27.043865][T27250] ? __kasan_slab_free+0x11/0x20 [ 2627.048636][T27250] ? slab_free_freelist_hook+0xc9/0x1a0 [ 2627.054015][T27250] ? kmem_cache_free+0x11a/0x2e0 [ 2627.058789][T27250] ? putname+0x10b/0x160 [ 2627.062867][T27250] ? avc_flush+0x2b0/0x2b0 [ 2627.067121][T27250] ? do_vfs_ioctl+0xbf3/0x2ac0 [ 2627.071720][T27250] ? blkdev_common_ioctl+0x570/0x1ec0 [ 2627.076926][T27250] ? kasan_quarantine_put+0x34/0x1b0 [ 2627.082062][T27250] ? blkdev_bszset+0x240/0x240 [ 2627.086650][T27250] ? ioctl_has_perm+0x3df/0x560 [ 2627.091333][T27250] ? has_cap_mac_admin+0xb0/0xb0 [ 2627.096113][T27250] ? kmem_cache_free+0x11a/0x2e0 [ 2627.100886][T27250] ? putname+0x10b/0x160 [ 2627.104959][T27250] ? selinux_file_ioctl+0x3c9/0x530 [ 2627.109997][T27250] ? lo_release+0x200/0x200 [ 2627.114431][T27250] blkdev_ioctl+0x2e9/0x620 [ 2627.118761][T27250] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 2627.124067][T27250] ? __fget_files+0x310/0x370 [ 2627.128574][T27250] block_ioctl+0xb0/0xf0 [ 2627.132749][T27250] ? blkdev_iopoll+0x100/0x100 [ 2627.137339][T27250] __se_sys_ioctl+0x115/0x190 [ 2627.141854][T27250] __x64_sys_ioctl+0x7b/0x90 [ 2627.146283][T27250] do_syscall_64+0x44/0xd0 [ 2627.150532][T27250] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2627.156261][T27250] RIP: 0033:0x7fc55e528eb7 [ 2627.160517][T27250] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 c4 57 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2627.179955][T27250] RSP: 002b:00007fc55d29bf38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2627.188224][T27250] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fc55e528eb7 [ 2627.196015][T27250] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 2627.203823][T27250] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000176 [ 2627.211640][T27250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2627.219450][T27250] R13: 00007fc55d29bfdc R14: 00007fc55d29bfe0 R15: 0000000020000242 [ 2627.227267][T27250] [ 2627.236900][T27244] loop5: detected capacity change from 0 to 512 [ 2627.247092][T27250] erofs: (device loop1): mounted with root inode @ nid 36. 18:24:19 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 49) 18:24:19 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 49) 18:24:19 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 43) 18:24:19 executing program 2: sendmsg$NL80211_CMD_SET_CHANNEL(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) socket(0x0, 0x0, 0x80000001) syz_emit_ethernet(0x4a, &(0x7f0000000080)={@random="a3ffb8bb3d50", @empty, @void, {@ipv4={0x800, @tipc={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x29, 0x0, @empty, @broadcast}, @name_distributor={{0x28, 0x0, 0x0, 0x0, 0x0, 0xa, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5efe, 0x0, 0x20020000}}}}}}, 0x0) [ 2627.254518][T27258] sit: Dst spoofed 0.0.0.0/::5efe:0.0.0.0 -> 255.255.255.255/2002::700:0 [ 2627.264801][T27239] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 18:24:19 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) flock(r1, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f00000000c0)) syslog(0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000280)={0x7, 0x0, [{0x7fff, 0x1, 0x0, 0x0, @sint={0x100}}, {0xffffffff, 0x4, 0x0, 0x0, @sint={0x91, 0x200}}, {0x3, 0x3, 0x0, 0x0, @sint={0x0, 0x80000001}}, {0x1, 0x4, 0x0, 0x0, @irqchip={0x3ff, 0x7}}, {0x86, 0x3, 0x0, 0x0, @msi={0x5, 0x2, 0x5, 0x3}}, {0x80000000, 0x2, 0x0, 0x0, @msi={0x10000, 0x4, 0x7ff, 0x9}}, {0x6, 0x2, 0x0, 0x0, @adapter={0x8, 0x842, 0x2, 0x200, 0xff}}]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) syslog(0x4, &(0x7f0000002c80)=""/117, 0x75) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text16={0x10, 0x0, 0xffffff24}], 0xb, 0x0, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 2627.302423][T27260] sit: Dst spoofed 0.0.0.0/::5efe:0.0.0.0 -> 255.255.255.255/2002::700:0 [ 2627.318766][T27263] FAULT_INJECTION: forcing a failure. [ 2627.318766][T27263] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2627.333398][T27263] CPU: 1 PID: 27263 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2627.336205][T27269] FAULT_INJECTION: forcing a failure. [ 2627.336205][T27269] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2627.343477][T27263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2627.343495][T27263] Call Trace: [ 2627.343502][T27263] [ 2627.343509][T27263] dump_stack_lvl+0x151/0x1b7 [ 2627.376805][T27263] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2627.382094][T27263] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2627.387390][T27263] dump_stack+0x15/0x17 [ 2627.391381][T27263] should_fail+0x3c0/0x510 [ 2627.395639][T27263] should_fail_alloc_page+0x58/0x70 [ 2627.400670][T27263] __alloc_pages+0x1de/0x7c0 [ 2627.405098][T27263] ? __count_vm_events+0x30/0x30 [ 2627.409871][T27263] ? __kasan_check_read+0x11/0x20 [ 2627.414731][T27263] ? __vm_enough_memory+0x118/0x310 [ 2627.419770][T27263] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2627.425236][T27263] ? shmem_swapin_page+0x15c0/0x15c0 [ 2627.430368][T27263] ? xas_start+0x33d/0x410 [ 2627.434619][T27263] ? xas_load+0x2c7/0x2e0 [ 2627.438775][T27263] ? pagecache_get_page+0xcc8/0xdb0 [ 2627.443812][T27263] ? page_cache_prev_miss+0x430/0x430 [ 2627.449103][T27263] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2627.454484][T27263] ? lru_cache_add+0x273/0x530 [ 2627.459091][T27263] shmem_getpage_gfp+0x1487/0x25f0 [ 2627.464038][T27263] ? shmem_getpage+0xa0/0xa0 [ 2627.468460][T27263] ? fault_in_safe_writeable+0x240/0x240 [ 2627.473929][T27263] ? __kasan_check_write+0x14/0x20 [ 2627.478877][T27263] ? shmem_write_end+0x786/0x8a0 [ 2627.483651][T27263] shmem_write_begin+0xc8/0x1b0 [ 2627.488350][T27263] generic_perform_write+0x2cd/0x5d0 [ 2627.493460][T27263] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2627.499186][T27263] ? file_remove_privs+0x690/0x690 [ 2627.504135][T27263] ? __kasan_check_write+0x14/0x20 [ 2627.509084][T27263] ? down_write+0xdd/0x140 [ 2627.513335][T27263] __generic_file_write_iter+0x25b/0x4b0 [ 2627.518803][T27263] generic_file_write_iter+0xaf/0x1c0 [ 2627.524040][T27263] vfs_write+0xc8d/0x1050 [ 2627.528187][T27263] ? file_end_write+0x1b0/0x1b0 [ 2627.532866][T27263] ? __fget_files+0x310/0x370 [ 2627.537380][T27263] ? __fdget_pos+0x1fe/0x310 [ 2627.541804][T27263] ? ksys_write+0x77/0x2c0 [ 2627.546145][T27263] ksys_write+0x198/0x2c0 [ 2627.550317][T27263] ? __ia32_sys_read+0x90/0x90 [ 2627.554921][T27263] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2627.560815][T27263] __x64_sys_write+0x7b/0x90 [ 2627.565242][T27263] do_syscall_64+0x44/0xd0 [ 2627.569494][T27263] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2627.575223][T27263] RIP: 0033:0x7fb257acee4f [ 2627.579479][T27263] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2627.598922][T27263] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2627.607164][T27263] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2627.614975][T27263] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2627.622788][T27263] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2627.630599][T27263] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2627.638427][T27263] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2627.646228][T27263] [ 2627.649092][T27269] CPU: 0 PID: 27269 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2627.659166][T27269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2627.669061][T27269] Call Trace: [ 2627.672183][T27269] [ 2627.674974][T27269] dump_stack_lvl+0x151/0x1b7 [ 2627.679475][T27269] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2627.684787][T27269] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2627.689978][T27269] dump_stack+0x15/0x17 [ 2627.693970][T27269] should_fail+0x3c0/0x510 [ 2627.698226][T27269] should_fail_alloc_page+0x58/0x70 [ 2627.703259][T27269] __alloc_pages+0x1de/0x7c0 [ 2627.707693][T27269] ? __count_vm_events+0x30/0x30 [ 2627.712460][T27269] ? __kasan_check_read+0x11/0x20 [ 2627.717319][T27269] ? __vm_enough_memory+0x118/0x310 [ 2627.722358][T27269] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2627.727821][T27269] ? shmem_swapin_page+0x15c0/0x15c0 [ 2627.732953][T27269] ? xas_start+0x33d/0x410 [ 2627.737197][T27269] ? xas_load+0x2c7/0x2e0 [ 2627.741362][T27269] ? pagecache_get_page+0xcc8/0xdb0 [ 2627.746397][T27269] ? page_cache_prev_miss+0x430/0x430 [ 2627.751608][T27269] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2627.756981][T27269] ? lru_cache_add+0x273/0x530 [ 2627.761593][T27269] shmem_getpage_gfp+0x1487/0x25f0 [ 2627.766532][T27269] ? shmem_getpage+0xa0/0xa0 [ 2627.771047][T27269] ? fault_in_safe_writeable+0x240/0x240 [ 2627.776516][T27269] ? __kasan_check_write+0x14/0x20 [ 2627.781458][T27269] ? shmem_write_end+0x786/0x8a0 [ 2627.786232][T27269] shmem_write_begin+0xc8/0x1b0 [ 2627.791008][T27269] generic_perform_write+0x2cd/0x5d0 [ 2627.796138][T27269] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2627.801802][T27269] ? file_remove_privs+0x690/0x690 [ 2627.806804][T27269] ? __kasan_check_write+0x14/0x20 [ 2627.811750][T27269] ? down_write+0xdd/0x140 [ 2627.816003][T27269] __generic_file_write_iter+0x25b/0x4b0 [ 2627.821472][T27269] generic_file_write_iter+0xaf/0x1c0 [ 2627.826768][T27269] vfs_write+0xc8d/0x1050 [ 2627.830933][T27269] ? file_end_write+0x1b0/0x1b0 [ 2627.835623][T27269] ? __fget_files+0x310/0x370 [ 2627.840134][T27269] ? __fdget_pos+0x1fe/0x310 [ 2627.844559][T27269] ? ksys_write+0x77/0x2c0 [ 2627.848903][T27269] ksys_write+0x198/0x2c0 [ 2627.853070][T27269] ? __ia32_sys_read+0x90/0x90 [ 2627.857761][T27269] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2627.863658][T27269] __x64_sys_write+0x7b/0x90 [ 2627.868083][T27269] do_syscall_64+0x44/0xd0 [ 2627.872337][T27269] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2627.878066][T27269] RIP: 0033:0x7fcbd55afe4f [ 2627.882321][T27269] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2627.901848][T27269] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2627.910093][T27269] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2627.917909][T27269] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2627.925718][T27269] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2627.933531][T27269] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2627.941345][T27269] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2627.949333][T27269] 18:24:19 executing program 2: mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mkdir(&(0x7f0000000580)='./bus\x00', 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='upperdir=./bus,workdir=./file1,lowerdir=.']) chdir(&(0x7f0000000540)='./bus\x00') removexattr(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)=@random={'user.', '\x00'}) [ 2627.953961][T27264] loop1: detected capacity change from 0 to 16 18:24:19 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 50) 18:24:19 executing program 2: mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mkdir(&(0x7f0000000580)='./bus\x00', 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='upperdir=./bus,workdir=./file1,lowerdir=.']) chdir(&(0x7f0000000540)='./bus\x00') removexattr(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)=@random={'user.', '\x00'}) [ 2627.976329][T27264] FAULT_INJECTION: forcing a failure. [ 2627.976329][T27264] name failslab, interval 1, probability 0, space 0, times 0 [ 2627.993309][T27264] CPU: 0 PID: 27264 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2628.003387][T27264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2628.010769][T27266] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns [ 2628.013277][T27264] Call Trace: [ 2628.013286][T27264] [ 2628.013293][T27264] dump_stack_lvl+0x151/0x1b7 [ 2628.021566][T27266] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 2628.024559][T27264] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2628.024592][T27264] dump_stack+0x15/0x17 [ 2628.047915][T27275] FAULT_INJECTION: forcing a failure. [ 2628.047915][T27275] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2628.049038][T27264] should_fail+0x3c0/0x510 [ 2628.049062][T27264] ? alloc_uevent_skb+0x7f/0x230 [ 2628.049078][T27264] __should_failslab+0x9f/0xe0 [ 2628.049093][T27264] should_failslab+0x9/0x20 [ 2628.089399][T27264] __kmalloc_track_caller+0x6c/0x350 [ 2628.094519][T27264] ? kmem_cache_alloc+0x1c1/0x2f0 [ 2628.099379][T27264] ? __alloc_skb+0xbc/0x550 [ 2628.103722][T27264] ? alloc_uevent_skb+0x7f/0x230 [ 2628.108492][T27264] __alloc_skb+0x10e/0x550 [ 2628.112746][T27264] alloc_uevent_skb+0x7f/0x230 [ 2628.117349][T27264] kobject_uevent_net_broadcast+0x321/0x5a0 [ 2628.123076][T27264] kobject_uevent_env+0x540/0x730 [ 2628.127938][T27264] kobject_uevent+0x1f/0x30 [ 2628.132275][T27264] loop_set_size+0x95/0xa0 [ 2628.136530][T27264] loop_configure+0x11c7/0x1640 [ 2628.141228][T27264] lo_ioctl+0x8cd/0x25e0 [ 2628.145297][T27264] ? is_bpf_text_address+0x1a2/0x1c0 [ 2628.150415][T27264] ? lo_release+0x200/0x200 [ 2628.154763][T27264] ? stack_trace_save+0x1f0/0x1f0 [ 2628.159617][T27264] ? __kernel_text_address+0x9a/0x110 [ 2628.164824][T27264] ? unwind_get_return_address+0x4c/0x90 [ 2628.170295][T27264] ? arch_stack_walk+0xf8/0x140 [ 2628.174981][T27264] ? avc_has_perm_noaudit+0x358/0x450 [ 2628.180192][T27264] ? memcpy+0x56/0x70 [ 2628.184008][T27264] ? memset+0x35/0x40 [ 2628.187829][T27264] ? fsnotify+0x5ad/0x2240 [ 2628.192080][T27264] ? __kasan_check_write+0x14/0x20 [ 2628.197035][T27264] ? _raw_spin_lock+0xa3/0x1b0 [ 2628.201626][T27264] ? _raw_spin_trylock_bh+0x1d0/0x1d0 [ 2628.206933][T27264] ? _raw_spin_unlock+0x4d/0x70 [ 2628.211618][T27264] ? find_inode_fast+0x459/0x480 [ 2628.216401][T27264] ? __kasan_check_write+0x14/0x20 [ 2628.221340][T27264] ? mutex_unlock+0xa2/0x110 [ 2628.225766][T27264] ? __mutex_lock_slowpath+0x10/0x10 [ 2628.230892][T27264] ? is_bpf_text_address+0x1a2/0x1c0 [ 2628.236007][T27264] ? stack_trace_save+0x1f0/0x1f0 [ 2628.240870][T27264] ? __kernel_text_address+0x9a/0x110 [ 2628.246164][T27264] ? unwind_get_return_address+0x4c/0x90 [ 2628.251741][T27264] ? arch_stack_walk+0xf8/0x140 [ 2628.256429][T27264] ? stack_trace_save+0x12d/0x1f0 [ 2628.261290][T27264] ? stack_trace_snprint+0x100/0x100 [ 2628.266410][T27264] ? avc_has_extended_perms+0x718/0x1210 [ 2628.271878][T27264] ? memcpy+0x56/0x70 [ 2628.275700][T27264] ? avc_has_extended_perms+0xb9c/0x1210 [ 2628.281169][T27264] ? kasan_set_track+0x4c/0x70 [ 2628.285856][T27264] ? kasan_set_free_info+0x23/0x40 [ 2628.290806][T27264] ? ____kasan_slab_free+0x126/0x160 [ 2628.295935][T27264] ? __kasan_slab_free+0x11/0x20 [ 2628.300700][T27264] ? slab_free_freelist_hook+0xc9/0x1a0 [ 2628.306083][T27264] ? kmem_cache_free+0x11a/0x2e0 [ 2628.310855][T27264] ? putname+0x10b/0x160 [ 2628.314936][T27264] ? avc_flush+0x2b0/0x2b0 [ 2628.320143][T27264] ? do_vfs_ioctl+0xbf3/0x2ac0 [ 2628.324747][T27264] ? blkdev_common_ioctl+0x570/0x1ec0 [ 2628.329954][T27264] ? kasan_quarantine_put+0x34/0x1b0 [ 2628.335075][T27264] ? blkdev_bszset+0x240/0x240 [ 2628.339673][T27264] ? ioctl_has_perm+0x3df/0x560 [ 2628.344360][T27264] ? has_cap_mac_admin+0xb0/0xb0 [ 2628.349133][T27264] ? kmem_cache_free+0x11a/0x2e0 [ 2628.353910][T27264] ? putname+0x10b/0x160 [ 2628.357990][T27264] ? selinux_file_ioctl+0x3c9/0x530 [ 2628.363031][T27264] ? lo_release+0x200/0x200 [ 2628.367362][T27264] blkdev_ioctl+0x2e9/0x620 [ 2628.371713][T27264] ? blkdev_compat_ptr_ioctl+0xc0/0xc0 [ 2628.376995][T27264] ? __fget_files+0x310/0x370 [ 2628.381511][T27264] block_ioctl+0xb0/0xf0 [ 2628.385591][T27264] ? blkdev_iopoll+0x100/0x100 [ 2628.390190][T27264] __se_sys_ioctl+0x115/0x190 [ 2628.394703][T27264] __x64_sys_ioctl+0x7b/0x90 [ 2628.399130][T27264] do_syscall_64+0x44/0xd0 [ 2628.403383][T27264] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2628.409114][T27264] RIP: 0033:0x7fc55e528eb7 [ 2628.413368][T27264] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 c4 57 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2628.432809][T27264] RSP: 002b:00007fc55d29bf38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2628.441053][T27264] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fc55e528eb7 [ 2628.448864][T27264] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 2628.456679][T27264] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000176 [ 2628.464491][T27264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2628.472302][T27264] R13: 00007fc55d29bfdc R14: 00007fc55d29bfe0 R15: 0000000020000242 [ 2628.480125][T27264] [ 2628.482983][T27275] CPU: 1 PID: 27275 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2628.493052][T27275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2628.502945][T27275] Call Trace: [ 2628.506684][T27275] [ 2628.509454][T27275] dump_stack_lvl+0x151/0x1b7 [ 2628.513966][T27275] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2628.519268][T27275] ? __kasan_check_read+0x11/0x20 [ 2628.524120][T27275] dump_stack+0x15/0x17 [ 2628.528286][T27275] should_fail+0x3c0/0x510 [ 2628.532544][T27275] should_fail_usercopy+0x1a/0x20 [ 2628.537400][T27275] copy_page_from_iter_atomic+0x433/0x11c0 [ 2628.543047][T27275] ? pipe_zero+0x4d0/0x4d0 [ 2628.547295][T27275] ? __kasan_check_write+0x14/0x20 [ 2628.552242][T27275] ? shmem_write_end+0x786/0x8a0 [ 2628.557020][T27275] generic_perform_write+0x343/0x5d0 [ 2628.562141][T27275] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2628.567796][T27275] ? file_remove_privs+0x690/0x690 [ 2628.572729][T27275] ? __kasan_check_write+0x14/0x20 [ 2628.577679][T27275] ? down_write+0xdd/0x140 [ 2628.581932][T27275] __generic_file_write_iter+0x25b/0x4b0 [ 2628.587401][T27275] generic_file_write_iter+0xaf/0x1c0 [ 2628.592606][T27275] vfs_write+0xc8d/0x1050 [ 2628.596811][T27275] ? file_end_write+0x1b0/0x1b0 [ 2628.601460][T27275] ? __fget_files+0x310/0x370 [ 2628.605973][T27275] ? __fdget_pos+0x1fe/0x310 [ 2628.610401][T27275] ? ksys_write+0x77/0x2c0 [ 2628.614652][T27275] ksys_write+0x198/0x2c0 [ 2628.618818][T27275] ? __ia32_sys_read+0x90/0x90 [ 2628.623418][T27275] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2628.629322][T27275] __x64_sys_write+0x7b/0x90 [ 2628.633751][T27275] do_syscall_64+0x44/0xd0 [ 2628.638174][T27275] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2628.643904][T27275] RIP: 0033:0x7fb257acee4f [ 2628.648189][T27275] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2628.667602][T27275] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 18:24:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) flock(r1, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f00000000c0)) syslog(0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000280)={0x7, 0x0, [{0x7fff, 0x1, 0x0, 0x0, @sint={0x100}}, {0xffffffff, 0x4, 0x0, 0x0, @sint={0x91, 0x200}}, {0x3, 0x3, 0x0, 0x0, @sint={0x0, 0x80000001}}, {0x1, 0x4, 0x0, 0x0, @irqchip={0x3ff, 0x7}}, {0x86, 0x3, 0x0, 0x0, @msi={0x5, 0x2, 0x5, 0x3}}, {0x80000000, 0x2, 0x0, 0x0, @msi={0x10000, 0x4, 0x7ff, 0x9}}, {0x6, 0x2, 0x0, 0x0, @adapter={0x8, 0x842, 0x2, 0x200, 0xff}}]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) syslog(0x4, &(0x7f0000002c80)=""/117, 0x75) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text16={0x10, 0x0, 0xffffff24}], 0xb, 0x0, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 2628.675847][T27275] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2628.683659][T27275] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2628.691468][T27275] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2628.699284][T27275] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2628.707095][T27275] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2628.714914][T27275] 18:24:20 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 50) 18:24:20 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="85000000080000001f0000000000000085000000080000009500000000000000e135dee43f5d62cdaf5bb32c301264de232ce03ca49ba60071b592758143664bf850564845e336472821027a89dba77c8ea9b6ee1398ae73749be1537086ae214b648801a3f00574709ddccbce9ffab95dbc042fc0dfcd37b7baa14007c92d4cf2d339bf6dc722a799a40fd457476eac9cdac23d9c280569e2dbfa6211813205b5b8cbd97b7563dcbdbfba95ec64e00dbba28bafb71d91340a4508bcd72d77eba909bd6a9d45359cf11ad81000fb0f5548ced9733ca0fe9d8ca129b42fea3551e5ca8cdad72f668dbfa9a21d9e8c4afb7203e71a4dcefc7a45ea63c8899caca26b63ddd0f7f5b45ad90b198709e6826217fd21bb69ba143e01ccf0a207fa54f5112a341a195af0662c97c480fce27ae5abd0dfbd0fcdcf8b8c362667a67813555101d3f6abaaea7370a50445c52f0a0354dab0acdc6955a5f2dae85280f9d9a66b411fafe99d8a79d24cc9cf88e456cc5cdda94eeda37b147dde6e34c09ec88382ad06d44a31d1bc5c36"], &(0x7f0000000140)='GPL\x00', 0x0, 0xa0, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x44, 0x10, 0x0, 0x41}, 0x15) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r0, 0x0, 0xe, 0x2000000, &(0x7f00000000c0)="61df712bc884fed5722780b6c2a7", 0x0, 0x8000}, 0x28) 18:24:20 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 51) [ 2628.731989][T27264] erofs: (device loop1): mounted with root inode @ nid 36. [ 2628.745617][T27275] loop5: detected capacity change from 0 to 512 18:24:20 executing program 2: mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mkdir(&(0x7f0000000580)='./bus\x00', 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='upperdir=./bus,workdir=./file1,lowerdir=.']) chdir(&(0x7f0000000540)='./bus\x00') removexattr(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)=@random={'user.', '\x00'}) [ 2628.790977][T27277] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns [ 2628.803708][T27277] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. 