T27124] RIP: 0033:0x45bf6a [ 1272.361174][T27124] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1272.380764][T27124] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1272.389162][T27124] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a 03:44:33 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x34f, 0x0) 03:44:33 executing program 2: r0 = socket(0x10, 0x3, 0x8) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:33 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e4801000a0003ee001100000000000000", 0x39}], 0x1) 03:44:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1200}) [ 1272.397126][T27124] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1272.405088][T27124] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1272.413052][T27124] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1272.421013][T27124] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1254}) 03:44:33 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e4c01000a0003ee001100000000000000", 0x39}], 0x1) 03:44:33 executing program 2: r0 = syz_open_dev$adsp(&(0x7f0000000180)='/dev/adsp#\x00', 0x6, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000200)={'filter\x00', 0x7, 0x4, 0x5a0, 0x0, 0x0, 0x0, 0x4b8, 0x4b8, 0x4b8, 0x4, &(0x7f00000001c0), {[{{@uncond, 0xf0, 0x160}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x400, 0x80000001, 0x59a, 0x0, 0x0, "22e4d02c19c6864b4f81f2a87eb68b543e1dbafa1704cb56a36cc2796bf88635ace2115b28cddd23a8fcf40cb0fd31da34d3f9886f16f363ca16ab1c0b858869"}}}, {{@uncond, 0xf0, 0x140}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @mac=@dev={[], 0xa}, @rand_addr=0x9, @multicast1, 0xa, 0xffffffff}}}, {{@arp={@broadcast, @multicast2, 0xffffffff, 0xffffff00, @mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, {[0xff, 0xff, 0xff, 0x0, 0xff]}, @mac=@dev={[], 0x15}, {[0xff, 0x0, 0xff, 0x0, 0xff, 0xff]}, 0x100000000, 0xffffffff, 0x8, 0xffffffffffffff00, 0x5, 0x2, 'veth1_to_team\x00', 'ip6gretap0\x00', {0xff}, {0xff}, 0x0, 0x4}, 0xf0, 0x218}, @unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0xa08, 'system_u:object_r:shell_exec_t:s0\x00'}}}], {{[], 0xc0, 0xe8}, {0x28}}}}, 0x5f0) r1 = socket(0x10, 0x2, 0xc) r2 = socket(0x10, 0x2, 0x0) dup2(r1, r2) write(r2, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) accept$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000080)=0x14) getsockopt$netrom_NETROM_IDLE(r2, 0x103, 0x7, &(0x7f0000000100)=0xffffffff, &(0x7f0000000140)=0x4) bind$packet(r2, &(0x7f00000000c0)={0x11, 0x1d, r3, 0x1, 0x7fffffff, 0x6, @remote}, 0x14) [ 1272.489266][T27124] ERROR: Out of memory at tomoyo_realpath_from_path. 03:44:33 executing program 0 (fault-call:2 fault-nth:63): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:33 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r0, 0x400454cd, 0x336) ioctl$sock_ifreq(0xffffffffffffffff, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(0xffffffffffffffff, r0) [ 1272.572194][T27147] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:33 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e6001000a0003ee001100000000000000", 0x39}], 0x1) 03:44:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2500}) 03:44:33 executing program 2: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000340)='/dev/zero\x00', 0x10400, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000380)={{{@in=@broadcast, @in6=@mcast1}}, {{@in6=@mcast1}, 0x0, @in6=@mcast1}}, &(0x7f0000000480)=0xe8) r1 = syz_open_dev$audion(&(0x7f0000000200)='/dev/audio#\x00', 0x81, 0x101000) ioctl$TIOCMGET(r1, 0x5415, &(0x7f0000000240)) r2 = socket(0x10, 0x2, 0xc) r3 = socket(0x10, 0x2, 0x0) r4 = dup2(r2, r3) write(r3, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) getrusage(0xffffffffffffffff, &(0x7f0000000140)) ioctl$VHOST_SET_LOG_FD(r4, 0x4004af07, &(0x7f0000000000)=r4) getdents64(r4, &(0x7f0000000080)=""/147, 0x93) ioctl$FS_IOC_ENABLE_VERITY(r4, 0x6685) [ 1272.662122][T27162] FAULT_INJECTION: forcing a failure. [ 1272.662122][T27162] name failslab, interval 1, probability 0, space 0, times 0 [ 1272.715446][T27162] CPU: 1 PID: 27162 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1272.722759][T27164] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1272.723362][T27162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1272.735096][T27168] __nla_validate_parse: 28 callbacks suppressed [ 1272.735102][T27168] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1272.743706][T27162] Call Trace: [ 1272.762373][T27162] dump_stack+0x1d8/0x2f8 [ 1272.766707][T27162] should_fail+0x608/0x860 [ 1272.771124][T27162] ? setup_fault_attr+0x2b0/0x2b0 [ 1272.776147][T27162] ? tomoyo_encode2+0x273/0x5a0 [ 1272.780993][T27162] __should_failslab+0x11a/0x160 [ 1272.785498][T27168] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1272.785928][T27162] ? tomoyo_encode2+0x273/0x5a0 [ 1272.799924][T27162] should_failslab+0x9/0x20 [ 1272.805058][T27162] __kmalloc+0x7a/0x310 [ 1272.809210][T27162] tomoyo_encode2+0x273/0x5a0 [ 1272.813890][T27162] tomoyo_realpath_from_path+0x769/0x7c0 [ 1272.819524][T27162] tomoyo_mount_permission+0x312/0xaf0 [ 1272.824985][T27162] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 1272.830780][T27162] ? check_preemption_disabled+0x47/0x280 [ 1272.836491][T27162] ? tomoyo_get_name+0x540/0x540 [ 1272.841431][T27162] ? filename_lookup+0x4e3/0x6d0 [ 1272.846379][T27162] ? strncpy_from_user+0x33e/0x3b0 [ 1272.851484][T27162] tomoyo_sb_mount+0x35/0x40 [ 1272.856070][T27162] security_sb_mount+0x84/0xe0 [ 1272.860829][T27162] do_mount+0x186/0x2730 [ 1272.865062][T27162] ? check_preemption_disabled+0x47/0x280 [ 1272.870768][T27162] ? setup_fault_attr+0x2b0/0x2b0 [ 1272.875787][T27162] ? copy_mount_string+0x30/0x30 [ 1272.880713][T27162] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1272.886422][T27162] ? trace_kmalloc+0xcd/0x130 [ 1272.891088][T27162] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1272.896619][T27162] ? copy_mount_options+0x5f/0x360 [ 1272.901720][T27162] ? copy_mount_options+0x2c8/0x360 [ 1272.906911][T27162] ksys_mount+0xcc/0x100 [ 1272.911144][T27162] __x64_sys_mount+0xbf/0xd0 [ 1272.915731][T27162] do_syscall_64+0xfe/0x140 [ 1272.920233][T27162] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1272.926112][T27162] RIP: 0033:0x45bf6a [ 1272.929995][T27162] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1272.949930][T27162] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1272.958333][T27162] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a [ 1272.966297][T27162] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1272.974254][T27162] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1272.982215][T27162] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1272.990178][T27162] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1273.004062][T27162] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1273.022353][T27174] netlink: 17 bytes leftover after parsing attributes in process `syz-executor.1'. 03:44:33 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x3c4, 0x0) 03:44:33 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r0, 0x400454cd, 0x336) ioctl$sock_ifreq(0xffffffffffffffff, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(0xffffffffffffffff, r0) 03:44:33 executing program 2: r0 = socket(0x10, 0x1, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}) 03:44:33 executing program 0 (fault-call:2 fault-nth:64): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:33 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e6801000a0003ee001100000000000000", 0x39}], 0x1) [ 1273.138661][T27183] netlink: 17 bytes leftover after parsing attributes in process `syz-executor.1'. 03:44:33 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5405}) 03:44:33 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e6c01000a0003ee001100000000000000", 0x39}], 0x1) 03:44:33 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r0, 0x400454cd, 0x336) ioctl$sock_ifreq(0xffffffffffffffff, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(0xffffffffffffffff, r0) 03:44:33 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10000000e, 0x2, 0x80000) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1273.180020][T27185] FAULT_INJECTION: forcing a failure. [ 1273.180020][T27185] name failslab, interval 1, probability 0, space 0, times 0 [ 1273.219251][T27190] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1273.243594][T27185] CPU: 1 PID: 27185 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1273.245710][T27197] netlink: 17 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1273.251508][T27185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1273.251514][T27185] Call Trace: [ 1273.251536][T27185] dump_stack+0x1d8/0x2f8 [ 1273.251552][T27185] should_fail+0x608/0x860 [ 1273.251565][T27185] ? setup_fault_attr+0x2b0/0x2b0 [ 1273.270886][T27185] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 1273.278461][T27185] __should_failslab+0x11a/0x160 [ 1273.278476][T27185] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 1273.278489][T27185] should_failslab+0x9/0x20 [ 1273.293577][T27185] __kmalloc+0x7a/0x310 [ 1273.293589][T27185] ? tomoyo_realpath_from_path+0xca/0x7c0 [ 1273.293602][T27185] tomoyo_realpath_from_path+0xdc/0x7c0 [ 1273.293623][T27185] tomoyo_mount_permission+0x312/0xaf0 [ 1273.308719][T27185] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 1273.308732][T27185] ? check_preemption_disabled+0x47/0x280 03:44:33 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e7401000a0003ee001100000000000000", 0x39}], 0x1) [ 1273.308745][T27185] ? tomoyo_get_name+0x540/0x540 [ 1273.308767][T27185] ? filename_lookup+0x4e3/0x6d0 [ 1273.324139][T27185] ? strncpy_from_user+0x33e/0x3b0 [ 1273.324155][T27185] tomoyo_sb_mount+0x35/0x40 [ 1273.324168][T27185] security_sb_mount+0x84/0xe0 [ 1273.324191][T27185] do_mount+0x186/0x2730 [ 1273.335398][T27185] ? check_preemption_disabled+0x47/0x280 [ 1273.335415][T27185] ? copy_mount_string+0x30/0x30 [ 1273.335429][T27185] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1273.335440][T27185] ? trace_kmalloc+0xcd/0x130 [ 1273.335452][T27185] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1273.335459][T27185] ? copy_mount_options+0x5f/0x360 [ 1273.335470][T27185] ? copy_mount_options+0x2c8/0x360 [ 1273.346082][T27185] ksys_mount+0xcc/0x100 [ 1273.346095][T27185] __x64_sys_mount+0xbf/0xd0 [ 1273.346111][T27185] do_syscall_64+0xfe/0x140 [ 1273.346127][T27185] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1273.356116][T27185] RIP: 0033:0x45bf6a 03:44:34 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5412}) [ 1273.356127][T27185] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1273.356133][T27185] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1273.356144][T27185] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a [ 1273.356150][T27185] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1273.356156][T27185] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1273.356162][T27185] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1273.356167][T27185] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1273.484773][T27202] netlink: 17 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1273.499584][T27185] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1273.541963][T27210] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:34 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e7a01000a0003ee001100000000000000", 0x39}], 0x1) 03:44:34 executing program 2: r0 = accept4$inet6(0xffffffffffffff9c, 0xfffffffffffffffe, &(0x7f0000000000), 0x80800) setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000080)=0x3, 0x4) r1 = socket(0x10, 0x2, 0xc) r2 = socket(0x10, 0x2, 0x0) dup2(r1, r2) write(r2, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:34 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c00}) 03:44:34 executing program 0 (fault-call:2 fault-nth:65): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:34 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x3c9, 0x0) 03:44:34 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:44:34 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0003000a0003ee001100000000000000", 0x39}], 0x1) [ 1273.679375][T27218] netlink: 17 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1273.699316][T27219] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:34 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}) [ 1273.746856][T27223] FAULT_INJECTION: forcing a failure. [ 1273.746856][T27223] name failslab, interval 1, probability 0, space 0, times 0 [ 1273.777693][T27223] CPU: 1 PID: 27223 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1273.785616][T27223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1273.795665][T27223] Call Trace: [ 1273.795688][T27223] dump_stack+0x1d8/0x2f8 [ 1273.795707][T27223] should_fail+0x608/0x860 [ 1273.795719][T27223] ? setup_fault_attr+0x2b0/0x2b0 [ 1273.795735][T27223] ? btrfs_mount+0x109/0x1a70 [ 1273.795752][T27223] __should_failslab+0x11a/0x160 [ 1273.795765][T27223] ? btrfs_mount+0x109/0x1a70 [ 1273.807752][T27223] should_failslab+0x9/0x20 [ 1273.817401][T27223] __kmalloc_track_caller+0x79/0x310 [ 1273.817411][T27223] ? __kasan_kmalloc+0x178/0x1b0 [ 1273.817426][T27223] kstrdup+0x34/0x70 03:44:34 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) pipe(&(0x7f0000000000)) [ 1273.817441][T27223] btrfs_mount+0x109/0x1a70 [ 1273.817453][T27223] ? trace_lock_acquire+0x190/0x190 [ 1273.817461][T27223] ? kasan_kmalloc+0x9/0x10 [ 1273.817473][T27223] ? alloc_fs_context+0x49a/0x580 [ 1273.817485][T27223] ? fs_context_for_mount+0x24/0x30 [ 1273.827045][T27223] ? do_mount+0x1200/0x2730 [ 1273.827054][T27223] ? ksys_mount+0xcc/0x100 [ 1273.827062][T27223] ? __x64_sys_mount+0xbf/0xd0 [ 1273.827075][T27223] ? do_syscall_64+0xfe/0x140 [ 1273.827088][T27223] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1273.827103][T27223] ? fs_parse+0x1bd/0x10a0 [ 1273.836841][T27223] ? btrfs_resize_thread_pool+0x290/0x290 [ 1273.836857][T27223] ? smack_fs_context_parse_param+0x16a/0x3b0 [ 1273.836869][T27223] ? smack_fs_context_dup+0x2e0/0x2e0 [ 1273.836883][T27223] ? check_preemption_disabled+0x47/0x280 [ 1273.836899][T27223] ? vfs_parse_fs_string+0x1da/0x280 [ 1273.836912][T27223] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1273.836923][T27223] ? trace_kfree+0xb2/0x110 [ 1273.845698][T27223] ? vfs_parse_fs_string+0x1da/0x280 [ 1273.845707][T27223] ? kfree+0x1d/0x120 [ 1273.845720][T27223] ? vfs_parse_fs_string+0x1da/0x280 [ 1273.845732][T27223] ? logfc+0x710/0x710 [ 1273.845744][T27223] legacy_get_tree+0xf9/0x1a0 [ 1273.845754][T27223] ? btrfs_resize_thread_pool+0x290/0x290 [ 1273.845768][T27223] vfs_get_tree+0x8f/0x360 [ 1273.845783][T27223] do_mount+0x1813/0x2730 [ 1273.855429][T27223] ? check_preemption_disabled+0x47/0x280 [ 1273.855445][T27223] ? copy_mount_string+0x30/0x30 [ 1273.855457][T27223] ? rcu_read_lock_sched_held+0x127/0x1c0 03:44:34 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}) [ 1273.855467][T27223] ? trace_kmalloc+0xcd/0x130 [ 1273.855479][T27223] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1273.855487][T27223] ? copy_mount_options+0x5f/0x360 [ 1273.855498][T27223] ? copy_mount_options+0x2c8/0x360 [ 1273.855509][T27223] ksys_mount+0xcc/0x100 [ 1273.864988][T27223] __x64_sys_mount+0xbf/0xd0 [ 1273.865004][T27223] do_syscall_64+0xfe/0x140 [ 1273.865022][T27223] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1273.865032][T27223] RIP: 0033:0x45bf6a [ 1273.865043][T27223] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1273.865049][T27223] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1273.865058][T27223] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a [ 1273.865067][T27223] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1273.874707][T27223] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1273.874713][T27223] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 03:44:34 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e000a000a0003ee001100000000000000", 0x39}], 0x1) 03:44:34 executing program 0 (fault-call:2 fault-nth:66): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 1273.874719][T27223] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1273.978054][T27238] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1274.001021][T27238] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1274.006273][T27234] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:34 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x200000010, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:34 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0025000a0003ee001100000000000000", 0x39}], 0x1) 03:44:34 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000}) 03:44:34 executing program 3: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) [ 1274.244925][T27249] FAULT_INJECTION: forcing a failure. [ 1274.244925][T27249] name failslab, interval 1, probability 0, space 0, times 0 [ 1274.301704][T27249] CPU: 1 PID: 27249 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1274.309621][T27249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1274.309628][T27249] Call Trace: [ 1274.309647][T27249] dump_stack+0x1d8/0x2f8 [ 1274.309664][T27249] should_fail+0x608/0x860 [ 1274.327292][T27249] ? setup_fault_attr+0x2b0/0x2b0 [ 1274.327306][T27249] ? tomoyo_encode2+0x273/0x5a0 [ 1274.327324][T27249] __should_failslab+0x11a/0x160 [ 1274.327338][T27249] ? tomoyo_encode2+0x273/0x5a0 [ 1274.351317][T27249] should_failslab+0x9/0x20 [ 1274.355811][T27249] __kmalloc+0x7a/0x310 [ 1274.359964][T27249] tomoyo_encode2+0x273/0x5a0 [ 1274.364640][T27249] tomoyo_realpath_from_path+0x769/0x7c0 [ 1274.370274][T27249] tomoyo_mount_permission+0x312/0xaf0 [ 1274.375728][T27249] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 1274.381522][T27249] ? check_preemption_disabled+0x47/0x280 [ 1274.387235][T27249] ? tomoyo_get_name+0x540/0x540 [ 1274.392172][T27249] ? filename_lookup+0x4e3/0x6d0 [ 1274.397127][T27249] ? strncpy_from_user+0x33e/0x3b0 [ 1274.402232][T27249] tomoyo_sb_mount+0x35/0x40 [ 1274.406818][T27249] security_sb_mount+0x84/0xe0 [ 1274.411581][T27249] do_mount+0x186/0x2730 [ 1274.415813][T27249] ? check_preemption_disabled+0x47/0x280 [ 1274.421525][T27249] ? copy_mount_string+0x30/0x30 [ 1274.426457][T27249] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1274.432167][T27249] ? trace_kmalloc+0xcd/0x130 [ 1274.436839][T27249] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1274.442371][T27249] ? copy_mount_options+0x5f/0x360 [ 1274.447474][T27249] ? copy_mount_options+0x2c8/0x360 [ 1274.452680][T27249] ksys_mount+0xcc/0x100 [ 1274.456921][T27249] __x64_sys_mount+0xbf/0xd0 [ 1274.461508][T27249] do_syscall_64+0xfe/0x140 [ 1274.466005][T27249] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1274.471884][T27249] RIP: 0033:0x45bf6a [ 1274.475772][T27249] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1274.495364][T27249] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1274.503766][T27249] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a [ 1274.511732][T27249] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1274.519697][T27249] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1274.527660][T27249] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1274.535623][T27249] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1274.546544][T27249] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1274.549475][T27228] REISERFS warning (device loop5): reiserfs_fill_super: Cannot allocate commit workqueue 03:44:35 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x3e8, 0x0) 03:44:35 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}) 03:44:35 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e003f000a0003ee001100000000000000", 0x39}], 0x1) 03:44:35 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x41, &(0x7f0000000080)={'filter\x00', 0x57, "05b46051066f9c694d5ed51980a358debcf9568a49cc752f2181f3109806b7262ff577645c9752efa52d0422186868c0cd3bb68789aea894cf2b667802efd52691f0546c871d2a9f2bdfa60010f6f20640fa872d5bf8c4"}, &(0x7f0000000000)=0x7b) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:35 executing program 3: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:44:35 executing program 0 (fault-call:2 fault-nth:67): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:35 executing program 2: r0 = socket(0x10, 0x2, 0xc) write$P9_RSTAT(r0, &(0x7f0000000000)={0x5e, 0x7d, 0x2, {0x0, 0x57, 0xc48, 0x9, {0x2, 0x4, 0x5}, 0x0, 0x401, 0x3, 0xfffffffffffffa06, 0x5, ']ppp0', 0x5, 'self\x95', 0xa, '\xb4security]', 0x10, 'posix_acl_access'}}, 0x5e) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f00000000c0)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:35 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000}) [ 1274.777701][T27272] FAULT_INJECTION: forcing a failure. [ 1274.777701][T27272] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1274.790923][T27272] CPU: 0 PID: 27272 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1274.790931][T27272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1274.790935][T27272] Call Trace: [ 1274.790954][T27272] dump_stack+0x1d8/0x2f8 [ 1274.790970][T27272] should_fail+0x608/0x860 [ 1274.790983][T27272] ? setup_fault_attr+0x2b0/0x2b0 [ 1274.790998][T27272] ? do_raw_spin_lock+0x143/0x3a0 [ 1274.810406][T27272] should_fail_alloc_page+0x55/0x60 [ 1274.810416][T27272] prepare_alloc_pages+0x283/0x460 [ 1274.810429][T27272] __alloc_pages_nodemask+0x11c/0x790 [ 1274.810443][T27272] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1274.810451][T27272] ? filename_lookup+0x4e3/0x6d0 [ 1274.810467][T27272] ? kmem_cache_free+0x122/0x170 [ 1274.810481][T27272] kmem_getpages+0x46/0x480 [ 1274.832464][T27272] cache_grow_begin+0x7e/0x2c0 [ 1274.832479][T27272] cache_alloc_refill+0x311/0x3f0 [ 1274.832495][T27272] ? check_preemption_disabled+0xb7/0x280 [ 1274.848116][T27272] __kmalloc+0x2e5/0x310 [ 1274.848129][T27272] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 1274.848142][T27272] tomoyo_realpath_from_path+0xdc/0x7c0 [ 1274.858597][T27272] tomoyo_mount_permission+0x9d6/0xaf0 [ 1274.858616][T27272] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 1274.879137][T27272] ? check_preemption_disabled+0x47/0x280 [ 1274.879151][T27272] ? tomoyo_get_name+0x540/0x540 [ 1274.879177][T27272] ? filename_lookup+0x4e3/0x6d0 03:44:35 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0040000a0003ee001100000000000000", 0x39}], 0x1) 03:44:35 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000000}) 03:44:35 executing program 3: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) [ 1274.900332][T27272] ? strncpy_from_user+0x33e/0x3b0 [ 1274.900350][T27272] tomoyo_sb_mount+0x35/0x40 [ 1274.917288][T27272] security_sb_mount+0x84/0xe0 [ 1274.917305][T27272] do_mount+0x186/0x2730 [ 1274.917321][T27272] ? check_preemption_disabled+0x47/0x280 [ 1274.936808][T27272] ? copy_mount_string+0x30/0x30 [ 1274.936822][T27272] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1274.936835][T27272] ? trace_kmalloc+0xcd/0x130 [ 1274.951495][T27272] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1274.951505][T27272] ? copy_mount_options+0x5f/0x360 03:44:35 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000}) [ 1274.951520][T27272] ? copy_mount_options+0x2c8/0x360 [ 1274.982600][T27272] ksys_mount+0xcc/0x100 [ 1274.986849][T27272] __x64_sys_mount+0xbf/0xd0 [ 1274.991447][T27272] do_syscall_64+0xfe/0x140 [ 1274.995957][T27272] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1275.001841][T27272] RIP: 0033:0x45bf6a [ 1275.005728][T27272] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1275.025323][T27272] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1275.033724][T27272] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a [ 1275.041689][T27272] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1275.049659][T27272] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1275.057626][T27272] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1275.065595][T27272] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:35 