18:24:20 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 44) [ 2628.846327][T27289] FAULT_INJECTION: forcing a failure. [ 2628.846327][T27289] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2628.854208][T27290] loop1: detected capacity change from 0 to 16 [ 2628.866243][T27290] FAULT_INJECTION: forcing a failure. [ 2628.866243][T27290] name failslab, interval 1, probability 0, space 0, times 0 [ 2628.881972][T27292] FAULT_INJECTION: forcing a failure. [ 2628.881972][T27292] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2628.894900][T27292] CPU: 0 PID: 27292 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2628.904892][T27292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2628.914788][T27292] Call Trace: [ 2628.917910][T27292] [ 2628.920704][T27292] dump_stack_lvl+0x151/0x1b7 [ 2628.925305][T27292] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2628.930584][T27292] ? __kasan_check_read+0x11/0x20 [ 2628.935452][T27292] dump_stack+0x15/0x17 [ 2628.939437][T27292] should_fail+0x3c0/0x510 [ 2628.943691][T27292] should_fail_usercopy+0x1a/0x20 [ 2628.948553][T27292] copy_page_from_iter_atomic+0x433/0x11c0 [ 2628.954196][T27292] ? pipe_zero+0x4d0/0x4d0 [ 2628.958444][T27292] ? __kasan_check_write+0x14/0x20 [ 2628.963397][T27292] ? shmem_write_end+0x786/0x8a0 [ 2628.968168][T27292] generic_perform_write+0x343/0x5d0 [ 2628.973289][T27292] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2628.979040][T27292] ? file_remove_privs+0x690/0x690 [ 2628.983965][T27292] ? __kasan_check_write+0x14/0x20 [ 2628.988912][T27292] ? down_write+0xdd/0x140 [ 2628.993169][T27292] __generic_file_write_iter+0x25b/0x4b0 [ 2628.998637][T27292] generic_file_write_iter+0xaf/0x1c0 [ 2629.003850][T27292] vfs_write+0xc8d/0x1050 [ 2629.008009][T27292] ? file_end_write+0x1b0/0x1b0 [ 2629.012695][T27292] ? __fget_files+0x310/0x370 [ 2629.017231][T27292] ? __fdget_pos+0x1fe/0x310 [ 2629.021637][T27292] ? ksys_write+0x77/0x2c0 [ 2629.026066][T27292] ksys_write+0x198/0x2c0 [ 2629.030228][T27292] ? __ia32_sys_read+0x90/0x90 [ 2629.034833][T27292] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2629.040740][T27292] __x64_sys_write+0x7b/0x90 [ 2629.045245][T27292] do_syscall_64+0x44/0xd0 [ 2629.049501][T27292] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2629.055227][T27292] RIP: 0033:0x7fcbd55afe4f [ 2629.059482][T27292] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2629.079118][T27292] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2629.087430][T27292] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2629.095242][T27292] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2629.103052][T27292] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2629.110866][T27292] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2629.118676][T27292] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2629.126493][T27292] [ 2629.130322][T27289] CPU: 0 PID: 27289 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2629.140378][T27289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2629.150274][T27289] Call Trace: [ 2629.153394][T27289] [ 2629.156178][T27289] dump_stack_lvl+0x151/0x1b7 [ 2629.159819][T27292] loop4: detected capacity change from 0 to 512 [ 2629.160685][T27289] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2629.172061][T27289] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2629.177269][T27289] dump_stack+0x15/0x17 [ 2629.181260][T27289] should_fail+0x3c0/0x510 [ 2629.185512][T27289] should_fail_alloc_page+0x58/0x70 [ 2629.190719][T27289] __alloc_pages+0x1de/0x7c0 [ 2629.195155][T27289] ? __count_vm_events+0x30/0x30 [ 2629.199916][T27289] ? __kasan_check_read+0x11/0x20 [ 2629.204778][T27289] ? __vm_enough_memory+0x118/0x310 [ 2629.209813][T27289] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2629.215279][T27289] ? shmem_swapin_page+0x15c0/0x15c0 [ 2629.220405][T27289] ? xas_start+0x33d/0x410 [ 2629.224652][T27289] ? xas_load+0x2c7/0x2e0 [ 2629.228845][T27289] ? pagecache_get_page+0xcc8/0xdb0 [ 2629.233874][T27289] ? page_cache_prev_miss+0x430/0x430 [ 2629.239064][T27289] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2629.244443][T27289] ? lru_cache_add+0x273/0x530 [ 2629.249044][T27289] shmem_getpage_gfp+0x1487/0x25f0 [ 2629.254009][T27289] ? shmem_getpage+0xa0/0xa0 [ 2629.258438][T27289] ? fault_in_safe_writeable+0x240/0x240 [ 2629.263892][T27289] ? __kasan_check_write+0x14/0x20 [ 2629.268837][T27289] ? shmem_write_end+0x786/0x8a0 [ 2629.273613][T27289] shmem_write_begin+0xc8/0x1b0 [ 2629.278297][T27289] generic_perform_write+0x2cd/0x5d0 [ 2629.283418][T27289] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2629.289062][T27289] ? file_remove_privs+0x690/0x690 [ 2629.294012][T27289] ? __kasan_check_write+0x14/0x20 [ 2629.299040][T27289] ? down_write+0xdd/0x140 [ 2629.303487][T27289] __generic_file_write_iter+0x25b/0x4b0 [ 2629.308955][T27289] generic_file_write_iter+0xaf/0x1c0 [ 2629.314165][T27289] vfs_write+0xc8d/0x1050 [ 2629.318431][T27289] ? file_end_write+0x1b0/0x1b0 [ 2629.323106][T27289] ? __fget_files+0x310/0x370 [ 2629.327715][T27289] ? __fdget_pos+0x1fe/0x310 [ 2629.332136][T27289] ? ksys_write+0x77/0x2c0 [ 2629.336383][T27289] ksys_write+0x198/0x2c0 [ 2629.340552][T27289] ? __ia32_sys_read+0x90/0x90 [ 2629.345151][T27289] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2629.351055][T27289] __x64_sys_write+0x7b/0x90 [ 2629.355480][T27289] do_syscall_64+0x44/0xd0 [ 2629.359734][T27289] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2629.365464][T27289] RIP: 0033:0x7fb257acee4f [ 2629.369715][T27289] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2629.389157][T27289] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 18:24:21 executing program 2: mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mkdir(&(0x7f0000000580)='./bus\x00', 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='upperdir=./bus,workdir=./file1,lowerdir=.']) chdir(&(0x7f0000000540)='./bus\x00') removexattr(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)=@random={'user.', '\x00'}) [ 2629.397410][T27289] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2629.405390][T27289] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2629.413202][T27289] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2629.421020][T27289] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2629.428828][T27289] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2629.436724][T27289] [ 2629.449285][T27290] CPU: 0 PID: 27290 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2629.459467][T27290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2629.469458][T27290] Call Trace: [ 2629.472576][T27290] [ 2629.475353][T27290] dump_stack_lvl+0x151/0x1b7 [ 2629.479874][T27290] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2629.485261][T27290] ? filename_parentat+0x324/0x6b0 [ 2629.490211][T27290] dump_stack+0x15/0x17 [ 2629.494216][T27290] should_fail+0x3c0/0x510 [ 2629.498455][T27290] __should_failslab+0x9f/0xe0 [ 2629.503056][T27290] should_failslab+0x9/0x20 [ 2629.507392][T27290] kmem_cache_alloc+0x4f/0x2f0 [ 2629.511997][T27290] ? __d_alloc+0x2d/0x6b0 [ 2629.516162][T27290] __d_alloc+0x2d/0x6b0 [ 2629.520153][T27290] d_alloc+0x4b/0x1d0 [ 2629.523976][T27290] __lookup_hash+0xe5/0x290 [ 2629.528357][T27290] filename_create+0x276/0x4f0 [ 2629.532914][T27290] ? kern_path_create+0x1b0/0x1b0 [ 2629.537779][T27290] do_mkdirat+0xc2/0x420 [ 2629.541854][T27290] ? vfs_mkdir+0x580/0x580 [ 2629.546106][T27290] ? getname_flags+0x1fb/0x510 [ 2629.550711][T27290] __x64_sys_mkdirat+0x89/0xa0 [ 2629.555308][T27290] do_syscall_64+0x44/0xd0 [ 2629.559562][T27290] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2629.565290][T27290] RIP: 0033:0x7fc55e5280e7 [ 2629.569544][T27290] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2629.588993][T27290] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 18:24:21 executing program 3: syz_btf_id_by_name$bpf_lsm(0x0) setrlimit(0x2, &(0x7f0000000000)={0x1fffffd, 0x20080000000}) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff002, 0x3, 0x32, 0xffffffffffffffff, 0x0) 18:24:21 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 52) [ 2629.597324][T27290] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e5280e7 [ 2629.605134][T27290] RDX: 00000000000001ff RSI: 00000000200001c0 RDI: 00000000ffffff9c [ 2629.612950][T27290] RBP: 0000000020000240 R08: 0000000000000000 R09: 0000000000000176 [ 2629.620755][T27290] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000180 [ 2629.628568][T27290] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2629.636383][T27290] [ 2629.660461][T27299] FAULT_INJECTION: forcing a failure. [ 2629.660461][T27299] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2629.673488][T27299] CPU: 0 PID: 27299 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2629.683548][T27299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2629.693444][T27299] Call Trace: [ 2629.696562][T27299] [ 2629.699341][T27299] dump_stack_lvl+0x151/0x1b7 [ 2629.703861][T27299] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2629.709155][T27299] ? __kasan_check_read+0x11/0x20 [ 2629.714016][T27299] dump_stack+0x15/0x17 [ 2629.718007][T27299] should_fail+0x3c0/0x510 [ 2629.722261][T27299] should_fail_usercopy+0x1a/0x20 [ 2629.727120][T27299] copy_page_from_iter_atomic+0x433/0x11c0 [ 2629.732767][T27299] ? pipe_zero+0x4d0/0x4d0 [ 2629.737014][T27299] ? __kasan_check_write+0x14/0x20 [ 2629.741101][T27300] mmap: syz-executor.3 (27300): VmData 45707264 exceed data ulimit 33554429. Update limits or use boot option ignore_rlimit_data. [ 2629.741965][T27299] ? shmem_write_end+0x786/0x8a0 18:24:21 executing program 3: syz_btf_id_by_name$bpf_lsm(0x0) setrlimit(0x2, &(0x7f0000000000)={0x1fffffd, 0x20080000000}) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff002, 0x3, 0x32, 0xffffffffffffffff, 0x0) [ 2629.759935][T27299] generic_perform_write+0x343/0x5d0 [ 2629.765052][T27299] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2629.770864][T27299] ? file_remove_privs+0x690/0x690 [ 2629.775812][T27299] ? __kasan_check_write+0x14/0x20 [ 2629.780760][T27299] ? down_write+0xdd/0x140 [ 2629.785011][T27299] __generic_file_write_iter+0x25b/0x4b0 [ 2629.790484][T27299] generic_file_write_iter+0xaf/0x1c0 [ 2629.795697][T27299] vfs_write+0xc8d/0x1050 [ 2629.799858][T27299] ? file_end_write+0x1b0/0x1b0 [ 2629.804551][T27299] ? __fget_files+0x310/0x370 [ 2629.809064][T27299] ? __fdget_pos+0x1fe/0x310 [ 2629.813491][T27299] ? ksys_write+0x77/0x2c0 [ 2629.817738][T27299] ksys_write+0x198/0x2c0 [ 2629.821907][T27299] ? __ia32_sys_read+0x90/0x90 [ 2629.826505][T27299] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2629.832409][T27299] __x64_sys_write+0x7b/0x90 [ 2629.836833][T27299] do_syscall_64+0x44/0xd0 [ 2629.841087][T27299] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2629.846816][T27299] RIP: 0033:0x7fb257acee4f [ 2629.851069][T27299] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2629.870518][T27299] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2629.878763][T27299] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2629.886568][T27299] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2629.894467][T27299] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2629.902283][T27299] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 18:24:21 executing program 2: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0xc, 0x3, 0x248, 0x0, 0xffffffff, 0xffffffff, 0x100, 0xffffffff, 0x200, 0xffffffff, 0xffffffff, 0x200, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz1\x00', 'syz1\x00'}}}, {{@ip={@rand_addr, @empty, 0x0, 0x0, 'batadv0\x00', 'veth0_to_bond\x00'}, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz1\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2a8) 18:24:21 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 51) 18:24:21 executing program 0: mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000580)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0) writev(r1, &(0x7f00000001c0)=[{&(0x7f0000000180)='0', 0x1}], 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e23}, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000007c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESDEC], 0x4c}, 0x1, 0x0, 0x0, 0x8010}, 0x80) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x91, &(0x7f0000000000)=""/145, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='xprtrdma_cb_setup\x00', r7}, 0x10) 18:24:21 executing program 3: syz_btf_id_by_name$bpf_lsm(0x0) setrlimit(0x2, &(0x7f0000000000)={0x1fffffd, 0x20080000000}) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff002, 0x3, 0x32, 0xffffffffffffffff, 0x0) [ 2629.910959][T27299] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2629.918779][T27299] [ 2629.942040][T27292] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 18:24:21 executing program 2: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0xc, 0x3, 0x248, 0x0, 0xffffffff, 0xffffffff, 0x100, 0xffffffff, 0x200, 0xffffffff, 0xffffffff, 0x200, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz1\x00', 'syz1\x00'}}}, {{@ip={@rand_addr, @empty, 0x0, 0x0, 'batadv0\x00', 'veth0_to_bond\x00'}, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz1\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2a8) 18:24:21 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 53) 18:24:21 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 45) 18:24:21 executing program 2: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0xc, 0x3, 0x248, 0x0, 0xffffffff, 0xffffffff, 0x100, 0xffffffff, 0x200, 0xffffffff, 0xffffffff, 0x200, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz1\x00', 'syz1\x00'}}}, {{@ip={@rand_addr, @empty, 0x0, 0x0, 'batadv0\x00', 'veth0_to_bond\x00'}, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz1\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2a8) [ 2629.976201][T27299] loop5: detected capacity change from 0 to 512 [ 2629.983102][T27305] loop1: detected capacity change from 0 to 16 [ 2630.003911][T27305] FAULT_INJECTION: forcing a failure. [ 2630.003911][T27305] name failslab, interval 1, probability 0, space 0, times 0 18:24:21 executing program 2: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0xc, 0x3, 0x248, 0x0, 0xffffffff, 0xffffffff, 0x100, 0xffffffff, 0x200, 0xffffffff, 0xffffffff, 0x200, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz1\x00', 'syz1\x00'}}}, {{@ip={@rand_addr, @empty, 0x0, 0x0, 'batadv0\x00', 'veth0_to_bond\x00'}, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz1\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2a8) 18:24:21 executing program 3: syz_btf_id_by_name$bpf_lsm(0x0) setrlimit(0x2, &(0x7f0000000000)={0x1fffffd, 0x20080000000}) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff002, 0x3, 0x32, 0xffffffffffffffff, 0x0) [ 2630.018885][T27305] CPU: 0 PID: 27305 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2630.028965][T27305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2630.038896][T27305] Call Trace: [ 2630.042002][T27305] [ 2630.044763][T27305] dump_stack_lvl+0x151/0x1b7 [ 2630.049279][T27305] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2630.054574][T27305] ? security_compute_sid+0x1ec7/0x2020 [ 2630.059956][T27305] dump_stack+0x15/0x17 [ 2630.063946][T27305] should_fail+0x3c0/0x510 [ 2630.068198][T27305] __should_failslab+0x9f/0xe0 [ 2630.072802][T27305] should_failslab+0x9/0x20 [ 2630.077145][T27305] kmem_cache_alloc+0x4f/0x2f0 [ 2630.081747][T27305] ? memcpy+0x56/0x70 [ 2630.085562][T27305] ? ext4_alloc_inode+0x21/0x620 [ 2630.090335][T27305] ? ext4_set_test_dummy_encryption+0x220/0x220 [ 2630.096415][T27305] ext4_alloc_inode+0x21/0x620 [ 2630.101008][T27305] ? ext4_set_test_dummy_encryption+0x220/0x220 [ 2630.107087][T27305] new_inode_pseudo+0x64/0x220 [ 2630.111690][T27305] new_inode+0x28/0x1c0 [ 2630.115679][T27305] __ext4_new_inode+0x29d/0x4780 [ 2630.120463][T27305] ? memset+0x35/0x40 [ 2630.124263][T27305] ? __dquot_initialize+0x241/0xe10 [ 2630.129303][T27305] ? ext4_mark_inode_used+0xc00/0xc00 [ 2630.134508][T27305] ? dquot_initialize+0x20/0x20 [ 2630.139197][T27305] ? may_create+0x647/0x8c0 [ 2630.143541][T27305] ext4_mkdir+0x41a/0xcf0 [ 2630.147701][T27305] ? ext4_symlink+0xfe0/0xfe0 [ 2630.152215][T27305] ? selinux_inode_mkdir+0x22/0x30 [ 2630.157162][T27305] ? security_inode_mkdir+0xf1/0x130 [ 2630.162285][T27305] vfs_mkdir+0x360/0x580 [ 2630.166363][T27305] do_mkdirat+0x1e8/0x420 [ 2630.170528][T27305] ? vfs_mkdir+0x580/0x580 [ 2630.174780][T27305] ? getname_flags+0x1fb/0x510 [ 2630.179383][T27305] __x64_sys_mkdirat+0x89/0xa0 [ 2630.183985][T27305] do_syscall_64+0x44/0xd0 [ 2630.188239][T27305] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2630.193964][T27305] RIP: 0033:0x7fc55e5280e7 [ 2630.198217][T27305] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2630.218361][T27305] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 18:24:22 executing program 3: mkdir(&(0x7f0000000580)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000100)='./file0\x00', 0x2000, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0) mkdir(0x0, 0x8) writev(r1, &(0x7f00000001c0)=[{&(0x7f0000000180)='0', 0x1}], 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, 0x0, 0x0) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x844, &(0x7f0000000400)={[{@iocharset={'iocharset', 0x3d, 'koi8-ru'}}, {@shortname_winnt}, {@fat=@errors_continue}, {@shortname_winnt}, {@shortname_win95}, {@shortname_mixed}, {@fat=@check_strict}, {@utf8no}, {@numtail}, {@uni_xlate}]}, 0x1, 0x22c, &(0x7f00000001c0)="$eJzs3bFLlGEcB/CfaaktJxEEEfRCBE2HCu1GFEhSkRxhhGR5hngiJAg1qFvQ1NLY2GYENbTV/xC0tERLNObWEL6hb5ya78FV3r3RfT6LP3ye772/5xne9264526dmJ+bXlicWV//HH19XdEzcncjTbtiIA5Ed2RWAwD4n3xL0/iaZoruBQBoD89/AOg8TT7/r7axJQCgxf788/+TiTcfp6ojZ5uYmvbWyw+Tv98jALC/xiduXNp4e7p/NF49jph/uFRZqmR/s/FzMzEbtajGYJTie0Ral9UXR8cuDCab+iMq8ys/8ytLle7d+aEoxUDE9ct780NJZnf+YBzemR+OUhzNv/5wbv5QnDm1I1+OUry7EwtRi+nNtyQ78stDSXL+ytgv+d6teQAAAAAAAAAAAAAAAAAAAAAA0ArlpG4g7/yecrnReJZv/nyg7fN5Hm3le+J4T7FrBwAAAAAAAAAAAAAAAAAAgH/F4v0Hc1O1WvVevbh9bfbI7v8o9rnY3PgWXuJkRLR6FS/Xqu+fTd4cL34z21jk7+qL4htrpjj2dGTq9fKnL3uHYjUvlXOzSNp/fwIAAAAAAAAAAAAAAAAAgE6y/aXfRjPS9jYEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXY/v3/vyjW+rMXazAnG3xe6DoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOhsPwIAAP//HxixEg==") syz_open_procfs(0x0, &(0x7f00000004c0)='net/route\x00') 18:24:22 executing program 2: syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000007c0)='./bus\x00', 0x4480, &(0x7f0000000200)=ANY=[@ANYRES64=0x0, @ANYRES8, @ANYRESDEC], 0x1, 0x767, &(0x7f0000000800)="$eJzs3d9rW1UcAPDvTdt166atIOh8KghaHEvtrJuCDxMfRHAw0Ge3kGalNmlGk461FHSI4Iug4oOgL3v2x3wTfPLHq/4XPsjG1G448UEqN03WzCZdurWNWz4fONs599z03G/Ovfec5F5yA+hZo+k/mYiDEfFBEjFcX55ExEAt1x9xfG29GyvL+TQlsbr62u9JbZ3rK8v5aHpNan+98GhE/PBuxKHMxnYri0uzuWKxMF8vj1dLZ8cri0uHZ0q56cJ0Ye7oxOTkkWPPHju6fbH++fPSgSsfvvzkV8f/fueRS+//mMTxOFCva45ju4zGaP09GUjfwlu8tN2NdVnS7Q3gjqSHZt/aUR4HYzj6ajkA4H72VkSsAgA9JjH+A0CPaXwPcH1lOd9I3f1GYnddfTEi9q7F37i+uVbTX79mt7d2HXToenLLlZEkIka2of3RiPjsmze+SFPs0HVIgFbevhARp0dGN57/kw33LGzV0x2sM/qfsvMf7J7v0vnPc63mf5mb859oMf8ZbHHs3onbH/+Zy9vQTFvp/O+FpnvbbjTFXzfSVy89UJvzDSRnZoqF9Nz2YESMxcBgWp7YpI2xa/9ca1fXPP/746M3P0/bT/9fXyNzuX/w1tdM5aq5u4m52dULEY/1t4o/udn/SZv578kO23jl+fc+bVeXxp/G20gb499ZqxcjnmjZ/+t3tCWb3p84Xtsdxhs7RQtf//LJULv2m/s/TWn7jc8CuyHt/6HN4x9Jmu/XrGy9jZ8uDn/fru728bfe//ckr9fye+rLzueq1fmJiD3JqxuXH1l/baPcWD+Nf+zx1sf/Zvt/+pnwdIfx91/57cs7j39npfFPban/t565dGO2r137nfX/ZC03Vl/Syfmv0w28m/cOAAAAAAAAAAAAAAAAAAAAAAAAADqViYgDkWSyN/OZTDa79gzvh2MoUyxXqofOlBfmpqL2rOyRGMg0fupyuOn3UCfqv4ffKB9ZL3/71Eyx8ExEPBQRHw/uq9Vn8+XiVLeDBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC6/W2e/5/6dbDbWwcA7Ji93d4AAGDXGf8BoPcY/wGg9xj/AaD3GP8BoPcY/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANhhJ0+cSNPqXyvL+bQ8dW5xYbZ87vBUoTKbLS3ks/ny/NnsdLk8XSxk8+XS7f5esVw+OxlzC+fHq4VKdbyyuHSqVF6Yq56aKeWmC6cKA7sSFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABsTWVxaTZXLBbmZWTu/8y++F9sxr2Q6faZCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODe8G8AAAD//6PnKeg=") creat(&(0x7f00000003c0)='./bus\x00', 0x0) timer_create(0x9, 0x0, &(0x7f0000000540)) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0) write(r1, &(0x7f0000004200)='t', 0x1) sendfile(r1, r0, 0x0, 0x1ffff) [ 2630.226604][T27305] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e5280e7 [ 2630.234413][T27305] RDX: 00000000000001ff RSI: 00000000200001c0 RDI: 00000000ffffff9c [ 2630.242228][T27305] RBP: 0000000020000240 R08: 0000000000000000 R09: 0000000000000176 [ 2630.250124][T27305] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000180 [ 2630.257938][T27305] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2630.265750][T27305] 18:24:22 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 52) [ 2630.337705][T27325] FAULT_INJECTION: forcing a failure. [ 2630.337705][T27325] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2630.348146][T27328] FAULT_INJECTION: forcing a failure. [ 2630.348146][T27328] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2630.368642][T27328] CPU: 0 PID: 27328 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2630.376617][T27327] loop2: detected capacity change from 0 to 2048 [ 2630.378715][T27328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2630.378728][T27328] Call Trace: [ 2630.378734][T27328] [ 2630.378740][T27328] dump_stack_lvl+0x151/0x1b7 [ 2630.405193][T27328] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2630.410481][T27328] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2630.415693][T27328] dump_stack+0x15/0x17 [ 2630.419687][T27328] should_fail+0x3c0/0x510 [ 2630.423936][T27328] should_fail_alloc_page+0x58/0x70 [ 2630.428966][T27328] __alloc_pages+0x1de/0x7c0 [ 2630.433659][T27328] ? __count_vm_events+0x30/0x30 [ 2630.438432][T27328] ? __kasan_check_read+0x11/0x20 [ 2630.443289][T27328] ? __vm_enough_memory+0x118/0x310 [ 2630.448326][T27328] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2630.453982][T27328] ? shmem_swapin_page+0x15c0/0x15c0 [ 2630.459108][T27328] ? xas_start+0x33d/0x410 [ 2630.463358][T27328] ? xas_load+0x2c7/0x2e0 [ 2630.467547][T27328] ? pagecache_get_page+0xcc8/0xdb0 [ 2630.472560][T27328] ? page_cache_prev_miss+0x430/0x430 [ 2630.477766][T27328] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2630.483153][T27328] ? lru_cache_add+0x273/0x530 [ 2630.487747][T27328] shmem_getpage_gfp+0x1487/0x25f0 [ 2630.492701][T27328] ? shmem_getpage+0xa0/0xa0 [ 2630.497120][T27328] ? fault_in_safe_writeable+0x240/0x240 [ 2630.502591][T27328] ? __kasan_check_write+0x14/0x20 [ 2630.507539][T27328] ? shmem_write_end+0x786/0x8a0 [ 2630.512312][T27328] shmem_write_begin+0xc8/0x1b0 [ 2630.516997][T27328] generic_perform_write+0x2cd/0x5d0 [ 2630.522128][T27328] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2630.527762][T27328] ? file_remove_privs+0x690/0x690 [ 2630.532719][T27328] ? __kasan_check_write+0x14/0x20 [ 2630.537663][T27328] ? down_write+0xdd/0x140 [ 2630.541913][T27328] __generic_file_write_iter+0x25b/0x4b0 [ 2630.547381][T27328] generic_file_write_iter+0xaf/0x1c0 [ 2630.552588][T27328] vfs_write+0xc8d/0x1050 [ 2630.556763][T27328] ? file_end_write+0x1b0/0x1b0 [ 2630.561441][T27328] ? __fget_files+0x310/0x370 [ 2630.565957][T27328] ? __fdget_pos+0x1fe/0x310 [ 2630.570388][T27328] ? ksys_write+0x77/0x2c0 [ 2630.574634][T27328] ksys_write+0x198/0x2c0 [ 2630.578800][T27328] ? __ia32_sys_read+0x90/0x90 [ 2630.583407][T27328] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2630.589312][T27328] __x64_sys_write+0x7b/0x90 [ 2630.593739][T27328] do_syscall_64+0x44/0xd0 [ 2630.597985][T27328] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2630.603715][T27328] RIP: 0033:0x7fb257acee4f [ 2630.607976][T27328] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2630.627408][T27328] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2630.635657][T27328] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2630.643464][T27328] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2630.651278][T27328] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2630.659089][T27328] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2630.666902][T27328] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2630.674716][T27328] [ 2630.677900][T27325] CPU: 1 PID: 27325 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2630.687970][T27325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2630.701061][T27325] Call Trace: [ 2630.704192][T27325] [ 2630.707675][T27325] dump_stack_lvl+0x151/0x1b7 [ 2630.712178][T27325] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2630.717489][T27325] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2630.722675][T27325] dump_stack+0x15/0x17 [ 2630.726666][T27325] should_fail+0x3c0/0x510 [ 2630.730922][T27325] should_fail_alloc_page+0x58/0x70 [ 2630.735952][T27325] __alloc_pages+0x1de/0x7c0 [ 2630.740380][T27325] ? __count_vm_events+0x30/0x30 [ 2630.745153][T27325] ? __kasan_check_read+0x11/0x20 [ 2630.750014][T27325] ? __vm_enough_memory+0x118/0x310 [ 2630.755056][T27325] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2630.760523][T27325] ? shmem_swapin_page+0x15c0/0x15c0 [ 2630.765646][T27325] ? xas_start+0x33d/0x410 [ 2630.769898][T27325] ? xas_load+0x2c7/0x2e0 [ 2630.774064][T27325] ? pagecache_get_page+0xcc8/0xdb0 [ 2630.779092][T27325] ? page_cache_prev_miss+0x430/0x430 [ 2630.784298][T27325] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2630.789681][T27325] ? lru_cache_add+0x273/0x530 [ 2630.794283][T27325] shmem_getpage_gfp+0x1487/0x25f0 [ 2630.799232][T27325] ? shmem_getpage+0xa0/0xa0 [ 2630.803658][T27325] ? fault_in_safe_writeable+0x240/0x240 [ 2630.809125][T27325] ? __kasan_check_write+0x14/0x20 [ 2630.814073][T27325] ? shmem_write_end+0x786/0x8a0 [ 2630.818846][T27325] shmem_write_begin+0xc8/0x1b0 [ 2630.823534][T27325] generic_perform_write+0x2cd/0x5d0 [ 2630.828656][T27325] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2630.834296][T27325] ? file_remove_privs+0x690/0x690 [ 2630.839370][T27325] ? __kasan_check_write+0x14/0x20 [ 2630.844310][T27325] ? down_write+0xdd/0x140 [ 2630.848566][T27325] __generic_file_write_iter+0x25b/0x4b0 [ 2630.854035][T27325] generic_file_write_iter+0xaf/0x1c0 [ 2630.859241][T27325] vfs_write+0xc8d/0x1050 [ 2630.863408][T27325] ? file_end_write+0x1b0/0x1b0 [ 2630.868095][T27325] ? __fget_files+0x310/0x370 [ 2630.872637][T27325] ? __fdget_pos+0x1fe/0x310 [ 2630.877033][T27325] ? ksys_write+0x77/0x2c0 [ 2630.881288][T27325] ksys_write+0x198/0x2c0 [ 2630.885454][T27325] ? __ia32_sys_read+0x90/0x90 [ 2630.890052][T27325] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2630.895958][T27325] __x64_sys_write+0x7b/0x90 [ 2630.900385][T27325] do_syscall_64+0x44/0xd0 [ 2630.904638][T27325] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2630.910886][T27325] RIP: 0033:0x7fcbd55afe4f [ 2630.915144][T27325] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2630.934597][T27325] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2630.942831][T27325] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2630.950644][T27325] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2630.958573][T27325] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2630.966357][T27325] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2630.974168][T27325] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2630.982007][T27325] 18:24:22 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 54) [ 2630.986566][T27331] loop3: detected capacity change from 0 to 256 [ 2630.999539][T27331] FAT-fs (loop3): Directory bread(block 64) failed [ 2631.006416][T27331] FAT-fs (loop3): Directory bread(block 65) failed [ 2631.008665][T27334] loop1: detected capacity change from 0 to 16 [ 2631.012803][T27331] FAT-fs (loop3): Directory bread(block 66) failed [ 2631.024388][T27334] FAULT_INJECTION: forcing a failure. [ 2631.024388][T27334] name failslab, interval 1, probability 0, space 0, times 0 [ 2631.025072][T27331] FAT-fs (loop3): Directory bread(block 67) failed [ 2631.043860][T27331] FAT-fs (loop3): Directory bread(block 68) failed [ 2631.046760][T27336] FAULT_INJECTION: forcing a failure. [ 2631.046760][T27336] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2631.050178][T27331] FAT-fs (loop3): Directory bread(block 69) failed [ 2631.063017][T27336] CPU: 1 PID: 27336 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2631.069383][T27331] FAT-fs (loop3): Directory bread(block 70) failed [ 2631.079391][T27336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2631.079402][T27336] Call Trace: [ 2631.079407][T27336] [ 2631.085737][T27331] FAT-fs (loop3): Directory bread(block 71) failed [ 2631.095623][T27336] dump_stack_lvl+0x151/0x1b7 [ 2631.098777][T27331] FAT-fs (loop3): Directory bread(block 72) failed [ 2631.101526][T27336] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2631.107873][T27331] FAT-fs (loop3): Directory bread(block 73) failed [ 2631.112384][T27336] ? __kasan_check_read+0x11/0x20 [ 2631.112413][T27336] dump_stack+0x15/0x17 [ 2631.139202][T27336] should_fail+0x3c0/0x510 [ 2631.143454][T27336] should_fail_usercopy+0x1a/0x20 [ 2631.148316][T27336] copy_page_from_iter_atomic+0x433/0x11c0 [ 2631.153959][T27336] ? pipe_zero+0x4d0/0x4d0 [ 2631.158208][T27336] ? __kasan_check_write+0x14/0x20 [ 2631.163161][T27336] ? shmem_write_end+0x786/0x8a0 [ 2631.167932][T27336] generic_perform_write+0x343/0x5d0 [ 2631.173056][T27336] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2631.178694][T27336] ? file_remove_privs+0x690/0x690 [ 2631.183644][T27336] ? __kasan_check_write+0x14/0x20 [ 2631.188595][T27336] ? down_write+0xdd/0x140 [ 2631.192849][T27336] __generic_file_write_iter+0x25b/0x4b0 [ 2631.198312][T27336] generic_file_write_iter+0xaf/0x1c0 [ 2631.203521][T27336] vfs_write+0xc8d/0x1050 [ 2631.207688][T27336] ? file_end_write+0x1b0/0x1b0 [ 2631.212375][T27336] ? __fget_files+0x310/0x370 [ 2631.216891][T27336] ? __fdget_pos+0x1fe/0x310 [ 2631.221327][T27336] ? ksys_write+0x77/0x2c0 [ 2631.225567][T27336] ksys_write+0x198/0x2c0 [ 2631.229738][T27336] ? __ia32_sys_read+0x90/0x90 [ 2631.234335][T27336] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2631.240238][T27336] __x64_sys_write+0x7b/0x90 [ 2631.244665][T27336] do_syscall_64+0x44/0xd0 [ 2631.248923][T27336] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2631.254669][T27336] RIP: 0033:0x7fb257acee4f [ 2631.258897][T27336] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2631.278343][T27336] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2631.286589][T27336] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2631.294402][T27336] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2631.302215][T27336] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2631.310022][T27336] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2631.317838][T27336] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2631.325655][T27336] [ 2631.328510][T27334] CPU: 0 PID: 27334 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2631.337472][T27336] loop5: detected capacity change from 0 to 512 [ 2631.338576][T27334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2631.338589][T27334] Call Trace: [ 2631.338594][T27334] [ 2631.338600][T27334] dump_stack_lvl+0x151/0x1b7 [ 2631.338623][T27334] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2631.338641][T27334] dump_stack+0x15/0x17 [ 2631.338655][T27334] should_fail+0x3c0/0x510 [ 2631.338671][T27334] __should_failslab+0x9f/0xe0 [ 2631.383196][T27334] should_failslab+0x9/0x20 [ 2631.387530][T27334] kmem_cache_alloc+0x4f/0x2f0 [ 2631.392132][T27334] ? security_inode_alloc+0x29/0x140 [ 2631.397255][T27334] security_inode_alloc+0x29/0x140 [ 2631.402201][T27334] inode_init_always+0x717/0x960 [ 2631.406975][T27334] ? ext4_set_test_dummy_encryption+0x220/0x220 [ 2631.413050][T27334] new_inode_pseudo+0x93/0x220 [ 2631.417651][T27334] new_inode+0x28/0x1c0 [ 2631.421643][T27334] __ext4_new_inode+0x29d/0x4780 [ 2631.426418][T27334] ? memset+0x35/0x40 [ 2631.430325][T27334] ? __dquot_initialize+0x241/0xe10 [ 2631.435447][T27334] ? ext4_mark_inode_used+0xc00/0xc00 [ 2631.440651][T27334] ? dquot_initialize+0x20/0x20 [ 2631.445340][T27334] ? may_create+0x647/0x8c0 [ 2631.449680][T27334] ext4_mkdir+0x41a/0xcf0 [ 2631.453847][T27334] ? ext4_symlink+0xfe0/0xfe0 [ 2631.458359][T27334] ? selinux_inode_mkdir+0x22/0x30 [ 2631.463308][T27334] ? security_inode_mkdir+0xf1/0x130 [ 2631.468427][T27334] vfs_mkdir+0x360/0x580 [ 2631.472514][T27334] do_mkdirat+0x1e8/0x420 [ 2631.476676][T27334] ? vfs_mkdir+0x580/0x580 [ 2631.480935][T27334] ? getname_flags+0x1fb/0x510 [ 2631.485531][T27334] __x64_sys_mkdirat+0x89/0xa0 [ 2631.490131][T27334] do_syscall_64+0x44/0xd0 [ 2631.494383][T27334] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2631.500111][T27334] RIP: 0033:0x7fc55e5280e7 [ 2631.504364][T27334] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2631.523805][T27334] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 2631.532073][T27334] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e5280e7 18:24:23 executing program 0: unshare(0x20600) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x282500, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000000c0)={r0, 0x10, 0x0, 0x0, 0x0}, 0x20) 18:24:23 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 46) 18:24:23 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 55) [ 2631.539866][T27334] RDX: 00000000000001ff RSI: 00000000200001c0 RDI: 00000000ffffff9c [ 2631.547673][T27334] RBP: 0000000020000240 R08: 0000000000000000 R09: 0000000000000176 [ 2631.555488][T27334] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000180 [ 2631.563301][T27334] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2631.571113][T27334] [ 2631.595973][T27342] FAULT_INJECTION: forcing a failure. [ 2631.595973][T27342] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2631.608876][T27342] CPU: 1 PID: 27342 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2631.618901][T27342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2631.628795][T27342] Call Trace: [ 2631.631919][T27342] [ 2631.634696][T27342] dump_stack_lvl+0x151/0x1b7 [ 2631.639210][T27342] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2631.644507][T27342] ? __kasan_check_read+0x11/0x20 [ 2631.649365][T27342] dump_stack+0x15/0x17 [ 2631.653361][T27342] should_fail+0x3c0/0x510 [ 2631.657615][T27342] should_fail_usercopy+0x1a/0x20 [ 2631.662472][T27342] copy_page_from_iter_atomic+0x433/0x11c0 [ 2631.668116][T27342] ? pipe_zero+0x4d0/0x4d0 [ 2631.672366][T27342] ? __kasan_check_write+0x14/0x20 [ 2631.677316][T27342] ? shmem_write_end+0x786/0x8a0 [ 2631.682091][T27342] generic_perform_write+0x343/0x5d0 [ 2631.687213][T27342] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2631.692855][T27342] ? file_remove_privs+0x690/0x690 [ 2631.697802][T27342] ? __kasan_check_write+0x14/0x20 [ 2631.702749][T27342] ? down_write+0xdd/0x140 [ 2631.707000][T27342] __generic_file_write_iter+0x25b/0x4b0 [ 2631.712473][T27342] generic_file_write_iter+0xaf/0x1c0 [ 2631.717686][T27342] vfs_write+0xc8d/0x1050 [ 2631.721845][T27342] ? file_end_write+0x1b0/0x1b0 [ 2631.726537][T27342] ? __fget_files+0x310/0x370 [ 2631.731045][T27342] ? __fdget_pos+0x1fe/0x310 [ 2631.735482][T27342] ? ksys_write+0x77/0x2c0 [ 2631.739729][T27342] ksys_write+0x198/0x2c0 [ 2631.743897][T27342] ? __ia32_sys_read+0x90/0x90 [ 2631.748500][T27342] ? sched_clock_cpu+0x18/0x3b0 [ 2631.753188][T27342] __x64_sys_write+0x7b/0x90 [ 2631.757612][T27342] do_syscall_64+0x44/0xd0 [ 2631.761857][T27342] ? irqentry_exit+0x12/0x40 [ 2631.766286][T27342] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2631.772024][T27342] RIP: 0033:0x7fcbd55afe4f [ 2631.776268][T27342] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 18:24:23 executing program 3: mremap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000ff9000/0x4000)=nil) [ 2631.795714][T27342] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2631.803971][T27342] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2631.812002][T27342] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2631.819756][T27342] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2631.827561][T27342] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2631.835374][T27342] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2631.843187][T27342] 18:24:23 executing program 0: unshare(0x20600) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x282500, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000000c0)={r0, 0x10, 0x0, 0x0, 0x0}, 0x20) [ 2631.852979][T27342] loop4: detected capacity change from 0 to 512 [ 2631.868282][T27327] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 18:24:23 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 53) [ 2631.893834][T27342] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 18:24:23 executing program 0: unshare(0x20600) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x282500, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000000c0)={r0, 0x10, 0x0, 0x0, 0x0}, 0x20) 18:24:23 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = dup(r2) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) r5 = dup(r4) syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000003c0)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) [ 2631.925593][T27351] FAULT_INJECTION: forcing a failure. [ 2631.925593][T27351] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2631.944214][T27351] CPU: 0 PID: 27351 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2631.949455][T27352] loop1: detected capacity change from 0 to 16 [ 2631.954294][T27351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2631.970176][T27351] Call Trace: [ 2631.973307][T27351] [ 2631.976079][T27351] dump_stack_lvl+0x151/0x1b7 [ 2631.980590][T27351] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2631.985883][T27351] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2631.991094][T27351] dump_stack+0x15/0x17 [ 2631.995088][T27351] should_fail+0x3c0/0x510 [ 2631.999345][T27351] should_fail_alloc_page+0x58/0x70 [ 2632.004460][T27351] __alloc_pages+0x1de/0x7c0 [ 2632.008892][T27351] ? __count_vm_events+0x30/0x30 [ 2632.013828][T27351] ? __kasan_check_read+0x11/0x20 [ 2632.018690][T27351] ? __vm_enough_memory+0x118/0x310 [ 2632.023727][T27351] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2632.029289][T27351] ? shmem_swapin_page+0x15c0/0x15c0 [ 2632.034404][T27351] ? xas_start+0x33d/0x410 [ 2632.038652][T27351] ? xas_load+0x2c7/0x2e0 [ 2632.042819][T27351] ? pagecache_get_page+0xcc8/0xdb0 [ 2632.047863][T27351] ? page_cache_prev_miss+0x430/0x430 [ 2632.053148][T27351] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2632.058543][T27351] ? lru_cache_add+0x273/0x530 [ 2632.063130][T27351] shmem_getpage_gfp+0x1487/0x25f0 [ 2632.068084][T27351] ? shmem_getpage+0xa0/0xa0 [ 2632.072514][T27351] ? fault_in_safe_writeable+0x240/0x240 [ 2632.078074][T27351] ? __kasan_check_write+0x14/0x20 [ 2632.083020][T27351] ? shmem_write_end+0x786/0x8a0 [ 2632.087790][T27351] shmem_write_begin+0xc8/0x1b0 [ 2632.092480][T27351] generic_perform_write+0x2cd/0x5d0 [ 2632.097608][T27351] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2632.103243][T27351] ? file_remove_privs+0x690/0x690 [ 2632.108190][T27351] ? __kasan_check_write+0x14/0x20 [ 2632.113134][T27351] ? down_write+0xdd/0x140 [ 2632.117388][T27351] __generic_file_write_iter+0x25b/0x4b0 [ 2632.122859][T27351] generic_file_write_iter+0xaf/0x1c0 [ 2632.128065][T27351] vfs_write+0xc8d/0x1050 [ 2632.132236][T27351] ? file_end_write+0x1b0/0x1b0 [ 2632.136925][T27351] ? __fget_files+0x310/0x370 [ 2632.141435][T27351] ? __fdget_pos+0x1fe/0x310 [ 2632.145859][T27351] ? ksys_write+0x77/0x2c0 [ 2632.150114][T27351] ksys_write+0x198/0x2c0 [ 2632.154280][T27351] ? __ia32_sys_read+0x90/0x90 [ 2632.158879][T27351] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2632.164785][T27351] __x64_sys_write+0x7b/0x90 [ 2632.169209][T27351] do_syscall_64+0x44/0xd0 [ 2632.173460][T27351] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2632.179276][T27351] RIP: 0033:0x7fb257acee4f [ 2632.183584][T27351] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2632.203058][T27351] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2632.211325][T27351] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2632.219119][T27351] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 18:24:24 executing program 2: syz_clone(0x80021000, 0x0, 0x0, &(0x7f00000004c0), 0x0, 0x0) 18:24:24 executing program 0: unshare(0x20600) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x282500, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000000c0)={r0, 0x10, 0x0, 0x0, 0x0}, 0x20) 18:24:24 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 47) [ 2632.226929][T27351] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2632.234739][T27351] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2632.242553][T27351] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2632.250370][T27351] [ 2632.261125][T27352] FAULT_INJECTION: forcing a failure. [ 2632.261125][T27352] name failslab, interval 1, probability 0, space 0, times 0 [ 2632.282519][T27352] CPU: 0 PID: 27352 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2632.292595][T27352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2632.302489][T27352] Call Trace: [ 2632.305612][T27352] [ 2632.308391][T27352] dump_stack_lvl+0x151/0x1b7 [ 2632.312910][T27352] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2632.318293][T27352] ? write_boundary_block+0x150/0x150 [ 2632.323494][T27352] dump_stack+0x15/0x17 [ 2632.327508][T27352] should_fail+0x3c0/0x510 [ 2632.331751][T27352] __should_failslab+0x9f/0xe0 [ 2632.336345][T27352] should_failslab+0x9/0x20 [ 2632.340682][T27352] kmem_cache_alloc+0x4f/0x2f0 [ 2632.345287][T27352] ? jbd2__journal_start+0x14f/0x6f0 [ 2632.350402][T27352] jbd2__journal_start+0x14f/0x6f0 [ 2632.355347][T27352] ? __kasan_check_read+0x11/0x20 [ 2632.360213][T27352] __ext4_journal_start_sb+0xf2/0x2a0 [ 2632.365509][T27352] __ext4_new_inode+0x1443/0x4780 [ 2632.370367][T27352] ? ext4_mark_inode_used+0xc00/0xc00 [ 2632.375574][T27352] ? dquot_initialize+0x20/0x20 [ 2632.380265][T27352] ? may_create+0x647/0x8c0 [ 2632.384600][T27352] ext4_mkdir+0x41a/0xcf0 [ 2632.388783][T27352] ? ext4_symlink+0xfe0/0xfe0 [ 2632.393280][T27352] ? selinux_inode_mkdir+0x22/0x30 [ 2632.398228][T27352] ? security_inode_mkdir+0xf1/0x130 [ 2632.403347][T27352] vfs_mkdir+0x360/0x580 [ 2632.407531][T27352] do_mkdirat+0x1e8/0x420 [ 2632.411696][T27352] ? vfs_mkdir+0x580/0x580 [ 2632.415949][T27352] ? getname_flags+0x1fb/0x510 [ 2632.420638][T27352] __x64_sys_mkdirat+0x89/0xa0 [ 2632.425237][T27352] do_syscall_64+0x44/0xd0 [ 2632.429488][T27352] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2632.435217][T27352] RIP: 0033:0x7fc55e5280e7 [ 2632.439470][T27352] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2632.459000][T27352] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 2632.467424][T27352] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e5280e7 [ 2632.475234][T27352] RDX: 00000000000001ff RSI: 00000000200001c0 RDI: 00000000ffffff9c 18:24:24 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket(0x200000000000011, 0x3, 0x0) bind$packet(r1, &(0x7f0000000000)={0x11, 0x800, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040), 0x4) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000), 0x4) 18:24:24 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 56) 18:24:24 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket(0x200000000000011, 0x3, 0x0) bind$packet(r1, &(0x7f0000000000)={0x11, 0x800, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040), 0x4) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000), 0x4) [ 2632.483044][T27352] RBP: 0000000020000240 R08: 0000000000000000 R09: 0000000000000176 [ 2632.491029][T27352] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000180 [ 2632.498840][T27352] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2632.506658][T27352] [ 2632.527627][T27364] FAULT_INJECTION: forcing a failure. [ 2632.527627][T27364] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2632.546367][T27367] FAULT_INJECTION: forcing a failure. [ 2632.546367][T27367] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2632.559359][T27367] CPU: 0 PID: 27367 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2632.569422][T27367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2632.579317][T27367] Call Trace: [ 2632.582440][T27367] [ 2632.585217][T27367] dump_stack_lvl+0x151/0x1b7 [ 2632.588704][T27352] EXT4-fs error (device sda1) in __ext4_new_inode:1085: Out of memory [ 2632.589728][T27367] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2632.603012][T27367] ? __kasan_check_read+0x11/0x20 [ 2632.608308][T27367] dump_stack+0x15/0x17 [ 2632.612301][T27367] should_fail+0x3c0/0x510 [ 2632.616555][T27367] should_fail_usercopy+0x1a/0x20 [ 2632.621413][T27367] copy_page_from_iter_atomic+0x433/0x11c0 [ 2632.627058][T27367] ? pipe_zero+0x4d0/0x4d0 [ 2632.631332][T27367] ? __kasan_check_write+0x14/0x20 [ 2632.636257][T27367] ? shmem_write_end+0x786/0x8a0 [ 2632.641032][T27367] generic_perform_write+0x343/0x5d0 [ 2632.646157][T27367] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2632.651794][T27367] ? file_remove_privs+0x690/0x690 [ 2632.656737][T27367] ? __kasan_check_write+0x14/0x20 [ 2632.661685][T27367] ? down_write+0xdd/0x140 [ 2632.665938][T27367] __generic_file_write_iter+0x25b/0x4b0 [ 2632.671408][T27367] generic_file_write_iter+0xaf/0x1c0 [ 2632.676612][T27367] vfs_write+0xc8d/0x1050 [ 2632.680782][T27367] ? file_end_write+0x1b0/0x1b0 [ 2632.685467][T27367] ? __fget_files+0x310/0x370 [ 2632.689982][T27367] ? __fdget_pos+0x1fe/0x310 [ 2632.694406][T27367] ? ksys_write+0x77/0x2c0 [ 2632.698660][T27367] ksys_write+0x198/0x2c0 [ 2632.702826][T27367] ? __ia32_sys_read+0x90/0x90 [ 2632.707426][T27367] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2632.713332][T27367] __x64_sys_write+0x7b/0x90 [ 2632.717763][T27367] do_syscall_64+0x44/0xd0 [ 2632.722010][T27367] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2632.727744][T27367] RIP: 0033:0x7fb257acee4f [ 2632.731992][T27367] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2632.751436][T27367] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2632.759682][T27367] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2632.767587][T27367] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2632.775392][T27367] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 18:24:24 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket(0x200000000000011, 0x3, 0x0) bind$packet(r1, &(0x7f0000000000)={0x11, 0x800, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040), 0x4) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000), 0x4) 18:24:24 executing program 2: setresuid(0x0, 0xee01, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001840)=ANY=[@ANYBLOB="b7000000010003c3bfa30000000000000703000020feffff720af0fff8ffffff71a4f0ff000000001504000000ffffffde4005000000000047000000016d00007b030000000000000f440000000000007a0a00fe00ffffffdb03000000000000b5000000000000009500000000000000023bc065b78111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e51815548000000000000000275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7f300c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e5ccae25ea21714eca8cf5d803e04d83b46e21557c0afc646cb7790b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845b9f75dd08d123deda8ebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987af1714e72ba7616536fd9aa58f2477184b6a89adaf17b0baf587aef370a2d426a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a277c7a775d55dfc28abbe9b5ea62d84f3a10746443d64364f56e24e6d2105bd901128c7e0ec82770c8206b1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee7d26b34381fcb59b854e9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67051d355d84ce97bb0c6b4a595e487efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599ddd71063be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d96c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425bd5e87e59602a9f6590521d36f38df9ba60248d9a0d61282dfb15eb6841bb64a1b3045024a982f3c48153baae2c4e7bf37548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c3560811ea6c3560a43364d402ccdd9069bd50b994fd6a34ee18022a579dfc0229cc0dc9881610270928eeeb883418f562ae00003ea96d10f172c0374d6eed826407000000000000004a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca5f1380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea52acb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d851680f6f2f9a6a8906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f4ca2195234648e0a1ca50db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145eb6dc5f6a9037d2283c42efc54fa84323a3304f41ff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f928ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f80724a5bfc1e8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f068840a754c02180d61542c2571f983e96735600000554f327a353511ccedde99493c31ac05a7b57f03ca91a01ba2c60ca99e8ebc15ecfd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d40460780000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120968308c31db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98c2c73e1661261173f359e93d2c80000000998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebccbaf1ea4a003fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9e0600f86909bc90addb7b9aee813df534aac4b32fc7741c7e3f426b9ed20debd883593ff5d691b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a000000000000000000000000000006acc19808d7cf29bc974b0ea92499a419aa095e203c1bafbb9b9a7c2bca3f0a18ee4952f2d325a56390578f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa84feda91f3edb32231ec75300000000000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b88b5e7885e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d0f086b3f03b20d546fa66a72e38207c9d20035ab63de71a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db1829f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2744c46570e8f46da1ab990ca053cbfe801000000000000000000000000000000d55d8700000000000000495e3eb9421963a5a683c3dcb2d300aa3b2cfe946d2348c35f5d67d68ac07c8f84b3679e77c2e629ecec7c12c35d6b6971b8ae13cc00956d2245e761f5a3bfdcdc18ac27db60c0a461ed2b3ecfb16d19037c8c88c91dda1f904fbbc864e95ad43d6dd6d5eadbcea25682ba4b91e14c3fbfdfd1d680e7f13a65dbaa1af102d97681656bf56ff0cf36518f674237ce097d39008cc3257778de878bcd37467386f993be6d20c93a7791e7f2a155ce379b4cda2500108052aeb9bd03ffbda9ff485d6576a492d436d52edcd420e7deaa4343a0add3941ae7c5f58af43866ca64750f43e583ca1ceb3a805e46beef9dca77a4edcbb42aa0caf0bbd6cec72d85540293cb4849b0610800000000000000000000000000000000f9814d5f6c8673c143ff2f901e71b8818665b56f7a03afe3d900007656859db4cb06aaaf9f02cfab5b9e61cc00e8e19429921b8df4c4c53bddea4cc48737842952ff08aeac15685df194ca89da8cf6d29a2be9779181fd5d105af5786094d9130f5826b18b9667b971a994f3fd069629a1052f441e96884fcdc91f4a974242aabfc8adbadc9ca27955b5c90f0bd9a46ed044272383d3768871a9c8cfd7948aea445c55684351002ed4a4af45341de8e5e1f33624bd2ec1591dd00bbe05000000f89a928662e9b9449db34394fc5e946fadaee576e28ac0feab4e3585ed43d206218f524083840a78b723621f3b028d4ead407240e7467d1b37afe20690d7672c7e926fded95cf805516ad836eb730619a05af36fb28329d6feb33219cc9164461a8ba3afd5949b9a6046c53663df30a149414089c1ae8f3476236b05dde8dda4843a62c591f8d2b1a62d0db8dc826219bd87398b33e13e3a7a1511573cb1a8cdce3a8fea40792297d023ef52de2e75b9dbbfb8712ccc15c69cfb4c6c1bc2ae74621e536b9d3f09a15dada1561a8192d65cc59d7ed5a6bd610000000000000000000000000000000000000000000000b41248c570c4223a471b755ce6956908e2b0e5dbc5e71ff2373d3ed89c2e2eafac81c21ac2436d2ffacffe2fc0d601a50221c88a47b264c5129004f350963b52702c5a360000000000000000000000000000000b4077dc8a1801a8bf833350d302c5439ea3dd0f3b8eb1dc93af1fbf863d33a38a5aa02ec1e5b90cb673d6b0cfe7f35b20e438653e0f73ddfc78e3e1d1cc9798af0eb9b61bb4fc72454a57237b68ea614ad898374e952784a18ffb9dc4447acd7ad28a63f88007ad8cba31a6fdd9982c97a913dffe69654d3a00b98c45ead9b9619f946c82f5789379d0d942020652ccfac45e1ef5e93e72b7d5381a3c61fbabc1286285110540075bc7aee3e595f9850b9e96887d53404add0021b198be851d9f797d6d4fe7501997524d28ce7b1d5f8203d9f756efd5676c5d85052030c27e2a99ee39007d9b3c305b1c7d14899b42149d6c437d863651d30426e36ff66bafa93ce3f76c18b8c91ac65b7ab49f03b7c0d04f87f5698a90c6bcfde7687e1ee0369e88d674f51fe69423000000000000596444d8a7bf983d6f0342b2987e520542c1f725402404f37cda7868234eeefbd472c7b396c182f2b9a8bf2f85ad1a7b18681784c8fcf0cf5e34baebc594de0d6c9244a834b82a162739619b5f2e3c24378417f71f855b7958fbae631a8aa30b2120a9e23d8711f529b0cd7ce6ee2b0841a4d9e82e6ef54089b64175338ed7effe440c97c663a1000000000033f9ee8bc74fb676198caf54f9a07461c30b4b65890f2b64e68eb2a265f641e68af046fb8751055c6dba7e49068656dbf01c26b3812cec4204084e4c3f5abb86121a3eddd10720d3b66a3a8033aab499cf56b7e5b01d37c1d7b4f5968040cd727efc9a1d69fa550313969508472ec9af3327d1bcae9167e3316f272ba2efdebf91f15b4a2bc27ea303834692d92961d3dcff0e4f55d9e3e7c66e8d3324216c4c77b95c000c5f30d56da969b1ce3a3e1a8ce5a632b3c404e7b455cac15273ce31a57dc723e173d14b65bed120f5396671eb7f8670ddc26ecc7461b1badfc98076c95aa811954827767c023c51e183cf1de0230912617f72169a3f9bda12d14667855757ca543b524491e213929a9d095abb9e57f33ad7e5301e5995e65246bc06f931d983596a4979d403f1b3884123633e9af67a0972612b5874f2c8db14855444c7155f7bd177017c7bc1"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48) [ 2632.783205][T27367] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2632.791014][T27367] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2632.798838][T27367] [ 2632.812545][T27364] CPU: 0 PID: 27364 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2632.822633][T27364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2632.832529][T27364] Call Trace: [ 2632.835647][T27364] [ 2632.838428][T27364] dump_stack_lvl+0x151/0x1b7 [ 2632.842945][T27364] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2632.848241][T27364] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2632.853441][T27364] dump_stack+0x15/0x17 [ 2632.857435][T27364] should_fail+0x3c0/0x510 [ 2632.861686][T27364] should_fail_alloc_page+0x58/0x70 [ 2632.866722][T27364] __alloc_pages+0x1de/0x7c0 [ 2632.871147][T27364] ? __count_vm_events+0x30/0x30 [ 2632.875920][T27364] ? __kasan_check_read+0x11/0x20 [ 2632.880782][T27364] ? __vm_enough_memory+0x118/0x310 [ 2632.885817][T27364] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2632.891292][T27364] ? shmem_swapin_page+0x15c0/0x15c0 [ 2632.896410][T27364] ? xas_start+0x33d/0x410 [ 2632.900658][T27364] ? xas_load+0x2c7/0x2e0 [ 2632.904827][T27364] ? pagecache_get_page+0xcc8/0xdb0 [ 2632.909859][T27364] ? page_cache_prev_miss+0x430/0x430 [ 2632.915067][T27364] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2632.920447][T27364] ? lru_cache_add+0x273/0x530 [ 2632.925047][T27364] shmem_getpage_gfp+0x1487/0x25f0 [ 2632.930000][T27364] ? shmem_getpage+0xa0/0xa0 [ 2632.934424][T27364] ? fault_in_safe_writeable+0x240/0x240 [ 2632.939893][T27364] ? __kasan_check_write+0x14/0x20 [ 2632.944839][T27364] ? shmem_write_end+0x786/0x8a0 [ 2632.949616][T27364] shmem_write_begin+0xc8/0x1b0 [ 2632.954303][T27364] generic_perform_write+0x2cd/0x5d0 [ 2632.959434][T27364] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2632.965064][T27364] ? file_remove_privs+0x690/0x690 [ 2632.970098][T27364] ? __kasan_check_write+0x14/0x20 [ 2632.975050][T27364] ? down_write+0xdd/0x140 [ 2632.979307][T27364] __generic_file_write_iter+0x25b/0x4b0 [ 2632.984769][T27364] generic_file_write_iter+0xaf/0x1c0 [ 2632.989975][T27364] vfs_write+0xc8d/0x1050 [ 2632.994142][T27364] ? file_end_write+0x1b0/0x1b0 [ 2632.998829][T27364] ? __fget_files+0x310/0x370 [ 2633.003346][T27364] ? __fdget_pos+0x1fe/0x310 [ 2633.007769][T27364] ? ksys_write+0x77/0x2c0 [ 2633.012022][T27364] ksys_write+0x198/0x2c0 [ 2633.016190][T27364] ? __ia32_sys_read+0x90/0x90 [ 2633.020789][T27364] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2633.026692][T27364] __x64_sys_write+0x7b/0x90 [ 2633.031130][T27364] do_syscall_64+0x44/0xd0 [ 2633.035379][T27364] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2633.041101][T27364] RIP: 0033:0x7fcbd55afe4f [ 2633.045354][T27364] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2633.064804][T27364] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2633.073048][T27364] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f 18:24:24 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket(0x200000000000011, 0x3, 0x0) bind$packet(r1, &(0x7f0000000000)={0x11, 0x800, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040), 0x4) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000), 0x4) 18:24:24 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 54) 18:24:24 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r0, 0x6, &(0x7f0000002200)={0x0, 0x0, 0x0, 0x1}) fcntl$lock(r0, 0x25, &(0x7f0000000000)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r1, 0x7, &(0x7f0000000040)={0x2, 0x0, 0x7fffffffffffffff}) [ 2633.080852][T27364] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2633.088750][T27364] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2633.096572][T27364] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2633.104380][T27364] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2633.112193][T27364] 18:24:25 executing program 2: setresuid(0x0, 0xee01, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001840)=ANY=[@ANYBLOB="b7000000010003c3bfa30000000000000703000020feffff720af0fff8ffffff71a4f0ff000000001504000000ffffffde4005000000000047000000016d00007b030000000000000f440000000000007a0a00fe00ffffffdb03000000000000b5000000000000009500000000000000023bc065b78111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e51815548000000000000000275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7f300c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e5ccae25ea21714eca8cf5d803e04d83b46e21557c0afc646cb7790b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845b9f75dd08d123deda8ebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987af1714e72ba7616536fd9aa58f2477184b6a89adaf17b0baf587aef370a2d426a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a277c7a775d55dfc28abbe9b5ea62d84f3a10746443d64364f56e24e6d2105bd901128c7e0ec82770c8206b1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee7d26b34381fcb59b854e9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67051d355d84ce97bb0c6b4a595e487efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599ddd71063be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d96c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425bd5e87e59602a9f6590521d36f38df9ba60248d9a0d61282dfb15eb6841bb64a1b3045024a982f3c48153baae2c4e7bf37548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c3560811ea6c3560a43364d402ccdd9069bd50b994fd6a34ee18022a579dfc0229cc0dc9881610270928eeeb883418f562ae00003ea96d10f172c0374d6eed826407000000000000004a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca5f1380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea52acb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d851680f6f2f9a6a8906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f4ca2195234648e0a1ca50db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145eb6dc5f6a9037d2283c42efc54fa84323a3304f41ff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f928ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f80724a5bfc1e8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f068840a754c02180d61542c2571f983e96735600000554f327a353511ccedde99493c31ac05a7b57f03ca91a01ba2c60ca99e8ebc15ecfd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d40460780000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120968308c31db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98c2c73e1661261173f359e93d2c80000000998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebccbaf1ea4a003fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9e0600f86909bc90addb7b9aee813df534aac4b32fc7741c7e3f426b9ed20debd883593ff5d691b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a000000000000000000000000000006acc19808d7cf29bc974b0ea92499a419aa095e203c1bafbb9b9a7c2bca3f0a18ee4952f2d325a56390578f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa84feda91f3edb32231ec75300000000000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b88b5e7885e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d0f086b3f03b20d546fa66a72e38207c9d20035ab63de71a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db1829f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2744c46570e8f46da1ab990ca053cbfe801000000000000000000000000000000d55d8700000000000000495e3eb9421963a5a683c3dcb2d300aa3b2cfe946d2348c35f5d67d68ac07c8f84b3679e77c2e629ecec7c12c35d6b6971b8ae13cc00956d2245e761f5a3bfdcdc18ac27db60c0a461ed2b3ecfb16d19037c8c88c91dda1f904fbbc864e95ad43d6dd6d5eadbcea25682ba4b91e14c3fbfdfd1d680e7f13a65dbaa1af102d97681656bf56ff0cf36518f674237ce097d39008cc3257778de878bcd37467386f993be6d20c93a7791e7f2a155ce379b4cda2500108052aeb9bd03ffbda9ff485d6576a492d436d52edcd420e7deaa4343a0add3941ae7c5f58af43866ca64750f43e583ca1ceb3a805e46beef9dca77a4edcbb42aa0caf0bbd6cec72d85540293cb4849b0610800000000000000000000000000000000f9814d5f6c8673c143ff2f901e71b8818665b56f7a03afe3d900007656859db4cb06aaaf9f02cfab5b9e61cc00e8e19429921b8df4c4c53bddea4cc48737842952ff08aeac15685df194ca89da8cf6d29a2be9779181fd5d105af5786094d9130f5826b18b9667b971a994f3fd069629a1052f441e96884fcdc91f4a974242aabfc8adbadc9ca27955b5c90f0bd9a46ed044272383d3768871a9c8cfd7948aea445c55684351002ed4a4af45341de8e5e1f33624bd2ec1591dd00bbe05000000f89a928662e9b9449db34394fc5e946fadaee576e28ac0feab4e3585ed43d206218f524083840a78b723621f3b028d4ead407240e7467d1b37afe20690d7672c7e926fded95cf805516ad836eb730619a05af36fb28329d6feb33219cc9164461a8ba3afd5949b9a6046c53663df30a149414089c1ae8f3476236b05dde8dda4843a62c591f8d2b1a62d0db8dc826219bd87398b33e13e3a7a1511573cb1a8cdce3a8fea40792297d023ef52de2e75b9dbbfb8712ccc15c69cfb4c6c1bc2ae74621e536b9d3f09a15dada1561a8192d65cc59d7ed5a6bd610000000000000000000000000000000000000000000000b41248c570c4223a471b755ce6956908e2b0e5dbc5e71ff2373d3ed89c2e2eafac81c21ac2436d2ffacffe2fc0d601a50221c88a47b264c5129004f350963b52702c5a360000000000000000000000000000000b4077dc8a1801a8bf833350d302c5439ea3dd0f3b8eb1dc93af1fbf863d33a38a5aa02ec1e5b90cb673d6b0cfe7f35b20e438653e0f73ddfc78e3e1d1cc9798af0eb9b61bb4fc72454a57237b68ea614ad898374e952784a18ffb9dc4447acd7ad28a63f88007ad8cba31a6fdd9982c97a913dffe69654d3a00b98c45ead9b9619f946c82f5789379d0d942020652ccfac45e1ef5e93e72b7d5381a3c61fbabc1286285110540075bc7aee3e595f9850b9e96887d53404add0021b198be851d9f797d6d4fe7501997524d28ce7b1d5f8203d9f756efd5676c5d85052030c27e2a99ee39007d9b3c305b1c7d14899b42149d6c437d863651d30426e36ff66bafa93ce3f76c18b8c91ac65b7ab49f03b7c0d04f87f5698a90c6bcfde7687e1ee0369e88d674f51fe69423000000000000596444d8a7bf983d6f0342b2987e520542c1f725402404f37cda7868234eeefbd472c7b396c182f2b9a8bf2f85ad1a7b18681784c8fcf0cf5e34baebc594de0d6c9244a834b82a162739619b5f2e3c24378417f71f855b7958fbae631a8aa30b2120a9e23d8711f529b0cd7ce6ee2b0841a4d9e82e6ef54089b64175338ed7effe440c97c663a1000000000033f9ee8bc74fb676198caf54f9a07461c30b4b65890f2b64e68eb2a265f641e68af046fb8751055c6dba7e49068656dbf01c26b3812cec4204084e4c3f5abb86121a3eddd10720d3b66a3a8033aab499cf56b7e5b01d37c1d7b4f5968040cd727efc9a1d69fa550313969508472ec9af3327d1bcae9167e3316f272ba2efdebf91f15b4a2bc27ea303834692d92961d3dcff0e4f55d9e3e7c66e8d3324216c4c77b95c000c5f30d56da969b1ce3a3e1a8ce5a632b3c404e7b455cac15273ce31a57dc723e173d14b65bed120f5396671eb7f8670ddc26ecc7461b1badfc98076c95aa811954827767c023c51e183cf1de0230912617f72169a3f9bda12d14667855757ca543b524491e213929a9d095abb9e57f33ad7e5301e5995e65246bc06f931d983596a4979d403f1b3884123633e9af67a0972612b5874f2c8db14855444c7155f7bd177017c7bc1"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48) 18:24:25 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 57) [ 2633.147952][T27381] loop1: detected capacity change from 0 to 16 [ 2633.148316][T27367] loop5: detected capacity change from 0 to 512 [ 2633.160763][T27381] FAULT_INJECTION: forcing a failure. [ 2633.160763][T27381] name failslab, interval 1, probability 0, space 0, times 0 18:24:25 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000180)={'ip6gre0\x00', &(0x7f0000000100)={'ip6_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7, 0x402f}}) [ 2633.190311][T27381] CPU: 1 PID: 27381 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2633.200486][T27381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2633.210376][T27381] Call Trace: [ 2633.213500][T27381] [ 2633.216363][T27381] dump_stack_lvl+0x151/0x1b7 [ 2633.220878][T27381] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2633.226173][T27381] ? write_boundary_block+0x150/0x150 [ 2633.231376][T27381] dump_stack+0x15/0x17 [ 2633.235455][T27381] should_fail+0x3c0/0x510 [ 2633.239714][T27381] __should_failslab+0x9f/0xe0 [ 2633.244312][T27381] should_failslab+0x9/0x20 [ 2633.248650][T27381] kmem_cache_alloc+0x4f/0x2f0 [ 2633.253251][T27381] ? jbd2__journal_start+0x14f/0x6f0 [ 2633.258371][T27381] jbd2__journal_start+0x14f/0x6f0 [ 2633.263320][T27381] ? __kasan_check_read+0x11/0x20 [ 2633.268180][T27381] __ext4_journal_start_sb+0xf2/0x2a0 [ 2633.273386][T27381] __ext4_new_inode+0x1443/0x4780 [ 2633.278252][T27381] ? ext4_mark_inode_used+0xc00/0xc00 [ 2633.283456][T27381] ? dquot_initialize+0x20/0x20 [ 2633.288154][T27381] ? may_create+0x647/0x8c0 [ 2633.292490][T27381] ext4_mkdir+0x41a/0xcf0 [ 2633.296657][T27381] ? ext4_symlink+0xfe0/0xfe0 [ 2633.301162][T27381] ? selinux_inode_mkdir+0x22/0x30 [ 2633.306111][T27381] ? security_inode_mkdir+0xf1/0x130 [ 2633.311235][T27381] vfs_mkdir+0x360/0x580 [ 2633.315312][T27381] do_mkdirat+0x1e8/0x420 [ 2633.319478][T27381] ? vfs_mkdir+0x580/0x580 [ 2633.324164][T27381] ? getname_flags+0x1fb/0x510 [ 2633.328780][T27381] __x64_sys_mkdirat+0x89/0xa0 [ 2633.333369][T27381] do_syscall_64+0x44/0xd0 [ 2633.337620][T27381] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2633.343432][T27381] RIP: 0033:0x7fc55e5280e7 [ 2633.347691][T27381] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2633.367227][T27381] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 2633.375469][T27381] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e5280e7 [ 2633.383372][T27381] RDX: 00000000000001ff RSI: 00000000200001c0 RDI: 00000000ffffff9c [ 2633.391173][T27381] RBP: 0000000020000240 R08: 0000000000000000 R09: 0000000000000176 18:24:25 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 48) 18:24:25 executing program 0: timer_create(0x9, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000280)='./file0\x00') creat(&(0x7f0000000080)='./bus\x00', 0x0) r0 = open(&(0x7f0000000400)='./bus\x00', 0x14103e, 0x0) r1 = open(&(0x7f00000004c0)='./bus\x00', 0x143042, 0x0) ftruncate(r1, 0x2008002) fstat(0xffffffffffffffff, &(0x7f0000000440)) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, 0x0, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x11, r0, 0x0) r2 = gettid() process_vm_writev(r2, &(0x7f0000c22000)=[{&(0x7f000034afa4)=""/1, 0x1f80}], 0x61, &(0x7f0000c22fa0)=[{&(0x7f0000000080)=""/1, 0x2034afa5}], 0x1, 0x0) 18:24:25 executing program 3: futex(&(0x7f0000006100), 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:24:25 executing program 3: futex(&(0x7f0000006100), 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 2633.398985][T27381] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000180 [ 2633.406797][T27381] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2633.414711][T27381] [ 2633.417988][T27381] EXT4-fs error (device sda1) in __ext4_new_inode:1085: Out of memory [ 2633.433040][T27393] FAULT_INJECTION: forcing a failure. [ 2633.433040][T27393] name fail_usercopy, interval 1, probability 0, space 0, times 0 18:24:25 executing program 2: setresuid(0x0, 0xee01, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001840)=ANY=[@ANYBLOB="b7000000010003c3bfa30000000000000703000020feffff720af0fff8ffffff71a4f0ff000000001504000000ffffffde4005000000000047000000016d00007b030000000000000f440000000000007a0a00fe00ffffffdb03000000000000b5000000000000009500000000000000023bc065b78111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e51815548000000000000000275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7f300c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e5ccae25ea21714eca8cf5d803e04d83b46e21557c0afc646cb7790b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845b9f75dd08d123deda8ebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987af1714e72ba7616536fd9aa58f2477184b6a89adaf17b0baf587aef370a2d426a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a277c7a775d55dfc28abbe9b5ea62d84f3a10746443d64364f56e24e6d2105bd901128c7e0ec82770c8206b1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee7d26b34381fcb59b854e9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67051d355d84ce97bb0c6b4a595e487efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599ddd71063be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d96c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425bd5e87e59602a9f6590521d36f38df9ba60248d9a0d61282dfb15eb6841bb64a1b3045024a982f3c48153baae2c4e7bf37548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c3560811ea6c3560a43364d402ccdd9069bd50b994fd6a34ee18022a579dfc0229cc0dc9881610270928eeeb883418f562ae00003ea96d10f172c0374d6eed826407000000000000004a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca5f1380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea52acb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d851680f6f2f9a6a8906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f4ca2195234648e0a1ca50db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145eb6dc5f6a9037d2283c42efc54fa84323a3304f41ff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f928ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f80724a5bfc1e8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f068840a754c02180d61542c2571f983e96735600000554f327a353511ccedde99493c31ac05a7b57f03ca91a01ba2c60ca99e8ebc15ecfd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d40460780000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120968308c31db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98c2c73e1661261173f359e93d2c80000000998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebccbaf1ea4a003fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9e0600f86909bc90addb7b9aee813df534aac4b32fc7741c7e3f426b9ed20debd883593ff5d691b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a000000000000000000000000000006acc19808d7cf29bc974b0ea92499a419aa095e203c1bafbb9b9a7c2bca3f0a18ee4952f2d325a56390578f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa84feda91f3edb32231ec75300000000000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b88b5e7885e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d0f086b3f03b20d546fa66a72e38207c9d20035ab63de71a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db1829f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2744c46570e8f46da1ab990ca053cbfe801000000000000000000000000000000d55d8700000000000000495e3eb9421963a5a683c3dcb2d300aa3b2cfe946d2348c35f5d67d68ac07c8f84b3679e77c2e629ecec7c12c35d6b6971b8ae13cc00956d2245e761f5a3bfdcdc18ac27db60c0a461ed2b3ecfb16d19037c8c88c91dda1f904fbbc864e95ad43d6dd6d5eadbcea25682ba4b91e14c3fbfdfd1d680e7f13a65dbaa1af102d97681656bf56ff0cf36518f674237ce097d39008cc3257778de878bcd37467386f993be6d20c93a7791e7f2a155ce379b4cda2500108052aeb9bd03ffbda9ff485d6576a492d436d52edcd420e7deaa4343a0add3941ae7c5f58af43866ca64750f43e583ca1ceb3a805e46beef9dca77a4edcbb42aa0caf0bbd6cec72d85540293cb4849b0610800000000000000000000000000000000f9814d5f6c8673c143ff2f901e71b8818665b56f7a03afe3d900007656859db4cb06aaaf9f02cfab5b9e61cc00e8e19429921b8df4c4c53bddea4cc48737842952ff08aeac15685df194ca89da8cf6d29a2be9779181fd5d105af5786094d9130f5826b18b9667b971a994f3fd069629a1052f441e96884fcdc91f4a974242aabfc8adbadc9ca27955b5c90f0bd9a46ed044272383d3768871a9c8cfd7948aea445c55684351002ed4a4af45341de8e5e1f33624bd2ec1591dd00bbe05000000f89a928662e9b9449db34394fc5e946fadaee576e28ac0feab4e3585ed43d206218f524083840a78b723621f3b028d4ead407240e7467d1b37afe20690d7672c7e926fded95cf805516ad836eb730619a05af36fb28329d6feb33219cc9164461a8ba3afd5949b9a6046c53663df30a149414089c1ae8f3476236b05dde8dda4843a62c591f8d2b1a62d0db8dc826219bd87398b33e13e3a7a1511573cb1a8cdce3a8fea40792297d023ef52de2e75b9dbbfb8712ccc15c69cfb4c6c1bc2ae74621e536b9d3f09a15dada1561a8192d65cc59d7ed5a6bd610000000000000000000000000000000000000000000000b41248c570c4223a471b755ce6956908e2b0e5dbc5e71ff2373d3ed89c2e2eafac81c21ac2436d2ffacffe2fc0d601a50221c88a47b264c5129004f350963b52702c5a360000000000000000000000000000000b4077dc8a1801a8bf833350d302c5439ea3dd0f3b8eb1dc93af1fbf863d33a38a5aa02ec1e5b90cb673d6b0cfe7f35b20e438653e0f73ddfc78e3e1d1cc9798af0eb9b61bb4fc72454a57237b68ea614ad898374e952784a18ffb9dc4447acd7ad28a63f88007ad8cba31a6fdd9982c97a913dffe69654d3a00b98c45ead9b9619f946c82f5789379d0d942020652ccfac45e1ef5e93e72b7d5381a3c61fbabc1286285110540075bc7aee3e595f9850b9e96887d53404add0021b198be851d9f797d6d4fe7501997524d28ce7b1d5f8203d9f756efd5676c5d85052030c27e2a99ee39007d9b3c305b1c7d14899b42149d6c437d863651d30426e36ff66bafa93ce3f76c18b8c91ac65b7ab49f03b7c0d04f87f5698a90c6bcfde7687e1ee0369e88d674f51fe69423000000000000596444d8a7bf983d6f0342b2987e520542c1f725402404f37cda7868234eeefbd472c7b396c182f2b9a8bf2f85ad1a7b18681784c8fcf0cf5e34baebc594de0d6c9244a834b82a162739619b5f2e3c24378417f71f855b7958fbae631a8aa30b2120a9e23d8711f529b0cd7ce6ee2b0841a4d9e82e6ef54089b64175338ed7effe440c97c663a1000000000033f9ee8bc74fb676198caf54f9a07461c30b4b65890f2b64e68eb2a265f641e68af046fb8751055c6dba7e49068656dbf01c26b3812cec4204084e4c3f5abb86121a3eddd10720d3b66a3a8033aab499cf56b7e5b01d37c1d7b4f5968040cd727efc9a1d69fa550313969508472ec9af3327d1bcae9167e3316f272ba2efdebf91f15b4a2bc27ea303834692d92961d3dcff0e4f55d9e3e7c66e8d3324216c4c77b95c000c5f30d56da969b1ce3a3e1a8ce5a632b3c404e7b455cac15273ce31a57dc723e173d14b65bed120f5396671eb7f8670ddc26ecc7461b1badfc98076c95aa811954827767c023c51e183cf1de0230912617f72169a3f9bda12d14667855757ca543b524491e213929a9d095abb9e57f33ad7e5301e5995e65246bc06f931d983596a4979d403f1b3884123633e9af67a0972612b5874f2c8db14855444c7155f7bd177017c7bc1"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48) [ 