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x3f8, 0x0) 03:44:35 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) r2 = dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r1, &(0x7f0000000000)={0x10002002}) 03:44:35 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0002000a0003ee001100000000000000", 0x39}], 0x1) 03:44:35 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}) 03:44:35 executing program 3: socketpair$unix(0x1, 0x5, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r0, 0x400454cd, 0x336) ioctl$sock_ifreq(0xffffffffffffffff, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(0xffffffffffffffff, r0) 03:44:35 executing program 0 (fault-call:2 fault-nth:68): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:35 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/am_droprate\x00', 0x2, 0x0) ioctl$VT_ACTIVATE(r2, 0x5606, 0x5) socket(0x17, 0xa, 0xff) ioctl$sock_rose_SIOCRSCLRRT(r0, 0x89e4) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:35 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0003000a0003ee001100000000000000", 0x39}], 0x1) 03:44:35 executing program 3: socketpair$unix(0x1, 0x5, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r0, 0x400454cd, 0x336) ioctl$sock_ifreq(0xffffffffffffffff, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(0xffffffffffffffff, r0) 03:44:35 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9000000}) [ 1275.405589][T27317] FAULT_INJECTION: forcing a failure. [ 1275.405589][T27317] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1275.418813][T27317] CPU: 0 PID: 27317 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1275.426697][T27317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1275.436746][T27317] Call Trace: [ 1275.440042][T27317] dump_stack+0x1d8/0x2f8 [ 1275.444370][T27317] should_fail+0x608/0x860 [ 1275.448782][T27317] ? setup_fault_attr+0x2b0/0x2b0 [ 1275.453805][T27317] ? tomoyo_realpath_from_path+0x774/0x7c0 [ 1275.459620][T27317] should_fail_alloc_page+0x55/0x60 [ 1275.464815][T27317] prepare_alloc_pages+0x283/0x460 [ 1275.469930][T27317] __alloc_pages_nodemask+0x11c/0x790 [ 1275.475294][T27317] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1275.475311][T27317] ? trace_lock_acquire+0x190/0x190 [ 1275.475329][T27317] kmem_getpages+0x46/0x480 [ 1275.475339][T27317] cache_grow_begin+0x7e/0x2c0 [ 1275.475350][T27317] cache_alloc_refill+0x311/0x3f0 [ 1275.475363][T27317] ? check_preemption_disabled+0xb7/0x280 [ 1275.475375][T27317] kmem_cache_alloc+0x288/0x2b0 [ 1275.490562][T27317] ? getname_kernel+0x59/0x2f0 [ 1275.490574][T27317] getname_kernel+0x59/0x2f0 [ 1275.490586][T27317] kern_path+0x1f/0x40 [ 1275.500332][T27317] tomoyo_mount_permission+0x850/0xaf0 [ 1275.500356][T27317] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 1275.510869][T27317] ? check_preemption_disabled+0x47/0x280 [ 1275.510880][T27317] ? tomoyo_get_name+0x540/0x540 [ 1275.510902][T27317] ? filename_lookup+0x4e3/0x6d0 [ 1275.541178][T27317] ? strncpy_from_user+0x33e/0x3b0 [ 1275.541195][T27317] tomoyo_sb_mount+0x35/0x40 [ 1275.551023][T27317] security_sb_mount+0x84/0xe0 [ 1275.551040][T27317] do_mount+0x186/0x2730 [ 1275.551055][T27317] ? check_preemption_disabled+0x47/0x280 [ 1275.560706][T27317] ? copy_mount_string+0x30/0x30 [ 1275.560721][T27317] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1275.560733][T27317] ? trace_kmalloc+0xcd/0x130 [ 1275.569692][T27317] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1275.569701][T27317] ? copy_mount_options+0x5f/0x360 [ 1275.569713][T27317] ? copy_mount_options+0x2c8/0x360 [ 1275.569724][T27317] ksys_mount+0xcc/0x100 [ 1275.610721][T27317] __x64_sys_mount+0xbf/0xd0 [ 1275.615310][T27317] do_syscall_64+0xfe/0x140 [ 1275.619810][T27317] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1275.625689][T27317] RIP: 0033:0x45bf6a [ 1275.629572][T27317] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 03:44:36 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x3fc, 0x0) 03:44:36 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0008000a0003ee001100000000000000", 0x39}], 0x1) 03:44:36 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000000), &(0x7f0000000080)=0x4) 03:44:36 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000}) [ 1275.649161][T27317] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1275.649173][T27317] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a [ 1275.649180][T27317] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1275.649189][T27317] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1275.681456][T27317] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1275.681462][T27317] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:36 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) r2 = dup2(r0, r1) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000080)=[@in={0x2, 0x4e23, @broadcast}, @in={0x2, 0x4e24, @empty}, @in={0x2, 0x4e21, @broadcast}, @in6={0xa, 0x4e24, 0x9, @mcast2, 0xfffffffffffffff7}], 0x4c) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) ioctl$sock_inet_SIOCSIFPFLAGS(r2, 0x8934, &(0x7f0000000000)={'veth1_to_bond\x00'}) 03:44:36 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e000a000a0003ee001100000000000000", 0x39}], 0x1) 03:44:36 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb000000}) 03:44:36 executing program 0 (fault-call:2 fault-nth:69): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:36 executing program 3: socketpair$unix(0x1, 0x5, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r0, 0x400454cd, 0x336) ioctl$sock_ifreq(0xffffffffffffffff, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(0xffffffffffffffff, r0) 03:44:36 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0025000a0003ee001100000000000000", 0x39}], 0x1) 03:44:36 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x402, 0x0) 03:44:36 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10005, 0x2, 0x0) r2 = dup2(r0, r1) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, r2, 0x0, 0x6, &(0x7f0000000000)=')em1]\x00', 0xffffffffffffffff}, 0x30) tkill(r3, 0x39) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:36 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc000000}) 03:44:36 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0000030a0003ee001100000000000000", 0x39}], 0x1) [ 1276.026052][T27363] FAULT_INJECTION: forcing a failure. [ 1276.026052][T27363] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1276.038324][T27357] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1276.039283][T27363] CPU: 0 PID: 27363 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1276.057486][T27363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1276.067533][T27363] Call Trace: [ 1276.067554][T27363] dump_stack+0x1d8/0x2f8 [ 1276.067569][T27363] should_fail+0x608/0x860 [ 1276.067580][T27363] ? setup_fault_attr+0x2b0/0x2b0 [ 1276.067589][T27363] ? do_raw_spin_lock+0x143/0x3a0 [ 1276.067607][T27363] should_fail_alloc_page+0x55/0x60 [ 1276.079587][T27363] prepare_alloc_pages+0x283/0x460 [ 1276.099868][T27363] __alloc_pages_nodemask+0x11c/0x790 [ 1276.105237][T27363] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1276.110769][T27363] ? filename_lookup+0x4e3/0x6d0 [ 1276.115701][T27363] ? kmem_cache_free+0x122/0x170 [ 1276.120631][T27363] kmem_getpages+0x46/0x480 [ 1276.125126][T27363] cache_grow_begin+0x7e/0x2c0 [ 1276.129882][T27363] cache_alloc_refill+0x311/0x3f0 [ 1276.134918][T27363] ? check_preemption_disabled+0xb7/0x280 [ 1276.140642][T27363] __kmalloc+0x2e5/0x310 [ 1276.144880][T27363] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 1276.150597][T27363] tomoyo_realpath_from_path+0xdc/0x7c0 [ 1276.156142][T27363] tomoyo_mount_permission+0x9d6/0xaf0 [ 1276.161605][T27363] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 1276.167397][T27363] ? check_preemption_disabled+0x47/0x280 [ 1276.173103][T27363] ? tomoyo_get_name+0x540/0x540 [ 1276.178049][T27363] ? filename_lookup+0x4e3/0x6d0 [ 1276.183006][T27363] ? strncpy_from_user+0x33e/0x3b0 [ 1276.188114][T27363] tomoyo_sb_mount+0x35/0x40 [ 1276.192696][T27363] security_sb_mount+0x84/0xe0 [ 1276.197461][T27363] do_mount+0x186/0x2730 [ 1276.201696][T27363] ? check_preemption_disabled+0x47/0x280 [ 1276.207415][T27363] ? copy_mount_string+0x30/0x30 [ 1276.212350][T27363] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1276.218058][T27363] ? trace_kmalloc+0xcd/0x130 [ 1276.222730][T27363] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1276.228264][T27363] ? copy_mount_options+0x5f/0x360 [ 1276.233369][T27363] ? copy_mount_options+0x2c8/0x360 [ 1276.238561][T27363] ksys_mount+0xcc/0x100 [ 1276.242893][T27363] __x64_sys_mount+0xbf/0xd0 [ 1276.247483][T27363] do_syscall_64+0xfe/0x140 [ 1276.251981][T27363] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1276.257867][T27363] RIP: 0033:0x45bf6a [ 1276.261751][T27363] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1276.281342][T27363] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1276.289747][T27363] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a [ 1276.297710][T27363] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1276.305671][T27363] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1276.313634][T27363] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 03:44:36 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e000100030003ee001100000000000000", 0x39}], 0x1) 03:44:36 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x20002, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:36 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) [ 1276.321599][T27363] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:37 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd000000}) 03:44:37 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) r2 = dup2(r0, r1) write(r2, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) getsockname$llc(r1, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000080)=0x10) [ 1276.449829][T27378] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:37 executing program 0 (fault-call:2 fault-nth:70): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:37 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e000100070003ee001100000000000000", 0x39}], 0x1) 03:44:37 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:44:37 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x406, 0x0) 03:44:37 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe000000}) 03:44:37 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = syz_open_dev$admmidi(&(0x7f0000000380)='/dev/admmidi#\x00', 0x4, 0x4080) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r1, 0xc058534b, &(0x7f00000003c0)={0x7, 0x200, 0x5, 0x0, 0xc6c6, 0x5}) getitimer(0x1, &(0x7f0000000100)) r2 = socket(0x3, 0x3, 0xfffffffffffffffc) sendmsg(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000140)="8457de4341e3a156ba8dc220ea83b4a3f4f15f59db57327a0d3aed20ad1e7afc1dfdaf69568752a2756157d94c48c9057501b6ff2544a29f018560bb013d61a12c7abfc13c340a284be8b680", 0x4c}, {&(0x7f00000001c0)="732eed06c732db29e9e216c4c2a45eae277a375c86d6b4b88b1bd486fca40274df391764", 0x24}, {&(0x7f0000000200)="df4b551b6f95f1813585", 0xa}], 0x3}, 0x20000000) r3 = dup2(r0, r2) ioctl$TIOCSSERIAL(r3, 0x541f, &(0x7f0000000080)={0x2, 0x9, 0xfff, 0x7f, 0xfffffffffffffff8, 0x3b9, 0x4, 0xd, 0x1c, 0x625e, 0x9, 0x0, 0x2, 0xfff, &(0x7f0000000000)=""/10, 0x3, 0x1000, 0x4}) write$P9_RSETATTR(r3, &(0x7f00000005c0)={0x7, 0x1b, 0x2}, 0x7) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000480)='TIPCv2\x00') sendmsg$TIPC_NL_MON_PEER_GET(r3, &(0x7f0000000580)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000640)=ANY=[@ANYBLOB="7400001f7513243f9b463b1e30af315a6703b13a96fcea10ef917d16a3990241ed2123e30b40cf87c570fa4d4ddb31944e0d7ca5325db92c3cb918363161aa888968499ee087ce755ff12465a2a79ada94c71057327d496ff4647bdd6267438056a0327e4f9e467989ab1ab66c9a5fcd8f8c2463b7f329bee8f531b47680855fbfc76fa78112a29146d64fdcfb154bac423b79f0e2f72e5271afd51b8ec52763e407aabeb924338a8abd148cfacec5ecf878a4e0eae09c5b7a3573b42009467568db487d46058bacc7f780da0caab448bc", @ANYRES16=r4, @ANYBLOB="000226bd7000fcdbdf2513000000600007000800020000000038080002000300000008000200050000000c00040009000000000000000c00030007000000000000000c00030001010000000000000c000300040000000000000008000200090000000c0003000600000000000000"], 0x74}, 0x1, 0x0, 0x0, 0x4800}, 0x80) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r3, 0x6, 0x21, &(0x7f00000002c0)="f2d0e274774b0c046692937bc32e41cc", 0x10) ioctl$TUNSETSNDBUF(r3, 0x400454d4, &(0x7f0000000340)=0x6) write(r2, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:37 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001020a0003ee001100000000000000", 0x39}], 0x1) 03:44:37 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:44:37 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001030a0003ee001100000000000000", 0x39}], 0x1) 03:44:37 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) r2 = dup2(r0, r1) setsockopt$l2tp_PPPOL2TP_SO_REORDERTO(r0, 0x111, 0x5, 0x6, 0x4) ioctl$TIOCGPTPEER(r2, 0x5441, 0x1f) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000000)=r2, 0x4) 03:44:37 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}) 03:44:37 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001040a0003ee001100000000000000", 0x39}], 0x1) [ 1276.704243][T27395] FAULT_INJECTION: forcing a failure. [ 1276.704243][T27395] name failslab, interval 1, probability 0, space 0, times 0 [ 1276.742851][T27410] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1276.783392][T27395] CPU: 0 PID: 27395 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1276.791324][T27395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1276.802873][T27395] Call Trace: [ 1276.806175][T27395] dump_stack+0x1d8/0x2f8 [ 1276.810519][T27395] should_fail+0x608/0x860 [ 1276.814949][T27395] ? setup_fault_attr+0x2b0/0x2b0 [ 1276.819979][T27395] ? tomoyo_encode2+0x273/0x5a0 [ 1276.824841][T27395] __should_failslab+0x11a/0x160 [ 1276.829786][T27395] ? tomoyo_encode2+0x273/0x5a0 [ 1276.834643][T27395] should_failslab+0x9/0x20 [ 1276.839150][T27395] __kmalloc+0x7a/0x310 [ 1276.843317][T27395] tomoyo_encode2+0x273/0x5a0 [ 1276.848009][T27395] tomoyo_realpath_from_path+0x769/0x7c0 [ 1276.853664][T27395] tomoyo_mount_permission+0x9d6/0xaf0 [ 1276.859131][T27395] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 1276.864931][T27395] ? check_preemption_disabled+0x47/0x280 [ 1276.864946][T27395] ? tomoyo_get_name+0x540/0x540 [ 1276.864970][T27395] ? filename_lookup+0x4e3/0x6d0 [ 1276.864999][T27395] ? strncpy_from_user+0x33e/0x3b0 [ 1276.865013][T27395] tomoyo_sb_mount+0x35/0x40 [ 1276.865026][T27395] security_sb_mount+0x84/0xe0 [ 1276.865039][T27395] do_mount+0x186/0x2730 [ 1276.865047][T27395] ? check_preemption_disabled+0x47/0x280 [ 1276.865061][T27395] ? copy_mount_string+0x30/0x30 [ 1276.880600][T27395] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1276.880613][T27395] ? trace_kmalloc+0xcd/0x130 [ 1276.880624][T27395] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1276.880637][T27395] ? copy_mount_options+0x5f/0x360 [ 1276.895050][T27395] ? copy_mount_options+0x2c8/0x360 [ 1276.895061][T27395] ksys_mount+0xcc/0x100 [ 1276.895073][T27395] __x64_sys_mount+0xbf/0xd0 [ 1276.895089][T27395] do_syscall_64+0xfe/0x140 [ 1276.895106][T27395] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1276.895115][T27395] RIP: 0033:0x45bf6a [ 1276.895125][T27395] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1276.895130][T27395] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1276.895140][T27395] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a [ 1276.895146][T27395] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1276.895151][T27395] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1276.895156][T27395] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1276.895161][T27395] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1276.895526][T27395] ERROR: Out of memory at tomoyo_realpath_from_path. 03:44:37 executing program 0 (fault-call:2 fault-nth:71): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:37 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) writev(r1, &(0x7f0000000000)=[{&(0x7f0000000080)="3a045dea9acc572a68b7eed966f32217bf96ec367f8a82d21aa5246b2dc35795eaf65b617c82d2a132af720c43f96e7afa80861cf09b523ff365537a6bfde095aae5ee6108dbb453a76f72ac8fd36c59c0821244390e004ede9d0dab1b06ce6ca9d7277332d2948f5bb6541a9632c9818bd3c25275a8cc00d2ad396a08ffd5f9f216365172479986b58e752edccfd9bbc598a9eb53d055f5b1b9472c13e0fa89fc3380ae2b98563c54c00828876703b08770d529fe94aaa910f820fd99863d919f95385b5a9952b2b53615445bcf31f4cc040855a53be7103dd7dfa271b85467d73005f71410647087e41ffde8ca1cc8feea9970ff", 0xf5}, {&(0x7f0000000180)="d5851b19943c74398ea9689962da3e8bde6e566fa379584f1e849bc1d949a48ad4fa97803c04d8939e375b4212b9bcece8c2006e0717389a3dc2697f372359a9c099f422da1cf7dd503e4485e945ae3db1aa5bb4f07e221f30f1200c91b80d0fbbaa20ad438cbe7d49510028e7d211413c00c0f1b75cd6553219d275c00e0328dd6933fa4c58d2cdde45fffe0c8edefd617c35c3d3519eb680c18b964297ad3c2e50", 0xa2}], 0x2) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:37 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11000000}) [ 1277.108620][T27430] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1277.152269][T27435] FAULT_INJECTION: forcing a failure. [ 1277.152269][T27435] name failslab, interval 1, probability 0, space 0, times 0 [ 1277.170275][T27435] CPU: 0 PID: 27435 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1277.178209][T27435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1277.188258][T27435] Call Trace: [ 1277.191545][T27435] dump_stack+0x1d8/0x2f8 [ 1277.195871][T27435] should_fail+0x608/0x860 [ 1277.200281][T27435] ? setup_fault_attr+0x2b0/0x2b0 [ 1277.205299][T27435] ? tomoyo_encode2+0x273/0x5a0 [ 1277.210146][T27435] __should_failslab+0x11a/0x160 [ 1277.215079][T27435] ? tomoyo_encode2+0x273/0x5a0 [ 1277.219919][T27435] should_failslab+0x9/0x20 [ 1277.224430][T27435] __kmalloc+0x7a/0x310 [ 1277.228580][T27435] tomoyo_encode2+0x273/0x5a0 [ 1277.233254][T27435] tomoyo_realpath_from_path+0x769/0x7c0 [ 1277.238890][T27435] tomoyo_mount_permission+0x9d6/0xaf0 [ 1277.244352][T27435] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 1277.250151][T27435] ? check_preemption_disabled+0x47/0x280 [ 1277.255861][T27435] ? tomoyo_get_name+0x540/0x540 [ 1277.260800][T27435] ? filename_lookup+0x4e3/0x6d0 [ 1277.265754][T27435] ? strncpy_from_user+0x33e/0x3b0 [ 1277.270862][T27435] tomoyo_sb_mount+0x35/0x40 [ 1277.275444][T27435] security_sb_mount+0x84/0xe0 [ 1277.280202][T27435] do_mount+0x186/0x2730 [ 1277.284435][T27435] ? check_preemption_disabled+0x47/0x280 [ 1277.290147][T27435] ? copy_mount_string+0x30/0x30 [ 1277.295077][T27435] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1277.300787][T27435] ? trace_kmalloc+0xcd/0x130 [ 1277.305455][T27435] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1277.310987][T27435] ? copy_mount_options+0x5f/0x360 [ 1277.316091][T27435] ? copy_mount_options+0x2c8/0x360 [ 1277.321285][T27435] ksys_mount+0xcc/0x100 [ 1277.325521][T27435] __x64_sys_mount+0xbf/0xd0 [ 1277.330104][T27435] do_syscall_64+0xfe/0x140 [ 1277.334616][T27435] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1277.340502][T27435] RIP: 0033:0x45bf6a [ 1277.344389][T27435] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1277.363983][T27435] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1277.372386][T27435] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a [ 1277.380351][T27435] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1277.388316][T27435] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 03:44:38 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x500, 0x0) 03:44:38 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:44:38 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001050a0003ee001100000000000000", 0x39}], 0x1) 03:44:38 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) r2 = dup2(r0, r1) ioctl$EXT4_IOC_PRECACHE_EXTENTS(r2, 0x6612) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f0000000000)=[@in={0x2, 0x4e23, @broadcast}, @in={0x2, 0x4e20, @remote}, @in6={0xa, 0x4e22, 0x3ff, @empty, 0x8}], 0x3c) 03:44:38 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12000000}) [ 1277.396285][T27435] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1277.404365][T27435] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1277.414295][T27435] ERROR: Out of memory at tomoyo_realpath_from_path. 03:44:38 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) r2 = dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) write$UHID_GET_REPORT_REPLY(r2, &(0x7f0000000000)={0xa, 0x4, 0x9bf, 0x5}, 0xa) 03:44:38 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12540000}) 03:44:38 executing program 0 (fault-call:2 fault-nth:72): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:38 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001060a0003ee001100000000000000", 0x39}], 0x1) 03:44:38 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) [ 1277.577954][T27451] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:38 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001070a0003ee001100000000000000", 0x39}], 0x1) [ 1277.659450][T27462] FAULT_INJECTION: forcing a failure. [ 1277.659450][T27462] name failslab, interval 1, probability 0, space 0, times 0 [ 1277.683015][T27462] CPU: 1 PID: 27462 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1277.691048][T27462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1277.701107][T27462] Call Trace: [ 1277.704403][T27462] dump_stack+0x1d8/0x2f8 [ 1277.708734][T27462] should_fail+0x608/0x860 [ 1277.713160][T27462] ? setup_fault_attr+0x2b0/0x2b0 [ 1277.718189][T27462] ? vfs_parse_fs_string+0x171/0x280 [ 1277.723474][T27462] __should_failslab+0x11a/0x160 [ 1277.728408][T27462] ? vfs_parse_fs_string+0x171/0x280 [ 1277.733689][T27462] should_failslab+0x9/0x20 [ 1277.738182][T27462] __kmalloc_track_caller+0x79/0x310 [ 1277.743727][T27462] kmemdup_nul+0x2a/0xa0 [ 1277.747976][T27462] vfs_parse_fs_string+0x171/0x280 [ 1277.753081][T27462] ? logfc+0x710/0x710 [ 1277.757156][T27462] do_mount+0x1396/0x2730 [ 1277.761478][T27462] ? check_preemption_disabled+0x47/0x280 [ 1277.767194][T27462] ? copy_mount_string+0x30/0x30 [ 1277.772125][T27462] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1277.777842][T27462] ? trace_kmalloc+0xcd/0x130 [ 1277.782521][T27462] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1277.788058][T27462] ? copy_mount_options+0x5f/0x360 [ 1277.793166][T27462] ? copy_mount_options+0x2c8/0x360 [ 1277.798365][T27462] ksys_mount+0xcc/0x100 [ 1277.802599][T27462] __x64_sys_mount+0xbf/0xd0 [ 1277.807193][T27462] do_syscall_64+0xfe/0x140 [ 1277.811693][T27462] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1277.817576][T27462] RIP: 0033:0x45bf6a [ 1277.821461][T27462] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1277.841056][T27462] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1277.849459][T27462] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a 03:44:38 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25000000}) [ 1277.857424][T27462] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1277.865386][T27462] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1277.873347][T27462] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1277.881318][T27462] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1278.014289][T27474] REISERFS warning (device loop5): reiserfs_fill_super: Cannot allocate commit workqueue 03:44:38 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x600, 0x0) 03:44:38 executing program 2: r0 = socket(0x402, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000000)={0x0, 0x7}, 0x8) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:38 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001080a0003ee001100000000000000", 