2633.446028][T27393] CPU: 1 PID: 27393 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2633.456172][T27393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2633.466068][T27393] Call Trace: [ 2633.469191][T27393] [ 2633.472009][T27393] dump_stack_lvl+0x151/0x1b7 [ 2633.476481][T27393] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2633.481773][T27393] ? __kasan_check_read+0x11/0x20 [ 2633.486634][T27393] dump_stack+0x15/0x17 [ 2633.490627][T27393] should_fail+0x3c0/0x510 [ 2633.494879][T27393] should_fail_usercopy+0x1a/0x20 [ 2633.499829][T27393] copy_page_from_iter_atomic+0x433/0x11c0 [ 2633.505474][T27393] ? pipe_zero+0x4d0/0x4d0 [ 2633.509722][T27393] ? __kasan_check_write+0x14/0x20 [ 2633.514670][T27393] ? shmem_write_end+0x786/0x8a0 [ 2633.519444][T27393] generic_perform_write+0x343/0x5d0 [ 2633.524571][T27393] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2633.530208][T27393] ? file_remove_privs+0x690/0x690 [ 2633.535155][T27393] ? __kasan_check_write+0x14/0x20 [ 2633.540106][T27393] ? down_write+0xdd/0x140 [ 2633.544362][T27393] __generic_file_write_iter+0x25b/0x4b0 [ 2633.549915][T27393] generic_file_write_iter+0xaf/0x1c0 [ 2633.555122][T27393] vfs_write+0xc8d/0x1050 [ 2633.559286][T27393] ? file_end_write+0x1b0/0x1b0 [ 2633.563984][T27393] ? __fget_files+0x310/0x370 [ 2633.568485][T27393] ? __fdget_pos+0x1fe/0x310 [ 2633.572912][T27393] ? ksys_write+0x77/0x2c0 [ 2633.577164][T27393] ksys_write+0x198/0x2c0 [ 2633.581332][T27393] ? __ia32_sys_read+0x90/0x90 [ 2633.585934][T27393] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2633.591835][T27393] __x64_sys_write+0x7b/0x90 [ 2633.596260][T27393] do_syscall_64+0x44/0xd0 [ 2633.600513][T27393] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2633.606242][T27393] RIP: 0033:0x7fcbd55afe4f [ 2633.610499][T27393] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2633.629939][T27393] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2633.638201][T27393] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2633.645996][T27393] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2633.653812][T27393] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2633.661624][T27393] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2633.669454][T27393] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2633.677248][T27393] [ 2633.688281][T27393] loop4: detected capacity change from 0 to 512 [ 2633.690319][T27395] FAULT_INJECTION: forcing a failure. 18:24:25 executing program 3: futex(&(0x7f0000006100), 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x0) 18:24:25 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 55) 18:24:25 executing program 0: timer_create(0x9, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000280)='./file0\x00') creat(&(0x7f0000000080)='./bus\x00', 0x0) r0 = open(&(0x7f0000000400)='./bus\x00', 0x14103e, 0x0) r1 = open(&(0x7f00000004c0)='./bus\x00', 0x143042, 0x0) ftruncate(r1, 0x2008002) fstat(0xffffffffffffffff, &(0x7f0000000440)) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, 0x0, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x11, r0, 0x0) r2 = gettid() process_vm_writev(r2, &(0x7f0000c22000)=[{&(0x7f000034afa4)=""/1, 0x1f80}], 0x61, &(0x7f0000c22fa0)=[{&(0x7f0000000080)=""/1, 0x2034afa5}], 0x1, 0x0) 18:24:25 executing program 3: futex(&(0x7f0000006100), 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 2633.690319][T27395] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2633.727976][T27404] loop1: detected capacity change from 0 to 16 [ 2633.734059][T27395] CPU: 1 PID: 27395 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2633.744031][T27395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2633.753923][T27395] Call Trace: [ 2633.757047][T27395] [ 2633.759824][T27395] dump_stack_lvl+0x151/0x1b7 [ 2633.764337][T27395] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2633.769632][T27395] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2633.774841][T27395] dump_stack+0x15/0x17 [ 2633.778833][T27395] should_fail+0x3c0/0x510 [ 2633.783087][T27395] should_fail_alloc_page+0x58/0x70 [ 2633.788119][T27395] __alloc_pages+0x1de/0x7c0 [ 2633.792556][T27395] ? __count_vm_events+0x30/0x30 [ 2633.797327][T27395] ? __kasan_check_read+0x11/0x20 [ 2633.802181][T27395] ? __vm_enough_memory+0x118/0x310 [ 2633.807215][T27395] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2633.812689][T27395] ? shmem_swapin_page+0x15c0/0x15c0 [ 2633.817815][T27395] ? xas_start+0x33d/0x410 [ 2633.822057][T27395] ? xas_load+0x2c7/0x2e0 [ 2633.826227][T27395] ? pagecache_get_page+0xcc8/0xdb0 [ 2633.831266][T27395] ? page_cache_prev_miss+0x430/0x430 [ 2633.836468][T27395] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2633.841848][T27395] ? lru_cache_add+0x273/0x530 [ 2633.846449][T27395] shmem_getpage_gfp+0x1487/0x25f0 [ 2633.851399][T27395] ? shmem_getpage+0xa0/0xa0 [ 2633.855823][T27395] ? fault_in_safe_writeable+0x240/0x240 [ 2633.861291][T27395] ? __kasan_check_write+0x14/0x20 [ 2633.866240][T27395] ? shmem_write_end+0x786/0x8a0 [ 2633.871022][T27395] shmem_write_begin+0xc8/0x1b0 [ 2633.875731][T27395] generic_perform_write+0x2cd/0x5d0 [ 2633.880835][T27395] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2633.886466][T27395] ? file_remove_privs+0x690/0x690 [ 2633.891414][T27395] ? __kasan_check_write+0x14/0x20 [ 2633.896365][T27395] ? down_write+0xdd/0x140 [ 2633.900612][T27395] __generic_file_write_iter+0x25b/0x4b0 [ 2633.906080][T27395] generic_file_write_iter+0xaf/0x1c0 [ 2633.911294][T27395] vfs_write+0xc8d/0x1050 [ 2633.915455][T27395] ? file_end_write+0x1b0/0x1b0 [ 2633.920143][T27395] ? __fget_files+0x310/0x370 [ 2633.924683][T27395] ? __fdget_pos+0x1fe/0x310 [ 2633.929081][T27395] ? ksys_write+0x77/0x2c0 [ 2633.933335][T27395] ksys_write+0x198/0x2c0 [ 2633.937503][T27395] ? __ia32_sys_read+0x90/0x90 [ 2633.942100][T27395] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2633.948004][T27395] __x64_sys_write+0x7b/0x90 [ 2633.952430][T27395] do_syscall_64+0x44/0xd0 [ 2633.956945][T27395] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2633.962672][T27395] RIP: 0033:0x7fb257acee4f [ 2633.966928][T27395] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2633.986467][T27395] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 18:24:25 executing program 2: setresuid(0x0, 0xee01, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001840)=ANY=[@ANYBLOB="b7000000010003c3bfa30000000000000703000020feffff720af0fff8ffffff71a4f0ff000000001504000000ffffffde4005000000000047000000016d00007b030000000000000f440000000000007a0a00fe00ffffffdb03000000000000b5000000000000009500000000000000023bc065b78111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e51815548000000000000000275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7f300c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e5ccae25ea21714eca8cf5d803e04d83b46e21557c0afc646cb7790b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845b9f75dd08d123deda8ebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987af1714e72ba7616536fd9aa58f2477184b6a89adaf17b0baf587aef370a2d426a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a277c7a775d55dfc28abbe9b5ea62d84f3a10746443d64364f56e24e6d2105bd901128c7e0ec82770c8206b1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee7d26b34381fcb59b854e9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67051d355d84ce97bb0c6b4a595e487efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599ddd71063be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d96c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425bd5e87e59602a9f6590521d36f38df9ba60248d9a0d61282dfb15eb6841bb64a1b3045024a982f3c48153baae2c4e7bf37548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c3560811ea6c3560a43364d402ccdd9069bd50b994fd6a34ee18022a579dfc0229cc0dc9881610270928eeeb883418f562ae00003ea96d10f172c0374d6eed826407000000000000004a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca5f1380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea52acb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d851680f6f2f9a6a8906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f4ca2195234648e0a1ca50db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145eb6dc5f6a9037d2283c42efc54fa84323a3304f41ff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f928ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f80724a5bfc1e8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f068840a754c02180d61542c2571f983e96735600000554f327a353511ccedde99493c31ac05a7b57f03ca91a01ba2c60ca99e8ebc15ecfd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d40460780000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120968308c31db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98c2c73e1661261173f359e93d2c80000000998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebccbaf1ea4a003fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9e0600f86909bc90addb7b9aee813df534aac4b32fc7741c7e3f426b9ed20debd883593ff5d691b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a000000000000000000000000000006acc19808d7cf29bc974b0ea92499a419aa095e203c1bafbb9b9a7c2bca3f0a18ee4952f2d325a56390578f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa84feda91f3edb32231ec75300000000000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b88b5e7885e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d0f086b3f03b20d546fa66a72e38207c9d20035ab63de71a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db1829f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2744c46570e8f46da1ab990ca053cbfe801000000000000000000000000000000d55d8700000000000000495e3eb9421963a5a683c3dcb2d300aa3b2cfe946d2348c35f5d67d68ac07c8f84b3679e77c2e629ecec7c12c35d6b6971b8ae13cc00956d2245e761f5a3bfdcdc18ac27db60c0a461ed2b3ecfb16d19037c8c88c91dda1f904fbbc864e95ad43d6dd6d5eadbcea25682ba4b91e14c3fbfdfd1d680e7f13a65dbaa1af102d97681656bf56ff0cf36518f674237ce097d39008cc3257778de878bcd37467386f993be6d20c93a7791e7f2a155ce379b4cda2500108052aeb9bd03ffbda9ff485d6576a492d436d52edcd420e7deaa4343a0add3941ae7c5f58af43866ca64750f43e583ca1ceb3a805e46beef9dca77a4edcbb42aa0caf0bbd6cec72d85540293cb4849b0610800000000000000000000000000000000f9814d5f6c8673c143ff2f901e71b8818665b56f7a03afe3d900007656859db4cb06aaaf9f02cfab5b9e61cc00e8e19429921b8df4c4c53bddea4cc48737842952ff08aeac15685df194ca89da8cf6d29a2be9779181fd5d105af5786094d9130f5826b18b9667b971a994f3fd069629a1052f441e96884fcdc91f4a974242aabfc8adbadc9ca27955b5c90f0bd9a46ed044272383d3768871a9c8cfd7948aea445c55684351002ed4a4af45341de8e5e1f33624bd2ec1591dd00bbe05000000f89a928662e9b9449db34394fc5e946fadaee576e28ac0feab4e3585ed43d206218f524083840a78b723621f3b028d4ead407240e7467d1b37afe20690d7672c7e926fded95cf805516ad836eb730619a05af36fb28329d6feb33219cc9164461a8ba3afd5949b9a6046c53663df30a149414089c1ae8f3476236b05dde8dda4843a62c591f8d2b1a62d0db8dc826219bd87398b33e13e3a7a1511573cb1a8cdce3a8fea40792297d023ef52de2e75b9dbbfb8712ccc15c69cfb4c6c1bc2ae74621e536b9d3f09a15dada1561a8192d65cc59d7ed5a6bd610000000000000000000000000000000000000000000000b41248c570c4223a471b755ce6956908e2b0e5dbc5e71ff2373d3ed89c2e2eafac81c21ac2436d2ffacffe2fc0d601a50221c88a47b264c5129004f350963b52702c5a360000000000000000000000000000000b4077dc8a1801a8bf833350d302c5439ea3dd0f3b8eb1dc93af1fbf863d33a38a5aa02ec1e5b90cb673d6b0cfe7f35b20e438653e0f73ddfc78e3e1d1cc9798af0eb9b61bb4fc72454a57237b68ea614ad898374e952784a18ffb9dc4447acd7ad28a63f88007ad8cba31a6fdd9982c97a913dffe69654d3a00b98c45ead9b9619f946c82f5789379d0d942020652ccfac45e1ef5e93e72b7d5381a3c61fbabc1286285110540075bc7aee3e595f9850b9e96887d53404add0021b198be851d9f797d6d4fe7501997524d28ce7b1d5f8203d9f756efd5676c5d85052030c27e2a99ee39007d9b3c305b1c7d14899b42149d6c437d863651d30426e36ff66bafa93ce3f76c18b8c91ac65b7ab49f03b7c0d04f87f5698a90c6bcfde7687e1ee0369e88d674f51fe69423000000000000596444d8a7bf983d6f0342b2987e520542c1f725402404f37cda7868234eeefbd472c7b396c182f2b9a8bf2f85ad1a7b18681784c8fcf0cf5e34baebc594de0d6c9244a834b82a162739619b5f2e3c24378417f71f855b7958fbae631a8aa30b2120a9e23d8711f529b0cd7ce6ee2b0841a4d9e82e6ef54089b64175338ed7effe440c97c663a1000000000033f9ee8bc74fb676198caf54f9a07461c30b4b65890f2b64e68eb2a265f641e68af046fb8751055c6dba7e49068656dbf01c26b3812cec4204084e4c3f5abb86121a3eddd10720d3b66a3a8033aab499cf56b7e5b01d37c1d7b4f5968040cd727efc9a1d69fa550313969508472ec9af3327d1bcae9167e3316f272ba2efdebf91f15b4a2bc27ea303834692d92961d3dcff0e4f55d9e3e7c66e8d3324216c4c77b95c000c5f30d56da969b1ce3a3e1a8ce5a632b3c404e7b455cac15273ce31a57dc723e173d14b65bed120f5396671eb7f8670ddc26ecc7461b1badfc98076c95aa811954827767c023c51e183cf1de0230912617f72169a3f9bda12d14667855757ca543b524491e213929a9d095abb9e57f33ad7e5301e5995e65246bc06f931d983596a4979d403f1b3884123633e9af67a0972612b5874f2c8db14855444c7155f7bd177017c7bc1"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48) [ 2633.994701][T27395] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2634.002517][T27395] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2634.010327][T27395] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2634.018142][T27395] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2634.025958][T27395] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2634.033765][T27395] 18:24:25 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 58) 18:24:25 executing program 3: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x2, 0x13, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, [@sadb_x_sec_ctx={0x1, 0x18, 0x0, 0x0, 0x4000}]}, 0x18}}, 0x0) [ 2634.058734][T27404] FAULT_INJECTION: forcing a failure. [ 2634.058734][T27404] name failslab, interval 1, probability 0, space 0, times 0 [ 2634.108581][T27404] CPU: 1 PID: 27404 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2634.108841][T27414] FAULT_INJECTION: forcing a failure. [ 2634.108841][T27414] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2634.118661][T27404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2634.118679][T27404] Call Trace: [ 2634.118685][T27404] [ 2634.118691][T27404] dump_stack_lvl+0x151/0x1b7 [ 2634.118715][T27404] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2634.118735][T27404] dump_stack+0x15/0x17 [ 2634.118752][T27404] should_fail+0x3c0/0x510 [ 2634.165359][T27404] ? ext4_find_extent+0x249/0xd80 [ 2634.170218][T27404] __should_failslab+0x9f/0xe0 [ 2634.174821][T27404] should_failslab+0x9/0x20 [ 2634.179157][T27404] __kmalloc+0x6d/0x350 [ 2634.183150][T27404] ? __getblk_gfp+0x42/0x7d0 [ 2634.187579][T27404] ext4_find_extent+0x249/0xd80 [ 2634.192267][T27404] ext4_ext_map_blocks+0x22d/0x3cb0 [ 2634.197301][T27404] ? ext4_has_metadata_csum+0x1f0/0x1f0 [ 2634.202682][T27404] ? ext4_ext_release+0x10/0x10 [ 2634.207367][T27404] ? __ext4_handle_dirty_metadata+0x2cd/0x820 [ 2634.213270][T27404] ? __kasan_check_write+0x14/0x20 [ 2634.218216][T27404] ? down_read+0xf9/0x230 [ 2634.222385][T27404] ? ext4_es_lookup_extent+0x3c5/0x9d0 [ 2634.227686][T27404] ext4_map_blocks+0x42c/0x1e20 [ 2634.232378][T27404] ? ext4_blocks_for_truncate+0x2d0/0x2d0 [ 2634.237923][T27404] ? ext4_issue_zeroout+0x260/0x260 [ 2634.243214][T27404] ? ext4_has_metadata_csum+0x1f0/0x1f0 [ 2634.248605][T27404] ext4_append+0x23e/0x5b0 [ 2634.252875][T27404] ? ext4_init_new_dir+0xa10/0xa10 [ 2634.257800][T27404] ext4_init_new_dir+0x337/0xa10 [ 2634.262574][T27404] ? may_create+0x647/0x8c0 [ 2634.266913][T27404] ? ext4_init_dot_dotdot+0x500/0x500 [ 2634.272127][T27404] ext4_mkdir+0x4fa/0xcf0 [ 2634.276310][T27404] ? ext4_symlink+0xfe0/0xfe0 [ 2634.280801][T27404] ? selinux_inode_mkdir+0x22/0x30 [ 2634.285760][T27404] ? security_inode_mkdir+0xf1/0x130 [ 2634.290870][T27404] vfs_mkdir+0x360/0x580 [ 2634.294949][T27404] do_mkdirat+0x1e8/0x420 [ 2634.299137][T27404] ? vfs_mkdir+0x580/0x580 [ 2634.303367][T27404] ? getname_flags+0x1fb/0x510 [ 2634.307968][T27404] __x64_sys_mkdirat+0x89/0xa0 [ 2634.312568][T27404] do_syscall_64+0x44/0xd0 [ 2634.316839][T27404] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2634.322553][T27404] RIP: 0033:0x7fc55e5280e7 [ 2634.326805][T27404] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2634.346245][T27404] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 2634.354492][T27404] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e5280e7 [ 2634.362306][T27404] RDX: 00000000000001ff RSI: 00000000200001c0 RDI: 00000000ffffff9c [ 2634.370117][T27404] RBP: 0000000020000240 R08: 0000000000000000 R09: 0000000000000176 [ 2634.378042][T27404] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000180 [ 2634.385845][T27404] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2634.393669][T27404] [ 2634.396526][T27414] CPU: 0 PID: 27414 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2634.406619][T27414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2634.416494][T27414] Call Trace: [ 2634.419621][T27414] [ 2634.422392][T27414] dump_stack_lvl+0x151/0x1b7 [ 2634.426904][T27414] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2634.432201][T27414] ? __kasan_check_read+0x11/0x20 [ 2634.437060][T27414] dump_stack+0x15/0x17 [ 2634.441052][T27414] should_fail+0x3c0/0x510 [ 2634.445309][T27414] should_fail_usercopy+0x1a/0x20 [ 2634.450168][T27414] copy_page_from_iter_atomic+0x433/0x11c0 [ 2634.455812][T27414] ? pipe_zero+0x4d0/0x4d0 [ 2634.460064][T27414] ? __kasan_check_write+0x14/0x20 [ 2634.465013][T27414] ? shmem_write_end+0x786/0x8a0 [ 2634.469788][T27414] generic_perform_write+0x343/0x5d0 [ 2634.474908][T27414] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2634.480550][T27414] ? file_remove_privs+0x690/0x690 [ 2634.485497][T27414] ? __kasan_check_write+0x14/0x20 [ 2634.490443][T27414] ? down_write+0xdd/0x140 [ 2634.494703][T27414] __generic_file_write_iter+0x25b/0x4b0 [ 2634.500167][T27414] generic_file_write_iter+0xaf/0x1c0 [ 2634.505386][T27414] vfs_write+0xc8d/0x1050 [ 2634.509545][T27414] ? file_end_write+0x1b0/0x1b0 [ 2634.514228][T27414] ? __fget_files+0x310/0x370 [ 2634.518753][T27414] ? __fdget_pos+0x1fe/0x310 [ 2634.523170][T27414] ? ksys_write+0x77/0x2c0 [ 2634.527425][T27414] ksys_write+0x198/0x2c0 [ 2634.531588][T27414] ? __ia32_sys_read+0x90/0x90 [ 2634.536201][T27414] __x64_sys_write+0x7b/0x90 [ 2634.540703][T27414] do_syscall_64+0x44/0xd0 [ 2634.544955][T27414] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2634.550688][T27414] RIP: 0033:0x7fb257acee4f [ 2634.554936][T27414] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2634.574384][T27414] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2634.582628][T27414] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2634.590439][T27414] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2634.598247][T27414] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 18:24:26 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 49) 18:24:26 executing program 2: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0xd, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private1}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @empty}}, @sadb_x_policy={0x8, 0x12, 0x2, 0x2, 0x0, 0x0, 0x0, {0x17, 0x2b, 0x2, 0x3, 0x0, 0x0, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}}]}, 0xa0}}, 0x0) 18:24:26 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$bt_hci(r0, &(0x7f00000001c0)={0x1, @write_local_name={{0xc13, 0xf8}, {"506c47e7cc0f536047dc3655d49286d9e7c71c9873fc8b8cd7c9f06a36247612bde101308c495b4dc114fdb79695b2fac125820e16a3d78a24042d2d59a343400ebe749dd0233c74a1bef732d3640502708ece756d9328973d19a3fa51cb5e1d506115d6f3154e9e5f80a157638087768eb61efbed69a40b2f61cfef6bb79ad45d0faa7b60fea27729f0ce16607c1d65a5e97fd99124e0053bf1367df01bd80505c668c3ac166166329b3e02b981fa4ae59a535510a7ba20f3930f79c23b5867487234b9b1c6b6f69400126d13adf089becbb92c924acbbd4b2f2ee60540796eb446c9ea1aadd8513c34a45ff90b37a9cedbc955b77faf6f"}}}, 0xfc) 18:24:26 executing program 0: timer_create(0x9, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000280)='./file0\x00') creat(&(0x7f0000000080)='./bus\x00', 0x0) r0 = open(&(0x7f0000000400)='./bus\x00', 0x14103e, 0x0) r1 = open(&(0x7f00000004c0)='./bus\x00', 0x143042, 0x0) ftruncate(r1, 0x2008002) fstat(0xffffffffffffffff, &(0x7f0000000440)) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, 0x0, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x11, r0, 0x0) r2 = gettid() process_vm_writev(r2, &(0x7f0000c22000)=[{&(0x7f000034afa4)=""/1, 0x1f80}], 0x61, &(0x7f0000c22fa0)=[{&(0x7f0000000080)=""/1, 0x2034afa5}], 0x1, 0x0) 18:24:26 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 59) 18:24:26 executing program 2: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0xd, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private1}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @empty}}, @sadb_x_policy={0x8, 0x12, 0x2, 0x2, 0x0, 0x0, 0x0, {0x17, 0x2b, 0x2, 0x3, 0x0, 0x0, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}}]}, 0xa0}}, 0x0) [ 2634.606067][T27414] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2634.613874][T27414] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2634.621690][T27414] [ 2634.627111][T27414] loop5: detected capacity change from 0 to 512 [ 2634.640413][T27393] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 18:24:26 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 56) 18:24:26 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$bt_hci(r0, &(0x7f00000001c0)={0x1, @write_local_name={{0xc13, 0xf8}, {"506c47e7cc0f536047dc3655d49286d9e7c71c9873fc8b8cd7c9f06a36247612bde101308c495b4dc114fdb79695b2fac125820e16a3d78a24042d2d59a343400ebe749dd0233c74a1bef732d3640502708ece756d9328973d19a3fa51cb5e1d506115d6f3154e9e5f80a157638087768eb61efbed69a40b2f61cfef6bb79ad45d0faa7b60fea27729f0ce16607c1d65a5e97fd99124e0053bf1367df01bd80505c668c3ac166166329b3e02b981fa4ae59a535510a7ba20f3930f79c23b5867487234b9b1c6b6f69400126d13adf089becbb92c924acbbd4b2f2ee60540796eb446c9ea1aadd8513c34a45ff90b37a9cedbc955b77faf6f"}}}, 0xfc) 18:24:26 executing program 2: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0xd, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private1}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @empty}}, @sadb_x_policy={0x8, 0x12, 0x2, 0x2, 0x0, 0x0, 0x0, {0x17, 0x2b, 0x2, 0x3, 0x0, 0x0, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}}]}, 0xa0}}, 0x0) 18:24:26 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$bt_hci(r0, &(0x7f00000001c0)={0x1, @write_local_name={{0xc13, 0xf8}, {"506c47e7cc0f536047dc3655d49286d9e7c71c9873fc8b8cd7c9f06a36247612bde101308c495b4dc114fdb79695b2fac125820e16a3d78a24042d2d59a343400ebe749dd0233c74a1bef732d3640502708ece756d9328973d19a3fa51cb5e1d506115d6f3154e9e5f80a157638087768eb61efbed69a40b2f61cfef6bb79ad45d0faa7b60fea27729f0ce16607c1d65a5e97fd99124e0053bf1367df01bd80505c668c3ac166166329b3e02b981fa4ae59a535510a7ba20f3930f79c23b5867487234b9b1c6b6f69400126d13adf089becbb92c924acbbd4b2f2ee60540796eb446c9ea1aadd8513c34a45ff90b37a9cedbc955b77faf6f"}}}, 0xfc) [ 2634.736632][T27429] FAULT_INJECTION: forcing a failure. [ 2634.736632][T27429] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2634.736630][T27436] FAULT_INJECTION: forcing a failure. [ 2634.736630][T27436] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2634.736657][T27436] CPU: 0 PID: 27436 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2634.772751][T27436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2634.782645][T27436] Call Trace: [ 2634.785781][T27436] [ 2634.788546][T27436] dump_stack_lvl+0x151/0x1b7 [ 2634.793147][T27436] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2634.798448][T27436] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2634.803652][T27436] dump_stack+0x15/0x17 [ 2634.807727][T27436] should_fail+0x3c0/0x510 [ 2634.811982][T27436] should_fail_alloc_page+0x58/0x70 [ 2634.817015][T27436] __alloc_pages+0x1de/0x7c0 [ 2634.821444][T27436] ? __count_vm_events+0x30/0x30 [ 2634.826218][T27436] ? __kasan_check_read+0x11/0x20 [ 2634.831073][T27436] ? __vm_enough_memory+0x118/0x310 [ 2634.836110][T27436] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2634.841579][T27436] ? shmem_swapin_page+0x15c0/0x15c0 [ 2634.846703][T27436] ? xas_start+0x33d/0x410 [ 2634.850953][T27436] ? xas_load+0x2c7/0x2e0 [ 2634.855118][T27436] ? pagecache_get_page+0xcc8/0xdb0 [ 2634.860152][T27436] ? page_cache_prev_miss+0x430/0x430 [ 2634.865361][T27436] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2634.870746][T27436] ? lru_cache_add+0x273/0x530 [ 2634.875345][T27436] shmem_getpage_gfp+0x1487/0x25f0 [ 2634.880300][T27436] ? shmem_getpage+0xa0/0xa0 [ 2634.884715][T27436] ? fault_in_safe_writeable+0x240/0x240 [ 2634.890188][T27436] ? __kasan_check_write+0x14/0x20 [ 2634.895132][T27436] ? shmem_write_end+0x786/0x8a0 [ 2634.899907][T27436] shmem_write_begin+0xc8/0x1b0 [ 2634.904597][T27436] generic_perform_write+0x2cd/0x5d0 [ 2634.909717][T27436] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2634.915358][T27436] ? file_remove_privs+0x690/0x690 [ 2634.920308][T27436] ? __kasan_check_write+0x14/0x20 [ 2634.925253][T27436] ? down_write+0xdd/0x140 [ 2634.929506][T27436] __generic_file_write_iter+0x25b/0x4b0 [ 2634.934976][T27436] generic_file_write_iter+0xaf/0x1c0 [ 2634.940184][T27436] vfs_write+0xc8d/0x1050 [ 2634.944350][T27436] ? file_end_write+0x1b0/0x1b0 [ 2634.949038][T27436] ? __fget_files+0x310/0x370 [ 2634.953553][T27436] ? __fdget_pos+0x1fe/0x310 [ 2634.957975][T27436] ? ksys_write+0x77/0x2c0 [ 2634.962227][T27436] ksys_write+0x198/0x2c0 [ 2634.966397][T27436] ? __ia32_sys_read+0x90/0x90 [ 2634.970995][T27436] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2634.976901][T27436] __x64_sys_write+0x7b/0x90 [ 2634.981327][T27436] do_syscall_64+0x44/0xd0 [ 2634.985580][T27436] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2634.991334][T27436] RIP: 0033:0x7fcbd55afe4f [ 2634.995824][T27436] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2635.015266][T27436] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2635.023511][T27436] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f 18:24:26 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$bt_hci(r0, &(0x7f00000001c0)={0x1, @write_local_name={{0xc13, 0xf8}, {"506c47e7cc0f536047dc3655d49286d9e7c71c9873fc8b8cd7c9f06a36247612bde101308c495b4dc114fdb79695b2fac125820e16a3d78a24042d2d59a343400ebe749dd0233c74a1bef732d3640502708ece756d9328973d19a3fa51cb5e1d506115d6f3154e9e5f80a157638087768eb61efbed69a40b2f61cfef6bb79ad45d0faa7b60fea27729f0ce16607c1d65a5e97fd99124e0053bf1367df01bd80505c668c3ac166166329b3e02b981fa4ae59a535510a7ba20f3930f79c23b5867487234b9b1c6b6f69400126d13adf089becbb92c924acbbd4b2f2ee60540796eb446c9ea1aadd8513c34a45ff90b37a9cedbc955b77faf6f"}}}, 0xfc) 18:24:26 executing program 0: timer_create(0x9, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000280)='./file0\x00') creat(&(0x7f0000000080)='./bus\x00', 0x0) r0 = open(&(0x7f0000000400)='./bus\x00', 0x14103e, 0x0) r1 = open(&(0x7f00000004c0)='./bus\x00', 0x143042, 0x0) ftruncate(r1, 0x2008002) fstat(0xffffffffffffffff, &(0x7f0000000440)) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, 0x0, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x11, r0, 0x0) r2 = gettid() process_vm_writev(r2, &(0x7f0000c22000)=[{&(0x7f000034afa4)=""/1, 0x1f80}], 0x61, &(0x7f0000c22fa0)=[{&(0x7f0000000080)=""/1, 0x2034afa5}], 0x1, 0x0) 18:24:26 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 50) 18:24:26 executing program 2: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0xd, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private1}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @empty}}, @sadb_x_policy={0x8, 0x12, 0x2, 0x2, 0x0, 0x0, 0x0, {0x17, 0x2b, 0x2, 0x3, 0x0, 0x0, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}}]}, 0xa0}}, 0x0) 18:24:26 executing program 3: socketpair(0x2a, 0x0, 0x0, &(0x7f0000000040)) [ 2635.031322][T27436] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2635.039133][T27436] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2635.046950][T27436] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2635.054771][T27436] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2635.062572][T27436] [ 2635.074689][T27431] loop1: detected capacity change from 0 to 16 [ 2635.098567][T27429] CPU: 1 PID: 27429 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2635.108733][T27429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2635.111574][T27431] FAULT_INJECTION: forcing a failure. [ 2635.111574][T27431] name failslab, interval 1, probability 0, space 0, times 0 [ 2635.118625][T27429] Call Trace: [ 2635.118640][T27429] [ 2635.118646][T27429] dump_stack_lvl+0x151/0x1b7 [ 2635.118668][T27429] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2635.118683][T27429] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2635.131782][T27446] FAULT_INJECTION: forcing a failure. [ 2635.131782][T27446] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2635.134158][T27429] dump_stack+0x15/0x17 [ 2635.134181][T27429] should_fail+0x3c0/0x510 [ 2635.173134][T27429] should_fail_alloc_page+0x58/0x70 [ 2635.178173][T27429] __alloc_pages+0x1de/0x7c0 [ 2635.182594][T27429] ? __count_vm_events+0x30/0x30 [ 2635.187364][T27429] ? __kasan_check_read+0x11/0x20 [ 2635.192312][T27429] ? __vm_enough_memory+0x118/0x310 [ 2635.197553][T27429] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2635.202991][T27429] ? shmem_swapin_page+0x15c0/0x15c0 [ 2635.208116][T27429] ? xas_start+0x33d/0x410 [ 2635.212366][T27429] ? xas_load+0x2c7/0x2e0 [ 2635.216530][T27429] ? pagecache_get_page+0xcc8/0xdb0 [ 2635.221566][T27429] ? page_cache_prev_miss+0x430/0x430 [ 2635.226867][T27429] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2635.232248][T27429] ? lru_cache_add+0x273/0x530 [ 2635.236843][T27429] shmem_getpage_gfp+0x1487/0x25f0 [ 2635.241793][T27429] ? shmem_getpage+0xa0/0xa0 [ 2635.246215][T27429] ? fault_in_safe_writeable+0x240/0x240 [ 2635.251686][T27429] ? __kasan_check_write+0x14/0x20 [ 2635.256631][T27429] ? shmem_write_end+0x786/0x8a0 [ 2635.261493][T27429] shmem_write_begin+0xc8/0x1b0 [ 2635.266180][T27429] generic_perform_write+0x2cd/0x5d0 [ 2635.271323][T27429] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2635.276954][T27429] ? file_remove_privs+0x690/0x690 [ 2635.281893][T27429] ? __kasan_check_write+0x14/0x20 [ 2635.286839][T27429] ? down_write+0xdd/0x140 [ 2635.291095][T27429] __generic_file_write_iter+0x25b/0x4b0 [ 2635.296567][T27429] generic_file_write_iter+0xaf/0x1c0 [ 2635.301853][T27429] vfs_write+0xc8d/0x1050 [ 2635.306030][T27429] ? file_end_write+0x1b0/0x1b0 [ 2635.310707][T27429] ? __fget_files+0x310/0x370 [ 2635.315308][T27429] ? __fdget_pos+0x1fe/0x310 [ 2635.319735][T27429] ? ksys_write+0x77/0x2c0 [ 2635.323989][T27429] ksys_write+0x198/0x2c0 [ 2635.328244][T27429] ? __ia32_sys_read+0x90/0x90 [ 2635.332841][T27429] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2635.338749][T27429] __x64_sys_write+0x7b/0x90 [ 2635.343181][T27429] do_syscall_64+0x44/0xd0 [ 2635.347427][T27429] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2635.353153][T27429] RIP: 0033:0x7fb257acee4f [ 2635.357408][T27429] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2635.376846][T27429] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2635.385092][T27429] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2635.392950][T27429] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2635.400716][T27429] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2635.408533][T27429] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2635.416342][T27429] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2635.424162][T27429] [ 2635.427020][T27446] CPU: 0 PID: 27446 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2635.430806][ T30] audit: type=1400 audit(1673979866.939:787): avc: denied { create } for pid=27443 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 2635.437088][T27446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2635.466869][T27446] Call Trace: [ 2635.469994][T27446] [ 2635.472765][T27446] dump_stack_lvl+0x151/0x1b7 [ 2635.477278][T27446] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2635.482576][T27446] ? __kasan_check_read+0x11/0x20 [ 2635.487440][T27446] dump_stack+0x15/0x17 [ 2635.491427][T27446] should_fail+0x3c0/0x510 [ 2635.495686][T27446] should_fail_usercopy+0x1a/0x20 [ 2635.500541][T27446] copy_page_from_iter_atomic+0x433/0x11c0 [ 2635.506188][T27446] ? pipe_zero+0x4d0/0x4d0 [ 2635.510437][T27446] ? __kasan_check_write+0x14/0x20 [ 2635.515396][T27446] ? shmem_write_end+0x786/0x8a0 [ 2635.520249][T27446] generic_perform_write+0x343/0x5d0 [ 2635.525376][T27446] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2635.531008][T27446] ? file_remove_privs+0x690/0x690 [ 2635.535957][T27446] ? __kasan_check_write+0x14/0x20 [ 2635.540904][T27446] ? down_write+0xdd/0x140 [ 2635.545158][T27446] __generic_file_write_iter+0x25b/0x4b0 [ 2635.550627][T27446] generic_file_write_iter+0xaf/0x1c0 [ 2635.555831][T27446] vfs_write+0xc8d/0x1050 [ 2635.559999][T27446] ? file_end_write+0x1b0/0x1b0 [ 2635.564687][T27446] ? __fget_files+0x310/0x370 [ 2635.569201][T27446] ? __fdget_pos+0x1fe/0x310 [ 2635.573626][T27446] ? ksys_write+0x77/0x2c0 [ 2635.577881][T27446] ksys_write+0x198/0x2c0 [ 2635.582047][T27446] ? __ia32_sys_read+0x90/0x90 [ 2635.586647][T27446] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2635.592550][T27446] __x64_sys_write+0x7b/0x90 [ 2635.596975][T27446] do_syscall_64+0x44/0xd0 [ 2635.601228][T27446] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2635.606959][T27446] RIP: 0033:0x7fcbd55afe4f [ 2635.611394][T27446] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2635.630840][T27446] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2635.639086][T27446] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f 18:24:27 executing program 3: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0xb, 0x2, &(0x7f0000000000)=@raw=[@call={0x85, 0x0, 0x0, 0x22}, @exit], &(0x7f00000000c0)='GPL\x00', 0x4, 0xa5, &(0x7f0000000100)=""/165, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) [ 2635.646897][T27446] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2635.654710][T27446] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2635.662517][T27446] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2635.670333][T27446] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2635.678149][T27446] [ 2635.681006][T27431] CPU: 1 PID: 27431 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2635.691081][T27431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 18:24:27 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 60) [ 2635.700976][T27431] Call Trace: [ 2635.704102][T27431] [ 2635.706878][T27431] dump_stack_lvl+0x151/0x1b7 [ 2635.711387][T27431] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2635.716685][T27431] dump_stack+0x15/0x17 [ 2635.719347][T27446] loop4: detected capacity change from 0 to 512 [ 2635.720671][T27431] should_fail+0x3c0/0x510 [ 2635.720692][T27431] ? sidtab_sid2str_get+0x127/0x2a0 [ 2635.736040][T27431] __should_failslab+0x9f/0xe0 [ 2635.738878][T27450] FAULT_INJECTION: forcing a failure. [ 2635.738878][T27450] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2635.740638][T27431] should_failslab+0x9/0x20 [ 2635.740662][T27431] __kmalloc_track_caller+0x6c/0x350 [ 2635.762949][T27431] kmemdup+0x24/0x50 [ 2635.766681][T27431] sidtab_sid2str_get+0x127/0x2a0 [ 2635.771537][T27431] security_sid_to_context_core+0x2b1/0x490 [ 2635.777267][T27431] security_sid_to_context_force+0x36/0x40 [ 2635.783091][T27431] selinux_inode_init_security+0x705/0xaf0 [ 2635.788732][T27431] ? selinux_inode_free_security+0x200/0x200 [ 2635.794713][T27431] security_inode_init_security+0x16f/0x3c0 [ 2635.800441][T27431] ? ext4_init_security+0x40/0x40 [ 2635.805301][T27431] ? security_dentry_create_files_as+0xd0/0xd0 [ 2635.811292][T27431] ? __ext4_set_acl+0x5f0/0x5f0 [ 2635.816066][T27431] ? ext4_has_metadata_csum+0x1f0/0x1f0 [ 2635.821454][T27431] ext4_init_security+0x34/0x40 [ 2635.826134][T27431] __ext4_new_inode+0x37e3/0x4780 [ 2635.831002][T27431] ? ext4_mark_inode_used+0xc00/0xc00 [ 2635.836200][T27431] ? dquot_initialize+0x20/0x20 [ 2635.840889][T27431] ? may_create+0x647/0x8c0 [ 2635.845232][T27431] ext4_mkdir+0x41a/0xcf0 [ 2635.849571][T27431] ? ext4_symlink+0xfe0/0xfe0 [ 2635.854083][T27431] ? selinux_inode_mkdir+0x22/0x30 [ 2635.859030][T27431] ? security_inode_mkdir+0xf1/0x130 [ 2635.864152][T27431] vfs_mkdir+0x360/0x580 [ 2635.868229][T27431] do_mkdirat+0x1e8/0x420 [ 2635.872398][T27431] ? vfs_mkdir+0x580/0x580 [ 2635.876651][T27431] ? getname_flags+0x1fb/0x510 [ 2635.881253][T27431] __x64_sys_mkdirat+0x89/0xa0 [ 2635.885848][T27431] do_syscall_64+0x44/0xd0 [ 2635.890103][T27431] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2635.895830][T27431] RIP: 0033:0x7fc55e5280e7 [ 2635.900087][T27431] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2635.919671][T27431] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 2635.927858][T27431] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e5280e7 [ 2635.935673][T27431] RDX: 00000000000001ff RSI: 00000000200001c0 RDI: 00000000ffffff9c [ 2635.943489][T27431] RBP: 0000000020000240 R08: 0000000000000000 R09: 0000000000000176 [ 2635.951296][T27431] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000180 [ 2635.959107][T27431] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2635.966930][T27431] [ 2635.969787][T27450] CPU: 0 PID: 27450 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2635.979855][T27450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2635.989836][T27450] Call Trace: [ 2635.992962][T27450] [ 2635.995737][T27450] dump_stack_lvl+0x151/0x1b7 [ 2636.000251][T27450] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2636.005545][T27450] ? __kasan_check_read+0x11/0x20 [ 2636.010409][T27450] dump_stack+0x15/0x17 [ 2636.014399][T27450] should_fail+0x3c0/0x510 [ 2636.018662][T27450] should_fail_usercopy+0x1a/0x20 [ 2636.023512][T27450] copy_page_from_iter_atomic+0x433/0x11c0 [ 2636.029158][T27450] ? pipe_zero+0x4d0/0x4d0 [ 2636.033406][T27450] ? __kasan_check_write+0x14/0x20 [ 2636.038357][T27450] ? shmem_write_end+0x786/0x8a0 [ 2636.043132][T27450] generic_perform_write+0x343/0x5d0 [ 2636.048265][T27450] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2636.053989][T27450] ? file_remove_privs+0x690/0x690 [ 2636.058926][T27450] ? __kasan_check_write+0x14/0x20 [ 2636.063881][T27450] ? down_write+0xdd/0x140 [ 2636.068130][T27450] __generic_file_write_iter+0x25b/0x4b0 [ 2636.073600][T27450] generic_file_write_iter+0xaf/0x1c0 [ 2636.078806][T27450] vfs_write+0xc8d/0x1050 [ 2636.082975][T27450] ? file_end_write+0x1b0/0x1b0 [ 2636.087657][T27450] ? __fget_files+0x310/0x370 [ 2636.092172][T27450] ? __fdget_pos+0x1fe/0x310 [ 2636.096597][T27450] ? ksys_write+0x77/0x2c0 [ 2636.100883][T27450] ksys_write+0x198/0x2c0 [ 2636.105019][T27450] ? __ia32_sys_read+0x90/0x90 [ 2636.109618][T27450] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2636.115534][T27450] __x64_sys_write+0x7b/0x90 [ 2636.119954][T27450] do_syscall_64+0x44/0xd0 [ 2636.124235][T27450] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2636.130102][T27450] RIP: 0033:0x7fb257acee4f [ 2636.134357][T27450] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2636.153972][T27450] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2636.162218][T27450] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2636.170032][T27450] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2636.177843][T27450] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2636.185661][T27450] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2636.193467][T27450] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2636.201281][T27450] 18:24:28 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/vlan/vlan0\x00') read$FUSE(r0, &(0x7f00000062c0)={0x2020}, 0x2020) 18:24:28 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 57) 18:24:28 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x3, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xe000000}, 0x48) 18:24:28 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/vlan/vlan0\x00') read$FUSE(r0, &(0x7f00000062c0)={0x2020}, 0x2020) 18:24:28 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x3, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xe000000}, 0x48) 18:24:28 executing program 3: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0xb, 0x2, &(0x7f0000000000)=@raw=[@call={0x85, 0x0, 0x0, 0x22}, @exit], &(0x7f00000000c0)='GPL\x00', 0x4, 0xa5, &(0x7f0000000100)=""/165, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 18:24:28 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 51) 18:24:28 executing program 3: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0xb, 0x2, &(0x7f0000000000)=@raw=[@call={0x85, 0x0, 0x0, 0x22}, @exit], &(0x7f00000000c0)='GPL\x00', 0x4, 0xa5, &(0x7f0000000100)=""/165, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 18:24:28 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/vlan/vlan0\x00') read$FUSE(r0, &(0x7f00000062c0)={0x2020}, 0x2020) 18:24:28 executing program 3: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0xb, 0x2, &(0x7f0000000000)=@raw=[@call={0x85, 0x0, 0x0, 0x22}, @exit], &(0x7f00000000c0)='GPL\x00', 0x4, 0xa5, &(0x7f0000000100)=""/165, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 18:24:28 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x3, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xe000000}, 0x48) [ 2636.258790][T27446] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 2636.274134][T27462] loop1: detected capacity change from 0 to 16 [ 2636.282764][T27450] loop5: detected capacity change from 0 to 512 [ 2636.308494][T27462] FAULT_INJECTION: forcing a failure. [ 2636.308494][T27462] name failslab, interval 1, probability 0, space 0, times 0 [ 2636.321653][T27462] CPU: 1 PID: 27462 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2636.331707][T27462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2636.341618][T27462] Call Trace: [ 2636.344727][T27462] [ 2636.347495][T27462] dump_stack_lvl+0x151/0x1b7 [ 2636.352012][T27462] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2636.357315][T27462] ? kasan_set_track+0x5e/0x70 [ 2636.362086][T27462] ? kasan_set_free_info+0x23/0x40 [ 2636.367021][T27462] ? ____kasan_slab_free+0x126/0x160 [ 2636.372164][T27462] ? __kasan_slab_free+0x11/0x20 [ 2636.376921][T27462] ? kfree+0xc8/0x210 [ 2636.380735][T27462] ? ext4_ext_map_blocks+0x210d/0x3cb0 [ 2636.386026][T27462] ? ext4_map_blocks+0x42c/0x1e20 [ 2636.390894][T27462] ? ext4_append+0x23e/0x5b0 [ 2636.395315][T27462] dump_stack+0x15/0x17 [ 2636.399309][T27462] should_fail+0x3c0/0x510 [ 2636.403560][T27462] ? ext4_find_extent+0x249/0xd80 [ 2636.408420][T27462] __should_failslab+0x9f/0xe0 [ 2636.413019][T27462] should_failslab+0x9/0x20 [ 2636.417361][T27462] __kmalloc+0x6d/0x350 [ 2636.421353][T27462] ext4_find_extent+0x249/0xd80 [ 2636.426040][T27462] ext4_ext_map_blocks+0x22d/0x3cb0 [ 2636.431077][T27462] ? ____kasan_slab_free+0x131/0x160 [ 2636.436197][T27462] ? __kasan_slab_free+0x11/0x20 [ 2636.440970][T27462] ? ext4_ext_map_blocks+0x210d/0x3cb0 [ 2636.446264][T27462] ? ext4_ext_release+0x10/0x10 [ 2636.450959][T27462] ? ext4_ext_map_blocks+0x2151/0x3cb0 [ 2636.456248][T27462] ? ext4_es_lookup_extent+0x3c5/0x9d0 [ 2636.461630][T27462] ext4_map_blocks+0xacd/0x1e20 [ 2636.466315][T27462] ? ext4_issue_zeroout+0x260/0x260 [ 2636.471348][T27462] ? __kasan_check_write+0x14/0x20 [ 2636.476298][T27462] ? up_read+0x14/0x90 [ 2636.480202][T27462] ext4_getblk+0x19c/0x6f0 [ 2636.484455][T27462] ? ext4_get_block_unwritten+0x40/0x40 [ 2636.489837][T27462] ? ext4_has_metadata_csum+0x1f0/0x1f0 [ 2636.495220][T27462] ext4_bread+0x2f/0x180 [ 2636.499301][T27462] ext4_append+0x31b/0x5b0 [ 2636.503551][T27462] ? ext4_init_new_dir+0xa10/0xa10 [ 2636.508500][T27462] ext4_init_new_dir+0x337/0xa10 [ 2636.513275][T27462] ? may_create+0x647/0x8c0 [ 2636.517614][T27462] ? ext4_init_dot_dotdot+0x500/0x500 [ 2636.522821][T27462] ext4_mkdir+0x4fa/0xcf0 [ 2636.526992][T27462] ? ext4_symlink+0xfe0/0xfe0 [ 2636.531500][T27462] ? selinux_inode_mkdir+0x22/0x30 [ 2636.536453][T27462] ? security_inode_mkdir+0xf1/0x130 [ 2636.541569][T27462] vfs_mkdir+0x360/0x580 [ 2636.545649][T27462] do_mkdirat+0x1e8/0x420 [ 2636.549819][T27462] ? vfs_mkdir+0x580/0x580 [ 2636.554071][T27462] ? getname_flags+0x1fb/0x510 [ 2636.558669][T27462] __x64_sys_mkdirat+0x89/0xa0 [ 2636.563271][T27462] do_syscall_64+0x44/0xd0 [ 2636.567526][T27462] ? irqentry_exit+0x12/0x40 [ 2636.571955][T27462] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2636.577678][T27462] RIP: 0033:0x7fc55e5280e7 [ 2636.581935][T27462] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2636.601377][T27462] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 18:24:28 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 61) 18:24:28 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x3, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xe000000}, 0x48) [ 2636.609627][T27462] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e5280e7 [ 2636.617433][T27462] RDX: 00000000000001ff RSI: 00000000200001c0 RDI: 00000000ffffff9c [ 2636.625245][T27462] RBP: 0000000020000240 R08: 0000000000000000 R09: 0000000000000176 [ 2636.633055][T27462] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000180 [ 2636.640954][T27462] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2636.648769][T27462] [ 2636.665880][T27477] FAULT_INJECTION: forcing a failure. [ 2636.665880][T27477] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2636.679923][T27477] CPU: 1 PID: 27477 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2636.689997][T27477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2636.699893][T27477] Call Trace: [ 2636.703111][T27477] [ 2636.705884][T27477] dump_stack_lvl+0x151/0x1b7 [ 2636.710398][T27477] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2636.715694][T27477] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2636.720902][T27477] dump_stack+0x15/0x17 [ 2636.724894][T27477] should_fail+0x3c0/0x510 [ 2636.729148][T27477] should_fail_alloc_page+0x58/0x70 [ 2636.734181][T27477] __alloc_pages+0x1de/0x7c0 [ 2636.738607][T27477] ? __count_vm_events+0x30/0x30 [ 2636.743382][T27477] ? __kasan_check_read+0x11/0x20 [ 2636.748242][T27477] ? __vm_enough_memory+0x118/0x310 [ 2636.753280][T27477] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2636.758747][T27477] ? shmem_swapin_page+0x15c0/0x15c0 [ 2636.763874][T27477] ? xas_start+0x33d/0x410 [ 2636.768130][T27477] ? xas_load+0x2c7/0x2e0 [ 2636.772286][T27477] ? pagecache_get_page+0xcc8/0xdb0 [ 2636.777323][T27477] ? page_cache_prev_miss+0x430/0x430 [ 2636.782528][T27477] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2636.787910][T27477] ? lru_cache_add+0x273/0x530 [ 2636.792512][T27477] shmem_getpage_gfp+0x1487/0x25f0 [ 2636.797465][T27477] ? shmem_getpage+0xa0/0xa0 [ 2636.801889][T27477] ? fault_in_safe_writeable+0x240/0x240 [ 2636.807355][T27477] ? __kasan_check_write+0x14/0x20 [ 2636.812300][T27477] ? shmem_write_end+0x786/0x8a0 [ 2636.817076][T27477] shmem_write_begin+0xc8/0x1b0 [ 2636.821762][T27477] generic_perform_write+0x2cd/0x5d0 [ 2636.827147][T27477] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2636.832785][T27477] ? file_remove_privs+0x690/0x690 [ 2636.837738][T27477] ? __kasan_check_write+0x14/0x20 [ 2636.842685][T27477] ? down_write+0xdd/0x140 [ 2636.846935][T27477] __generic_file_write_iter+0x25b/0x4b0 [ 2636.852405][T27477] generic_file_write_iter+0xaf/0x1c0 [ 2636.857611][T27477] vfs_write+0xc8d/0x1050 [ 2636.861782][T27477] ? file_end_write+0x1b0/0x1b0 [ 2636.866466][T27477] ? __fget_files+0x310/0x370 [ 2636.870987][T27477] ? __fdget_pos+0x1fe/0x310 [ 2636.875402][T27477] ? ksys_write+0x77/0x2c0 [ 2636.879655][T27477] ksys_write+0x198/0x2c0 [ 2636.883825][T27477] ? __ia32_sys_read+0x90/0x90 [ 2636.888423][T27477] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2636.894330][T27477] __x64_sys_write+0x7b/0x90 [ 2636.898764][T27477] do_syscall_64+0x44/0xd0 [ 2636.903007][T27477] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2636.908734][T27477] RIP: 0033:0x7fcbd55afe4f [ 2636.912992][T27477] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2636.932447][T27477] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2636.940677][T27477] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2636.948487][T27477] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2636.956300][T27477] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2636.964116][T27477] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2636.971924][T27477] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2636.979753][T27477] [ 2637.035392][T27480] FAULT_INJECTION: forcing a failure. [ 2637.035392][T27480] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2637.048955][T27480] CPU: 0 PID: 27480 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2637.059011][T27480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2637.069012][T27480] Call Trace: [ 2637.072133][T27480] [ 2637.074916][T27480] dump_stack_lvl+0x151/0x1b7 [ 2637.079420][T27480] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2637.084713][T27480] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2637.089924][T27480] dump_stack+0x15/0x17 [ 2637.093915][T27480] should_fail+0x3c0/0x510 [ 2637.098174][T27480] should_fail_alloc_page+0x58/0x70 [ 2637.103202][T27480] __alloc_pages+0x1de/0x7c0 [ 2637.107630][T27480] ? __count_vm_events+0x30/0x30 [ 2637.112400][T27480] ? __kasan_check_read+0x11/0x20 [ 2637.117261][T27480] ? __vm_enough_memory+0x118/0x310 [ 2637.122297][T27480] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2637.127850][T27480] ? shmem_swapin_page+0x15c0/0x15c0 [ 2637.132977][T27480] ? xas_start+0x33d/0x410 [ 2637.137318][T27480] ? xas_load+0x2c7/0x2e0 [ 2637.141478][T27480] ? pagecache_get_page+0xcc8/0xdb0 [ 2637.146514][T27480] ? page_cache_prev_miss+0x430/0x430 [ 2637.151723][T27480] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2637.157192][T27480] ? lru_cache_add+0x273/0x530 [ 2637.161790][T27480] shmem_getpage_gfp+0x1487/0x25f0 [ 2637.166741][T27480] ? shmem_getpage+0xa0/0xa0 [ 2637.171166][T27480] ? fault_in_safe_writeable+0x240/0x240 [ 2637.176633][T27480] ? __kasan_check_write+0x14/0x20 [ 2637.181581][T27480] ? shmem_write_end+0x786/0x8a0 [ 2637.186354][T27480] shmem_write_begin+0xc8/0x1b0 [ 2637.191044][T27480] generic_perform_write+0x2cd/0x5d0 [ 2637.196164][T27480] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2637.201804][T27480] ? file_remove_privs+0x690/0x690 [ 2637.206753][T27480] ? __kasan_check_write+0x14/0x20 [ 2637.211699][T27480] ? down_write+0xdd/0x140 [ 2637.215954][T27480] __generic_file_write_iter+0x25b/0x4b0 [ 2637.221426][T27480] generic_file_write_iter+0xaf/0x1c0 [ 2637.226633][T27480] vfs_write+0xc8d/0x1050 [ 2637.230796][T27480] ? file_end_write+0x1b0/0x1b0 [ 2637.235482][T27480] ? __fget_files+0x310/0x370 [ 2637.239996][T27480] ? __fdget_pos+0x1fe/0x310 [ 2637.244430][T27480] ? ksys_write+0x77/0x2c0 [ 2637.248678][T27480] ksys_write+0x198/0x2c0 [ 2637.253017][T27480] ? __ia32_sys_read+0x90/0x90 [ 2637.257617][T27480] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2637.263522][T27480] __x64_sys_write+0x7b/0x90 [ 2637.268546][T27480] do_syscall_64+0x44/0xd0 [ 2637.272721][T27480] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2637.278470][T27480] RIP: 0033:0x7fb257acee4f [ 2637.282741][T27480] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2637.302322][T27480] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2637.310564][T27480] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2637.318385][T27480] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2637.326189][T27480] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 18:24:29 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 58) 18:24:29 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/vlan/vlan0\x00') read$FUSE(r0, &(0x7f00000062c0)={0x2020}, 0x2020) 18:24:29 executing program 2: r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) read(r0, &(0x7f0000000140)=""/240, 0xf0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x0, &(0x7f0000000200), 0x200000, 0x4) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x0, &(0x7f00000000c0), 0xc06620, 0x4) ioctl$UFFDIO_COPY(r0, 0x8010aa02, &(0x7f0000000040)={&(0x7f000052b000/0x4000)=nil, &(0x7f00001fc000/0x3000)=nil, 0x4000}) 18:24:29 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 52) 18:24:29 executing program 3: pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet6(0xa, 0x3, 0x2c) connect$inet(0xffffffffffffffff, &(0x7f0000000740)={0x2, 0x0, @multicast2}, 0x10) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_int(r2, 0x29, 0x7, &(0x7f0000000080)=0x2, 0x4) bind$inet6(0xffffffffffffffff, &(0x7f00000005c0)={0xa, 0x4e21, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x0, 0x4, &(0x7f0000000800)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000100095000000000000009f33ef60916e6e893f1eeb0be2566cd0723043c47c896ce0bce66a245ad99b817fd98cd824498949714ffaac8a6f77ef26dcca5582054d54d53cd2b6db714e4b94bdae214fa68a0557eb2c5ca683a4b6fc89398f2b9000f224891060017cfa6fa26fa7a34701008c60897d4a6148a1c11428607640de60beac671e8e8fdecb03588aa623fa71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) write$binfmt_misc(r1, &(0x7f0000000080)=ANY=[], 0x2bb98205) splice(r0, 0x0, r2, 0x0, 0x4ff9c, 0x0) [ 2637.334006][T27480] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2637.341813][T27480] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2637.349631][T27480] [ 2637.358630][ T30] audit: type=1400 audit(1673979869.189:788): avc: denied { read } for pid=27481 comm="syz-executor.2" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=153757 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 2637.375421][T27487] loop1: detected capacity change from 0 to 16 [ 2637.394450][ T30] audit: type=1400 audit(1673979869.229:789): avc: denied { create } for pid=27488 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 2637.405341][T27487] FAULT_INJECTION: forcing a failure. [ 2637.405341][T27487] name failslab, interval 1, probability 0, space 0, times 0 [ 2637.414303][ T30] audit: type=1400 audit(1673979869.229:790): avc: denied { connect } for pid=27488 comm="syz-executor.3" lport=44 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 2637.429710][T27492] FAULT_INJECTION: forcing a failure. [ 2637.429710][T27492] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2637.447314][T27487] CPU: 1 PID: 27487 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2637.470051][T27487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2637.480285][T27487] Call Trace: [ 2637.483411][T27487] [ 2637.486186][T27487] dump_stack_lvl+0x151/0x1b7 [ 2637.490701][T27487] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2637.495999][T27487] ? __kasan_check_write+0x14/0x20 [ 2637.501039][T27487] ? _raw_spin_lock+0xa3/0x1b0 [ 2637.505722][T27487] dump_stack+0x15/0x17 [ 2637.509725][T27487] should_fail+0x3c0/0x510 [ 2637.513963][T27487] __should_failslab+0x9f/0xe0 [ 2637.518566][T27487] should_failslab+0x9/0x20 [ 2637.523095][T27487] kmem_cache_alloc+0x4f/0x2f0 [ 2637.527696][T27487] ? __mark_inode_dirty+0x5fa/0x9d0 [ 2637.532721][T27487] ? ext4_mb_new_blocks+0x4de/0x3c00 [ 2637.537844][T27487] ext4_mb_new_blocks+0x4de/0x3c00 [ 2637.542793][T27487] ? __kasan_kmalloc+0x9/0x10 [ 2637.547303][T27487] ? __kmalloc+0x203/0x350 [ 2637.551558][T27487] ? ext4_mb_pa_callback+0xd0/0xd0 [ 2637.556504][T27487] ? ext4_ext_search_right+0x4d3/0x890 [ 2637.561799][T27487] ? ext4_inode_to_goal_block+0x31e/0x460 [ 2637.567353][T27487] ? ext4_ext_find_goal+0x113/0x200 [ 2637.572388][T27487] ext4_ext_map_blocks+0x17db/0x3cb0 [ 2637.577512][T27487] ? ext4_ext_release+0x10/0x10 [ 2637.582196][T27487] ? ext4_ext_map_blocks+0x2151/0x3cb0 [ 2637.587494][T27487] ? ext4_es_lookup_extent+0x3c5/0x9d0 [ 2637.592788][T27487] ext4_map_blocks+0xacd/0x1e20 [ 2637.597478][T27487] ? ext4_issue_zeroout+0x260/0x260 [ 2637.602510][T27487] ? __kasan_check_write+0x14/0x20 [ 2637.607454][T27487] ? up_read+0x14/0x90 [ 2637.611361][T27487] ext4_getblk+0x19c/0x6f0 [ 2637.615616][T27487] ? ext4_get_block_unwritten+0x40/0x40 [ 2637.621002][T27487] ? ext4_has_metadata_csum+0x1f0/0x1f0 [ 2637.626379][T27487] ext4_bread+0x2f/0x180 [ 2637.630497][T27487] ext4_append+0x31b/0x5b0 [ 2637.634711][T27487] ? ext4_init_new_dir+0xa10/0xa10 [ 2637.639662][T27487] ext4_init_new_dir+0x337/0xa10 [ 2637.644432][T27487] ? may_create+0x647/0x8c0 [ 2637.648773][T27487] ? ext4_init_dot_dotdot+0x500/0x500 [ 2637.653982][T27487] ext4_mkdir+0x4fa/0xcf0 [ 2637.658146][T27487] ? ext4_symlink+0xfe0/0xfe0 [ 2637.662661][T27487] ? selinux_inode_mkdir+0x22/0x30 [ 2637.667605][T27487] ? security_inode_mkdir+0xf1/0x130 [ 2637.672906][T27487] vfs_mkdir+0x360/0x580 [ 2637.676981][T27487] do_mkdirat+0x1e8/0x420 [ 2637.681155][T27487] ? vfs_mkdir+0x580/0x580 [ 2637.685400][T27487] ? getname_flags+0x1fb/0x510 [ 2637.690001][T27487] __x64_sys_mkdirat+0x89/0xa0 [ 2637.694601][T27487] do_syscall_64+0x44/0xd0 [ 2637.698854][T27487] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2637.704583][T27487] RIP: 0033:0x7fc55e5280e7 [ 2637.708838][T27487] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2637.728290][T27487] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 2637.736534][T27487] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e5280e7 [ 2637.744337][T27487] RDX: 00000000000001ff RSI: 00000000200001c0 RDI: 00000000ffffff9c [ 2637.752148][T27487] RBP: 0000000020000240 R08: 0000000000000000 R09: 0000000000000176 [ 2637.759960][T27487] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000180 [ 2637.767771][T27487] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2637.775599][T27487] [ 2637.778452][T27492] CPU: 0 PID: 27492 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2637.788526][T27492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2637.798412][T27492] Call Trace: [ 2637.801540][T27492] [ 2637.804315][T27492] dump_stack_lvl+0x151/0x1b7 [ 2637.808829][T27492] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2637.814123][T27492] ? __kasan_check_read+0x11/0x20 [ 2637.818991][T27492] dump_stack+0x15/0x17 [ 2637.822983][T27492] should_fail+0x3c0/0x510 [ 2637.827324][T27492] should_fail_usercopy+0x1a/0x20 [ 2637.832177][T27492] copy_page_from_iter_atomic+0x433/0x11c0 [ 2637.837823][T27492] ? pipe_zero+0x4d0/0x4d0 [ 2637.842072][T27492] ? __kasan_check_write+0x14/0x20 [ 2637.847021][T27492] ? shmem_write_end+0x786/0x8a0 [ 2637.851802][T27492] generic_perform_write+0x343/0x5d0 [ 2637.856915][T27492] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2637.862559][T27492] ? file_remove_privs+0x690/0x690 [ 2637.867505][T27492] ? __kasan_check_write+0x14/0x20 [ 2637.872453][T27492] ? down_write+0xdd/0x140 [ 2637.876704][T27492] __generic_file_write_iter+0x25b/0x4b0 [ 2637.882175][T27492] generic_file_write_iter+0xaf/0x1c0 [ 2637.887382][T27492] vfs_write+0xc8d/0x1050 [ 2637.891559][T27492] ? file_end_write+0x1b0/0x1b0 [ 2637.896235][T27492] ? __fget_files+0x310/0x370 [ 2637.900749][T27492] ? __fdget_pos+0x1fe/0x310 [ 2637.905176][T27492] ? ksys_write+0x77/0x2c0 [ 2637.909430][T27492] ksys_write+0x198/0x2c0 [ 2637.913594][T27492] ? __ia32_sys_read+0x90/0x90 [ 2637.918199][T27492] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2637.924099][T27492] __x64_sys_write+0x7b/0x90 [ 2637.928527][T27492] do_syscall_64+0x44/0xd0 [ 2637.932778][T27492] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2637.938506][T27492] RIP: 0033:0x7fcbd55afe4f [ 2637.942769][T27492] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2637.962210][T27492] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2637.970450][T27492] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2637.978262][T27492] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 18:24:29 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 62) 18:24:29 executing program 0: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000000)={0x3, 0x4, &(0x7f0000000280)=@framed={{}, [@jmp={0x5, 0x0, 0x8, 0x0, 0x0, 0x0, 0x59}]}, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 18:24:29 executing program 0: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000000)={0x3, 0x4, &(0x7f0000000280)=@framed={{}, [@jmp={0x5, 0x0, 0x8, 0x0, 0x0, 0x0, 0x59}]}, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) [ 2637.986072][T27492] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2637.993885][T27492] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2638.001794][T27492] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2638.009608][T27492] [ 2638.014021][ T30] audit: type=1400 audit(1673979869.229:791): avc: denied { setopt } for pid=27488 comm="syz-executor.3" laddr=::1 lport=44 faddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 2638.038099][ T30] audit: type=1400 audit(1673979869.849:792): avc: denied { write } for pid=27488 comm="syz-executor.3" path="socket:[153768]" dev="sockfs" ino=153768 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 2638.039257][T27498] FAULT_INJECTION: forcing a failure. [ 2638.039257][T27498] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2638.062932][T27492] loop4: detected capacity change from 0 to 512 [ 2638.074837][T27498] CPU: 0 PID: 27498 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2638.090953][T27498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2638.100843][T27498] Call Trace: [ 2638.103988][T27498] [ 2638.106747][T27498] dump_stack_lvl+0x151/0x1b7 [ 2638.111264][T27498] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2638.116559][T27498] ? __kasan_check_read+0x11/0x20 [ 2638.121414][T27498] dump_stack+0x15/0x17 [ 2638.125493][T27498] should_fail+0x3c0/0x510 [ 2638.129749][T27498] should_fail_usercopy+0x1a/0x20 [ 2638.134609][T27498] copy_page_from_iter_atomic+0x433/0x11c0 [ 2638.140250][T27498] ? pipe_zero+0x4d0/0x4d0 [ 2638.144501][T27498] ? __kasan_check_write+0x14/0x20 [ 2638.149451][T27498] ? shmem_write_end+0x786/0x8a0 [ 2638.154223][T27498] generic_perform_write+0x343/0x5d0 [ 2638.159345][T27498] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2638.164987][T27498] ? file_remove_privs+0x690/0x690 [ 2638.169935][T27498] ? __kasan_check_write+0x14/0x20 [ 2638.174879][T27498] ? down_write+0xdd/0x140 [ 2638.179135][T27498] __generic_file_write_iter+0x25b/0x4b0 [ 2638.184606][T27498] generic_file_write_iter+0xaf/0x1c0 [ 2638.189810][T27498] vfs_write+0xc8d/0x1050 [ 2638.193995][T27498] ? file_end_write+0x1b0/0x1b0 [ 2638.198761][T27498] ? __fget_files+0x310/0x370 [ 2638.203273][T27498] ? __fdget_pos+0x1fe/0x310 [ 2638.207705][T27498] ? ksys_write+0x77/0x2c0 [ 2638.211955][T27498] ksys_write+0x198/0x2c0 [ 2638.216122][T27498] ? __ia32_sys_read+0x90/0x90 [ 2638.220724][T27498] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2638.226627][T27498] __x64_sys_write+0x7b/0x90 [ 2638.231048][T27498] do_syscall_64+0x44/0xd0 [ 2638.235310][T27498] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2638.241031][T27498] RIP: 0033:0x7fb257acee4f [ 2638.245287][T27498] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2638.264727][T27498] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2638.272975][T27498] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2638.280786][T27498] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 18:24:30 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x4, &(0x7f0000001500)=ANY=[@ANYBLOB="18020000e2ffffff000000000000000085000000360000009500001800000000922ae83713ab9600010000801b10fb54a8cb72d232ad558c46fff4208d4990ec11ce9413ac30e00bd0081f8504e19a5183d769676520e98a263345e44d5ad12bca35510100c4d86abeb12303ff1c9fe0d0020000d60400000007d3670000008aff66d6b3181ffc1d62a3954c1198bbc4fa13aee48ca9e8969faebf3183fe803ab3f5024b52dc265b36fc9dae00a09404f01f9504d0976d252bd8d24538556e5e57bee3b8cf464ef3c6a7def8bad3ca6e3abdb21696e340bb8e2a093adc57196b40def3858ef569147fa4108328392d322ab5df10a2f69a6bdf7257ab44e810d0223917c3d042410f57466f59544047d6d8ac442e0000000000ee16c729300d2301800000000000002b5a8b05fcc154ed5290a8cd8470e776d6b8064fd6cbde49b29a6cb5f4fc0001745cff6e00e7ffffff0000acf3209a08439f1ff01779b6f6df7e02aa6d7760525b595fe1f697bc114ed1778e97a3f0395f946974cfb458be2a34cf924dc37b558fbf17956f3547497aba5086e30cc8967c814382ff67b345b677a9d6525187543208000000000000003c229ff92be0d8de95ae7b68136b0046d535dd39c0f35469869e9b342b953f84447e6b9e522d62b1e6ffdaab304f134306330600a44095254b45a6c1312a13696c7202df5f764713504f94c70bcb975f97ed7b0311000000000000e54e9072a22d91744a2c2e2fa806e63c5cd98a8569a6d6bcfb0000002cf6c75ac63f04af77d58a1459ab1664885117e2ad910eae67e0ebe380d0f648713e68153579c02d71c58d147b00821ab9a6475b31e1ebf1369afe98682efbf3983f283f2f00000000992774814d63c933912d000000000000a66acb0a38856929e7d8b1b06c9bd5d7e5490f3b8596b694ea9483bd4bd287c83dd998a74694d18bdd8ad0983bc90770bbd26a82b9d99d5fc04563b523c47ef8c33400e90d3fbe011904ff782ca00edf1147a7afe772cd45af8aeffe2753088e02ca6bb2feec446ce7dbce66f0a93a03371320980865c7c62ea4d8f8a864dce9fa85aeb0454349100296ee2dba39c3f6fd6cf96714e11fe03b506380591a8c68e537dd659a7418b165dd0336d226bac1e1223be1c95b15177d0e664beb126000e96549e1a1228c686edb475b705e8a9515c96f4fc6b3c925ea404e0f1de61026dc6c6618580fd6ce9eac602c1756f6d1056712412135ed9925989e01eae489ec7052f8ed72c326c7a8aa63999e2297c54ce1822d14b7c7699a9d0600f11f2e7f474cffbc35bc8623cd5eb68af82275a940be0400000000000000bcc3fbe7d90de96d6a8e9f32f18d1f606b381e4903b500000000000000000000004a2357ba5f6000de1cfa88b7165dcf4f2aaee86d4802000000000000008fdb686d5da2a42e4b5024b653ea923c19e6cb723c1923b3eea2d73e136dff383c9fbbac53dfdcb1a68c98e96fe39eec23963faf3ebed3409144c7c53d6318ced678a621450a9b01e9f2772e5f2999d3435da02556e36c3215d2ff3cfadcf65eb92adc6c62d66b11cb2d7556414a86dfa94bb7aa52c7febb1e9b2efcbbc5bccf9d39bed802f4f056976a128c76629a362ee9cc624ec454b90200fd9603f96908bddc145000000000000000000000000000002da31120c2f59f5c27454287de9e340f611267f32a060f2d21cb06fcaf45a0a297e396f428d43371424b3044001b3db410eeb245ea2e4fe5ac7a7eef82c5d6d19f3ef0133bd904812ee52434a1d3eebc0f0c9056df2e9667ba0b55695c7894010079b07e7aef7785e2486472b5cba1f3346c1e8e23deb8c82bb6eb2c72c484241dc3b66da58260f800fffd96093aae764f477e29f01381a78039368b952f6f4a10295c50c887a31d8b543c5d10f2dbd4d0b84eaad43feb6e169a9f2fcff7000000000000000000e011bc6366f56fa787f212c1f8c0f47f50b1e9b5d841ea55fe569bb7bf1e78191c8a0294436725771738bec18891971e3b932352896e1ea10f62e8ef7a87e16151b39d6c27575714540d8c293a3fa4b5a825360423a6cbc8b5d19167152823ed853140eddaca2c16c842b168bb55f6bb713deb57d0aa78d6d4e5fc5be2c402bd241cf11fdcdcac6128f41bcba6279b27892b135a92e8c844938aa98ba4839a1408a696454d40e5eed4d4dce481ca86bfac54c330331b7f2cde17cbaeb0377696faf546ecbe742d73d47d726a50f6e752f3325255bd7e8b5923aa3cfb6f7e06494f218b95ecc2450139c558000000000000000000000000000000000000000000000000000000000000000000005560bd9eb81e839e4992e64b074a66cccccf063333a94da8477be7d99b558ec6a5b1596ac1e7617c6b32efd0cc70286caf2c5189a103f4b0b04aff171c4d388ccf67fea37e782f025c94c853cde3306b93a967d907a8c88fcb033e680f559a72150cb900bafcd536f48797915a2fe9922ce27300009e1b36aa4730117d9b00000000003c630000000000008fbbe05c769c415ca04192fbfb1a8b0e3460af35771dbac10062832c52d8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006ec473c54399b7b8aa1ee46132fc45da8292631178cecf19550108b8b8423de42957ffe9bb6d752e68d2bc2ce777a17bf4dfdfee5de0f3e4dadf51ab03d2da80641187b895f62fa611ba5f32861c19dffe1dc9fd5c41cd46cf131fd6b0c2ddad90ac33f768f9ecc70327c59918fa5a249befe98262f53c81143363b1896a8606510115a6ff82d95f6da3698a6a88c2c31d801a8f1f5e0ce05138d5422da0a6a62b9dfe1f39775d1d0c9186096415f544aaf76b0a1c876a6c826a5adcfb22c4a0e5a46271caa3eaf4f389dd5fdbddc0377a4266d7b9fd61b9287e9b4be0a413ee31be0ddecab0ef7b25cba1fb3654ddf291ecb7768ac1e177042cb4c452fa6b3966955e05e9bcade0638ac187da23d6855500fe8510b51e13a890e394b84a6fa2cc8d42b97c697c29122298d55e2e1dca8e07abda2606a3f381c64b9fec0000000a7965e4854e8e3572ad5149b3876342dea9252132860c9af1bd5fe263c0313dea5de46c1c4a66d6892ed65f34667dd79b07b5cbdd8aa7dd571a26b5562d4861a7e1b0f28930e0b696ea3bee7eb72794e163d7aeac9a0fa5403ac9cb421eae283b0550f1d0d339cd7b96e71d3ab48ad9d7975e0c9b117f71d3ab80a0c9b0284ecc469fa6181c9c71fce07a6ffb23296a10776313fc35ff422e1915c86890c47925ac773d95d2ca42acb3e5f3a1553e65b898462c139ffd0106bca348373e98780ef2a0398e032f4b3c1b3d3b0d2fd059000072c298b50be72fc0b126889051c0aef5db4af69620d4046d62922695fccf94961f991a045411e62733c541e30e45bfa3ab3688a56772d2af0fe49b5cffe48b8084cc53c734cf5d0436aba2f9e74494ce"], &(0x7f0000000040)='GPL\x00', 