0x39}], 0x1) 03:44:38 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:44:38 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000}) 03:44:38 executing program 0 (fault-call:2 fault-nth:73): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:38 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001090a0003ee001100000000000000", 0x39}], 0x1) 03:44:38 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x54050000}) 03:44:38 executing program 2: r0 = socket(0xe, 0xfffffffffffffffe, 0xd) connect$x25(r0, &(0x7f0000000000)={0x9, @remote={[], 0x0}}, 0x12) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1278.113967][T27481] __nla_validate_parse: 43 callbacks suppressed [ 1278.113975][T27481] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1278.139226][T27484] FAULT_INJECTION: forcing a failure. [ 1278.139226][T27484] name failslab, interval 1, probability 0, space 0, times 0 [ 1278.203797][T27494] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1278.218894][T27499] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1278.225029][T27484] CPU: 1 PID: 27484 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1278.235977][T27484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1278.246026][T27484] Call Trace: [ 1278.249314][T27484] dump_stack+0x1d8/0x2f8 [ 1278.253650][T27484] should_fail+0x608/0x860 [ 1278.258252][T27484] ? setup_fault_attr+0x2b0/0x2b0 [ 1278.263276][T27484] ? btrfs_mount+0x109/0x1a70 [ 1278.267960][T27484] __should_failslab+0x11a/0x160 [ 1278.272898][T27484] ? btrfs_mount+0x109/0x1a70 [ 1278.277569][T27484] should_failslab+0x9/0x20 [ 1278.282062][T27484] __kmalloc_track_caller+0x79/0x310 [ 1278.287335][T27484] ? __kasan_kmalloc+0x178/0x1b0 [ 1278.292353][T27484] kstrdup+0x34/0x70 [ 1278.296240][T27484] btrfs_mount+0x109/0x1a70 [ 1278.300730][T27484] ? trace_lock_acquire+0x190/0x190 [ 1278.305921][T27484] ? kasan_kmalloc+0x9/0x10 [ 1278.310416][T27484] ? alloc_fs_context+0x49a/0x580 [ 1278.315429][T27484] ? fs_context_for_mount+0x24/0x30 [ 1278.320615][T27484] ? do_mount+0x1200/0x2730 [ 1278.325110][T27484] ? ksys_mount+0xcc/0x100 [ 1278.329516][T27484] ? __x64_sys_mount+0xbf/0xd0 [ 1278.334273][T27484] ? do_syscall_64+0xfe/0x140 [ 1278.338937][T27484] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1278.344993][T27484] ? fs_parse+0x1bd/0x10a0 [ 1278.349404][T27484] ? btrfs_resize_thread_pool+0x290/0x290 [ 1278.355119][T27484] ? smack_fs_context_parse_param+0x16a/0x3b0 [ 1278.361174][T27484] ? smack_fs_context_dup+0x2e0/0x2e0 [ 1278.366536][T27484] ? check_preemption_disabled+0x47/0x280 [ 1278.372261][T27484] ? vfs_parse_fs_string+0x1da/0x280 [ 1278.377536][T27484] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1278.383248][T27484] ? trace_kfree+0xb2/0x110 [ 1278.387748][T27484] ? vfs_parse_fs_string+0x1da/0x280 [ 1278.393022][T27484] ? kfree+0x1d/0x120 [ 1278.396997][T27484] ? vfs_parse_fs_string+0x1da/0x280 [ 1278.402272][T27484] ? logfc+0x710/0x710 [ 1278.406333][T27484] legacy_get_tree+0xf9/0x1a0 [ 1278.411006][T27484] ? btrfs_resize_thread_pool+0x290/0x290 [ 1278.416717][T27484] vfs_get_tree+0x8f/0x360 [ 1278.421132][T27484] do_mount+0x1813/0x2730 [ 1278.425454][T27484] ? check_preemption_disabled+0x47/0x280 [ 1278.431173][T27484] ? copy_mount_string+0x30/0x30 [ 1278.436103][T27484] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1278.441811][T27484] ? trace_kmalloc+0xcd/0x130 [ 1278.446479][T27484] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1278.452014][T27484] ? copy_mount_options+0x5f/0x360 [ 1278.457117][T27484] ? copy_mount_options+0x2c8/0x360 [ 1278.462310][T27484] ksys_mount+0xcc/0x100 [ 1278.466544][T27484] __x64_sys_mount+0xbf/0xd0 [ 1278.471126][T27484] do_syscall_64+0xfe/0x140 [ 1278.475628][T27484] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1278.481512][T27484] RIP: 0033:0x45bf6a [ 1278.485397][T27484] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 03:44:39 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, 0x0) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:44:39 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e00010a0a0003ee001100000000000000", 0x39}], 0x1) [ 1278.504989][T27484] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1278.513391][T27484] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a [ 1278.521353][T27484] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1278.529318][T27484] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1278.537280][T27484] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1278.545241][T27484] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:39 executing program 2: r0 = socket(0x10, 0x2, 0xc) getsockopt$packet_buf(r0, 0x107, 0x5, &(0x7f0000000000)=""/62, &(0x7f0000000080)=0x3e) r1 = socket(0x10, 0x2, 0x0) openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp\x00', 0xa00, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1278.708330][T27515] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1278.720744][T27516] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 03:44:39 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x604, 0x0) 03:44:39 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c000000}) 03:44:39 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, 0x0) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:44:39 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cpu.stat\x00', 0x0, 0x0) ioctl$VIDIOC_ENUMAUDOUT(r1, 0xc0345642, &(0x7f00000000c0)={0x6, "63b5f7a0c0b3e7489b6f229472f7ea54aba0fcf9dd6247e78e4b5341ad5093cd", 0x1, 0x1}) r2 = socket(0x10, 0x2, 0x0) syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0xfffffffffffffbff, 0x20000) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, &(0x7f0000000000)=0x7, 0x4) dup2(r0, r2) write(r2, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:39 executing program 0 (fault-call:2 fault-nth:74): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:39 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e00010b0a0003ee001100000000000000", 0x39}], 0x1) [ 1278.839115][T27526] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:39 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff}) [ 1278.880493][T27531] FAULT_INJECTION: forcing a failure. [ 1278.880493][T27531] name failslab, interval 1, probability 0, space 0, times 0 [ 1278.899377][T27536] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1278.919400][T27531] CPU: 0 PID: 27531 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1278.927317][T27531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1278.938251][T27531] Call Trace: [ 1278.941557][T27531] dump_stack+0x1d8/0x2f8 [ 1278.945894][T27531] should_fail+0x608/0x860 [ 1278.950327][T27531] ? setup_fault_attr+0x2b0/0x2b0 [ 1278.955370][T27531] __should_failslab+0x11a/0x160 [ 1278.955386][T27531] should_failslab+0x9/0x20 [ 1278.955396][T27531] kmem_cache_alloc_trace+0x5d/0x2c0 [ 1278.955409][T27531] ? alloc_fs_context+0x65/0x580 [ 1278.955422][T27531] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 1278.955434][T27531] alloc_fs_context+0x65/0x580 [ 1278.955449][T27531] fs_context_for_mount+0x24/0x30 [ 1278.970134][T27531] vfs_kern_mount+0x2c/0x160 [ 1278.970150][T27531] btrfs_mount+0x3f0/0x1a70 [ 1278.970164][T27531] ? alloc_fs_context+0x49a/0x580 [ 1278.970211][T27531] ? fs_context_for_mount+0x24/0x30 [ 1279.009885][T27531] ? do_mount+0x1200/0x2730 [ 1279.014380][T27531] ? ksys_mount+0xcc/0x100 [ 1279.018790][T27531] ? __x64_sys_mount+0xbf/0xd0 [ 1279.023552][T27531] ? do_syscall_64+0xfe/0x140 [ 1279.024786][T27533] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1279.028228][T27531] ? fs_parse+0x1bd/0x10a0 [ 1279.028248][T27531] ? btrfs_resize_thread_pool+0x290/0x290 [ 1279.028264][T27531] ? smack_fs_context_parse_param+0x16a/0x3b0 [ 1279.048663][T27531] ? smack_fs_context_dup+0x2e0/0x2e0 [ 1279.048677][T27531] ? check_preemption_disabled+0x47/0x280 [ 1279.048696][T27531] ? vfs_parse_fs_string+0x1da/0x280 [ 1279.048712][T27531] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1279.071067][T27531] ? trace_kfree+0xb2/0x110 03:44:39 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, 0x0) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:44:39 executing program 2: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x40, 0x0) getsockopt$IP_VS_SO_GET_SERVICES(r0, 0x0, 0x482, &(0x7f00000000c0)=""/118, &(0x7f0000000140)=0x76) r1 = socket(0x10, 0x2, 0xc) r2 = socket(0x10, 0x2, 0x0) dup2(r1, r2) setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r1, 0x84, 0xc, &(0x7f0000000080)=0x4, 0x4) write(r2, &(0x7f0000000040)="1f00000010001f00fd4354c007110000f3051e0008000100020423dcffdf00", 0xffffff4c) [ 1279.071081][T27531] ? vfs_parse_fs_string+0x1da/0x280 [ 1279.071090][T27531] ? kfree+0x1d/0x120 [ 1279.071102][T27531] ? vfs_parse_fs_string+0x1da/0x280 [ 1279.071113][T27531] ? logfc+0x710/0x710 [ 1279.071126][T27531] legacy_get_tree+0xf9/0x1a0 [ 1279.071138][T27531] ? btrfs_resize_thread_pool+0x290/0x290 [ 1279.071151][T27531] vfs_get_tree+0x8f/0x360 [ 1279.110228][T27531] do_mount+0x1813/0x2730 [ 1279.110245][T27531] ? check_preemption_disabled+0x47/0x280 [ 1279.110261][T27531] ? copy_mount_string+0x30/0x30 03:44:39 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f0000000080)={0x0, 0x55, "b8baabef4f62f61079c664efd32cfc7769780b001dd71099f95452cb2f5cb9d0aa520ace876a422514e7b5a61e845937a5979e93e1bf4fb5037d73b8705e2ac08b78f942b570789a396f578eeee7cf7305eca82f82"}, &(0x7f0000000000)=0x5d) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000100)={r2, @in6={{0xa, 0x4e22, 0x3, @mcast1}}, 0x2, 0x5, 0x7, 0x2, 0x50}, &(0x7f00000001c0)=0x98) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:39 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e00010c0a0003ee001100000000000000", 0x39}], 0x1) [ 1279.110274][T27531] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1279.110286][T27531] ? trace_kmalloc+0xcd/0x130 [ 1279.124695][T27531] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1279.124707][T27531] ? copy_mount_options+0x5f/0x360 [ 1279.124720][T27531] ? copy_mount_options+0x2c8/0x360 [ 1279.124732][T27531] ksys_mount+0xcc/0x100 [ 1279.124744][T27531] __x64_sys_mount+0xbf/0xd0 [ 1279.124760][T27531] do_syscall_64+0xfe/0x140 [ 1279.124776][T27531] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1279.124785][T27531] RIP: 0033:0x45bf6a 03:44:39 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e00010d0a0003ee001100000000000000", 0x39}], 0x1) [ 1279.124793][T27531] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1279.124798][T27531] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1279.124811][T27531] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a [ 1279.145597][T27531] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1279.145604][T27531] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1279.145609][T27531] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1279.145615][T27531] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1279.166800][T27548] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1279.275875][T27557] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1279.289857][T27557] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1279.384493][T27558] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:40 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x700, 0x0) 03:44:40 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd}) 03:44:40 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00'}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:44:40 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) r2 = dup2(r0, r1) setsockopt$packet_int(r2, 0x107, 0x3, &(0x7f0000000000)=0x8d1c, 0x4) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:40 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e00010e0a0003ee001100000000000000", 0x39}], 0x1) 03:44:40 executing program 0 (fault-call:2 fault-nth:75): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:40 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000}) 03:44:40 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e00010f0a0003ee001100000000000000", 0x39}], 0x1) [ 1279.520676][T27567] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1279.540626][T27565] FAULT_INJECTION: forcing a failure. [ 1279.540626][T27565] name failslab, interval 1, probability 0, space 0, times 0 [ 1279.579466][T27565] CPU: 1 PID: 27565 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1279.587383][T27565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1279.587389][T27565] Call Trace: [ 1279.587408][T27565] dump_stack+0x1d8/0x2f8 [ 1279.587426][T27565] should_fail+0x608/0x860 [ 1279.609457][T27565] ? setup_fault_attr+0x2b0/0x2b0 [ 1279.609474][T27565] ? vfs_parse_fs_string+0x171/0x280 [ 1279.619755][T27565] __should_failslab+0x11a/0x160 [ 1279.624698][T27565] ? vfs_parse_fs_string+0x171/0x280 [ 1279.629971][T27565] should_failslab+0x9/0x20 [ 1279.629983][T27565] __kmalloc_track_caller+0x79/0x310 [ 1279.629996][T27565] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1279.630009][T27565] kmemdup_nul+0x2a/0xa0 [ 1279.645454][T27565] vfs_parse_fs_string+0x171/0x280 [ 1279.645469][T27565] ? logfc+0x710/0x710 [ 1279.645482][T27565] ? alloc_fs_context+0x4ae/0x580 [ 1279.645502][T27565] vfs_kern_mount+0x77/0x160 [ 1279.668448][T27565] btrfs_mount+0x3f0/0x1a70 [ 1279.672948][T27565] ? alloc_fs_context+0x49a/0x580 [ 1279.677968][T27565] ? fs_context_for_mount+0x24/0x30 [ 1279.683152][T27565] ? do_mount+0x1200/0x2730 [ 1279.687646][T27565] ? ksys_mount+0xcc/0x100 [ 1279.692051][T27565] ? __x64_sys_mount+0xbf/0xd0 [ 1279.696808][T27565] ? do_syscall_64+0xfe/0x140 [ 1279.701478][T27565] ? fs_parse+0x1bd/0x10a0 [ 1279.705892][T27565] ? btrfs_resize_thread_pool+0x290/0x290 [ 1279.711605][T27565] ? smack_fs_context_parse_param+0x16a/0x3b0 [ 1279.717668][T27565] ? smack_fs_context_dup+0x2e0/0x2e0 [ 1279.723028][T27565] ? check_preemption_disabled+0x47/0x280 [ 1279.728747][T27565] ? vfs_parse_fs_string+0x1da/0x280 [ 1279.734022][T27565] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1279.739730][T27565] ? trace_kfree+0xb2/0x110 [ 1279.744225][T27565] ? vfs_parse_fs_string+0x1da/0x280 [ 1279.749502][T27565] ? kfree+0x1d/0x120 [ 1279.753480][T27565] ? vfs_parse_fs_string+0x1da/0x280 [ 1279.758756][T27565] ? logfc+0x710/0x710 [ 1279.762818][T27565] legacy_get_tree+0xf9/0x1a0 [ 1279.767486][T27565] ? btrfs_resize_thread_pool+0x290/0x290 [ 1279.773201][T27565] vfs_get_tree+0x8f/0x360 [ 1279.777613][T27565] do_mount+0x1813/0x2730 [ 1279.781940][T27565] ? check_preemption_disabled+0x47/0x280 [ 1279.787659][T27565] ? copy_mount_string+0x30/0x30 [ 1279.792590][T27565] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1279.798305][T27565] ? trace_kmalloc+0xcd/0x130 [ 1279.802979][T27565] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1279.808520][T27565] ? copy_mount_options+0x5f/0x360 [ 1279.813630][T27565] ? copy_mount_options+0x2c8/0x360 [ 1279.818819][T27565] ksys_mount+0xcc/0x100 [ 1279.823056][T27565] __x64_sys_mount+0xbf/0xd0 [ 1279.827643][T27565] do_syscall_64+0xfe/0x140 [ 1279.832144][T27565] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1279.838029][T27565] RIP: 0033:0x45bf6a [ 1279.841920][T27565] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1279.861515][T27565] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1279.869925][T27565] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a 03:44:40 executing program 2: r0 = socket(0xfffffffffffffffe, 0x800, 0xd) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1279.877887][T27565] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1279.885849][T27565] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1279.893815][T27565] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1279.901775][T27565] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:40 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001100a0003ee001100000000000000", 0x39}], 0x1) 03:44:40 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}) 03:44:40 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00'}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) [ 1279.952550][T27577] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1280.194295][T27598] REISERFS warning (device loop5): reiserfs_fill_super: Cannot allocate commit workqueue 03:44:40 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x900, 0x0) 03:44:40 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000080)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:40 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}) 03:44:40 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001110a0003ee001100000000000000", 0x39}], 0x1) 03:44:40 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00'}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:44:40 executing program 0 (fault-call:2 fault-nth:76): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 1280.318296][T27607] FAULT_INJECTION: forcing a failure. [ 1280.318296][T27607] name failslab, interval 1, probability 0, space 0, times 0 [ 1280.356179][T27607] CPU: 1 PID: 27607 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1280.364112][T27607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1280.374162][T27607] Call Trace: [ 1280.374185][T27607] dump_stack+0x1d8/0x2f8 [ 1280.374200][T27607] should_fail+0x608/0x860 [ 1280.374214][T27607] ? setup_fault_attr+0x2b0/0x2b0 [ 1280.391220][T27607] __should_failslab+0x11a/0x160 [ 1280.391235][T27607] should_failslab+0x9/0x20 [ 1280.400647][T27607] kmem_cache_alloc_trace+0x5d/0x2c0 [ 1280.405928][T27607] ? legacy_init_fs_context+0x51/0xc0 [ 1280.411300][T27607] legacy_init_fs_context+0x51/0xc0 03:44:40 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300000000000000}) 03:44:40 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001120a0003ee001100000000000000", 0x39}], 0x1) 03:44:40 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) r2 = dup2(r0, r1) write(r1, &(0x7f0000000080)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) ioctl$SIOCX25GFACILITIES(r2, 0x89e2, &(0x7f0000000000)) 03:44:41 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001250a0003ee001100000000000000", 0x39}], 0x1) 03:44:41 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000}) [ 1280.416495][T27607] alloc_fs_context+0x49a/0x580 [ 1280.421351][T27607] fs_context_for_mount+0x24/0x30 [ 1280.426375][T27607] vfs_kern_mount+0x2c/0x160 [ 1280.430963][T27607] btrfs_mount+0x3f0/0x1a70 [ 1280.435463][T27607] ? alloc_fs_context+0x49a/0x580 [ 1280.440479][T27607] ? fs_context_for_mount+0x24/0x30 [ 1280.445666][T27607] ? do_mount+0x1200/0x2730 [ 1280.450160][T27607] ? ksys_mount+0xcc/0x100 [ 1280.454573][T27607] ? __x64_sys_mount+0xbf/0xd0 [ 1280.459334][T27607] ? do_syscall_64+0xfe/0x140 [ 1280.464009][T27607] ? fs_parse+0x1bd/0x10a0 [ 1280.468434][T27607] ? btrfs_resize_thread_pool+0x290/0x290 [ 1280.474161][T27607] ? smack_fs_context_parse_param+0x16a/0x3b0 [ 1280.480222][T27607] ? smack_fs_context_dup+0x2e0/0x2e0 [ 1280.480236][T27607] ? check_preemption_disabled+0x47/0x280 [ 1280.480254][T27607] ? vfs_parse_fs_string+0x1da/0x280 [ 1280.480266][T27607] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1280.480279][T27607] ? trace_kfree+0xb2/0x110 [ 1280.491330][T27607] ? vfs_parse_fs_string+0x1da/0x280 [ 1280.491340][T27607] ? kfree+0x1d/0x120 [ 1280.491352][T27607] ? vfs_parse_fs_string+0x1da/0x280 [ 1280.491364][T27607] ? logfc+0x710/0x710 [ 1280.491376][T27607] legacy_get_tree+0xf9/0x1a0 [ 1280.491392][T27607] ? btrfs_resize_thread_pool+0x290/0x290 [ 1280.525430][T27624] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1280.530012][T27607] vfs_get_tree+0x8f/0x360 [ 1280.530029][T27607] do_mount+0x1813/0x2730 [ 1280.530042][T27607] ? check_preemption_disabled+0x47/0x280 [ 1280.530056][T27607] ? copy_mount_string+0x30/0x30 [ 1280.530070][T27607] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1280.530079][T27607] ? trace_kmalloc+0xcd/0x130 [ 1280.530091][T27607] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1280.581222][T27607] ? copy_mount_options+0x5f/0x360 [ 1280.586311][T27607] ? copy_mount_options+0x2c8/0x360 [ 1280.591484][T27607] ksys_mount+0xcc/0x100 [ 1280.595705][T27607] __x64_sys_mount+0xbf/0xd0 [ 1280.600288][T27607] do_syscall_64+0xfe/0x140 [ 1280.604770][T27607] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1280.610637][T27607] RIP: 0033:0x45bf6a [ 1280.614507][T27607] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1280.634084][T27607] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1280.642471][T27607] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a [ 1280.650415][T27607] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1280.658360][T27607] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 03:44:41 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ubi_ctrl\x00', 0x40000, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r2, 0x404c534a, &(0x7f0000000140)={0xff7, 0x8, 0xff}) r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x4000, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r3, 0xc0305602, &(0x7f0000000040)={0x0, 0x101, 0x300f}) dup2(r0, r1) write(r1, &(0x7f0000000080)="03a4985641b1d8db8ea15e638d7e871f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf005b3ddd99d308c932eb39d59630315c6b63a457e7a21dbaf7bdaec39ce5fe0101000033722fc837fa0af2ab3a1725a23da5447204147fb49b63", 0x67) [ 1280.666304][T27607] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1280.674258][T27607] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1280.825067][T27638] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:41 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0xa00, 0x0) 03:44:41 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001480a0003ee001100000000000000", 0x39}], 0x1) 03:44:41 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:44:41 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500000000000000}) 03:44:41 executing program 0 (fault-call:2 fault-nth:77): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:41 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) r2 = dup2(r0, r1) setsockopt$bt_BT_FLUSHABLE(r2, 0x112, 0x8, &(0x7f0000000000)=0x38f, 0x4) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:41 executing program 2: r0 = socket(0x11, 0x2, 0xfffffffffffefffe) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x400, 0x0) fstatfs(r1, &(0x7f00000000c0)=""/168) ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r1, 0x40045730, &(0x7f00000001c0)=0x2) write$uinput_user_dev(r1, &(0x7f0000000200)={'syz0\x00', {0x9, 0x100000001, 0x6, 0x1}, 0x46, [0xfffffffffffffffa, 0x8, 0xfffffffffffffffc, 0x7, 0x905, 0xffffffff, 0x200, 0x7, 0x8, 0x9, 0x9, 0x20, 0xe994, 0x9, 0x0, 0xffffffff, 0x80000001, 0x0, 0x7, 0x0, 0x1, 0x10000, 0x849d, 0x1f, 0x7, 0xe, 0xffffffffffffff8e, 0x6, 0xfffffffffffff3a0, 0x4, 0x2, 0x49, 0x4, 0x0, 0x8, 0x101, 0xe2d, 0x0, 0x9, 0xa3, 0x1000, 0x2, 0x0, 0x4, 0x2, 0x7fffffff, 0x0, 0x200, 0x4, 0x9, 0x2, 0xbe3, 0x3, 0x3, 0x3, 0x7, 0xf9, 0x100, 0xfffffffffffffff9, 0x200000000, 0x7fff, 0x4, 0x1000, 0xa], [0x1f, 0x2, 0x3e, 0x1, 0x8, 0x6, 0x81, 0x100000001, 0x75, 0x1, 0x90, 0x9, 0x1, 0x62, 0x7, 0x0, 0x1, 0x1ff, 0x100, 0x10000, 0x81, 0x81, 0x4, 0x800, 0x18000000, 0x9, 0x9, 0x40, 0x10001, 0xfff, 0x3, 0x4, 0x7ff, 0x7, 0x0, 0x7ff, 0x7, 0x9c, 0x7, 0xa, 0x2, 0x8, 0x7ff, 0x6, 0x1, 0x1, 0x2b97, 0x9, 0x3, 0x7ff, 0x5, 0x5909aaf5, 0x1, 0xc0, 0x6, 0x0, 0x3ff, 0x5eb2, 0xfffffffffffffff8, 0x3, 0x10001, 0x7, 0x3c, 0x8], [0x3f, 0x6, 0x79f6, 0x3, 0x6, 0x80000001, 0x3, 0x3, 0x400, 0xffffffffffffff00, 0x8, 0x1f, 0x2, 0x3, 0x1, 0x3c, 0x101, 0x3, 0x7, 0x3, 0x0, 0x3ff, 0x0, 0xfffffffffffff6ce, 0x50dc, 0x6, 0x0, 0xa1a8, 0x7, 0x9df0, 0x6, 0xf14b, 0xffffffff, 0x4, 0x3, 0x2, 0x7, 0x9e, 0x6, 0x20, 0x1ff, 0x17e5, 0x9, 0x1000, 0x6, 0x81, 0xfffffffffffffff9, 0x2d66, 0x100, 0x1f, 0x2, 0xd4e8, 0x7, 0x3ff, 0xfffffffffffffa1f, 0x8001, 0xffffffffffffff8a, 0x38, 0x8, 0x7, 0x100, 0x4, 0x9, 0xf101], [0x3ff, 0x10001, 0x2, 0x5, 0xf0, 0x1, 0x7, 0x73, 0xd5c1, 0x1ff, 0x7, 0x37eb80000000000, 0x4, 0x54, 0x2, 0xfffffffffffffff9, 0x5545, 0x7ff, 0x9, 0x2, 0xffffffffffff8000, 0x3, 0xa61, 0x9, 0x900000, 0xfff, 0x7, 0x5, 0xffffffffffffffff, 0x80, 0xffffffff00000001, 0x36, 0x1000, 0x4, 0x5, 0x40, 0x5, 0xfff, 0x8, 0xff, 0x0, 0x40, 0x87, 0x1, 0x800, 0x9, 0x2, 0x80000001, 0x80000001, 0xd1, 0x200, 0xffff, 0xfd, 0xc4, 0x2, 0xa0000000, 0xfff, 0x5, 0xffffffffffffff32, 0x0, 0x5, 0x5, 0xfffffffffffffc01, 0x7]}, 0x45c) r2 = socket(0x10, 0x2, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r1, 0x40045730, &(0x7f0000000080)=0x100) dup2(r0, r2) write(r2, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1281.001378][T27649] FAULT_INJECTION: forcing a failure. [ 1281.001378][T27649] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1281.014745][T27649] CPU: 1 PID: 27649 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1281.022634][T27649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1281.032695][T27649] Call Trace: [ 1281.032717][T27649] dump_stack+0x1d8/0x2f8 [ 1281.032734][T27649] should_fail+0x608/0x860 [ 1281.032746][T27649] ? setup_fault_attr+0x2b0/0x2b0 [ 1281.032760][T27649] ? check_preemption_disabled+0x47/0x280 [ 1281.049755][T27649] should_fail_alloc_page+0x55/0x60 [ 1281.049768][T27649] prepare_alloc_pages+0x283/0x460 [ 1281.065747][T27649] __alloc_pages_nodemask+0x11c/0x790 [ 1281.071124][T27649] ? do_syscall_64+0xfe/0x140 [ 1281.075795][T27649] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1281.081331][T27649] ? kasan_check_write+0x14/0x20 [ 1281.086260][T27649] ? do_raw_spin_lock+0x143/0x3a0 [ 1281.091284][T27649] kmem_getpages+0x46/0x480 [ 1281.095781][T27649] cache_grow_begin+0x7e/0x2c0 [ 1281.100566][T27649] cache_alloc_refill+0x311/0x3f0 [ 1281.105580][T27649] ? check_preemption_disabled+0xb7/0x280 [ 1281.111297][T27649] kmem_cache_alloc_trace+0x29f/0x2c0 [ 1281.116660][T27649] ? btrfs_mount_root+0x215/0x1120 [ 1281.121767][T27649] btrfs_mount_root+0x215/0x1120 [ 1281.126697][T27649] ? smack_fs_context_dup+0x2e0/0x2e0 [ 1281.132061][T27649] ? btrfs_control_open+0x40/0x40 [ 1281.137078][T27649] ? vfs_parse_fs_string+0x1da/0x280 [ 1281.142353][T27649] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1281.148063][T27649] ? trace_kfree+0xb2/0x110 [ 1281.152556][T27649] ? vfs_parse_fs_string+0x1da/0x280 [ 1281.157826][T27649] ? kfree+0x1d/0x120 [ 1281.161800][T27649] ? vfs_parse_fs_string+0x1da/0x280 [ 1281.167094][T27649] ? logfc+0x710/0x710 [ 1281.171155][T27649] legacy_get_tree+0xf9/0x1a0 [ 1281.175821][T27649] ? btrfs_control_open+0x40/0x40 [ 1281.180836][T27649] vfs_get_tree+0x8f/0x360 [ 1281.185248][T27649] vfs_kern_mount+0xc2/0x160 [ 1281.189829][T27649] btrfs_mount+0x3f0/0x1a70 [ 1281.194324][T27649] ? alloc_fs_context+0x49a/0x580 [ 1281.199338][T27649] ? fs_context_for_mount+0x24/0x30 [ 1281.204527][T27649] ? do_mount+0x1200/0x2730 [ 1281.209018][T27649] ? ksys_mount+0xcc/0x100 [ 1281.213423][T27649] ? __x64_sys_mount+0xbf/0xd0 [ 1281.218174][T27649] ? do_syscall_64+0xfe/0x140 [ 1281.222840][T27649] ? fs_parse+0x1bd/0x10a0 [ 1281.227256][T27649] ? btrfs_resize_thread_pool+0x290/0x290 [ 1281.232970][T27649] ? smack_fs_context_parse_param+0x16a/0x3b0 [ 1281.239031][T27649] ? smack_fs_context_dup+0x2e0/0x2e0 [ 1281.244395][T27649] ? check_preemption_disabled+0x47/0x280 [ 1281.250110][T27649] ? vfs_parse_fs_string+0x1da/0x280 [ 1281.255387][T27649] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1281.261097][T27649] ? trace_kfree+0xb2/0x110 [ 1281.265594][T27649] ? vfs_parse_fs_string+0x1da/0x280 [ 1281.270874][T27649] ? kfree+0x1d/0x120 [ 1281.275025][T27649] ? vfs_parse_fs_string+0x1da/0x280 [ 1281.280302][T27649] ? logfc+0x710/0x710 [ 1281.284466][T27649] legacy_get_tree+0xf9/0x1a0 [ 1281.289140][T27649] ? btrfs_resize_thread_pool+0x290/0x290 [ 1281.294854][T27649] vfs_get_tree+0x8f/0x360 [ 1281.299265][T27649] do_mount+0x1813/0x2730 [ 1281.303588][T27649] ? check_preemption_disabled+0x47/0x280 [ 1281.309304][T27649] ? copy_mount_string+0x30/0x30 [ 1281.314236][T27649] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1281.319943][T27649] ? trace_kmalloc+0xcd/0x130 [ 1281.324611][T27649] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1281.330143][T27649] ? copy_mount_options+0x5f/0x360 [ 1281.335245][T27649] ? copy_mount_options+0x2c8/0x360 [ 1281.340438][T27649] ksys_mount+0xcc/0x100 [ 1281.344676][T27649] __x64_sys_mount+0xbf/0xd0 [ 1281.349260][T27649] do_syscall_64+0xfe/0x140 [ 1281.353755][T27649] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1281.359641][T27649] RIP: 0033:0x45bf6a [ 1281.363525][T27649] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1281.383117][T27649] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1281.391523][T27649] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a 03:44:42 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600000000000000}) 03:44:42 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e00014c0a0003ee001100000000000000", 0x39}], 0x1) 03:44:42 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) [ 1281.399488][T27649] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1281.407449][T27649] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1281.415412][T27649] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1281.423372][T27649] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:42 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000600)=ANY=[@ANYBLOB="0100000000000000010000800073eac9efbb704a46f492d6c0fd6c1fb8000000"]) r3 = socket(0x10, 0x0, 0x8) r4 = socket(0x14, 0x2, 0x0) setsockopt$inet_sctp_SCTP_HMAC_IDENT(r4, 0x84, 0x16, &(0x7f0000000000)={0xa, [0x4, 0x33, 0x2a50, 0x0, 0x9, 0x8, 0xfffffffffffffffb, 0xf5f, 0x7ff, 0x1]}, 0x18) dup2(r3, r4) write(r4, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1281.473901][T27658] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:42 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001600a0003ee001100000000000000", 0x39}], 0x1) [ 1281.646162][T27674] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:42 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0xb00, 0x0) 03:44:42 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700000000000000}) 03:44:42 executing program 0 (fault-call:2 fault-nth:78): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:42 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:44:42 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001680a0003ee001100000000000000", 0x39}], 0x1) 03:44:42 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) sendmsg$nl_netfilter(r1, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x41008002}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="a00100000707000128bd7000fcdbdf2507000009080054002e000000080048002b000000644740aaeb2a0fb97b492b1b886a989825108fcf7589781ba103f20efa8dfacaf0ab78d25bb6ff642ad656ae8bc5db9e1cfc89a4dd59705ceec1d8e1fd68a847aa579a5515e3236c71b7d2847620db57ef14b15e35a93265880299bbb80ffa1281dc7a0ea4cd7ec32504cceebf808a9a3fe9a8a2fcf9d76702d4f98cd98eecf0008a008ffb7bbb52363ad6dbc87a286dae18f1e0ac4fe85512e780f0ea9414008a00000000000000000000000000000000006000410082a08ab180b4fe761e2eb140f893ee662a47fc739a60c2d45f3d84abca719b0be7d182c9532846f3f476a35eaac776f4641734788c6ed37f4d47275dd69c48eacd00450b695f018c0d38173de2ce38e024671e5998c91d38980000000c002f0009000000000000005df95a533aa42a9958e2db8ede2f11640af0df759d67f6a388dbe411604937d263f8a274a519e7f0c1d1be062d5211a684924dacb7ded6c1765eb9782cc0d5315b7c24a95287c66fa52bb34a96655300000c001800080001000004000000db5f42c2d78ca1ea8e0ef47ee13f21bd703e8713237cce7f071275db22ad62c97c98dbd68cce8bc983e4e4e4174865536167d2a0a2ed4aa0f2141184d577f4186dcd1f964744a33850b7214f3d3df235af64c1e9523c9d36f1d137ed47fcac3501444452c1f4903040060f5e33e09b67f3c494bcbbb795299d34ea440db4aa16ff73446aa65afb7ee686d324b68bb3966517bc7b37adb11c484506af42cc597e05b07abbfa655b3fb8df2a987db940044b500500"/608], 0x1a0}, 0x1, 0x0, 0x0, 0x40000}, 0x4004000) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:42 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e00016c0a0003ee001100000000000000", 0x39}], 0x1) [ 1281.805310][T27680] FAULT_INJECTION: forcing a failure. [ 1281.805310][T27680] name failslab, interval 1, probability 0, space 0, times 0 [ 1281.838412][T27680] CPU: 0 PID: 27680 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1281.846362][T27680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1281.856418][T27680] Call Trace: [ 1281.859714][T27680] dump_stack+0x1d8/0x2f8 [ 1281.864053][T27680] should_fail+0x608/0x860 [ 1281.864068][T27680] ? setup_fault_attr+0x2b0/0x2b0 [ 1281.864087][T27680] __should_failslab+0x11a/0x160 [ 1281.864101][T27680] should_failslab+0x9/0x20 [ 1281.864111][T27680] kmem_cache_alloc_node_trace+0x6e/0x280 [ 1281.864118][T27680] ? __kmalloc_node+0x3c/0x60 [ 1281.864129][T27680] ? smack_sb_eat_lsm_opts+0x867/0xa20 [ 1281.864140][T27680] __kmalloc_node+0x3c/0x60 [ 1281.864151][T27680] kvmalloc_node+0xcc/0x130 [ 1281.864162][T27680] btrfs_mount_root+0x146/0x1120 [ 1281.864172][T27680] ? smack_fs_context_dup+0x2e0/0x2e0 [ 1281.864185][T27680] ? btrfs_control_open+0x40/0x40 [ 1281.888749][T27680] ? vfs_parse_fs_string+0x1da/0x280 [ 1281.888766][T27680] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1281.888777][T27680] ? trace_kfree+0xb2/0x110 [ 1281.888787][T27680] ? vfs_parse_fs_string+0x1da/0x280 [ 1281.888794][T27680] ? kfree+0x1d/0x120 [ 1281.888806][T27680] ? vfs_parse_fs_string+0x1da/0x280 03:44:42 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) r2 = dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x6c, &(0x7f0000000080)={0x0, 0x1000, "2bf1ae226d28ca62b32640456055ffb851b5b7108d67ccf9e0f40d5d1f3c3bdf766879d6a006005eb22470f6d3c2e8654f59b4ffcbb37aaa10170b6966e492929d5766a3a31015bc37878f0225f7b89cbc0697fa5c01857f74a85fb365133c495c6219aef4d05fc310be72d11e55625a23318075c002662fed8fcdd70cb2caf336484704f55d9419fc070aa55024732699f8dcd353783dbc46b19cc72dd4bc10aca903ffce4d12d0cab890133156ba95a4058c4faa1dbf719aa785a4cf880954831e0fdb4265e2506850274dfc7fa70d08766642ada216347cbe931e164ca7c62c0e5058424f2840feea94f77e454e3d628ee81e6a6c8d5ce47ec41d66e550ecf47e31349d3701345397133ae21542df1b7e2c534c0781ac3d42046f56c460f098c6521f0731f0a8def1555694f2a03382ea0e92be91c8d21cb851c20779467ab3fb1193d68d2ad8648844cb3f983f0fb747a9ee6a13b5416f811df4556576129dce30d4f0ff33eec6f5297ff2bbe5c869c2a631ed7aa186cb5d4a8a62ea4fa62bff90c237988e071a7b9ec155edf1ecb0a786cf1719d96398041a808072d2d5ef1591b85405fe259b6f7b701bce8e22308336d18a97d1f7b4aecfd87984b8216845a77a994a0fd3821e7cfd98e8f6d7731a66537e7ab69a72b88d643f322e0bcef2c8a2e0e494e76b6a068fcb4b4deb0b7fd045e8738f2f4f5c1d7493e63812d11f4aa0b3940ac146288b78c87de4c3315e248c2f1c1d8707774d9eed787a5a9c97b6da04684fc7b3ec85d1c9d4ca116a54c0b87a46eacfd3766f0e97993df139d21c9afcb257edfd7001ff79606075f82bb881edf77bbcbe889a0ab125596b016669171734756967b0c77d4a541ec7c755dfbe3cbdf914e3d35248bb2d9a5b31e2994637eed953aa3b541e4d4b509effe0fe5c76b1439e1f25e505a5e8808f43174a2adf2dd510ea28073f77390e8edc860fedbada8572cefb22e0835717ea8549312aa2ea5ae1b5277fee2edbdfdc52e9ba687cff7afd634ff689af63dc2c1fbb1e5bb11393b3a17d5dde89b358c704abc61b1b1ea1db9807313364875cfa950e7e9e92fb445ae7e06f4ecb4d7cdd185d6ef5bd7305a469cbcc5b00d2d268e1403966f1126c86d82fc44a1d948583d002d9637d1a9ccc86460b9b1d709bf71fbbad0207a386e8b9676eed53e5d7a07f22f08607890e3b6bc18e68e4c94d54f32a5f55b9ee2bce54d2c37c1ff30575ea2db9b51e98e0b3ac6c1f1d42aa44b78d1974e6ef2c65d806382ae73a5c611c463f7558d8ffc0f50bfcfd5c9894c6039a1073d5eaa08aa82763f1249de5f838d6ed05b43d946f4592071c5ca5ed4bac5c0c5a00edeec84b68f77a149b682081ad2c7a1ea54370253f00b1e2d87e810bdbe3acf2010b07957802114c76a04f8dd3a68a36748a762cb8bbfdde505c8847dc95641b2119433c4a14774c02f2aa8c7dcbe0093664f2f909b6b8e9d3846fe422bfd8083fcd4787c3e5c86544f6a946824794b8e1a8acdf3f6594047c4ca0547699a4ba48110107368cd6d6e76b5ca676f000967697d3d645d7dc02d48bf8a8bfc9c2a41a114b5563f63a56e6c98d7eb318b68f71d7763346a270b1f59a4ea10ca008be1e6e60949f313de8f20cbcaf0c4dd1ef2ddafb384f7546c181784d9bee63da720a2fedbe660dfb77bdf809be2e539261cc655d4830c16ea249f751f99e40051ce8b3fed7f6598466b1c4b412013bca96bde602ac1fba40364236c451644673b20c7e971a61941efe2d281d81ecda4022a444a926ba5d07b634f72f93a41ed069644a9b6054bffa75185fea64ceec831ef5a68b12376cf5fba41adc30d5aef683f39046a82088a4e7c4b360c2cedd285408bacbabd7b96f78c82023c901a1a345cb755b4d5c9c441db7d413a4ff3cb5c0d8eaec9a0f68c03a5e4365f1b5f58e9391baf2bab7b426a850506910062ebe801820b5b42130523a28b9326ebfed7fa8a1de5d4e620aed8e467a1d1fa3e60485d8bb3ae6dbabcd5b598d03db6ab950d993b4c2b5a0be6399a65818ccbddfe9e2fb196a5880f576e0410a4dfde88ea94b50f834b11af33d8e964f6c3b2758f524b5c967aa431577c711f67b422c7622bac323bf09e449a27b93a3530a91da9e4bb2cd74a2175ef0b693f42cb89160af2bc32eecd18aac81a59c2c300581aad20efed3902d68711ca063630c477129ed700cbef2f309b2819164c59b895c50cd9bc763b686a8d16b7d6546bf3ca67acf295f104f44ade806e51817adf76f8bd818d042a11309597b957a401cf03a6458d7d91c2637ae87b5c22c08d0e3bc96fec4f784b3fb716f9dfa2cbf358bd0de36fe4e5fa8789aea959631d2ffb4b653a560504dbd9cb4f60f69dae6cf94b948a14d96dac37173b181b5c7b5347acb6a50c671668b078c7cc037259e00d8967f8404f3476ecd4fba4b5caace8900169e1d1b23c62b7a548ba53228e4f079dc2f161492165d07dc81fe69d3cda5888ffe664f94bf5c0e7f2a0a24f3e03f426d6b4ca97a9f8bdbb013d6adaf9cb25a0b24c17c9120771d92f94ecb9ced26ce4686c7bac1fcaa8687ecd8ce6418760d833cc0ab570f6a11ae4ae8c3c7281600d0cf02da1a5e7e181ac7d099a682c8ab16e69c736e09360aa1b59f3bdd48ab52153ff53c626ba2f6d304cf93f464a4eaddbd824d7e652e5ea4a48259dd0938a592b319f2553d2cd383165662ad8d810368f8333fb9190b7f3209625db6559c01565a9871d6ac9b1a39f814c73eed8bcfd16e087a378375d2d934ebdff82ca6e96f5afde180632142bcb32510888faf070655009c25a9fb8ffda1f57415dc3d48ed9547bff981158e854119ebad46049460e0b4eecfcdfc39b2aadd58f7d7a91042e0d8f9045774fdcce2c4b07c0cadfc22574d48c2e4f70bd026f318b8fc9a9be8b4701174c5d29211d087e41a09294d263baa7c8428a7ee9bfeb4e9c4df5aa284a6f683ce16184e5a51c57c671b33a8da6f1ab4a78f0195770b7d638dd23a5a0bc6125fa25bdac1b6235a3b670d4d2cfde84df310f2990a67efa432f700ac1613ca2e8f0b705938112535e71f789294f55f4fe0550cc4d5a5ef94bca96cc9277d3821934f085db96738ef7a75644d0b8c2e7269b378c0a473b58d8e075adec5332946e2965ebb24598ef718e7c810637f6e1ff565345e93b25aad51d0bd1b7fe53c534efccd229579923826471591f49c93f6970db71ec98494abf4d17ddabddc012d4bc9923f70ea335fa40d2b52757a92a749608f5e017a8c1aea4f7de4447ca65c418f30b247c51c839de742fdb03a06cf93d8a03f261db603afc90b83057d3c503d93e22f84709a6887b76a68eaa1eaf58b422b2497796576b95ca65da01427189553326ab1a84db92c003f2c457ecd42a38019786dba05eff7298edc93b3c4a30ff0bb7820f73fbd084a6d0e3052d475859f76820883fae9fd0f36796364f73a693fd424de9c76883a3e7118e00e1aab8f9c8513ff6e0773cdc220b7624b826ad4d4566e93a9424982f3ac45bb82b676c448c5bc5fc8dce8d421206ea217996075329207e2aa08bd5adf52c18377187b0d67074c549fdbf0ef7ce316e74f3405cc43a8d157c2995ce9e25c4cab2ce57b64cf3f6519a5d61258d1b415c1cf787328ad82d11bb49f9da379fe85ea997c4381eb8bc0b0e9ba919979258aeb4681c5c914ed2ec46837a1b1f5cd9fe3e6312b200b8f1be22f4df25f5f617aaaca79e4fae3b728f07a3e16f3c50aa27ff8626fdb7a4b3e3bd89c6671289adb15faeedeb76852ab893e41e9090053db03cf5d41273898a9141fab2982e8a51093d64857449bb7c5dd594876501842de53d27face1f840699be919d9150c79cb23a6207a4eea7747ca23c943dbda104db54b99757bc76d61d6834d754083a0c25985b1458235a1fece84fec3074db4b46301667ab682f667acd13ec566c7a97a3fbc98accb16c5c0b48d8e566554c9eea315c19db844034d450d50276343c02280d472c712c28a63bea79ceefa20e1189430ef6dd95c0c16837561f16e60947d6a27edca3f4e0d20394321e1d8ae0a19267e3c19d28032b7b359132b732ed08b7be5137df5b34a0005158ef1008bb1d6f43c72c3458941b8a27d95296570aa4e1e2654a3fe0b2d9303575b394db4264b151bc982b757a779c94041f0b31483585840209bd409681d1aaf8733e1ec508fb17dccd49a6fc04f3f42cf02d2f676e3f27aeb14001463f112e9a246da5539bf4af0e8c4fa6763e501cf12c06c6ab7a4007aeea96536408e59164156bfae92d0142dfa36e4f8b8a981c86dfbd33dc618195b3cd0b98aa7d503225a7803d8df89885a6828495129c42ebb015b19860c2c3a258096720fb397f68856d31b10887ba5364b370fd77fea2c9b9071101a8f832f2e9064a06b64eec08c32bcd0c02218f583a3fa32469b62c01533105dbbc4f2685b83095d7a528a7a4cb5fc0dd07b7cb76061784c341863a5dc28e6c2b5a073a66cb09a71c75a5d6d411b38a264f595e79b69d68e89ccdd7cbee9f4b3723e119196e09396a5856ce100e2f3e680b3673e8a6c40a764244a4c67a2e7934266fa5a2b62c6b75198b1ca7d58c2c8dc99f6db54eac68f4b529ec9ae4f146f75304eb939cfa02c4d13ed2343b91cc0bf45ba745ebc15e1fee055ae0540c33e65bf25a65d843ed29cbe9503ca3ebe14161b19ea98081dc9f9f342bf1dfc6f857ca4022fa9d4b613c098f4e8f8fedd3629d3c177d39afb5ee070891a44fd9756bbd2e101567ccd6cb0d64d6e2a5e98bec5cff38596a846e796d311c0fe519983793a61d48e2f6e10f70650ef4e6b996527aa67072af93c4d61c89797ca741940cef2fb512928733bd798d60b42cb2207a3cd35a395da8af67dddded3cf33899937e260bcd465a8249caa06209d9fc1a2be8c6590ceafb313c95c39c5f42c5522b70c2f4c520862f3f1652a60da58a27245195b37cceea74ff90a3b2f5fa7be33722ab81c30f8e8d2bcde56f625e89dc895c0456a83bb86f7d4c6dc2d65346c3044189efb95f9911f4a1bfa04363921b08ff470a372321eae92ecfdd7d3cc11b48af90e94d5ac08322ceb062c6263d7c4be3beef3186dcf1d77a699c3fab86b47edced33b667c00329e6fc9a05c9abd46e98be70efb8c60c6245a5716dc2532d684dde84ec16661d08e6cd7341a7755716303c3bb3cb679bf3abc350bf0aa841f7153e58d88c06c4b01f8bf20ee9e9029c84997319c60374bbbc1c4729cb3dc3d9627fd6334fa7af65a6c9e6b058b0349bb50d7e360cf97efc0fe6a1b53aefd7d67b1f5c114d70c2e6653d7867bf03a269e33c390aecb54960c550b0788c11b5712b8bfc8e8675f6faa56777c4a974a2229071253860686729e995b14e0199c0f07a652dc4a16522c7d40a7dc0f581bede4ab572967d5a0f644956762a71dcc6416894f9b0639e9704644b67b309694ee4e81d5627e9c3b5485cbb4b57c77d24cf50cf528c2b99a1c3064c9dd7d16792b8da84231f87c5efe12f41dcee01fd822050e3245933a5ffd85ba5e21549b3a48f29ec78056df2f5ac4d12cf4308afcd21566336d90f3ca3a572ea42d0acde0aef232cbb927841f4cbc8a13031d86f44bfcaa4bedad6acde8220930eed03471a10d89ac930c7ae111c96c2c9cbc9f0e7d841c256513cedf8ff510edb987ec132428cfb91fbb50246df6feeba2fa943108189984edb822072c2fe2614ed2abc8bf25485c55a2725ddc4d892947b0d33081048ac4e7"}, &(0x7f0000000000)=0x1008) setsockopt$inet_sctp_SCTP_ADD_STREAMS(r2, 0x84, 0x79, &(0x7f00000010c0)={r3, 0x5, 0x7}, 0x8) 03:44:42 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000000}) [ 1281.903392][T27680] ? logfc+0x710/0x710 [ 1281.903406][T27680] legacy_get_tree+0xf9/0x1a0 [ 1281.918161][T27680] ? btrfs_control_open+0x40/0x40 [ 1281.918177][T27680] vfs_get_tree+0x8f/0x360 [ 1281.918193][T27680] vfs_kern_mount+0xc2/0x160 [ 1281.918205][T27680] btrfs_mount+0x3f0/0x1a70 [ 1281.918220][T27680] ? alloc_fs_context+0x49a/0x580 [ 1281.918227][T27680] ? fs_context_for_mount+0x24/0x30 [ 1281.918234][T27680] ? do_mount+0x1200/0x2730 [ 1281.918240][T27680] ? ksys_mount+0xcc/0x100 [ 1281.918248][T27680] ? __x64_sys_mount+0xbf/0xd0 [ 1281.918260][T27680] ? do_syscall_64+0xfe/0x140 [ 1281.918274][T27680] ? fs_parse+0x1bd/0x10a0 [ 1281.934256][T27680] ? btrfs_resize_thread_pool+0x290/0x290 [ 1281.934272][T27680] ? smack_fs_context_parse_param+0x16a/0x3b0 [ 1281.934283][T27680] ? smack_fs_context_dup+0x2e0/0x2e0 [ 1281.934294][T27680] ? check_preemption_disabled+0x47/0x280 [ 1281.934311][T27680] ? vfs_parse_fs_string+0x1da/0x280 [ 1281.934325][T27680] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1281.934337][T27680] ? trace_kfree+0xb2/0x110 [ 1281.944086][T27680] ? vfs_parse_fs_string+0x1da/0x280 [ 1281.944096][T27680] ? kfree+0x1d/0x120 [ 1281.944109][T27680] ? vfs_parse_fs_string+0x1da/0x280 [ 1281.944119][T27680] ? logfc+0x710/0x710 [ 1281.944130][T27680] legacy_get_tree+0xf9/0x1a0 [ 1281.944141][T27680] ? btrfs_resize_thread_pool+0x290/0x290 [ 1281.944153][T27680] vfs_get_tree+0x8f/0x360 [ 1281.944165][T27680] do_mount+0x1813/0x2730 [ 1281.944177][T27680] ? check_preemption_disabled+0x47/0x280 [ 1281.944191][T27680] ? copy_mount_string+0x30/0x30 [ 1281.944204][T27680] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1281.944212][T27680] ? trace_kmalloc+0xcd/0x130 [ 1281.944222][T27680] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1281.944228][T27680] ? copy_mount_options+0x5f/0x360 [ 1281.944239][T27680] ? copy_mount_options+0x2c8/0x360 [ 1281.944252][T27680] ksys_mount+0xcc/0x100 [ 1281.953479][T27680] __x64_sys_mount+0xbf/0xd0 [ 1281.967866][T27680] do_syscall_64+0xfe/0x140 [ 1281.967889][T27680] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1281.967900][T27680] RIP: 0033:0x45bf6a 03:44:42 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001740a0003ee001100000000000000", 0x39}], 0x1) [ 1281.967913][T27680] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1281.967921][T27680] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1281.967941][T27680] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a [ 1281.967950][T27680] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1281.967959][T27680] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1281.967968][T27680] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1281.967977][T27680] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:42 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e00017a0a0003ee001100000000000000", 0x39}], 0x1) 03:44:42 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x0) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) [ 1282.280802][T27701] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1282.431877][T27715] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:43 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0xb03, 0x0) 03:44:43 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x8000000000002, 0x0) setsockopt$bt_BT_FLUSHABLE(r1, 0x112, 0x8, &(0x7f0000000080)=0x3, 0x4) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'ip6gretap0\x00'}) 03:44:43 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x900000000000000}) 03:44:43 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001000c0003ee001100000000000000", 0x39}], 0x1) 03:44:43 executing program 0 (fault-call:2 fault-nth:79): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:43 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x0) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) [ 1282.606437][T27725] FAULT_INJECTION: forcing a failure. [ 1282.606437][T27725] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1282.619799][T27725] CPU: 0 PID: 27725 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1282.627687][T27725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1282.637739][T27725] Call Trace: [ 1282.641037][T27725] dump_stack+0x1d8/0x2f8 [ 1282.645368][T27725] should_fail+0x608/0x860 [ 1282.649781][T27725] ? setup_fault_attr+0x2b0/0x2b0 [ 1282.654806][T27725] ? __kasan_kmalloc+0x178/0x1b0 [ 1282.659931][T27725] should_fail_alloc_page+0x55/0x60 [ 1282.665119][T27725] prepare_alloc_pages+0x283/0x460 [ 1282.670228][T27725] __alloc_pages_nodemask+0x11c/0x790 [ 1282.675602][T27725] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1282.681662][T27725] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1282.687196][T27725] ? stack_trace_save+0x111/0x1e0 [ 1282.692217][T27725] ? should_fail+0x182/0x860 [ 1282.696802][T27725] ? check_preemption_disabled+0x47/0x280 [ 1282.702515][T27725] kmem_getpages+0x46/0x480 [ 1282.707013][T27725] cache_grow_begin+0x7e/0x2c0 [ 1282.711773][T27725] cache_alloc_refill+0x311/0x3f0 [ 1282.716792][T27725] ? check_preemption_disabled+0xb7/0x280 [ 1282.722505][T27725] kmem_cache_alloc_trace+0x29f/0x2c0 [ 1282.727874][T27725] ? btrfs_mount_root+0x18f/0x1120 [ 1282.732981][T27725] btrfs_mount_root+0x18f/0x1120 [ 1282.737913][T27725] ? smack_fs_context_dup+0x2e0/0x2e0 [ 1282.743280][T27725] ? btrfs_control_open+0x40/0x40 [ 1282.748310][T27725] ? vfs_parse_fs_string+0x1da/0x280 [ 1282.753601][T27725] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1282.759315][T27725] ? trace_kfree+0xb2/0x110 [ 1282.763810][T27725] ? vfs_parse_fs_string+0x1da/0x280 [ 1282.769085][T27725] ? kfree+0x1d/0x120 [ 1282.773062][T27725] ? vfs_parse_fs_string+0x1da/0x280 [ 1282.778347][T27725] ? logfc+0x710/0x710 [ 1282.782415][T27725] legacy_get_tree+0xf9/0x1a0 [ 1282.787082][T27725] ? btrfs_control_open+0x40/0x40 [ 1282.792106][T27725] vfs_get_tree+0x8f/0x360 [ 1282.796526][T27725] vfs_kern_mount+0xc2/0x160 [ 1282.802604][T27725] btrfs_mount+0x3f0/0x1a70 [ 1282.807105][T27725] ? alloc_fs_context+0x49a/0x580 [ 1282.812124][T27725] ? fs_context_for_mount+0x24/0x30 [ 1282.817316][T27725] ? do_mount+0x1200/0x2730 [ 1282.821814][T27725] ? ksys_mount+0xcc/0x100 [ 1282.826227][T27725] ? __x64_sys_mount+0xbf/0xd0 [ 1282.830981][T27725] ? do_syscall_64+0xfe/0x140 [ 1282.835655][T27725] ? fs_parse+0x1bd/0x10a0 [ 1282.840067][T27725] ? btrfs_resize_thread_pool+0x290/0x290 [ 1282.845786][T27725] ? smack_fs_context_parse_param+0x16a/0x3b0 [ 1282.851847][T27725] ? smack_fs_context_dup+0x2e0/0x2e0 [ 1282.857216][T27725] ? check_preemption_disabled+0x47/0x280 [ 1282.862937][T27725] ? vfs_parse_fs_string+0x1da/0x280 [ 1282.868217][T27725] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1282.873930][T27725] ? trace_kfree+0xb2/0x110 [ 1282.878423][T27725] ? vfs_parse_fs_string+0x1da/0x280 [ 1282.883698][T27725] ? kfree+0x1d/0x120 [ 1282.887678][T27725] ? vfs_parse_fs_string+0x1da/0x280 [ 1282.892960][T27725] ? logfc+0x710/0x710 [ 1282.897024][T27725] legacy_get_tree+0xf9/0x1a0 [ 1282.901691][T27725] ? btrfs_resize_thread_pool+0x290/0x290 [ 1282.907401][T27725] vfs_get_tree+0x8f/0x360 [ 1282.911813][T27725] do_mount+0x1813/0x2730 [ 1282.916135][T27725] ? check_preemption_disabled+0x47/0x280 [ 1282.921863][T27725] ? copy_mount_string+0x30/0x30 [ 1282.926791][T27725] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1282.932507][T27725] ? trace_kmalloc+0xcd/0x130 [ 1282.937186][T27725] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1282.942724][T27725] ? copy_mount_options+0x5f/0x360 [ 1282.947830][T27725] ? copy_mount_options+0x2c8/0x360 [ 1282.953028][T27725] ksys_mount+0xcc/0x100 [ 1282.957276][T27725] __x64_sys_mount+0xbf/0xd0 [ 1282.961874][T27725] do_syscall_64+0xfe/0x140 [ 1282.966372][T27725] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1282.972254][T27725] RIP: 0033:0x45bf6a [ 1282.976144][T27725] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1282.995736][T27725] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 03:44:43 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e000100250003ee001100000000000000", 0x39}], 0x1) 03:44:43 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00000000000000}) 03:44:43 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r0) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1283.004137][T27725] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a [ 1283.012100][T27725] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1283.020067][T27725] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1283.028036][T27725] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1283.035999][T27725] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:43 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x0) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:44:43 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e000100400003ee001100000000000000", 0x39}], 0x1) 03:44:43 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = syz_open_dev$amidi(&(0x7f00000000c0)='/dev/amidi#\x00', 0x8c6, 0x4402) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000200)={0x0, r1, 0x0, 0xc, &(0x7f00000001c0)='/dev/amidi#\x00'}, 0x30) fcntl$setownex(r1, 0xf, &(0x7f0000000240)={0x2, r2}) r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ubi_ctrl\x00', 0x80, 0x0) fsetxattr$trusted_overlay_redirect(r3, &(0x7f0000000140)='trusted.overlay.redirect\x00', &(0x7f0000000180)='./file0\x00', 0x8, 0x1) write$P9_RFSYNC(r3, &(0x7f0000000000)={0x28f, 0x33, 0x4}, 0x5) socket(0x5, 0x80a, 0xd6e) r4 = socket(0x10, 0x2, 0x0) r5 = dup2(r0, r4) ioctl$sock_ifreq(r5, 0x8920, &(0x7f0000000080)={'batadv0\x00', @ifru_mtu=0x80000001}) write(r4, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1283.127306][T27732] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1283.202526][T27745] __nla_validate_parse: 24 callbacks suppressed [ 1283.202532][T27745] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1283.252931][T27748] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1283.310141][T27753] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:44 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0xc00, 0x0) 03:44:44 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00000000000000}) 03:44:44 executing program 0 (fault-call:2 fault-nth:80): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:44 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e000162b70003ee001100000000000000", 0x39}], 0x1) 03:44:44 executing program 2: r0 = socket(0x1, 0x0, 0x4) r1 = socket(0x10, 0x2, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffff9c, 0x0, 0x1, &(0x7f0000000000)='\x00'}, 0x30) r3 = getpid() r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ubi_ctrl\x00', 0x101000, 0x0) getsockopt$inet_opts(r4, 0x0, 0xd, &(0x7f00000001c0)=""/118, &(0x7f0000000240)=0x76) r5 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r5, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfec7be070") bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000180)={0xffffffffffffffff, 0xe, 0x0, 0x0, 0x0}, 0x20) kcmp$KCMP_EPOLL_TFD(r2, r3, 0x7, r1, &(0x7f0000000100)={r4, r0}) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) inotify_init() connect$bt_l2cap(r0, &(0x7f0000000140)={0x1f, 0x3, {0x1000000000000000, 0x0, 0x97c2, 0x7, 0x3, 0x8}, 0x7, 0x1}, 0xe) 03:44:44 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(0xffffffffffffffff, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:44:44 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) setsockopt$netrom_NETROM_IDLE(r1, 0x103, 0x7, &(0x7f0000000000)=0x3, 0x4) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:44 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc00000000000000}) [ 1283.463094][T27763] FAULT_INJECTION: forcing a failure. [ 1283.463094][T27763] name failslab, interval 1, probability 0, space 0, times 0 [ 1283.477060][T27763] CPU: 0 PID: 27763 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1283.484961][T27763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1283.495012][T27763] Call Trace: [ 1283.498306][T27763] dump_stack+0x1d8/0x2f8 [ 1283.502658][T27763] should_fail+0x608/0x860 [ 1283.507082][T27763] ? setup_fault_attr+0x2b0/0x2b0 [ 1283.512123][T27763] __should_failslab+0x11a/0x160 [ 1283.517058][T27763] ? getname_kernel+0x59/0x2f0 [ 1283.521821][T27763] should_failslab+0x9/0x20 [ 1283.526319][T27763] kmem_cache_alloc+0x56/0x2b0 [ 1283.531079][T27763] ? btrfs_mount+0x3f0/0x1a70 [ 1283.535744][T27763] ? legacy_get_tree+0xf9/0x1a0 [ 1283.540585][T27763] getname_kernel+0x59/0x2f0 [ 1283.545168][T27763] kern_path+0x1f/0x40 [ 1283.549225][T27763] blkdev_get_by_path+0xb5/0x2d0 [ 1283.554155][T27763] ? bd_may_claim+0xc0/0xc0 [ 1283.558661][T27763] btrfs_scan_one_device+0x105/0x520 [ 1283.563939][T27763] ? lockdep_hardirqs_on+0x3c5/0x7d0 [ 1283.569214][T27763] ? btrfs_free_stale_devices+0x7f0/0x7f0 [ 1283.574930][T27763] ? trace_hardirqs_on+0x74/0x80 [ 1283.579865][T27763] btrfs_mount_root+0x548/0x1120 [ 1283.584802][T27763] ? btrfs_control_open+0x40/0x40 [ 1283.589829][T27763] ? vfs_parse_fs_string+0x1da/0x280 [ 1283.595102][T27763] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1283.600815][T27763] ? trace_kfree+0xb2/0x110 [ 1283.605315][T27763] ? vfs_parse_fs_string+0x1da/0x280 [ 1283.610589][T27763] ? kfree+0x1d/0x120 [ 1283.614560][T27763] ? vfs_parse_fs_string+0x1da/0x280 [ 1283.619835][T27763] ? logfc+0x710/0x710 [ 1283.623897][T27763] legacy_get_tree+0xf9/0x1a0 [ 1283.628565][T27763] ? btrfs_control_open+0x40/0x40 [ 1283.633579][T27763] vfs_get_tree+0x8f/0x360 [ 1283.638000][T27763] vfs_kern_mount+0xc2/0x160 [ 1283.642584][T27763] btrfs_mount+0x3f0/0x1a70 [ 1283.647082][T27763] ? alloc_fs_context+0x49a/0x580 [ 1283.652100][T27763] ? fs_context_for_mount+0x24/0x30 [ 1283.657287][T27763] ? do_mount+0x1200/0x2730 [ 1283.661780][T27763] ? ksys_mount+0xcc/0x100 [ 1283.666196][T27763] ? __x64_sys_mount+0xbf/0xd0 [ 1283.670952][T27763] ? do_syscall_64+0xfe/0x140 [ 1283.675621][T27763] ? fs_parse+0x1bd/0x10a0 [ 1283.680036][T27763] ? btrfs_resize_thread_pool+0x290/0x290 [ 1283.685748][T27763] ? smack_fs_context_parse_param+0x16a/0x3b0 [ 1283.691806][T27763] ? smack_fs_context_dup+0x2e0/0x2e0 [ 1283.697168][T27763] ? check_preemption_disabled+0x47/0x280 [ 1283.702884][T27763] ? vfs_parse_fs_string+0x1da/0x280 [ 1283.708160][T27763] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1283.713869][T27763] ? trace_kfree+0xb2/0x110 [ 1283.718361][T27763] ? vfs_parse_fs_string+0x1da/0x280 [ 1283.723634][T27763] ? kfree+0x1d/0x120 [ 1283.727612][T27763] ? vfs_parse_fs_string+0x1da/0x280 [ 1283.732895][T27763] ? logfc+0x710/0x710 [ 1283.736961][T27763] legacy_get_tree+0xf9/0x1a0 [ 1283.741627][T27763] ? btrfs_resize_thread_pool+0x290/0x290 [ 1283.747342][T27763] vfs_get_tree+0x8f/0x360 [ 1283.751753][T27763] do_mount+0x1813/0x2730 [ 1283.756087][T27763] ? check_preemption_disabled+0x47/0x280 [ 1283.761810][T27763] ? copy_mount_string+0x30/0x30 [ 1283.766741][T27763] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1283.772459][T27763] ? trace_kmalloc+0xcd/0x130 [ 1283.777135][T27763] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1283.782671][T27763] ? copy_mount_options+0x5f/0x360 [ 1283.787784][T27763] ? copy_mount_options+0x2c8/0x360 [ 1283.792973][T27763] ksys_mount+0xcc/0x100 [ 1283.797210][T27763] __x64_sys_mount+0xbf/0xd0 [ 1283.802281][T27763] do_syscall_64+0xfe/0x140 [ 1283.806791][T27763] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1283.812685][T27763] RIP: 0033:0x45bf6a [ 1283.816575][T27763] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1283.836170][T27763] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1283.844573][T27763] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a [ 1283.852534][T27763] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1283.860495][T27763] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1283.868459][T27763] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1283.876425][T27763] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1283.893044][T27767] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 03:44:44 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(0xffffffffffffffff, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:44:44 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e000103c70003ee001100000000000000", 0x39}], 0x1) 03:44:44 executing program 0 (fault-call:2 fault-nth:81): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:44 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd00000000000000}) [ 1283.960375][T27775] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1284.005146][T27773] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1284.033379][T27784] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1284.058137][T27782] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1284.102296][T27786] FAULT_INJECTION: forcing a failure. [ 1284.102296][T27786] name failslab, interval 1, probability 0, space 0, times 0 [ 1284.122738][T27786] CPU: 0 PID: 27786 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1284.130662][T27786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1284.140711][T27786] Call Trace: [ 1284.144005][T27786] dump_stack+0x1d8/0x2f8 [ 1284.148337][T27786] should_fail+0x608/0x860 [ 1284.152772][T27786] ? setup_fault_attr+0x2b0/0x2b0 [ 1284.157805][T27786] __should_failslab+0x11a/0x160 [ 1284.162738][T27786] should_failslab+0x9/0x20 [ 1284.167240][T27786] kmem_cache_alloc_trace+0x5d/0x2c0 [ 1284.172522][T27786] ? btrfs_mount_root+0x215/0x1120 [ 1284.177655][T27786] btrfs_mount_root+0x215/0x1120 [ 1284.182592][T27786] ? smack_fs_context_dup+0x2e0/0x2e0 [ 1284.187958][T27786] ? btrfs_control_open+0x40/0x40 [ 1284.192984][T27786] ? vfs_parse_fs_string+0x1da/0x280 [ 1284.198264][T27786] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1284.203978][T27786] ? trace_kfree+0xb2/0x110 [ 1284.208473][T27786] ? vfs_parse_fs_string+0x1da/0x280 [ 1284.213748][T27786] ? kfree+0x1d/0x120 [ 1284.217723][T27786] ? vfs_parse_fs_string+0x1da/0x280 [ 1284.223003][T27786] ? logfc+0x710/0x710 [ 1284.227070][T27786] legacy_get_tree+0xf9/0x1a0 [ 1284.231743][T27786] ? btrfs_control_open+0x40/0x40 [ 1284.236767][T27786] vfs_get_tree+0x8f/0x360 [ 1284.241178][T27786] vfs_kern_mount+0xc2/0x160 [ 1284.245761][T27786] btrfs_mount+0x3f0/0x1a70 [ 1284.250257][T27786] ? alloc_fs_context+0x49a/0x580 [ 1284.255272][T27786] ? fs_context_for_mount+0x24/0x30 [ 1284.260458][T27786] ? do_mount+0x1200/0x2730 [ 1284.264948][T27786] ? ksys_mount+0xcc/0x100 [ 1284.269350][T27786] ? __x64_sys_mount+0xbf/0xd0 [ 1284.274110][T27786] ? do_syscall_64+0xfe/0x140 [ 1284.278783][T27786] ? fs_parse+0x1bd/0x10a0 [ 1284.283197][T27786] ? btrfs_resize_thread_pool+0x290/0x290 [ 1284.288914][T27786] ? smack_fs_context_parse_param+0x16a/0x3b0 [ 1284.295058][T27786] ? smack_fs_context_dup+0x2e0/0x2e0 [ 1284.300424][T27786] ? check_preemption_disabled+0x47/0x280 [ 1284.306143][T27786] ? vfs_parse_fs_string+0x1da/0x280 [ 1284.311422][T27786] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1284.317133][T27786] ? trace_kfree+0xb2/0x110 [ 1284.321627][T27786] ? vfs_parse_fs_string+0x1da/0x280 [ 1284.326901][T27786] ? kfree+0x1d/0x120 [ 1284.330876][T27786] ? vfs_parse_fs_string+0x1da/0x280 [ 1284.336153][T27786] ? logfc+0x710/0x710 [ 1284.340214][T27786] legacy_get_tree+0xf9/0x1a0 [ 1284.344885][T27786] ? btrfs_resize_thread_pool+0x290/0x290 [ 1284.350595][T27786] vfs_get_tree+0x8f/0x360 [ 1284.355003][T27786] do_mount+0x1813/0x2730 [ 1284.359329][T27786] ? check_preemption_disabled+0x47/0x280 [ 1284.365043][T27786] ? copy_mount_string+0x30/0x30 [ 1284.369975][T27786] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1284.375692][T27786] ? trace_kmalloc+0xcd/0x130 [ 1284.380375][T27786] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1284.385913][T27786] ? copy_mount_options+0x5f/0x360 [ 1284.391021][T27786] ? copy_mount_options+0x2c8/0x360 [ 1284.396210][T27786] ksys_mount+0xcc/0x100 [ 1284.400446][T27786] __x64_sys_mount+0xbf/0xd0 [ 1284.405038][T27786] do_syscall_64+0xfe/0x140 [ 1284.409541][T27786] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1284.415423][T27786] RIP: 0033:0x45bf6a [ 1284.419316][T27786] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1284.438912][T27786] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1284.447312][T27786] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a [ 1284.455273][T27786] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1284.463236][T27786] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1284.471198][T27786] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1284.479163][T27786] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:45 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0xd00, 0x0) 03:44:45 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe00000000000000}) 03:44:45 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e000114e40003ee001100000000000000", 0x39}], 0x1) 03:44:45 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) setsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000000)=0x7, 0x4) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:45 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(0xffffffffffffffff, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:44:45 executing program 0 (fault-call:2 fault-nth:82): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 1284.623235][T27796] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1284.640909][T27798] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1284.667015][T27801] FAULT_INJECTION: forcing a failure. [ 1284.667015][T27801] name failslab, interval 1, probability 0, space 0, times 0 [ 1284.699489][T27801] CPU: 1 PID: 27801 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1284.707406][T27801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1284.717457][T27801] Call Trace: [ 1284.720749][T27801] dump_stack+0x1d8/0x2f8 [ 1284.724227][T27810] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1284.725076][T27801] should_fail+0x608/0x860 [ 1284.725092][T27801] ? setup_fault_attr+0x2b0/0x2b0 [ 1284.725114][T27801] __should_failslab+0x11a/0x160 [ 1284.748620][T27801] should_failslab+0x9/0x20 [ 1284.753119][T27801] kmem_cache_alloc_trace+0x5d/0x2c0 [ 1284.758397][T27801] ? btrfs_mount_root+0x215/0x1120 [ 1284.763503][T27801] btrfs_mount_root+0x215/0x1120 [ 1284.768439][T27801] ? smack_fs_context_dup+0x2e0/0x2e0 [ 1284.773812][T27801] ? btrfs_control_open+0x40/0x40 [ 1284.778840][T27801] ? vfs_parse_fs_string+0x1da/0x280 [ 1284.784130][T27801] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1284.789849][T27801] ? trace_kfree+0xb2/0x110 [ 1284.794350][T27801] ? vfs_parse_fs_string+0x1da/0x280 [ 1284.797409][T27817] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1284.800671][T27801] ? kfree+0x1d/0x120 [ 1284.800682][T27801] ? vfs_parse_fs_string+0x1da/0x280 [ 1284.800692][T27801] ? logfc+0x710/0x710 [ 1284.800703][T27801] legacy_get_tree+0xf9/0x1a0 [ 1284.800714][T27801] ? btrfs_control_open+0x40/0x40 [ 1284.800726][T27801] vfs_get_tree+0x8f/0x360 [ 1284.800741][T27801] vfs_kern_mount+0xc2/0x160 [ 1284.800752][T27801] btrfs_mount+0x3f0/0x1a70 [ 1284.800765][T27801] ? alloc_fs_context+0x49a/0x580 [ 1284.800774][T27801] ? fs_context_for_mount+0x24/0x30 [ 1284.800781][T27801] ? do_mount+0x1200/0x2730 [ 1284.800792][T27801] ? ksys_mount+0xcc/0x100 [ 1284.865400][T27801] ? __x64_sys_mount+0xbf/0xd0 [ 1284.870164][T27801] ? do_syscall_64+0xfe/0x140 [ 1284.874844][T27801] ? fs_parse+0x1bd/0x10a0 [ 1284.879268][T27801] ? btrfs_resize_thread_pool+0x290/0x290 [ 1284.884985][T27801] ? smack_fs_context_parse_param+0x16a/0x3b0 [ 1284.891049][T27801] ? smack_fs_context_dup+0x2e0/0x2e0 [ 1284.896420][T27801] ? check_preemption_disabled+0x47/0x280 [ 1284.902142][T27801] ? vfs_parse_fs_string+0x1da/0x280 [ 1284.907427][T27801] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1284.907440][T27801] ? trace_kfree+0xb2/0x110 [ 1284.907452][T27801] ? vfs_parse_fs_string+0x1da/0x280 03:44:45 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e000100030003ee001100000000000000", 0x39}], 0x1) 03:44:45 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}) 03:44:45 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1100000000000000}) 03:44:45 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e000100040003ee001100000000000000", 0x39}], 0x1) 03:44:45 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1200000000000000}) 03:44:45 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e000100070003ee001100000000000000", 0x39}], 0x1) [ 1284.907461][T27801] ? kfree+0x1d/0x120 [ 1284.907473][T27801] ? vfs_parse_fs_string+0x1da/0x280 [ 1284.917663][T27801] ? logfc+0x710/0x710 [ 1284.917677][T27801] legacy_get_tree+0xf9/0x1a0 [ 1284.917690][T27801] ? btrfs_resize_thread_pool+0x290/0x290 [ 1284.917706][T27801] vfs_get_tree+0x8f/0x360 [ 1284.926926][T27801] do_mount+0x1813/0x2730 [ 1284.926940][T27801] ? check_preemption_disabled+0x47/0x280 [ 1284.926956][T27801] ? copy_mount_string+0x30/0x30 [ 1284.926968][T27801] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1284.926980][T27801] ? trace_kmalloc+0xcd/0x130 [ 1284.936286][T27801] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1284.936295][T27801] ? copy_mount_options+0x5f/0x360 [ 1284.936308][T27801] ? copy_mount_options+0x2c8/0x360 [ 1284.936320][T27801] ksys_mount+0xcc/0x100 [ 1284.936332][T27801] __x64_sys_mount+0xbf/0xd0 [ 1284.936346][T27801] do_syscall_64+0xfe/0x140 [ 1284.936363][T27801] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1284.946702][T27801] RIP: 0033:0x45bf6a [ 1284.946714][T27801] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1284.946719][T27801] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1284.946730][T27801] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a [ 1284.946736][T27801] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1284.946742][T27801] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1284.946747][T27801] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1284.946753][T27801] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1284.970331][T27805] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1285.184134][T27824] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:45 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0xe00, 0x0) 03:44:45 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1254000000000000}) 03:44:45 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e000100080003ee001100000000000000", 0x39}], 0x1) 03:44:45 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00') sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0xa8, r2, 0x202, 0x70bd25, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x28b}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x2}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x6}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}]}, @IPVS_CMD_ATTR_DEST={0x34, 0x2, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x5}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x6}, @IPVS_DEST_ATTR_TUN_PORT={0x8, 0xe, 0x4e21}, @IPVS_DEST_ATTR_TUN_TYPE={0x8, 0xd, 0x1}, @IPVS_DEST_ATTR_TUN_TYPE={0x8, 0xd, 0x1}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1728}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1dc6000000}, @IPVS_CMD_ATTR_DAEMON={0x1c, 0x3, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x3}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x9}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}]}]}, 0xa8}, 0x1, 0x0, 0x0, 0x4040000}, 0x8044) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:45 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x0, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:44:45 executing program 0 (fault-call:2 fault-nth:83): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 1285.320780][T27832] FAULT_INJECTION: forcing a failure. [ 1285.320780][T27832] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1285.334011][T27832] CPU: 1 PID: 27832 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1285.341897][T27832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1285.351945][T27832] Call Trace: [ 1285.355240][T27832] dump_stack+0x1d8/0x2f8 [ 1285.359572][T27832] should_fail+0x608/0x860 [ 1285.363994][T27832] ? setup_fault_attr+0x2b0/0x2b0 [ 1285.369022][T27832] ? __kasan_kmalloc+0x178/0x1b0 [ 1285.373967][T27832] should_fail_alloc_page+0x55/0x60 [ 1285.379161][T27832] prepare_alloc_pages+0x283/0x460 [ 1285.384272][T27832] __alloc_pages_nodemask+0x11c/0x790 [ 1285.389640][T27832] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1285.395701][T27832] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1285.401241][T27832] ? kasan_check_read+0x11/0x20 [ 1285.406087][T27832] ? do_raw_spin_unlock+0x49/0x260 [ 1285.411187][T27832] ? check_preemption_disabled+0x47/0x280 [ 1285.416904][T27832] kmem_getpages+0x46/0x480 [ 1285.421401][T27832] cache_grow_begin+0x7e/0x2c0 [ 1285.426160][T27832] cache_alloc_refill+0x311/0x3f0 [ 1285.431178][T27832] ? check_preemption_disabled+0xb7/0x280 [ 1285.436894][T27832] kmem_cache_alloc_trace+0x29f/0x2c0 [ 1285.442258][T27832] ? btrfs_mount_root+0x18f/0x1120 [ 1285.447361][T27832] btrfs_mount_root+0x18f/0x1120 [ 1285.452290][T27832] ? smack_fs_context_dup+0x2e0/0x2e0 [ 1285.457654][T27832] ? btrfs_control_open+0x40/0x40 [ 1285.462677][T27832] ? vfs_parse_fs_string+0x1da/0x280 [ 1285.467952][T27832] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1285.473676][T27832] ? trace_kfree+0xb2/0x110 [ 1285.478169][T27832] ? vfs_parse_fs_string+0x1da/0x280 [ 1285.483440][T27832] ? kfree+0x1d/0x120 [ 1285.487413][T27832] ? vfs_parse_fs_string+0x1da/0x280 [ 1285.492689][T27832] ? logfc+0x710/0x710 [ 1285.496750][T27832] legacy_get_tree+0xf9/0x1a0 [ 1285.501416][T27832] ? btrfs_control_open+0x40/0x40 [ 1285.506436][T27832] vfs_get_tree+0x8f/0x360 [ 1285.510852][T27832] vfs_kern_mount+0xc2/0x160 [ 1285.515433][T27832] btrfs_mount+0x3f0/0x1a70 [ 1285.519935][T27832] ? alloc_fs_context+0x49a/0x580 [ 1285.524951][T27832] ? fs_context_for_mount+0x24/0x30 [ 1285.530143][T27832] ? do_mount+0x1200/0x2730 [ 1285.534633][T27832] ? ksys_mount+0xcc/0x100 [ 1285.539037][T27832] ? __x64_sys_mount+0xbf/0xd0 [ 1285.543793][T27832] ? do_syscall_64+0xfe/0x140 [ 1285.548464][T27832] ? fs_parse+0x1bd/0x10a0 [ 1285.552878][T27832] ? btrfs_resize_thread_pool+0x290/0x290 [ 1285.558589][T27832] ? smack_fs_context_parse_param+0x16a/0x3b0 [ 1285.564644][T27832] ? smack_fs_context_dup+0x2e0/0x2e0 [ 1285.570010][T27832] ? check_preemption_disabled+0x47/0x280 [ 1285.575729][T27832] ? vfs_parse_fs_string+0x1da/0x280 [ 1285.581094][T27832] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1285.586810][T27832] ? trace_kfree+0xb2/0x110 [ 1285.591305][T27832] ? vfs_parse_fs_string+0x1da/0x280 [ 1285.596578][T27832] ? kfree+0x1d/0x120 [ 1285.600557][T27832] ? vfs_parse_fs_string+0x1da/0x280 [ 1285.605833][T27832] ? logfc+0x710/0x710 [ 1285.609896][T27832] legacy_get_tree+0xf9/0x1a0 [ 1285.614561][T27832] ? btrfs_resize_thread_pool+0x290/0x290 [ 1285.620277][T27832] vfs_get_tree+0x8f/0x360 [ 1285.624685][T27832] do_mount+0x1813/0x2730 [ 1285.629005][T27832] ? check_preemption_disabled+0x47/0x280 [ 1285.634722][T27832] ? copy_mount_string+0x30/0x30 [ 1285.639651][T27832] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1285.645363][T27832] ? trace_kmalloc+0xcd/0x130 [ 1285.650032][T27832] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1285.655564][T27832] ? copy_mount_options+0x5f/0x360 [ 1285.660679][T27832] ? copy_mount_options+0x2c8/0x360 [ 1285.665875][T27832] ksys_mount+0xcc/0x100 [ 1285.670117][T27832] __x64_sys_mount+0xbf/0xd0 [ 1285.674699][T27832] do_syscall_64+0xfe/0x140 [ 1285.679196][T27832] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1285.685080][T27832] RIP: 0033:0x45bf6a [ 1285.688974][T27832] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1285.708565][T27832] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 03:44:45 executing program 2: r0 = socket(0x10, 0x2, 0x7) r1 = socket(0x10, 0x2, 0x0) r2 = dup2(r0, r1) setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f0000000080)={0x2, 'ipddp0\x00'}, 0x18) r3 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x200000, 0x162) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) getsockopt$inet_sctp_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000140)={0x0, 0x2, 0xfffffffffffffffa, 0xae8b, 0xff, 0x0, 0x3, 0x9, {0x0, @in6={{0xa, 0x4e20, 0x6, @rand_addr="3f18eea55306404d545007911338426d", 0xea}}, 0x1, 0x6, 0x2, 0x3f, 0x7}}, &(0x7f0000000200)=0xb0) setsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000240)=@assoc_value={r4, 0x1}, 0x8) ioctl$PPPOEIOCSFWD(r3, 0x4008b100, &(0x7f0000000100)={0x18, 0x0, {0x3, @remote, 'ip6tnl0\x00'}}) ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000000c0)={r1}) 03:44:45 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2500000000000000}) 03:44:45 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001000c0003ee001100000000000000", 0x39}], 0x1) [ 1285.716963][T27832] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a [ 1285.724924][T27832] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1285.732915][T27832] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1285.740876][T27832] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1285.748835][T27832] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:46 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x0, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) 03:44:46 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x3, 0x0) r2 = dup2(r0, r1) write(r1, &(0x7f0000000000)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) ioctl$ASHMEM_SET_NAME(r2, 0x41007701, &(0x7f0000000040)='\x00') 03:44:46 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e000100250003ee001100000000000000", 0x39}], 0x1) [ 1285.853602][T27841] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1286.000619][T27859] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:46 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x1020, 0x0) 03:44:46 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000}) 03:44:46 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e000100c70303ee001100000000000000", 0x39}], 0x1) 03:44:46 executing program 0 (fault-call:2 fault-nth:84): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:46 executing program 2: r0 = socket(0x10, 0x2, 0xf) r1 = socket(0x10, 0x2, 0x0) r2 = dup2(r0, r1) ioctl$VIDIOC_DQEVENT(r2, 0x80885659, &(0x7f0000000080)={0x0, @ctrl}) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) ioctl$sock_SIOCINQ(r2, 0x541b, &(0x7f0000000000)) 03:44:46 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x0, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, r1) [ 1286.153424][T27870] FAULT_INJECTION: forcing a failure. [ 1286.153424][T27870] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1286.166671][T27870] CPU: 0 PID: 27870 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1286.174562][T27870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1286.184622][T27870] Call Trace: [ 1286.187914][T27870] dump_stack+0x1d8/0x2f8 [ 1286.192243][T27870] should_fail+0x608/0x860 [ 1286.196655][T27870] ? setup_fault_attr+0x2b0/0x2b0 [ 1286.201686][T27870] should_fail_alloc_page+0x55/0x60 [ 1286.206878][T27870] prepare_alloc_pages+0x283/0x460 [ 1286.211984][T27870] __alloc_pages_nodemask+0x11c/0x790 [ 1286.217357][T27870] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1286.222893][T27870] ? arch_stack_walk+0x98/0xe0 [ 1286.227682][T27870] kmem_getpages+0x46/0x480 [ 1286.232185][T27870] cache_grow_begin+0x7e/0x2c0 [ 1286.236950][T27870] cache_alloc_refill+0x311/0x3f0 [ 1286.242140][T27870] ? check_preemption_disabled+0xb7/0x280 [ 1286.247855][T27870] kmem_cache_alloc+0x288/0x2b0 03:44:46 executing program 2: r0 = syz_open_dev$admmidi(&(0x7f0000000100)='/dev/admmidi#\x00', 0x1000000000, 0x20002) setsockopt$l2tp_PPPOL2TP_SO_SENDSEQ(r0, 0x111, 0x3, 0x0, 0x4) ioctl$BLKBSZGET(r0, 0x80081270, &(0x7f0000000140)) r1 = socket(0x10, 0x0, 0x0) r2 = dup2(r1, r1) openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x121040, 0x0) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x149) getsockopt$llc_int(r2, 0x10c, 0xe, &(0x7f00000000c0), &(0x7f0000000080)=0xfffffffffffffe67) 03:44:46 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e000100e41403ee001100000000000000", 0x39}], 0x1) [ 1286.252699][T27870] ? getname_kernel+0x59/0x2f0 [ 1286.257457][T27870] getname_kernel+0x59/0x2f0 [ 1286.262041][T27870] kern_path+0x1f/0x40 [ 1286.266103][T27870] blkdev_get_by_path+0xb5/0x2d0 [ 1286.271031][T27870] ? bd_may_claim+0xc0/0xc0 [ 1286.275534][T27870] btrfs_scan_one_device+0x105/0x520 [ 1286.280819][T27870] ? lockdep_hardirqs_on+0x3c5/0x7d0 [ 1286.286095][T27870] ? btrfs_free_stale_devices+0x7f0/0x7f0 [ 1286.291809][T27870] ? trace_hardirqs_on+0x74/0x80 [ 1286.296750][T27870] btrfs_mount_root+0x548/0x1120 03:44:46 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5405000000000000}) [ 1286.301689][T27870] ? btrfs_control_open+0x40/0x40 [ 1286.306714][T27870] ? vfs_parse_fs_string+0x1da/0x280 [ 1286.311994][T27870] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1286.317707][T27870] ? trace_kfree+0xb2/0x110 [ 1286.322212][T27870] ? vfs_parse_fs_string+0x1da/0x280 [ 1286.327486][T27870] ? kfree+0x1d/0x120 [ 1286.331472][T27870] ? vfs_parse_fs_string+0x1da/0x280 [ 1286.336749][T27870] ? logfc+0x710/0x710 [ 1286.340816][T27870] legacy_get_tree+0xf9/0x1a0 [ 1286.345485][T27870] ? btrfs_control_open+0x40/0x40 [ 1286.350505][T27870] vfs_get_tree+0x8f/0x360 [ 1286.354925][T27870] vfs_kern_mount+0xc2/0x160 [ 1286.359513][T27870] btrfs_mount+0x3f0/0x1a70 [ 1286.364009][T27870] ? alloc_fs_context+0x49a/0x580 [ 1286.369022][T27870] ? fs_context_for_mount+0x24/0x30 [ 1286.374213][T27870] ? do_mount+0x1200/0x2730 [ 1286.378703][T27870] ? ksys_mount+0xcc/0x100 [ 1286.383104][T27870] ? __x64_sys_mount+0xbf/0xd0 [ 1286.387859][T27870] ? do_syscall_64+0xfe/0x140 [ 1286.392531][T27870] ? fs_parse+0x1bd/0x10a0 [ 1286.396953][T27870] ? btrfs_resize_thread_pool+0x290/0x290 [ 1286.402665][T27870] ? smack_fs_context_parse_param+0x16a/0x3b0 [ 1286.408730][T27870] ? smack_fs_context_dup+0x2e0/0x2e0 [ 1286.414098][T27870] ? check_preemption_disabled+0x47/0x280 [ 1286.419817][T27870] ? vfs_parse_fs_string+0x1da/0x280 [ 1286.425091][T27870] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1286.430805][T27870] ? trace_kfree+0xb2/0x110 [ 1286.435304][T27870] ? vfs_parse_fs_string+0x1da/0x280 [ 1286.440579][T27870] ? kfree+0x1d/0x120 [ 1286.444566][T27870] ? vfs_parse_fs_string+0x1da/0x280 [ 1286.449844][T27870] ? logfc+0x710/0x710 [ 1286.453903][T27870] legacy_get_tree+0xf9/0x1a0 [ 1286.458586][T27870] ? btrfs_resize_thread_pool+0x290/0x290 [ 1286.464305][T27870] vfs_get_tree+0x8f/0x360 [ 1286.468714][T27870] do_mount+0x1813/0x2730 [ 1286.473037][T27870] ? check_preemption_disabled+0x47/0x280 [ 1286.478753][T27870] ? copy_mount_string+0x30/0x30 [ 1286.483683][T27870] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1286.489399][T27870] ? trace_kmalloc+0xcd/0x130 [ 1286.494072][T27870] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1286.499607][T27870] ? copy_mount_options+0x5f/0x360 [ 1286.504722][T27870] ? copy_mount_options+0x2c8/0x360 [ 1286.509916][T27870] ksys_mount+0xcc/0x100 [ 1286.514158][T27870] __x64_sys_mount+0xbf/0xd0 [ 1286.518746][T27870] do_syscall_64+0xfe/0x140 [ 1286.523244][T27870] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1286.529129][T27870] RIP: 0033:0x45bf6a [ 1286.533020][T27870] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1286.552620][T27870] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1286.561024][T27870] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a [ 1286.568990][T27870] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1286.576957][T27870] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1286.584918][T27870] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1286.592879][T27870] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:47 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, 0x0) dup2(r0, r1) 03:44:47 executing program 2: r0 = socket(0x10, 0x2, 0xc) dup2(r0, 0xffffffffffffffff) ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000080)={'bcsf0\x00', {0x2, 0x4e22, @local}}) write(0xffffffffffffffff, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) socket$caif_seqpacket(0x25, 0x5, 0x5) 03:44:47 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e000100b76203ee001100000000000000", 0x39}], 0x1) 03:44:47 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x1100, 0x0) 03:44:47 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c00000000000000}) 03:44:47 executing program 0 (fault-call:2 fault-nth:85): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:47 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, 0x0) dup2(r0, r1) 03:44:47 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001000ae000ee001100000000000000", 0x39}], 0x1) 03:44:47 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000}) 03:44:47 executing program 2: r0 = socket$bt_hidp(0x1f, 0x3, 0x6) ioctl$sock_SIOCDELDLCI(r0, 0x8981, &(0x7f0000000100)={'ip6tnl0\x00', 0x4}) r1 = dup(r0) recvmsg(r0, &(0x7f0000000380)={&(0x7f0000000140)=@can={0x1d, 0x0}, 0x80, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/42, 0x2a}, {&(0x7f0000000200)=""/66, 0x42}], 0x2, &(0x7f00000002c0)=""/165, 0xa5}, 0x40000000) setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x32, &(0x7f00000003c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r2}, 0x14) r3 = socket(0x10, 0x2, 0xc) r4 = socket(0x10, 0x2, 0x0) r5 = dup2(r3, r4) ioctl$DRM_IOCTL_RES_CTX(r5, 0xc0106426, &(0x7f0000000080)={0x6, &(0x7f0000000000)=[{}, {}, {}, {}, {}, {0x0}]}) ioctl$DRM_IOCTL_GET_CTX(r5, 0xc0086423, &(0x7f00000000c0)={r6, 0x3}) write(r4, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:47 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001000a0e01ee001100000000000000", 0x39}], 0x1) 03:44:47 executing program 2: r0 = socket(0xf, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:47 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, 0x0) dup2(r0, r1) 03:44:47 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000}) 03:44:47 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) personality(0xd04000f) 03:44:47 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001000a0203ee001100000000000000", 0x39}], 0x1) 03:44:47 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x1200, 0x0) [ 1287.084294][T27904] FAULT_INJECTION: forcing a failure. [ 1287.084294][T27904] name failslab, interval 1, probability 0, space 0, times 0 [ 1287.108570][T27904] CPU: 1 PID: 27904 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1287.116485][T27904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1287.126532][T27904] Call Trace: [ 1287.129817][T27904] dump_stack+0x1d8/0x2f8 [ 1287.134140][T27904] should_fail+0x608/0x860 [ 1287.138548][T27904] ? setup_fault_attr+0x2b0/0x2b0 [ 1287.143560][T27904] ? kzalloc+0x26/0x40 [ 1287.147626][T27904] __should_failslab+0x11a/0x160 [ 1287.152554][T27904] ? kzalloc+0x26/0x40 [ 1287.156615][T27904] should_failslab+0x9/0x20 [ 1287.161108][T27904] __kmalloc+0x7a/0x310 [ 1287.165259][T27904] kzalloc+0x26/0x40 [ 1287.169145][T27904] kobject_get_path+0xa7/0x1d0 [ 1287.173900][T27904] kobject_uevent_env+0x2f2/0x1260 [ 1287.179015][T27904] kobject_uevent+0x1f/0x30 [ 1287.183510][T27904] __loop_clr_fd+0x544/0x8e0 [ 1287.188100][T27904] lo_ioctl+0x11a7/0x2400 [ 1287.192438][T27904] ? __read_once_size_nocheck+0x10/0x10 [ 1287.197973][T27904] ? match_held_lock+0x280/0x280 [ 1287.202906][T27904] ? lo_release+0x1f0/0x1f0 [ 1287.207398][T27904] ? match_held_lock+0x280/0x280 [ 1287.212324][T27904] ? __bfs+0x550/0x550 [ 1287.216382][T27904] ? __bfs+0x550/0x550 [ 1287.220443][T27904] ? trace_lock_acquire+0x190/0x190 [ 1287.225633][T27904] ? __bfs+0x550/0x550 [ 1287.229691][T27904] ? match_held_lock+0x280/0x280 [ 1287.234625][T27904] ? match_held_lock+0x280/0x280 [ 1287.239551][T27904] ? __lock_acquire+0xcf7/0x1a40 [ 1287.244474][T27904] ? __bfs+0x550/0x550 [ 1287.248537][T27904] ? __lock_acquire+0xcf7/0x1a40 [ 1287.253483][T27904] ? __lock_acquire+0xcf7/0x1a40 [ 1287.258421][T27904] ? trace_lock_acquire+0x190/0x190 [ 1287.263624][T27904] ? __read_once_size_nocheck+0x10/0x10 [ 1287.269156][T27904] ? unwind_next_frame+0x415/0x870 [ 1287.274267][T27904] ? rcu_lock_release+0x9/0x30 [ 1287.279027][T27904] ? stack_trace_save+0x1e0/0x1e0 [ 1287.284042][T27904] ? rcu_lock_release+0x26/0x30 [ 1287.288879][T27904] ? is_bpf_text_address+0x398/0x3b0 [ 1287.294157][T27904] ? stack_trace_save+0x1e0/0x1e0 [ 1287.299175][T27904] ? __kernel_text_address+0x9a/0x110 [ 1287.304541][T27904] ? unwind_get_return_address+0x4c/0x90 [ 1287.310168][T27904] ? arch_stack_walk+0x98/0xe0 [ 1287.314932][T27904] ? stack_trace_save+0x111/0x1e0 [ 1287.319955][T27904] ? lo_release+0x1f0/0x1f0 [ 1287.324450][T27904] blkdev_ioctl+0x917/0x2c10 [ 1287.329031][T27904] ? tomoyo_path_number_perm+0x587/0x740 [ 1287.334653][T27904] ? trace_hardirqs_off+0x74/0x80 [ 1287.339672][T27904] ? quarantine_put+0xb7/0x1f0 [ 1287.344422][T27904] ? tomoyo_path_number_perm+0x587/0x740 [ 1287.350045][T27904] ? __blkdev_driver_ioctl+0xc0/0xc0 [ 1287.355316][T27904] ? __kasan_slab_free+0x19d/0x1e0 [ 1287.360414][T27904] ? __kasan_slab_free+0x12a/0x1e0 [ 1287.365514][T27904] ? kasan_slab_free+0xe/0x10 [ 1287.370179][T27904] ? kfree+0xae/0x120 [ 1287.374148][T27904] ? tomoyo_path_number_perm+0x587/0x740 [ 1287.379765][T27904] ? tomoyo_file_ioctl+0x23/0x30 [ 1287.384689][T27904] ? security_file_ioctl+0x6d/0xd0 [ 1287.389788][T27904] ? __x64_sys_ioctl+0xa3/0x120 [ 1287.394630][T27904] ? do_syscall_64+0xfe/0x140 [ 1287.399298][T27904] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1287.405356][T27904] ? kasan_check_write+0x14/0x20 [ 1287.410281][T27904] ? do_raw_spin_lock+0x143/0x3a0 [ 1287.415309][T27904] ? _raw_spin_unlock_irqrestore+0xbc/0xe0 [ 1287.421108][T27904] ? rcu_lock_release+0x9/0x30 [ 1287.425869][T27904] ? tomoyo_path_number_perm+0x5f0/0x740 [ 1287.431490][T27904] ? trace_lock_acquire+0x190/0x190 [ 1287.436679][T27904] ? tomoyo_check_path_acl+0x180/0x180 [ 1287.442126][T27904] ? ksys_mount+0xea/0x100 [ 1287.446535][T27904] block_ioctl+0xbd/0x100 [ 1287.450853][T27904] ? blkdev_iopoll+0x100/0x100 [ 1287.455607][T27904] do_vfs_ioctl+0x7d4/0x1890 [ 1287.460195][T27904] ? ioctl_preallocate+0x240/0x240 [ 1287.465310][T27904] ? fget_many+0x30/0x30 [ 1287.469548][T27904] ? tomoyo_file_ioctl+0x23/0x30 [ 1287.474473][T27904] ? security_file_ioctl+0xa1/0xd0 [ 1287.479575][T27904] __x64_sys_ioctl+0xe3/0x120 [ 1287.484248][T27904] do_syscall_64+0xfe/0x140 [ 1287.488745][T27904] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1287.494630][T27904] RIP: 0033:0x459387 [ 1287.498517][T27904] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1287.518108][T27904] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1287.526507][T27904] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 0000000000459387 03:44:48 executing program 0 (fault-call:2 fault-nth:86): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:48 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000}) [ 1287.534466][T27904] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000006 [ 1287.542424][T27904] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1287.550386][T27904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1287.558347][T27904] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:48 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu}) dup2(r0, r1) 03:44:48 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001000a0303ee001100000000000000", 0x39}], 0x1) 03:44:48 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r0, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:48 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}) 03:44:48 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001000a0403ee001100000000000000", 0x39}], 0x1) 03:44:48 executing program 2: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$sock_void(r0, 0x1, 0x0, 0x0, 0x0) r1 = socket(0x10, 0x2, 0xc) r2 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x40, 0x121100) write$FUSE_GETXATTR(r2, &(0x7f0000000080)={0x18, 0x0, 0x1, {0x77}}, 0x18) ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f00000000c0)) r3 = socket(0x10, 0x2, 0x0) dup2(r1, r3) write(r3, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:48 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x2000, 0x0) [ 1287.735642][T27943] FAULT_INJECTION: forcing a failure. [ 1287.735642][T27943] name failslab, interval 1, probability 0, space 0, times 0 03:44:48 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001000a0503ee001100000000000000", 0x39}], 0x1) 03:44:48 executing program 2: r0 = socket(0x13, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) r2 = semget(0x2, 0x0, 0x2) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000080)={{{@in6=@remote, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in6=@mcast2}}, &(0x7f0000000000)=0xe8) r4 = getegid() getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000180)={{{@in6=@ipv4={[], [], @remote}, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@dev}}, &(0x7f0000000280)=0xe8) lstat(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) semctl$IPC_SET(r2, 0x0, 0x1, &(0x7f0000000380)={{0x1000, r3, r4, r5, r6, 0x40, 0x9}, 0xfffffffffffffff9, 0x3a, 0x2}) dup2(r0, r1) semctl$SEM_STAT(r2, 0x0, 0x12, &(0x7f0000000400)=""/109) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1287.781202][T27943] CPU: 0 PID: 27943 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1287.789129][T27943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1287.799186][T27943] Call Trace: [ 1287.802475][T27943] dump_stack+0x1d8/0x2f8 [ 1287.806805][T27943] should_fail+0x608/0x860 [ 1287.811219][T27943] ? setup_fault_attr+0x2b0/0x2b0 [ 1287.816248][T27943] ? btrfs_mount_root+0x373/0x1120 [ 1287.821368][T27943] __should_failslab+0x11a/0x160 [ 1287.826309][T27943] ? btrfs_mount_root+0x373/0x1120 [ 1287.831401][T27943] should_failslab+0x9/0x20 [ 1287.831436][T27943] __kmalloc_track_caller+0x79/0x310 [ 1287.831452][T27943] kstrdup+0x34/0x70 [ 1287.845097][T27943] btrfs_mount_root+0x373/0x1120 [ 1287.850040][T27943] ? btrfs_control_open+0x40/0x40 [ 1287.855066][T27943] ? vfs_parse_fs_string+0x1da/0x280 [ 1287.860344][T27943] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1287.860357][T27943] ? trace_kfree+0xb2/0x110 [ 1287.860374][T27943] ? vfs_parse_fs_string+0x1da/0x280 [ 1287.875825][T27943] ? kfree+0x1d/0x120 03:44:48 executing program 2: socket(0x10, 0x2, 0xc) r0 = socket(0x10, 0x2, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/icmp6\x00') ioctl$VIDIOC_S_INPUT(r1, 0xc0045627, &(0x7f0000000080)=0x2) dup2(r0, r1) write(r0, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1287.879820][T27943] ? vfs_parse_fs_string+0x1da/0x280 [ 1287.885091][T27943] ? logfc+0x710/0x710 [ 1287.885106][T27943] legacy_get_tree+0xf9/0x1a0 [ 1287.885118][T27943] ? btrfs_control_open+0x40/0x40 [ 1287.885131][T27943] vfs_get_tree+0x8f/0x360 [ 1287.885145][T27943] vfs_kern_mount+0xc2/0x160 [ 1287.885156][T27943] btrfs_mount+0x3f0/0x1a70 [ 1287.885166][T27943] ? alloc_fs_context+0x49a/0x580 [ 1287.885174][T27943] ? fs_context_for_mount+0x24/0x30 [ 1287.885180][T27943] ? do_mount+0x1200/0x2730 [ 1287.885186][T27943] ? ksys_mount+0xcc/0x100 [ 1287.885192][T27943] ? __x64_sys_mount+0xbf/0xd0 [ 1287.885208][T27943] ? do_syscall_64+0xfe/0x140 [ 1287.940919][T27943] ? fs_parse+0x1bd/0x10a0 [ 1287.945339][T27943] ? btrfs_resize_thread_pool+0x290/0x290 [ 1287.951058][T27943] ? smack_fs_context_parse_param+0x16a/0x3b0 [ 1287.957117][T27943] ? smack_fs_context_dup+0x2e0/0x2e0 [ 1287.962484][T27943] ? check_preemption_disabled+0x47/0x280 [ 1287.968925][T27943] ? vfs_parse_fs_string+0x1da/0x280 [ 1287.974217][T27943] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1287.979928][T27943] ? trace_kfree+0xb2/0x110 [ 1287.984427][T27943] ? vfs_parse_fs_string+0x1da/0x280 [ 1287.989705][T27943] ? kfree+0x1d/0x120 [ 1287.993679][T27943] ? vfs_parse_fs_string+0x1da/0x280 [ 1287.998968][T27943] ? logfc+0x710/0x710 [ 1288.003032][T27943] legacy_get_tree+0xf9/0x1a0 [ 1288.003046][T27943] ? btrfs_resize_thread_pool+0x290/0x290 [ 1288.003060][T27943] vfs_get_tree+0x8f/0x360 [ 1288.013422][T27943] do_mount+0x1813/0x2730 [ 1288.013435][T27943] ? check_preemption_disabled+0x47/0x280 [ 1288.013449][T27943] ? copy_mount_string+0x30/0x30 [ 1288.032774][T27943] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1288.038480][T27943] ? trace_kmalloc+0xcd/0x130 [ 1288.038492][T27943] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1288.038502][T27943] ? copy_mount_options+0x5f/0x360 [ 1288.038513][T27943] ? copy_mount_options+0x2c8/0x360 [ 1288.038524][T27943] ksys_mount+0xcc/0x100 [ 1288.038534][T27943] __x64_sys_mount+0xbf/0xd0 [ 1288.038549][T27943] do_syscall_64+0xfe/0x140 [ 1288.038565][T27943] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1288.048742][T27943] RIP: 0033:0x45bf6a [ 1288.048754][T27943] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1288.048760][T27943] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1288.048771][T27943] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a [ 1288.048777][T27943] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1288.048781][T27943] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1288.048790][T27943] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1288.141888][T27943] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:48 executing program 0 (fault-call:2 fault-nth:87): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:48 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001000a0603ee001100000000000000", 0x39}], 0x1) 03:44:48 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 03:44:48 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu}) dup2(r0, r1) 03:44:48 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x2010, 0x0) 03:44:48 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0xd, 0xa, 0x7) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) r2 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080)='SEG6\x00') sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x80, r2, 0x802, 0x70bd2d, 0x25dfdbfd, {}, [@SEG6_ATTR_SECRET={0x14, 0x4, [0xb472, 0x1, 0x1, 0x4]}, @SEG6_ATTR_SECRET={0x8, 0x4, [0xb7]}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x1}, @SEG6_ATTR_DST={0x14, 0x1, @loopback}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x5}, @SEG6_ATTR_DST={0x14, 0x1, @ipv4={[], [], @local}}, @SEG6_ATTR_SECRETLEN={0x8, 0x5, 0x5}, @SEG6_ATTR_ALGID={0x8, 0x6, 0x8}, @SEG6_ATTR_SECRETLEN={0x8, 0x5, 0x5}]}, 0x80}, 0x1, 0x0, 0x0, 0x8040}, 0x10) [ 1288.356463][T27978] __nla_validate_parse: 21 callbacks suppressed [ 1288.356469][T27978] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 03:44:49 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}) 03:44:49 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001000a0703ee001100000000000000", 0x39}], 0x1) 03:44:49 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu}) dup2(r0, r1) [ 1288.484973][T27990] FAULT_INJECTION: forcing a failure. [ 1288.484973][T27990] name failslab, interval 1, probability 0, space 0, times 0 [ 1288.498093][T27990] CPU: 1 PID: 27990 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1288.505976][T27990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1288.516027][T27990] Call Trace: [ 1288.519324][T27990] dump_stack+0x1d8/0x2f8 [ 1288.523651][T27990] should_fail+0x608/0x860 [ 1288.528064][T27990] ? setup_fault_attr+0x2b0/0x2b0 [ 1288.533082][T27990] ? __lock_acquire+0xcf7/0x1a40 [ 1288.538028][T27990] __should_failslab+0x11a/0x160 [ 1288.542963][T27990] ? xas_create+0x11a7/0x1920 [ 1288.547634][T27990] should_failslab+0x9/0x20 [ 1288.552129][T27990] kmem_cache_alloc+0x56/0x2b0 [ 1288.556895][T27990] xas_create+0x11a7/0x1920 [ 1288.561407][T27990] xas_store+0x99/0x1670 [ 1288.565641][T27990] ? xas_load+0x434/0x450 [ 1288.569969][T27990] __add_to_page_cache_locked+0x640/0xc60 [ 1288.575697][T27990] ? add_to_page_cache_locked+0x40/0x40 [ 1288.581237][T27990] ? workingset_activation+0x2b0/0x2b0 [ 1288.586690][T27990] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1288.592226][T27990] ? blkdev_get+0x863/0x9d0 [ 1288.596732][T27990] add_to_page_cache_lru+0x19c/0x4f0 [ 1288.602015][T27990] ? __add_to_page_cache_locked+0xc60/0xc60 [ 1288.607905][T27990] do_read_cache_page+0x213/0xbd0 [ 1288.612918][T27990] ? blkdev_writepage+0x30/0x30 [ 1288.617770][T27990] read_cache_page_gfp+0x73/0x80 [ 1288.622705][T27990] btrfs_scan_one_device+0x1c3/0x520 [ 1288.627982][T27990] ? lockdep_hardirqs_on+0x3c5/0x7d0 [ 1288.633257][T27990] ? btrfs_free_stale_devices+0x7f0/0x7f0 [ 1288.638974][T27990] ? trace_hardirqs_on+0x74/0x80 [ 1288.643907][T27990] btrfs_mount_root+0x548/0x1120 [ 1288.648848][T27990] ? btrfs_control_open+0x40/0x40 [ 1288.653962][T27990] ? vfs_parse_fs_string+0x1da/0x280 [ 1288.659242][T27990] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1288.664951][T27990] ? trace_kfree+0xb2/0x110 [ 1288.669451][T27990] ? vfs_parse_fs_string+0x1da/0x280 [ 1288.674728][T27990] ? kfree+0x1d/0x120 [ 1288.678732][T27990] ? vfs_parse_fs_string+0x1da/0x280 [ 1288.684019][T27990] ? logfc+0x710/0x710 [ 1288.688086][T27990] legacy_get_tree+0xf9/0x1a0 [ 1288.692758][T27990] ? btrfs_control_open+0x40/0x40 [ 1288.697779][T27990] vfs_get_tree+0x8f/0x360 [ 1288.702199][T27990] vfs_kern_mount+0xc2/0x160 [ 1288.706782][T27990] btrfs_mount+0x3f0/0x1a70 [ 1288.711283][T27990] ? alloc_fs_context+0x49a/0x580 [ 1288.716305][T27990] ? fs_context_for_mount+0x24/0x30 [ 1288.721493][T27990] ? do_mount+0x1200/0x2730 [ 1288.725989][T27990] ? ksys_mount+0xcc/0x100 [ 1288.730398][T27990] ? __x64_sys_mount+0xbf/0xd0 [ 1288.742536][T27990] ? do_syscall_64+0xfe/0x140 [ 1288.747208][T27990] ? fs_parse+0x1bd/0x10a0 [ 1288.751623][T27990] ? btrfs_resize_thread_pool+0x290/0x290 [ 1288.757339][T27990] ? smack_fs_context_parse_param+0x16a/0x3b0 [ 1288.763402][T27990] ? smack_fs_context_dup+0x2e0/0x2e0 [ 1288.768774][T27990] ? check_preemption_disabled+0x47/0x280 [ 1288.774493][T27990] ? vfs_parse_fs_string+0x1da/0x280 [ 1288.779775][T27990] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1288.785487][T27990] ? trace_kfree+0xb2/0x110 [ 1288.789979][T27990] ? vfs_parse_fs_string+0x1da/0x280 [ 1288.795251][T27990] ? kfree+0x1d/0x120 [ 1288.800032][T27990] ? vfs_parse_fs_string+0x1da/0x280 [ 1288.805317][T27990] ? logfc+0x710/0x710 [ 1288.809378][T27990] legacy_get_tree+0xf9/0x1a0 [ 1288.814047][T27990] ? btrfs_resize_thread_pool+0x290/0x290 [ 1288.819756][T27990] vfs_get_tree+0x8f/0x360 [ 1288.824166][T27990] do_mount+0x1813/0x2730 [ 1288.828488][T27990] ? check_preemption_disabled+0x47/0x280 [ 1288.834202][T27990] ? copy_mount_string+0x30/0x30 [ 1288.839131][T27990] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1288.844850][T27990] ? trace_kmalloc+0xcd/0x130 [ 1288.849520][T27990] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1288.855053][T27990] ? copy_mount_options+0x5f/0x360 [ 1288.860156][T27990] ? copy_mount_options+0x2c8/0x360 [ 1288.865345][T27990] ksys_mount+0xcc/0x100 [ 1288.869591][T27990] __x64_sys_mount+0xbf/0xd0 [ 1288.874177][T27990] do_syscall_64+0xfe/0x140 [ 1288.878671][T27990] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1288.884552][T27990] RIP: 0033:0x45bf6a [ 1288.888442][T27990] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1288.908133][T27990] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1288.916546][T27990] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a [ 1288.924509][T27990] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1288.932472][T27990] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 03:44:49 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}) [ 1288.940433][T27990] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1288.948397][T27990] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:49 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) r2 = dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) 03:44:49 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001000a0803ee001100000000000000", 0x39}], 0x1) [ 1288.988205][T28005] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1289.071295][T28010] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1289.109045][T28013] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 03:44:49 executing program 0 (fault-call:2 fault-nth:88): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:49 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x2402, 0x0) 03:44:49 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}) 03:44:49 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(0xffffffffffffffff, r1) 03:44:49 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001000a0903ee001100000000000000", 0x39}], 0x1) [ 1289.129211][T28014] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:49 executing program 2: r0 = socket(0x3, 0x2, 0x2) r1 = socket(0x10, 0x2, 0x0) write$binfmt_elf64(r1, &(0x7f0000000200)=ANY=[@ANYBLOB="7f454c460000020981ffffffffffffff020003000700000087010000000000004000000000000000c601000000000000020000000100380002000300ff7f000202000000f18800000100000000000000070000000000000080000000000000000000000000000000d900000000000000070000000000000003000000060000003f0a00000000000001000100000000000200000000000000070000000000000001e700000000000000000000000000008bc6666300a37c0809a2076f65eea83131eb645d633ac0249f8e1c059b339a0b91d9bbdf2d12e12291a03e4401de27697add062270a474be3f5bed5e023ca0dcfa28cf2ed83f22fc365129a01a52f929bb0c55652778f122f41db106a219a6fa55c56bdb2adabe30c4302f6653697ea4493243539fa4504461baea32625b7a77b77ca4f0cc988de12d820419a276e047faa0371425be480c3bd2f01139dde0b5245cc7e0c47cc0f2cdc3e1f9eba7"], 0x12a) r2 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x40, 0x0) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x10040, 0x0) write$selinux_attr(r3, &(0x7f0000000080)='system_u:object_r:xserver_misc_device_t:s0\x00', 0x2b) bind(r2, &(0x7f0000000100)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0x1, 0x2, 0x1, 0x3, {0xa, 0x4e22, 0xede4, @mcast2}}}, 0x80) write$P9_RRENAME(r3, &(0x7f00000000c0)={0x7, 0x15, 0x2}, 0x7) ioctl$VIDIOC_LOG_STATUS(r2, 0x5646, 0x0) r4 = dup2(r0, r2) write(r1, &(0x7f00000001c0)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) ioctl$VIDIOC_LOG_STATUS(r4, 0x5646, 0x0) [ 1289.206611][T28020] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 03:44:49 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001000a0a03ee001100000000000000", 0x39}], 0x1) 03:44:49 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}) [ 1289.279113][T28028] FAULT_INJECTION: forcing a failure. [ 1289.279113][T28028] name failslab, interval 1, probability 0, space 0, times 0 [ 1289.294935][T28028] CPU: 1 PID: 28028 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1289.302837][T28028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1289.312883][T28028] Call Trace: [ 1289.312905][T28028] dump_stack+0x1d8/0x2f8 [ 1289.312923][T28028] should_fail+0x608/0x860 [ 1289.312936][T28028] ? setup_fault_attr+0x2b0/0x2b0 [ 1289.312957][T28028] __should_failslab+0x11a/0x160 [ 1289.324930][T28028] ? mempool_alloc_slab+0x4d/0x70 [ 1289.324943][T28028] should_failslab+0x9/0x20 [ 1289.324953][T28028] kmem_cache_alloc+0x56/0x2b0 [ 1289.324964][T28028] ? mempool_free+0x350/0x350 [ 1289.324974][T28028] mempool_alloc_slab+0x4d/0x70 [ 1289.324985][T28028] mempool_alloc+0x15f/0x6b0 [ 1289.325008][T28028] ? mempool_resize+0x900/0x900 [ 1289.368066][T28028] bio_alloc_bioset+0x210/0x670 [ 1289.372917][T28028] ? bio_chain_endio+0x110/0x110 [ 1289.377854][T28028] submit_bh_wbc+0x186/0x680 [ 1289.382440][T28028] ? __might_sleep+0x8f/0x100 [ 1289.387114][T28028] block_read_full_page+0x991/0xbc0 [ 1289.392314][T28028] ? blkdev_direct_IO+0xd0/0xd0 [ 1289.397157][T28028] ? block_is_partially_uptodate+0x2e0/0x2e0 [ 1289.403129][T28028] ? add_to_page_cache_lru+0x31b/0x4f0 [ 1289.408585][T28028] ? __add_to_page_cache_locked+0xc60/0xc60 [ 1289.414477][T28028] blkdev_readpage+0x1c/0x20 [ 1289.419060][T28028] do_read_cache_page+0x66c/0xbd0 [ 1289.424074][T28028] ? blkdev_writepage+0x30/0x30 [ 1289.428939][T28028] read_cache_page_gfp+0x73/0x80 [ 1289.433875][T28028] btrfs_scan_one_device+0x1c3/0x520 [ 1289.439154][T28028] ? lockdep_hardirqs_on+0x3c5/0x7d0 [ 1289.444455][T28028] ? btrfs_free_stale_devices+0x7f0/0x7f0 [ 1289.450169][T28028] ? trace_hardirqs_on+0x74/0x80 [ 1289.455116][T28028] btrfs_mount_root+0x548/0x1120 [ 1289.460062][T28028] ? btrfs_control_open+0x40/0x40 [ 1289.465081][T28028] ? vfs_parse_fs_string+0x1da/0x280 [ 1289.470362][T28028] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1289.476075][T28028] ? trace_kfree+0xb2/0x110 [ 1289.480570][T28028] ? vfs_parse_fs_string+0x1da/0x280 [ 1289.485843][T28028] ? kfree+0x1d/0x120 [ 1289.489822][T28028] ? vfs_parse_fs_string+0x1da/0x280 [ 1289.495097][T28028] ? logfc+0x710/0x710 [ 1289.499161][T28028] legacy_get_tree+0xf9/0x1a0 [ 1289.503828][T28028] ? btrfs_control_open+0x40/0x40 [ 1289.508846][T28028] vfs_get_tree+0x8f/0x360 [ 1289.513275][T28028] vfs_kern_mount+0xc2/0x160 [ 1289.517864][T28028] btrfs_mount+0x3f0/0x1a70 [ 1289.522361][T28028] ? alloc_fs_context+0x49a/0x580 [ 1289.527374][T28028] ? fs_context_for_mount+0x24/0x30 [ 1289.532562][T28028] ? do_mount+0x1200/0x2730 [ 1289.537054][T28028] ? ksys_mount+0xcc/0x100 [ 1289.541458][T28028] ? __x64_sys_mount+0xbf/0xd0 [ 1289.546215][T28028] ? do_syscall_64+0xfe/0x140 [ 1289.550883][T28028] ? fs_parse+0x1bd/0x10a0 [ 1289.555297][T28028] ? btrfs_resize_thread_pool+0x290/0x290 [ 1289.561010][T28028] ? smack_fs_context_parse_param+0x16a/0x3b0 [ 1289.567070][T28028] ? smack_fs_context_dup+0x2e0/0x2e0 [ 1289.572429][T28028] ? check_preemption_disabled+0x47/0x280 [ 1289.578148][T28028] ? vfs_parse_fs_string+0x1da/0x280 [ 1289.583427][T28028] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1289.589138][T28028] ? trace_kfree+0xb2/0x110 [ 1289.593637][T28028] ? vfs_parse_fs_string+0x1da/0x280 [ 1289.598909][T28028] ? kfree+0x1d/0x120 [ 1289.602883][T28028] ? vfs_parse_fs_string+0x1da/0x280 [ 1289.608159][T28028] ? logfc+0x710/0x710 [ 1289.612220][T28028] legacy_get_tree+0xf9/0x1a0 [ 1289.616887][T28028] ? btrfs_resize_thread_pool+0x290/0x290 [ 1289.622600][T28028] vfs_get_tree+0x8f/0x360 [ 1289.627012][T28028] do_mount+0x1813/0x2730 [ 1289.631330][T28028] ? check_preemption_disabled+0x47/0x280 [ 1289.637045][T28028] ? copy_mount_string+0x30/0x30 [ 1289.641979][T28028] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1289.647689][T28028] ? trace_kmalloc+0xcd/0x130 [ 1289.652359][T28028] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1289.657892][T28028] ? copy_mount_options+0x5f/0x360 [ 1289.662998][T28028] ? copy_mount_options+0x2c8/0x360 [ 1289.668186][T28028] ksys_mount+0xcc/0x100 [ 1289.672423][T28028] __x64_sys_mount+0xbf/0xd0 [ 1289.677010][T28028] do_syscall_64+0xfe/0x140 [ 1289.681511][T28028] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1289.687398][T28028] RIP: 0033:0x45bf6a [ 1289.691287][T28028] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1289.710881][T28028] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1289.719283][T28028] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a 03:44:50 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) bind(r0, &(0x7f0000000080)=@pptp={0x18, 0x2, {0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x80) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:50 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x2500, 0x0) [ 1289.727245][T28028] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1289.735206][T28028] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1289.743170][T28028] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1289.751133][T28028] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1289.771468][T28036] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 03:44:50 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(0xffffffffffffffff, r1) 03:44:50 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001000a0b03ee001100000000000000", 0x39}], 0x1) [ 1289.819104][T28039] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1289.862314][T28044] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'. 03:44:50 executing program 0 (fault-call:2 fault-nth:89): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:50 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}) 03:44:50 executing program 2: r0 = socket(0x13, 0x0, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1289.905707][T28049] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.1'. 03:44:50 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001000a0c03ee001100000000000000", 0x39}], 0x1) 03:44:50 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(0xffffffffffffffff, r1) [ 1290.006934][T28052] FAULT_INJECTION: forcing a failure. [ 1290.006934][T28052] name failslab, interval 1, probability 0, space 0, times 0 [ 1290.019555][T28052] CPU: 0 PID: 28052 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1290.027439][T28052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1290.037482][T28052] Call Trace: [ 1290.040775][T28052] dump_stack+0x1d8/0x2f8 [ 1290.045104][T28052] should_fail+0x608/0x860 [ 1290.049520][T28052] ? setup_fault_attr+0x2b0/0x2b0 03:44:50 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) [ 1290.054551][T28052] ? __lock_acquire+0xcf7/0x1a40 [ 1290.059495][T28052] __should_failslab+0x11a/0x160 [ 1290.064431][T28052] ? xas_create+0x11a7/0x1920 [ 1290.069102][T28052] should_failslab+0x9/0x20 [ 1290.073604][T28052] kmem_cache_alloc+0x56/0x2b0 [ 1290.078370][T28052] xas_create+0x11a7/0x1920 [ 1290.082887][T28052] xas_store+0x99/0x1670 [ 1290.087125][T28052] ? xas_load+0x434/0x450 [ 1290.091457][T28052] __add_to_page_cache_locked+0x640/0xc60 [ 1290.097172][T28052] ? finish_lock_switch+0x31/0x40 [ 1290.102208][T28052] ? add_to_page_cache_locked+0x40/0x40 [ 1290.107757][T28052] ? workingset_activation+0x2b0/0x2b0 [ 1290.113198][T28052] ? lockdep_hardirqs_on+0x3c5/0x7d0 [ 1290.118494][T28052] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1290.123957][T28052] ? retint_kernel+0x2b/0x2b [ 1290.128549][T28052] ? trace_hardirqs_on_caller+0x74/0x80 [ 1290.134089][T28052] add_to_page_cache_lru+0x19c/0x4f0 [ 1290.134103][T28052] ? __add_to_page_cache_locked+0xc60/0xc60 [ 1290.134117][T28052] ? check_preemption_disabled+0x3a/0x280 [ 1290.134132][T28052] do_read_cache_page+0x213/0xbd0 03:44:50 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}) [ 1290.134144][T28052] ? blkdev_writepage+0x30/0x30 [ 1290.134158][T28052] read_cache_page_gfp+0x73/0x80 [ 1290.134171][T28052] btrfs_scan_one_device+0x1c3/0x520 [ 1290.134185][T28052] ? lockdep_hardirqs_on+0x3c5/0x7d0 [ 1290.134194][T28052] ? btrfs_free_stale_devices+0x7f0/0x7f0 [ 1290.134206][T28052] ? trace_hardirqs_on+0x74/0x80 [ 1290.134226][T28052] btrfs_mount_root+0x548/0x1120 [ 1290.160990][T28052] ? btrfs_control_open+0x40/0x40 [ 1290.161007][T28052] ? vfs_parse_fs_string+0x1da/0x280 [ 1290.161019][T28052] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1290.161032][T28052] ? trace_kfree+0xb2/0x110 [ 1290.182170][T28052] ? vfs_parse_fs_string+0x1da/0x280 [ 1290.182180][T28052] ? kfree+0x1d/0x120 [ 1290.182193][T28052] ? vfs_parse_fs_string+0x1da/0x280 [ 1290.182205][T28052] ? logfc+0x710/0x710 [ 1290.182226][T28052] legacy_get_tree+0xf9/0x1a0 [ 1290.208012][T28052] ? btrfs_control_open+0x40/0x40 [ 1290.235682][T28052] vfs_get_tree+0x8f/0x360 [ 1290.235701][T28052] vfs_kern_mount+0xc2/0x160 [ 1290.235715][T28052] btrfs_mount+0x3f0/0x1a70 03:44:50 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}) [ 1290.235729][T28052] ? alloc_fs_context+0x49a/0x580 [ 1290.235737][T28052] ? fs_context_for_mount+0x24/0x30 [ 1290.235744][T28052] ? do_mount+0x1200/0x2730 [ 1290.235751][T28052] ? ksys_mount+0xcc/0x100 [ 1290.235759][T28052] ? __x64_sys_mount+0xbf/0xd0 [ 1290.235771][T28052] ? do_syscall_64+0xfe/0x140 [ 1290.235782][T28052] ? fs_parse+0x1bd/0x10a0 [ 1290.235795][T28052] ? btrfs_resize_thread_pool+0x290/0x290 [ 1290.235808][T28052] ? smack_fs_context_parse_param+0x16a/0x3b0 [ 1290.235819][T28052] ? smack_fs_context_dup+0x2e0/0x2e0 [ 1290.254276][T28052] ? check_preemption_disabled+0x47/0x280 [ 1290.254296][T28052] ? vfs_parse_fs_string+0x1da/0x280 [ 1290.254310][T28052] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1290.254321][T28052] ? trace_kfree+0xb2/0x110 [ 1290.254329][T28052] ? vfs_parse_fs_string+0x1da/0x280 [ 1290.254338][T28052] ? kfree+0x1d/0x120 [ 1290.254349][T28052] ? vfs_parse_fs_string+0x1da/0x280 [ 1290.254360][T28052] ? logfc+0x710/0x710 [ 1290.254371][T28052] legacy_get_tree+0xf9/0x1a0 [ 1290.254383][T28052] ? btrfs_resize_thread_pool+0x290/0x290 03:44:51 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}) 03:44:51 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x3803, 0x0) 03:44:51 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) write$binfmt_script(r1, &(0x7f0000000600)=ANY=[], 0xfec8) recvmmsg(r1, &(0x7f0000007e00)=[{{0x0, 0x0, &(0x7f0000004700)=[{&(0x7f00000012c0)=""/167, 0xf}], 0x1}}], 0x1, 0x0, 0x0) r2 = socket(0x10, 0x2, 0x0) getsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000000), &(0x7f0000000080)=0x4) r3 = dup2(0xffffffffffffffff, r2) write(r2, &(0x7f0000000100)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x2) bind$x25(r3, &(0x7f00000000c0)={0x9, @remote={[], 0x0}}, 0x12) [ 1290.254394][T28052] vfs_get_tree+0x8f/0x360 [ 1290.254409][T28052] do_mount+0x1813/0x2730 [ 1290.273459][T28052] ? check_preemption_disabled+0x47/0x280 [ 1290.273478][T28052] ? copy_mount_string+0x30/0x30 [ 1290.273490][T28052] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1290.273502][T28052] ? trace_kmalloc+0xcd/0x130 [ 1290.282910][T28052] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1290.310123][T28052] ? copy_mount_options+0x5f/0x360 [ 1290.310138][T28052] ? copy_mount_options+0x2c8/0x360 [ 1290.310150][T28052] ksys_mount+0xcc/0x100 [ 1290.310161][T28052] __x64_sys_mount+0xbf/0xd0 [ 1290.310178][T28052] do_syscall_64+0xfe/0x140 [ 1290.321146][T28052] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1290.321157][T28052] RIP: 0033:0x45bf6a [ 1290.321168][T28052] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1290.321176][T28052] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 03:44:51 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd}) [ 1290.334877][T28052] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a [ 1290.334884][T28052] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1290.334890][T28052] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1290.334896][T28052] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1290.334902][T28052] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:51 executing program 0 (fault-call:2 fault-nth:90): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:51 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}) 03:44:51 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x5, 0x2, 0x4) r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x40, 0x0) ioctl$TCGETS(r2, 0x5401, &(0x7f0000000080)) setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f00000000c0)={0x24}, 0x4) r3 = dup2(r0, r1) write(r3, &(0x7f0000000040)="1f0000f40f20ff54cb5a0d0000f3051e0008000100020423dcffdf00", 0x1c) fsetxattr$trusted_overlay_origin(r3, &(0x7f0000000140)='trusted.overlay.origin\x00', &(0x7f0000000180)='y\x00', 0x2, 0x3) ioctl$TIOCGRS485(r2, 0x542e, &(0x7f0000000100)) 03:44:51 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001000a0d03ee001100000000000000", 0x39}], 0x1) 03:44:51 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x3f00, 0x0) 03:44:51 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, 0xffffffffffffffff) 03:44:51 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}) 03:44:51 executing program 2: r0 = socket(0x0, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:51 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001000a0e03ee001100000000000000", 0x39}], 0x1) 03:44:51 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x4000, 0x0) 03:44:51 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, 0xffffffffffffffff) 03:44:51 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}) [ 1290.884114][T28111] FAULT_INJECTION: forcing a failure. [ 1290.884114][T28111] name failslab, interval 1, probability 0, space 0, times 0 [ 1290.928786][T28118] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1290.930963][T28111] CPU: 0 PID: 28111 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1290.947161][T28111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1290.957214][T28111] Call Trace: [ 1290.960509][T28111] dump_stack+0x1d8/0x2f8 [ 1290.964843][T28111] should_fail+0x608/0x860 [ 1290.969259][T28111] ? setup_fault_attr+0x2b0/0x2b0 [ 1290.974281][T28111] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 1290.980000][T28111] __should_failslab+0x11a/0x160 [ 1290.984932][T28111] ? tomoyo_realpath_from_path+0xdc/0x7c0 [ 1290.990650][T28111] should_failslab+0x9/0x20 [ 1290.995152][T28111] __kmalloc+0x7a/0x310 [ 1290.999300][T28111] ? tomoyo_realpath_from_path+0xca/0x7c0 [ 1291.005011][T28111] tomoyo_realpath_from_path+0xdc/0x7c0 [ 1291.010556][T28111] tomoyo_path_number_perm+0x1e0/0x740 [ 1291.016008][T28111] ? trace_lock_acquire+0x190/0x190 [ 1291.021203][T28111] ? ksys_mount+0xea/0x100 [ 1291.025616][T28111] ? __kasan_slab_free+0x19d/0x1e0 [ 1291.030716][T28111] ? tomoyo_check_path_acl+0x180/0x180 [ 1291.036169][T28111] ? ksys_mount+0xea/0x100 [ 1291.040578][T28111] ? __x64_sys_mount+0xbf/0xd0 [ 1291.045334][T28111] ? do_syscall_64+0xfe/0x140 [ 1291.050000][T28111] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1291.056060][T28111] ? kasan_check_read+0x11/0x20 [ 1291.060902][T28111] ? do_raw_spin_unlock+0x49/0x260 [ 1291.066033][T28111] ? fget_many+0x30/0x30 [ 1291.070276][T28111] tomoyo_file_ioctl+0x23/0x30 [ 1291.075034][T28111] security_file_ioctl+0x6d/0xd0 [ 1291.079970][T28111] __x64_sys_ioctl+0xa3/0x120 [ 1291.084648][T28111] do_syscall_64+0xfe/0x140 [ 1291.089165][T28111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1291.095050][T28111] RIP: 0033:0x459387 [ 1291.098938][T28111] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1291.118532][T28111] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1291.126940][T28111] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 0000000000459387 [ 1291.134900][T28111] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000006 [ 1291.142858][T28111] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1291.150823][T28111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1291.158788][T28111] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1291.172341][T28111] ERROR: Out of memory at tomoyo_realpath_from_path. 03:44:51 executing program 0 (fault-call:2 fault-nth:91): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:51 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12}) 03:44:51 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001000a0f03ee001100000000000000", 0x39}], 0x1) 03:44:51 executing program 2: r0 = socket(0x10, 0x2, 0xc) setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000000)=0x6, 0x4) r1 = socket(0x10, 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:51 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x10000803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x336) ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000200)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_mtu=0x1}) dup2(r0, 0xffffffffffffffff) 03:44:51 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001000a1003ee001100000000000000", 0x39}], 0x1) 03:44:51 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x2c, 0x2c, 0x8, [@int={0x4, 0x0, 0x0, 0x1, 0x0, 0x45, 0x0, 0x1b, 0x1}, @func_proto={0x0, 0x2, 0x0, 0xd, 0x0, [{0x7}, {0x6}]}]}, {0x0, [0x2e, 0x6f, 0x71, 0x61, 0x2e, 0x2e]}}, &(0x7f0000000000)=""/8, 0x4c, 0x8, 0x1}, 0x20) r3 = dup2(r2, r0) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) ioctl$KDGKBDIACR(r3, 0x4b4a, &(0x7f0000000080)=""/133) [ 1291.293164][T28134] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:44:51 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25}) 03:44:52 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0x0) openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0) dup2(r0, r1) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1291.368451][T28145] FAULT_INJECTION: forcing a failure. [ 1291.368451][T28145] name failslab, interval 1, probability 0, space 0, times 0 [ 1291.422758][T28145] CPU: 1 PID: 28145 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1291.430689][T28145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1291.440749][T28145] Call Trace: [ 1291.444044][T28145] dump_stack+0x1d8/0x2f8 [ 1291.448370][T28145] should_fail+0x608/0x860 [ 1291.452786][T28145] ? setup_fault_attr+0x2b0/0x2b0 [ 1291.457818][T28145] __should_failslab+0x11a/0x160 [ 1291.462749][T28145] ? mempool_alloc_slab+0x4d/0x70 [ 1291.467771][T28145] should_failslab+0x9/0x20 [ 1291.472269][T28145] kmem_cache_alloc+0x56/0x2b0 [ 1291.477031][T28145] ? mempool_free+0x350/0x350 [ 1291.481706][T28145] mempool_alloc_slab+0x4d/0x70 [ 1291.486559][T28145] mempool_alloc+0x15f/0x6b0 [ 1291.491149][T28145] ? rcu_lock_release+0x9/0x30 [ 1291.495910][T28145] ? mempool_resize+0x900/0x900 [ 1291.500750][T28145] ? kasan_check_write+0x14/0x20 [ 1291.505679][T28145] ? do_raw_spin_lock+0x143/0x3a0 [ 1291.510708][T28145] bio_alloc_bioset+0x210/0x670 [ 1291.515679][T28145] ? bio_chain_endio+0x110/0x110 [ 1291.520631][T28145] submit_bh_wbc+0x186/0x680 [ 1291.525217][T28145] ? __might_sleep+0x8f/0x100 [ 1291.529888][T28145] __bread_gfp+0x122/0x350 [ 1291.534299][T28145] btrfs_read_dev_super+0x8a/0x220 [ 1291.539405][T28145] btrfs_get_bdev_and_sb+0x1ec/0x280 [ 1291.544684][T28145] open_fs_devices+0x1ee/0xbe0 [ 1291.549442][T28145] ? list_sort+0x8ad/0x900 [ 1291.553847][T28145] ? btrfs_open_devices+0x1b0/0x1b0 [ 1291.559040][T28145] ? devid_cmp+0x90/0x90 [ 1291.563282][T28145] btrfs_open_devices+0x11d/0x1b0 [ 1291.568303][T28145] btrfs_mount_root+0x5c3/0x1120 [ 1291.573240][T28145] ? btrfs_control_open+0x40/0x40 [ 1291.578263][T28145] ? vfs_parse_fs_string+0x1da/0x280 [ 1291.583542][T28145] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1291.589251][T28145] ? trace_kfree+0xb2/0x110 [ 1291.593745][T28145] ? vfs_parse_fs_string+0x1da/0x280 [ 1291.599018][T28145] ? kfree+0x1d/0x120 [ 1291.602993][T28145] ? vfs_parse_fs_string+0x1da/0x280 [ 1291.608267][T28145] ? logfc+0x710/0x710 [ 1291.612330][T28145] legacy_get_tree+0xf9/0x1a0 [ 1291.617006][T28145] ? btrfs_control_open+0x40/0x40 [ 1291.622025][T28145] vfs_get_tree+0x8f/0x360 [ 1291.626436][T28145] vfs_kern_mount+0xc2/0x160 [ 1291.631019][T28145] btrfs_mount+0x3f0/0x1a70 [ 1291.635517][T28145] ? alloc_fs_context+0x49a/0x580 [ 1291.640530][T28145] ? fs_context_for_mount+0x24/0x30 [ 1291.645716][T28145] ? do_mount+0x1200/0x2730 [ 1291.650211][T28145] ? ksys_mount+0xcc/0x100 [ 1291.654622][T28145] ? __x64_sys_mount+0xbf/0xd0 [ 1291.659374][T28145] ? do_syscall_64+0xfe/0x140 [ 1291.664043][T28145] ? fs_parse+0x1bd/0x10a0 [ 1291.668457][T28145] ? btrfs_resize_thread_pool+0x290/0x290 [ 1291.674171][T28145] ? smack_fs_context_parse_param+0x16a/0x3b0 [ 1291.680233][T28145] ? smack_fs_context_dup+0x2e0/0x2e0 [ 1291.685603][T28145] ? check_preemption_disabled+0x47/0x280 [ 1291.691322][T28145] ? vfs_parse_fs_string+0x1da/0x280 [ 1291.696623][T28145] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1291.702336][T28145] ? trace_kfree+0xb2/0x110 [ 1291.706833][T28145] ? vfs_parse_fs_string+0x1da/0x280 [ 1291.712109][T28145] ? kfree+0x1d/0x120 [ 1291.716090][T28145] ? vfs_parse_fs_string+0x1da/0x280 [ 1291.721452][T28145] ? logfc+0x710/0x710 [ 1291.725511][T28145] legacy_get_tree+0xf9/0x1a0 [ 1291.737217][T28145] ? btrfs_resize_thread_pool+0x290/0x290 [ 1291.742930][T28145] vfs_get_tree+0x8f/0x360 [ 1291.747339][T28145] do_mount+0x1813/0x2730 [ 1291.751660][T28145] ? check_preemption_disabled+0x47/0x280 [ 1291.757376][T28145] ? copy_mount_string+0x30/0x30 [ 1291.762305][T28145] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1291.768016][T28145] ? trace_kmalloc+0xcd/0x130 [ 1291.772681][T28145] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1291.778220][T28145] ? copy_mount_options+0x5f/0x360 [ 1291.783323][T28145] ? copy_mount_options+0x2c8/0x360 [ 1291.788516][T28145] ksys_mount+0xcc/0x100 [ 1291.792751][T28145] __x64_sys_mount+0xbf/0xd0 [ 1291.797338][T28145] do_syscall_64+0xfe/0x140 [ 1291.801836][T28145] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1291.807716][T28145] RIP: 0033:0x45bf6a [ 1291.811608][T28145] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1291.831203][T28145] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1291.839619][T28145] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a [ 1291.847594][T28145] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1291.855568][T28145] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1291.863533][T28145] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1291.871492][T28145] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 03:44:52 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x4800, 0x0) 03:44:52 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000140)={0xa, 0xffffffffffffffff, 0x0, @ipv4={[], [], @dev}}, 0x1c) sendmmsg(r1, &(0x7f0000000240), 0x5c3, 0x0) 03:44:52 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001000a1103ee001100000000000000", 0x39}], 0x1) 03:44:52 executing program 0 (fault-call:2 fault-nth:92): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000fff6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 03:44:52 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c}) 03:44:52 executing program 3: pipe(&(0x7f00000009c0)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r1, &(0x7f0000000500)=[{&(0x7f0000000080)="ec", 0x1}], 0x1, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") close(r1) r3 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_udp_int(r3, 0x11, 0x200001000000067, &(0x7f0000000280)=0xfff, 0x4) connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @empty}, 0x10) splice(r0, 0x0, r1, 0x0, 0x10000, 0x0) 03:44:52 executing program 2: r0 = socket(0x10, 0x2, 0xc) r1 = socket(0x10, 0x2, 0xffffffffffffffff) setsockopt$bt_hci_HCI_TIME_STAMP(r0, 0x0, 0x3, &(0x7f0000000000)=0x6, 0x4) r2 = dup2(r0, r1) write(r1, &(0x7f00000001c0)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0)='TIPC\x00') setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, &(0x7f0000000200)={0x1, {{0xa, 0x4e24, 0x9fa8, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0xffffffff00000000}}, {{0xa, 0x4e24, 0x8000000000, @remote, 0x7f}}}, 0x108) sendmsg$TIPC_CMD_GET_NODES(r2, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r3, 0x4, 0x70bd2d, 0x25dfdbfe, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x40) getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r2, 0x84, 0x74, &(0x7f0000000340)=""/217, &(0x7f0000000040)=0xd9) 03:44:52 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001000a1203ee001100000000000000", 0x39}], 0x1) 03:44:52 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setgroups(0x1a2a, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0]) syz_genetlink_get_family_id$ipvs(&(0x7f00000013c0)='IPVS\x00') r0 = creat(&(0x7f0000000000)='./file0\x00', 0x1) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, 0x0, &(0x7f00000000c0)) ioctl$sock_inet_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000180)) syz_open_dev$usbmon(0x0, 0x0, 0x0) 03:44:52 executing program 2: r0 = socket$inet6(0xa, 0x801, 0x1000000) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000080)=[@in={0x2, 0x4e21, @local}, @in6={0xa, 0x4e20, 0x7, @loopback, 0x10001}, @in={0x2, 0x4e22, @multicast2}, @in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in6={0xa, 0x4e23, 0x1, @loopback, 0x3}], 0x68) r1 = socket(0x10, 0x2, 0x0) r2 = dup2(0xffffffffffffffff, r1) ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) ioctl$DRM_IOCTL_GET_MAGIC(r2, 0x80046402, &(0x7f0000000000)=0x2) write(r1, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) 03:44:52 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001000a2503ee001100000000000000", 0x39}], 0x1) 03:44:52 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x2000000042046, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)) write$binfmt_elf32(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1b16"], 0x2) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xfffffffffffffffe, 0x0, 0x0, 0x53}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300}) [ 1292.086086][T28174] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1292.108829][T28179] FAULT_INJECTION: forcing a failure. [ 1292.108829][T28179] name failslab, interval 1, probability 0, space 0, times 0 [ 1292.155708][T28179] CPU: 1 PID: 28179 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1292.163629][T28179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1292.173684][T28179] Call Trace: [ 1292.176977][T28179] dump_stack+0x1d8/0x2f8 [ 1292.181311][T28179] should_fail+0x608/0x860 [ 1292.185728][T28179] ? setup_fault_attr+0x2b0/0x2b0 [ 1292.190759][T28179] __should_failslab+0x11a/0x160 [ 1292.195698][T28179] should_failslab+0x9/0x20 [ 1292.200199][T28179] kmem_cache_alloc_trace+0x5d/0x2c0 [ 1292.205477][T28179] ? btrfs_alloc_device+0xc2/0x610 [ 1292.210581][T28179] ? __mutex_unlock_slowpath+0x18c/0x630 [ 1292.216211][T28179] btrfs_alloc_device+0xc2/0x610 [ 1292.221148][T28179] ? kasan_check_read+0x11/0x20 [ 1292.225990][T28179] ? btrfs_init_new_device+0x4290/0x4290 [ 1292.231619][T28179] ? blkdev_put+0x2c8/0x3b0 [ 1292.236125][T28179] close_fs_devices+0x503/0x9b0 [ 1292.240978][T28179] btrfs_close_devices+0x33/0x130 [ 1292.246005][T28179] btrfs_mount_root+0x969/0x1120 [ 1292.250947][T28179] ? btrfs_control_open+0x40/0x40 [ 1292.255971][T28179] ? vfs_parse_fs_string+0x1da/0x280 [ 1292.261253][T28179] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1292.266961][T28179] ? trace_kfree+0xb2/0x110 [ 1292.271452][T28179] ? vfs_parse_fs_string+0x1da/0x280 [ 1292.276722][T28179] ? kfree+0x1d/0x120 [ 1292.280698][T28179] ? vfs_parse_fs_string+0x1da/0x280 [ 1292.285972][T28179] ? logfc+0x710/0x710 [ 1292.290030][T28179] legacy_get_tree+0xf9/0x1a0 [ 1292.294697][T28179] ? btrfs_control_open+0x40/0x40 [ 1292.299712][T28179] vfs_get_tree+0x8f/0x360 [ 1292.304132][T28179] vfs_kern_mount+0xc2/0x160 [ 1292.308726][T28179] btrfs_mount+0x3f0/0x1a70 [ 1292.313225][T28179] ? alloc_fs_context+0x49a/0x580 [ 1292.318236][T28179] ? fs_context_for_mount+0x24/0x30 [ 1292.323425][T28179] ? do_mount+0x1200/0x2730 [ 1292.327918][T28179] ? ksys_mount+0xcc/0x100 [ 1292.332323][T28179] ? __x64_sys_mount+0xbf/0xd0 [ 1292.337074][T28179] ? do_syscall_64+0xfe/0x140 [ 1292.341740][T28179] ? fs_parse+0x1bd/0x10a0 [ 1292.346239][T28179] ? btrfs_resize_thread_pool+0x290/0x290 [ 1292.351955][T28179] ? smack_fs_context_parse_param+0x16a/0x3b0 [ 1292.358017][T28179] ? smack_fs_context_dup+0x2e0/0x2e0 [ 1292.363380][T28179] ? check_preemption_disabled+0x47/0x280 [ 1292.369103][T28179] ? vfs_parse_fs_string+0x1da/0x280 [ 1292.374388][T28179] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1292.380101][T28179] ? trace_kfree+0xb2/0x110 [ 1292.384596][T28179] ? vfs_parse_fs_string+0x1da/0x280 [ 1292.389872][T28179] ? kfree+0x1d/0x120 [ 1292.393850][T28179] ? vfs_parse_fs_string+0x1da/0x280 [ 1292.399133][T28179] ? logfc+0x710/0x710 [ 1292.403197][T28179] legacy_get_tree+0xf9/0x1a0 [ 1292.407871][T28179] ? btrfs_resize_thread_pool+0x290/0x290 [ 1292.413591][T28179] vfs_get_tree+0x8f/0x360 [ 1292.418003][T28179] do_mount+0x1813/0x2730 [ 1292.422333][T28179] ? check_preemption_disabled+0x47/0x280 [ 1292.428050][T28179] ? copy_mount_string+0x30/0x30 [ 1292.432983][T28179] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1292.438703][T28179] ? trace_kmalloc+0xcd/0x130 [ 1292.443374][T28179] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1292.448908][T28179] ? copy_mount_options+0x5f/0x360 [ 1292.454014][T28179] ? copy_mount_options+0x2c8/0x360 [ 1292.459206][T28179] ksys_mount+0xcc/0x100 [ 1292.463443][T28179] __x64_sys_mount+0xbf/0xd0 [ 1292.468026][T28179] do_syscall_64+0xfe/0x140 [ 1292.472533][T28179] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1292.478414][T28179] RIP: 0033:0x45bf6a [ 1292.482301][T28179] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1292.501983][T28179] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1292.510384][T28179] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a [ 1292.518358][T28179] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1292.526327][T28179] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1292.534288][T28179] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1292.542248][T28179] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1292.560409][T28179] ------------[ cut here ]------------ [ 1292.565877][T28179] kernel BUG at fs/btrfs/volumes.c:1270! [ 1292.593966][T28179] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 1292.600058][T28179] CPU: 0 PID: 28179 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12 [ 1292.607926][T28179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1292.617970][T28179] RIP: 0010:close_fs_devices+0x99d/0x9b0 [ 1292.623662][T28179] Code: d7 f2 fe 48 8b 5d b0 e9 66 ff ff ff 89 d9 80 e1 07 80 c1 03 38 c1 7c 83 48 89 df e8 8d d7 f2 fe e9 76 ff ff ff e8 c3 ad b9 fe <0f> 0b e8 bc ad b9 fe 0f 0b 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 [ 1292.643258][T28179] RSP: 0018:ffff88805c12f648 EFLAGS: 00010246 [ 1292.649294][T28179] RAX: ffffffff82bc041d RBX: ffff8880878e65a8 RCX: 0000000000040000 [ 1292.657240][T28179] RDX: ffffc90005de9000 RSI: 000000000003ffff RDI: 0000000000040000 [ 1292.665182][T28179] RBP: ffff88805c12f6e0 R08: ffffffff82bce122 R09: ffffed1015d46bf8 [ 1292.673123][T28179] R10: ffffed1015d46bf8 R11: 1ffff11015d46bf7 R12: ffff8880878e64c0 [ 1292.681066][T28179] R13: ffff8880878e65b0 R14: ffff8880a66b1600 R15: ffff888096a5a678 [ 1292.689012][T28179] FS: 00007f8a799b4700(0000) GS:ffff8880aea00000(0000) knlGS:0000000000000000 [ 1292.697910][T28179] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1292.704463][T28179] CR2: 0000555557367978 CR3: 000000009ec41000 CR4: 00000000001406f0 [ 1292.712410][T28179] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1292.720354][T28179] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 [ 1292.728299][T28179] Call Trace: [ 1292.731571][T28179] btrfs_close_devices+0x33/0x130 [ 1292.744218][T28179] btrfs_mount_root+0x969/0x1120 [ 1292.749130][T28179] ? btrfs_control_open+0x40/0x40 [ 1292.754128][T28179] ? vfs_parse_fs_string+0x1da/0x280 [ 1292.759384][T28179] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1292.765076][T28179] ? trace_kfree+0xb2/0x110 [ 1292.769548][T28179] ? vfs_parse_fs_string+0x1da/0x280 [ 1292.774804][T28179] ? kfree+0x1d/0x120 [ 1292.778759][T28179] ? vfs_parse_fs_string+0x1da/0x280 [ 1292.784018][T28179] ? logfc+0x710/0x710 [ 1292.788064][T28179] legacy_get_tree+0xf9/0x1a0 [ 1292.792710][T28179] ? btrfs_control_open+0x40/0x40 [ 1292.797705][T28179] vfs_get_tree+0x8f/0x360 [ 1292.803636][T28179] vfs_kern_mount+0xc2/0x160 [ 1292.808199][T28179] btrfs_mount+0x3f0/0x1a70 [ 1292.812676][T28179] ? alloc_fs_context+0x49a/0x580 [ 1292.817670][T28179] ? fs_context_for_mount+0x24/0x30 [ 1292.822837][T28179] ? do_mount+0x1200/0x2730 [ 1292.827309][T28179] ? ksys_mount+0xcc/0x100 [ 1292.831696][T28179] ? __x64_sys_mount+0xbf/0xd0 [ 1292.836431][T28179] ? do_syscall_64+0xfe/0x140 [ 1292.841082][T28179] ? fs_parse+0x1bd/0x10a0 [ 1292.845475][T28179] ? btrfs_resize_thread_pool+0x290/0x290 [ 1292.851167][T28179] ? smack_fs_context_parse_param+0x16a/0x3b0 [ 1292.857205][T28179] ? smack_fs_context_dup+0x2e0/0x2e0 [ 1292.862549][T28179] ? check_preemption_disabled+0x47/0x280 [ 1292.868244][T28179] ? vfs_parse_fs_string+0x1da/0x280 [ 1292.873502][T28179] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1292.879198][T28179] ? trace_kfree+0xb2/0x110 [ 1292.883671][T28179] ? vfs_parse_fs_string+0x1da/0x280 [ 1292.888926][T28179] ? kfree+0x1d/0x120 [ 1292.892882][T28179] ? vfs_parse_fs_string+0x1da/0x280 [ 1292.898162][T28179] ? logfc+0x710/0x710 [ 1292.902203][T28179] legacy_get_tree+0xf9/0x1a0 [ 1292.906851][T28179] ? btrfs_resize_thread_pool+0x290/0x290 [ 1292.912549][T28179] vfs_get_tree+0x8f/0x360 [ 1292.916939][T28179] do_mount+0x1813/0x2730 [ 1292.921244][T28179] ? check_preemption_disabled+0x47/0x280 [ 1292.926935][T28179] ? copy_mount_string+0x30/0x30 [ 1292.931843][T28179] ? rcu_read_lock_sched_held+0x127/0x1c0 [ 1292.937532][T28179] ? trace_kmalloc+0xcd/0x130 [ 1292.942183][T28179] ? kmem_cache_alloc_trace+0x222/0x2c0 [ 1292.947699][T28179] ? copy_mount_options+0x5f/0x360 [ 1292.952780][T28179] ? copy_mount_options+0x2c8/0x360 [ 1292.957947][T28179] ksys_mount+0xcc/0x100 [ 1292.962162][T28179] __x64_sys_mount+0xbf/0xd0 [ 1292.966726][T28179] do_syscall_64+0xfe/0x140 [ 1292.971205][T28179] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1292.977074][T28179] RIP: 0033:0x45bf6a [ 1292.980940][T28179] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9d 8d fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7a 8d fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 1293.000516][T28179] RSP: 002b:00007f8a799b3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1293.008904][T28179] RAX: ffffffffffffffda RBX: 00007f8a799b3b40 RCX: 000000000045bf6a [ 1293.016848][T28179] RDX: 00007f8a799b3ae0 RSI: 0000000020000100 RDI: 00007f8a799b3b00 [ 1293.024791][T28179] RBP: 0000000000000001 R08: 00007f8a799b3b40 R09: 00007f8a799b3ae0 [ 1293.032759][T28179] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000005 [ 1293.040705][T28179] R13: 00000000004c83f3 R14: 00000000004def18 R15: 0000000000000004 [ 1293.048649][T28179] Modules linked in: [ 1293.056739][T28179] ---[ end trace 5fc8ef5f1d1f793b ]--- [ 1293.062232][T28179] RIP: 0010:close_fs_devices+0x99d/0x9b0 [ 1293.068814][T28174] kobject: 'loop5' (0000000031ccc1da): kobject_uevent_env [ 1293.077996][T28174] kobject: 'loop5' (0000000031ccc1da): fill_kobj_path: path = '/devices/virtual/block/loop5' [ 1293.088519][T28179] Code: d7 f2 fe 48 8b 5d b0 e9 66 ff ff ff 89 d9 80 e1 07 80 c1 03 38 c1 7c 83 48 89 df e8 8d d7 f2 fe e9 76 ff ff ff e8 c3 ad b9 fe <0f> 0b e8 bc ad b9 fe 0f 0b 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 03:44:53 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x4c00, 0x0) 03:44:53 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001000090468fe07002b0000000000ff0725000000450001070000001419001a00150002000e0001000a4803ee001100000000000000", 0x39}], 0x1) 03:44:53 executing program 2: socket(0x10, 0x2, 0xc) r0 = socket(0x10, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'bond0\x00', 0x3c01}) write(r0, &(0x7f0000000040)="1f0000001000ff00fd4354c007110000f3051e0008000100020423dcffdf00", 0x1f) [ 1293.111181][T28179] RSP: 0018:ffff88805c12f648 EFLAGS: 00010246 [ 1293.112062][ T3879] kobject: 'loop5' (0000000031ccc1da): kobject_uevent_env [ 1293.133331][ T3879] kobject: 'loop5' (0000000031ccc1da): fill_kobj_path: path = '/devices/virtual/block/loop5' [ 1293.143272][T28179] RAX: ffffffff82bc041d RBX: ffff8880878e65a8 RCX: 0000000000040000 [ 1293.148134][ T3879] kobject: 'loop1' (000000003152adb3): kobject_uevent_env [ 1293.157341][T28203] kobject: 'loop5' (0000000031ccc1da): kobject_uevent_env [ 1293.159075][ T3879] kobject: 'loop1' (000000003152adb3): fill_kobj_path: path = '/devices/virtual/block/loop1' [ 1293.170091][T28203] kobject: 'loop5' (0000000031ccc1da): fill_kobj_path: path = '/devices/virtual/block/loop5' [ 1293.177257][ T3879] kobject: 'loop2' (000000001b75f7c2): kobject_uevent_env [ 1293.194683][ T3879] kobject: 'loop2' (000000001b75f7c2): fill_kobj_path: path = '/devices/virtual/block/loop2' [ 1293.205638][T28179] RDX: ffffc90005de9000 RSI: 000000000003ffff RDI: 0000000000040000 [ 1293.205675][ T3879] kobject: 'loop3' (00000000ed424401): kobject_uevent_env [ 1293.218321][T28179] RBP: ffff88805c12f6e0 R08: ffffffff82bce122 R09: ffffed1015d46bf8 [ 1293.220930][ T3879] kobject: 'loop3' (00000000ed424401): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 1293.238085][T28179] R10: ffffed1015d46bf8 R11: 1ffff11015d46bf7 R12: ffff8880878e64c0 [ 1293.239781][ T3879] kobject: 'loop4' (0000000056e2c6be): kobject_uevent_env [ 1293.246928][T28179] R13: ffff8880878e65b0 R14: ffff8880a66b1600 R15: ffff888096a5a678 [ 1293.254204][ T3879] kobject: 'loop4' (0000000056e2c6be): fill_kobj_path: path = '/devices/virtual/block/loop4' [ 1293.264744][T28179] FS: 00007f8a799b4700(0000) GS:ffff8880aeb00000(0000) knlGS:0000000000000000 [ 1293.273182][ T3879] kobject: 'loop5' (0000000031ccc1da): kobject_uevent_env [ 1293.282765][T28203] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 1293.288570][ T3879] kobject: 'loop5' (0000000031ccc1da): fill_kobj_path: path = '/devices/virtual/block/loop5' [ 1293.302925][T28179] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1293.309919][ T3879] kobject: 'loop0' (000000001d42c869): kobject_uevent_env [ 1293.317748][T28179] CR2: 0000000000000000 CR3: 000000009ec41000 CR4: 00000000001406e0 [ 1293.323208][ T3879] kobject: 'loop0' (000000001d42c869): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 1293.330739][T28179] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1293.341865][ T3879] kobject: 'loop1' (000000003152adb3): kobject_uevent_env [ 1293.350800][T28179] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1293.356288][ T3879] kobject: 'loop1' (000000003152adb3): fill_kobj_path: path = '/devices/virtual/block/loop1' [ 1293.366009][T28179] Kernel panic - not syncing: Fatal exception [ 1293.376257][ T3879] kobject: 'loop2' (000000001b75f7c2): kobject_uevent_env [ 1293.381528][T28179] Kernel Offset: disabled [ 1293.392918][T28179] Rebooting in 86400 seconds..