0x4, 0x1076, &(0x7f0000000300)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuacct.usage_percpu_sys\x00', 0x26e1, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000001300)={r0, r1, 0x25, 0xf002100}, 0xc) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x4, 0x4, 0x2}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x4, 0x4, 0x2}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x4, 0x4, 0x2}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x3, 0x4, 0x8}, 0x48) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x9, 0x0, r2}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r3, &(0x7f0000000300), 0x20000000}, 0x20) 18:24:30 executing program 0: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000000)={0x3, 0x4, &(0x7f0000000280)=@framed={{}, [@jmp={0x5, 0x0, 0x8, 0x0, 0x0, 0x0, 0x59}]}, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 18:24:30 executing program 0: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000000)={0x3, 0x4, &(0x7f0000000280)=@framed={{}, [@jmp={0x5, 0x0, 0x8, 0x0, 0x0, 0x0, 0x59}]}, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) [ 2638.288598][T27498] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2638.296409][T27498] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2638.304220][T27498] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2638.312036][T27498] 18:24:30 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x4, &(0x7f0000001500)=ANY=[@ANYBLOB="18020000e2ffffff000000000000000085000000360000009500001800000000922ae83713ab9600010000801b10fb54a8cb72d232ad558c46fff4208d4990ec11ce9413ac30e00bd0081f8504e19a5183d769676520e98a263345e44d5ad12bca35510100c4d86abeb12303ff1c9fe0d0020000d60400000007d3670000008aff66d6b3181ffc1d62a3954c1198bbc4fa13aee48ca9e8969faebf3183fe803ab3f5024b52dc265b36fc9dae00a09404f01f9504d0976d252bd8d24538556e5e57bee3b8cf464ef3c6a7def8bad3ca6e3abdb21696e340bb8e2a093adc57196b40def3858ef569147fa4108328392d322ab5df10a2f69a6bdf7257ab44e810d0223917c3d042410f57466f59544047d6d8ac442e0000000000ee16c729300d2301800000000000002b5a8b05fcc154ed5290a8cd8470e776d6b8064fd6cbde49b29a6cb5f4fc0001745cff6e00e7ffffff0000acf3209a08439f1ff01779b6f6df7e02aa6d7760525b595fe1f697bc114ed1778e97a3f0395f946974cfb458be2a34cf924dc37b558fbf17956f3547497aba5086e30cc8967c814382ff67b345b677a9d6525187543208000000000000003c229ff92be0d8de95ae7b68136b0046d535dd39c0f35469869e9b342b953f84447e6b9e522d62b1e6ffdaab304f134306330600a44095254b45a6c1312a13696c7202df5f764713504f94c70bcb975f97ed7b0311000000000000e54e9072a22d91744a2c2e2fa806e63c5cd98a8569a6d6bcfb0000002cf6c75ac63f04af77d58a1459ab1664885117e2ad910eae67e0ebe380d0f648713e68153579c02d71c58d147b00821ab9a6475b31e1ebf1369afe98682efbf3983f283f2f00000000992774814d63c933912d000000000000a66acb0a38856929e7d8b1b06c9bd5d7e5490f3b8596b694ea9483bd4bd287c83dd998a74694d18bdd8ad0983bc90770bbd26a82b9d99d5fc04563b523c47ef8c33400e90d3fbe011904ff782ca00edf1147a7afe772cd45af8aeffe2753088e02ca6bb2feec446ce7dbce66f0a93a03371320980865c7c62ea4d8f8a864dce9fa85aeb0454349100296ee2dba39c3f6fd6cf96714e11fe03b506380591a8c68e537dd659a7418b165dd0336d226bac1e1223be1c95b15177d0e664beb126000e96549e1a1228c686edb475b705e8a9515c96f4fc6b3c925ea404e0f1de61026dc6c6618580fd6ce9eac602c1756f6d1056712412135ed9925989e01eae489ec7052f8ed72c326c7a8aa63999e2297c54ce1822d14b7c7699a9d0600f11f2e7f474cffbc35bc8623cd5eb68af82275a940be0400000000000000bcc3fbe7d90de96d6a8e9f32f18d1f606b381e4903b500000000000000000000004a2357ba5f6000de1cfa88b7165dcf4f2aaee86d4802000000000000008fdb686d5da2a42e4b5024b653ea923c19e6cb723c1923b3eea2d73e136dff383c9fbbac53dfdcb1a68c98e96fe39eec23963faf3ebed3409144c7c53d6318ced678a621450a9b01e9f2772e5f2999d3435da02556e36c3215d2ff3cfadcf65eb92adc6c62d66b11cb2d7556414a86dfa94bb7aa52c7febb1e9b2efcbbc5bccf9d39bed802f4f056976a128c76629a362ee9cc624ec454b90200fd9603f96908bddc145000000000000000000000000000002da31120c2f59f5c27454287de9e340f611267f32a060f2d21cb06fcaf45a0a297e396f428d43371424b3044001b3db410eeb245ea2e4fe5ac7a7eef82c5d6d19f3ef0133bd904812ee52434a1d3eebc0f0c9056df2e9667ba0b55695c7894010079b07e7aef7785e2486472b5cba1f3346c1e8e23deb8c82bb6eb2c72c484241dc3b66da58260f800fffd96093aae764f477e29f01381a78039368b952f6f4a10295c50c887a31d8b543c5d10f2dbd4d0b84eaad43feb6e169a9f2fcff7000000000000000000e011bc6366f56fa787f212c1f8c0f47f50b1e9b5d841ea55fe569bb7bf1e78191c8a0294436725771738bec18891971e3b932352896e1ea10f62e8ef7a87e16151b39d6c27575714540d8c293a3fa4b5a825360423a6cbc8b5d19167152823ed853140eddaca2c16c842b168bb55f6bb713deb57d0aa78d6d4e5fc5be2c402bd241cf11fdcdcac6128f41bcba6279b27892b135a92e8c844938aa98ba4839a1408a696454d40e5eed4d4dce481ca86bfac54c330331b7f2cde17cbaeb0377696faf546ecbe742d73d47d726a50f6e752f3325255bd7e8b5923aa3cfb6f7e06494f218b95ecc2450139c558000000000000000000000000000000000000000000000000000000000000000000005560bd9eb81e839e4992e64b074a66cccccf063333a94da8477be7d99b558ec6a5b1596ac1e7617c6b32efd0cc70286caf2c5189a103f4b0b04aff171c4d388ccf67fea37e782f025c94c853cde3306b93a967d907a8c88fcb033e680f559a72150cb900bafcd536f48797915a2fe9922ce27300009e1b36aa4730117d9b00000000003c630000000000008fbbe05c769c415ca04192fbfb1a8b0e3460af35771dbac10062832c52d8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006ec473c54399b7b8aa1ee46132fc45da8292631178cecf19550108b8b8423de42957ffe9bb6d752e68d2bc2ce777a17bf4dfdfee5de0f3e4dadf51ab03d2da80641187b895f62fa611ba5f32861c19dffe1dc9fd5c41cd46cf131fd6b0c2ddad90ac33f768f9ecc70327c59918fa5a249befe98262f53c81143363b1896a8606510115a6ff82d95f6da3698a6a88c2c31d801a8f1f5e0ce05138d5422da0a6a62b9dfe1f39775d1d0c9186096415f544aaf76b0a1c876a6c826a5adcfb22c4a0e5a46271caa3eaf4f389dd5fdbddc0377a4266d7b9fd61b9287e9b4be0a413ee31be0ddecab0ef7b25cba1fb3654ddf291ecb7768ac1e177042cb4c452fa6b3966955e05e9bcade0638ac187da23d6855500fe8510b51e13a890e394b84a6fa2cc8d42b97c697c29122298d55e2e1dca8e07abda2606a3f381c64b9fec0000000a7965e4854e8e3572ad5149b3876342dea9252132860c9af1bd5fe263c0313dea5de46c1c4a66d6892ed65f34667dd79b07b5cbdd8aa7dd571a26b5562d4861a7e1b0f28930e0b696ea3bee7eb72794e163d7aeac9a0fa5403ac9cb421eae283b0550f1d0d339cd7b96e71d3ab48ad9d7975e0c9b117f71d3ab80a0c9b0284ecc469fa6181c9c71fce07a6ffb23296a10776313fc35ff422e1915c86890c47925ac773d95d2ca42acb3e5f3a1553e65b898462c139ffd0106bca348373e98780ef2a0398e032f4b3c1b3d3b0d2fd059000072c298b50be72fc0b126889051c0aef5db4af69620d4046d62922695fccf94961f991a045411e62733c541e30e45bfa3ab3688a56772d2af0fe49b5cffe48b8084cc53c734cf5d0436aba2f9e74494ce"], &(0x7f0000000040)='GPL\x00', 0x4, 0x1076, &(0x7f0000000300)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuacct.usage_percpu_sys\x00', 0x26e1, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000001300)={r0, r1, 0x25, 0xf002100}, 0xc) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x4, 0x4, 0x2}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x4, 0x4, 0x2}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x4, 0x4, 0x2}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x3, 0x4, 0x8}, 0x48) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x9, 0x0, r2}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r3, &(0x7f0000000300), 0x20000000}, 0x20) 18:24:30 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 59) 18:24:30 executing program 0: r0 = timerfd_create(0x0, 0x0) readv(r0, &(0x7f0000001840)=[{0x0}, {&(0x7f0000000140)=""/175, 0xaf}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9) [ 2638.346769][T27498] loop5: detected capacity change from 0 to 512 [ 2638.370126][T27492] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 2638.393291][T27513] loop1: detected capacity change from 0 to 16 [ 2638.400124][T27513] FAULT_INJECTION: forcing a failure. [ 2638.400124][T27513] name failslab, interval 1, probability 0, space 0, times 0 [ 2638.413665][T27513] CPU: 0 PID: 27513 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2638.423728][T27513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2638.433622][T27513] Call Trace: [ 2638.436750][T27513] [ 2638.439523][T27513] dump_stack_lvl+0x151/0x1b7 [ 2638.444047][T27513] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2638.449340][T27513] ? ext4_mb_initialize_context+0x4c7/0xd80 [ 2638.455064][T27513] dump_stack+0x15/0x17 [ 2638.459055][T27513] should_fail+0x3c0/0x510 [ 2638.463315][T27513] __should_failslab+0x9f/0xe0 [ 2638.467908][T27513] should_failslab+0x9/0x20 [ 2638.472254][T27513] kmem_cache_alloc+0x4f/0x2f0 [ 2638.476848][T27513] ? ext4_mb_new_blocks+0xd81/0x3c00 [ 2638.482056][T27513] ext4_mb_new_blocks+0xd81/0x3c00 [ 2638.487006][T27513] ? __kasan_kmalloc+0x9/0x10 [ 2638.491520][T27513] ? __kmalloc+0x203/0x350 [ 2638.495772][T27513] ? ext4_mb_pa_callback+0xd0/0xd0 [ 2638.500724][T27513] ? ext4_ext_search_right+0x4d3/0x890 [ 2638.506019][T27513] ? ext4_inode_to_goal_block+0x31e/0x460 [ 2638.511571][T27513] ? ext4_ext_find_goal+0x113/0x200 [ 2638.516603][T27513] ext4_ext_map_blocks+0x17db/0x3cb0 [ 2638.521728][T27513] ? ext4_ext_release+0x10/0x10 [ 2638.526410][T27513] ? ext4_ext_map_blocks+0x2151/0x3cb0 [ 2638.531717][T27513] ? ext4_es_lookup_extent+0x3c5/0x9d0 [ 2638.537010][T27513] ext4_map_blocks+0xacd/0x1e20 [ 2638.541688][T27513] ? ext4_issue_zeroout+0x260/0x260 [ 2638.546727][T27513] ? __kasan_check_write+0x14/0x20 [ 2638.551670][T27513] ? up_read+0x14/0x90 [ 2638.555574][T27513] ext4_getblk+0x19c/0x6f0 [ 2638.559831][T27513] ? ext4_get_block_unwritten+0x40/0x40 [ 2638.565211][T27513] ? ext4_has_metadata_csum+0x1f0/0x1f0 [ 2638.570592][T27513] ext4_bread+0x2f/0x180 [ 2638.574673][T27513] ext4_append+0x31b/0x5b0 [ 2638.578925][T27513] ? ext4_init_new_dir+0xa10/0xa10 [ 2638.583879][T27513] ext4_init_new_dir+0x337/0xa10 [ 2638.588646][T27513] ? may_create+0x647/0x8c0 [ 2638.592984][T27513] ? ext4_init_dot_dotdot+0x500/0x500 [ 2638.598195][T27513] ext4_mkdir+0x4fa/0xcf0 [ 2638.602362][T27513] ? ext4_symlink+0xfe0/0xfe0 [ 2638.606872][T27513] ? selinux_inode_mkdir+0x22/0x30 [ 2638.611820][T27513] ? security_inode_mkdir+0xf1/0x130 [ 2638.616937][T27513] vfs_mkdir+0x360/0x580 [ 2638.621019][T27513] do_mkdirat+0x1e8/0x420 [ 2638.625184][T27513] ? vfs_mkdir+0x580/0x580 [ 2638.629436][T27513] ? getname_flags+0x1fb/0x510 [ 2638.634037][T27513] __x64_sys_mkdirat+0x89/0xa0 [ 2638.638639][T27513] do_syscall_64+0x44/0xd0 [ 2638.642891][T27513] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2638.648628][T27513] RIP: 0033:0x7fc55e5280e7 [ 2638.652874][T27513] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2638.672314][T27513] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 2638.680559][T27513] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e5280e7 [ 2638.688464][T27513] RDX: 00000000000001ff RSI: 00000000200001c0 RDI: 00000000ffffff9c 18:24:30 executing program 2: r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) read(r0, &(0x7f0000000140)=""/240, 0xf0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x0, &(0x7f0000000200), 0x200000, 0x4) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x0, &(0x7f00000000c0), 0xc06620, 0x4) ioctl$UFFDIO_COPY(r0, 0x8010aa02, &(0x7f0000000040)={&(0x7f000052b000/0x4000)=nil, &(0x7f00001fc000/0x3000)=nil, 0x4000}) 18:24:30 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 63) 18:24:30 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x4, &(0x7f0000001500)=ANY=[@ANYBLOB="18020000e2ffffff000000000000000085000000360000009500001800000000922ae83713ab9600010000801b10fb54a8cb72d232ad558c46fff4208d4990ec11ce9413ac30e00bd0081f8504e19a5183d769676520e98a263345e44d5ad12bca35510100c4d86abeb12303ff1c9fe0d0020000d60400000007d3670000008aff66d6b3181ffc1d62a3954c1198bbc4fa13aee48ca9e8969faebf3183fe803ab3f5024b52dc265b36fc9dae00a09404f01f9504d0976d252bd8d24538556e5e57bee3b8cf464ef3c6a7def8bad3ca6e3abdb21696e340bb8e2a093adc57196b40def3858ef569147fa4108328392d322ab5df10a2f69a6bdf7257ab44e810d0223917c3d042410f57466f59544047d6d8ac442e0000000000ee16c729300d2301800000000000002b5a8b05fcc154ed5290a8cd8470e776d6b8064fd6cbde49b29a6cb5f4fc0001745cff6e00e7ffffff0000acf3209a08439f1ff01779b6f6df7e02aa6d7760525b595fe1f697bc114ed1778e97a3f0395f946974cfb458be2a34cf924dc37b558fbf17956f3547497aba5086e30cc8967c814382ff67b345b677a9d6525187543208000000000000003c229ff92be0d8de95ae7b68136b0046d535dd39c0f35469869e9b342b953f84447e6b9e522d62b1e6ffdaab304f134306330600a44095254b45a6c1312a13696c7202df5f764713504f94c70bcb975f97ed7b0311000000000000e54e9072a22d91744a2c2e2fa806e63c5cd98a8569a6d6bcfb0000002cf6c75ac63f04af77d58a1459ab1664885117e2ad910eae67e0ebe380d0f648713e68153579c02d71c58d147b00821ab9a6475b31e1ebf1369afe98682efbf3983f283f2f00000000992774814d63c933912d000000000000a66acb0a38856929e7d8b1b06c9bd5d7e5490f3b8596b694ea9483bd4bd287c83dd998a74694d18bdd8ad0983bc90770bbd26a82b9d99d5fc04563b523c47ef8c33400e90d3fbe011904ff782ca00edf1147a7afe772cd45af8aeffe2753088e02ca6bb2feec446ce7dbce66f0a93a03371320980865c7c62ea4d8f8a864dce9fa85aeb0454349100296ee2dba39c3f6fd6cf96714e11fe03b506380591a8c68e537dd659a7418b165dd0336d226bac1e1223be1c95b15177d0e664beb126000e96549e1a1228c686edb475b705e8a9515c96f4fc6b3c925ea404e0f1de61026dc6c6618580fd6ce9eac602c1756f6d1056712412135ed9925989e01eae489ec7052f8ed72c326c7a8aa63999e2297c54ce1822d14b7c7699a9d0600f11f2e7f474cffbc35bc8623cd5eb68af82275a940be0400000000000000bcc3fbe7d90de96d6a8e9f32f18d1f606b381e4903b500000000000000000000004a2357ba5f6000de1cfa88b7165dcf4f2aaee86d4802000000000000008fdb686d5da2a42e4b5024b653ea923c19e6cb723c1923b3eea2d73e136dff383c9fbbac53dfdcb1a68c98e96fe39eec23963faf3ebed3409144c7c53d6318ced678a621450a9b01e9f2772e5f2999d3435da02556e36c3215d2ff3cfadcf65eb92adc6c62d66b11cb2d7556414a86dfa94bb7aa52c7febb1e9b2efcbbc5bccf9d39bed802f4f056976a128c76629a362ee9cc624ec454b90200fd9603f96908bddc145000000000000000000000000000002da31120c2f59f5c27454287de9e340f611267f32a060f2d21cb06fcaf45a0a297e396f428d43371424b3044001b3db410eeb245ea2e4fe5ac7a7eef82c5d6d19f3ef0133bd904812ee52434a1d3eebc0f0c9056df2e9667ba0b55695c7894010079b07e7aef7785e2486472b5cba1f3346c1e8e23deb8c82bb6eb2c72c484241dc3b66da58260f800fffd96093aae764f477e29f01381a78039368b952f6f4a10295c50c887a31d8b543c5d10f2dbd4d0b84eaad43feb6e169a9f2fcff7000000000000000000e011bc6366f56fa787f212c1f8c0f47f50b1e9b5d841ea55fe569bb7bf1e78191c8a0294436725771738bec18891971e3b932352896e1ea10f62e8ef7a87e16151b39d6c27575714540d8c293a3fa4b5a825360423a6cbc8b5d19167152823ed853140eddaca2c16c842b168bb55f6bb713deb57d0aa78d6d4e5fc5be2c402bd241cf11fdcdcac6128f41bcba6279b27892b135a92e8c844938aa98ba4839a1408a696454d40e5eed4d4dce481ca86bfac54c330331b7f2cde17cbaeb0377696faf546ecbe742d73d47d726a50f6e752f3325255bd7e8b5923aa3cfb6f7e06494f218b95ecc2450139c558000000000000000000000000000000000000000000000000000000000000000000005560bd9eb81e839e4992e64b074a66cccccf063333a94da8477be7d99b558ec6a5b1596ac1e7617c6b32efd0cc70286caf2c5189a103f4b0b04aff171c4d388ccf67fea37e782f025c94c853cde3306b93a967d907a8c88fcb033e680f559a72150cb900bafcd536f48797915a2fe9922ce27300009e1b36aa4730117d9b00000000003c630000000000008fbbe05c769c415ca04192fbfb1a8b0e3460af35771dbac10062832c52d8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006ec473c54399b7b8aa1ee46132fc45da8292631178cecf19550108b8b8423de42957ffe9bb6d752e68d2bc2ce777a17bf4dfdfee5de0f3e4dadf51ab03d2da80641187b895f62fa611ba5f32861c19dffe1dc9fd5c41cd46cf131fd6b0c2ddad90ac33f768f9ecc70327c59918fa5a249befe98262f53c81143363b1896a8606510115a6ff82d95f6da3698a6a88c2c31d801a8f1f5e0ce05138d5422da0a6a62b9dfe1f39775d1d0c9186096415f544aaf76b0a1c876a6c826a5adcfb22c4a0e5a46271caa3eaf4f389dd5fdbddc0377a4266d7b9fd61b9287e9b4be0a413ee31be0ddecab0ef7b25cba1fb3654ddf291ecb7768ac1e177042cb4c452fa6b3966955e05e9bcade0638ac187da23d6855500fe8510b51e13a890e394b84a6fa2cc8d42b97c697c29122298d55e2e1dca8e07abda2606a3f381c64b9fec0000000a7965e4854e8e3572ad5149b3876342dea9252132860c9af1bd5fe263c0313dea5de46c1c4a66d6892ed65f34667dd79b07b5cbdd8aa7dd571a26b5562d4861a7e1b0f28930e0b696ea3bee7eb72794e163d7aeac9a0fa5403ac9cb421eae283b0550f1d0d339cd7b96e71d3ab48ad9d7975e0c9b117f71d3ab80a0c9b0284ecc469fa6181c9c71fce07a6ffb23296a10776313fc35ff422e1915c86890c47925ac773d95d2ca42acb3e5f3a1553e65b898462c139ffd0106bca348373e98780ef2a0398e032f4b3c1b3d3b0d2fd059000072c298b50be72fc0b126889051c0aef5db4af69620d4046d62922695fccf94961f991a045411e62733c541e30e45bfa3ab3688a56772d2af0fe49b5cffe48b8084cc53c734cf5d0436aba2f9e74494ce"], &(0x7f0000000040)='GPL\x00', 0x4, 0x1076, &(0x7f0000000300)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuacct.usage_percpu_sys\x00', 0x26e1, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000001300)={r0, r1, 0x25, 0xf002100}, 0xc) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x4, 0x4, 0x2}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x4, 0x4, 0x2}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x4, 0x4, 0x2}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x3, 0x4, 0x8}, 0x48) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x9, 0x0, r2}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r3, &(0x7f0000000300), 0x20000000}, 0x20) 18:24:30 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 53) 18:24:30 executing program 0: r0 = timerfd_create(0x0, 0x0) readv(r0, &(0x7f0000001840)=[{0x0}, {&(0x7f0000000140)=""/175, 0xaf}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9) [ 2638.696272][T27513] RBP: 0000000020000240 R08: 0000000000000000 R09: 0000000000000176 [ 2638.704085][T27513] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000180 [ 2638.711896][T27513] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2638.719712][T27513] 18:24:30 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 60) [ 2638.740830][T27518] FAULT_INJECTION: forcing a failure. [ 2638.740830][T27518] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2638.763313][T27523] FAULT_INJECTION: forcing a failure. [ 2638.763313][T27523] name fail_page_alloc, interval 1, probability 0, space 0, times 0 18:24:30 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x4, &(0x7f0000001500)=ANY=[@ANYBLOB="18020000e2ffffff000000000000000085000000360000009500001800000000922ae83713ab9600010000801b10fb54a8cb72d232ad558c46fff4208d4990ec11ce9413ac30e00bd0081f8504e19a5183d769676520e98a263345e44d5ad12bca35510100c4d86abeb12303ff1c9fe0d0020000d60400000007d3670000008aff66d6b3181ffc1d62a3954c1198bbc4fa13aee48ca9e8969faebf3183fe803ab3f5024b52dc265b36fc9dae00a09404f01f9504d0976d252bd8d24538556e5e57bee3b8cf464ef3c6a7def8bad3ca6e3abdb21696e340bb8e2a093adc57196b40def3858ef569147fa4108328392d322ab5df10a2f69a6bdf7257ab44e810d0223917c3d042410f57466f59544047d6d8ac442e0000000000ee16c729300d2301800000000000002b5a8b05fcc154ed5290a8cd8470e776d6b8064fd6cbde49b29a6cb5f4fc0001745cff6e00e7ffffff0000acf3209a08439f1ff01779b6f6df7e02aa6d7760525b595fe1f697bc114ed1778e97a3f0395f946974cfb458be2a34cf924dc37b558fbf17956f3547497aba5086e30cc8967c814382ff67b345b677a9d6525187543208000000000000003c229ff92be0d8de95ae7b68136b0046d535dd39c0f35469869e9b342b953f84447e6b9e522d62b1e6ffdaab304f134306330600a44095254b45a6c1312a13696c7202df5f764713504f94c70bcb975f97ed7b0311000000000000e54e9072a22d91744a2c2e2fa806e63c5cd98a8569a6d6bcfb0000002cf6c75ac63f04af77d58a1459ab1664885117e2ad910eae67e0ebe380d0f648713e68153579c02d71c58d147b00821ab9a6475b31e1ebf1369afe98682efbf3983f283f2f00000000992774814d63c933912d000000000000a66acb0a38856929e7d8b1b06c9bd5d7e5490f3b8596b694ea9483bd4bd287c83dd998a74694d18bdd8ad0983bc90770bbd26a82b9d99d5fc04563b523c47ef8c33400e90d3fbe011904ff782ca00edf1147a7afe772cd45af8aeffe2753088e02ca6bb2feec446ce7dbce66f0a93a03371320980865c7c62ea4d8f8a864dce9fa85aeb0454349100296ee2dba39c3f6fd6cf96714e11fe03b506380591a8c68e537dd659a7418b165dd0336d226bac1e1223be1c95b15177d0e664beb126000e96549e1a1228c686edb475b705e8a9515c96f4fc6b3c925ea404e0f1de61026dc6c6618580fd6ce9eac602c1756f6d1056712412135ed9925989e01eae489ec7052f8ed72c326c7a8aa63999e2297c54ce1822d14b7c7699a9d0600f11f2e7f474cffbc35bc8623cd5eb68af82275a940be0400000000000000bcc3fbe7d90de96d6a8e9f32f18d1f606b381e4903b500000000000000000000004a2357ba5f6000de1cfa88b7165dcf4f2aaee86d4802000000000000008fdb686d5da2a42e4b5024b653ea923c19e6cb723c1923b3eea2d73e136dff383c9fbbac53dfdcb1a68c98e96fe39eec23963faf3ebed3409144c7c53d6318ced678a621450a9b01e9f2772e5f2999d3435da02556e36c3215d2ff3cfadcf65eb92adc6c62d66b11cb2d7556414a86dfa94bb7aa52c7febb1e9b2efcbbc5bccf9d39bed802f4f056976a128c76629a362ee9cc624ec454b90200fd9603f96908bddc145000000000000000000000000000002da31120c2f59f5c27454287de9e340f611267f32a060f2d21cb06fcaf45a0a297e396f428d43371424b3044001b3db410eeb245ea2e4fe5ac7a7eef82c5d6d19f3ef0133bd904812ee52434a1d3eebc0f0c9056df2e9667ba0b55695c7894010079b07e7aef7785e2486472b5cba1f3346c1e8e23deb8c82bb6eb2c72c484241dc3b66da58260f800fffd96093aae764f477e29f01381a78039368b952f6f4a10295c50c887a31d8b543c5d10f2dbd4d0b84eaad43feb6e169a9f2fcff7000000000000000000e011bc6366f56fa787f212c1f8c0f47f50b1e9b5d841ea55fe569bb7bf1e78191c8a0294436725771738bec18891971e3b932352896e1ea10f62e8ef7a87e16151b39d6c27575714540d8c293a3fa4b5a825360423a6cbc8b5d19167152823ed853140eddaca2c16c842b168bb55f6bb713deb57d0aa78d6d4e5fc5be2c402bd241cf11fdcdcac6128f41bcba6279b27892b135a92e8c844938aa98ba4839a1408a696454d40e5eed4d4dce481ca86bfac54c330331b7f2cde17cbaeb0377696faf546ecbe742d73d47d726a50f6e752f3325255bd7e8b5923aa3cfb6f7e06494f218b95ecc2450139c558000000000000000000000000000000000000000000000000000000000000000000005560bd9eb81e839e4992e64b074a66cccccf063333a94da8477be7d99b558ec6a5b1596ac1e7617c6b32efd0cc70286caf2c5189a103f4b0b04aff171c4d388ccf67fea37e782f025c94c853cde3306b93a967d907a8c88fcb033e680f559a72150cb900bafcd536f48797915a2fe9922ce27300009e1b36aa4730117d9b00000000003c630000000000008fbbe05c769c415ca04192fbfb1a8b0e3460af35771dbac10062832c52d8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006ec473c54399b7b8aa1ee46132fc45da8292631178cecf19550108b8b8423de42957ffe9bb6d752e68d2bc2ce777a17bf4dfdfee5de0f3e4dadf51ab03d2da80641187b895f62fa611ba5f32861c19dffe1dc9fd5c41cd46cf131fd6b0c2ddad90ac33f768f9ecc70327c59918fa5a249befe98262f53c81143363b1896a8606510115a6ff82d95f6da3698a6a88c2c31d801a8f1f5e0ce05138d5422da0a6a62b9dfe1f39775d1d0c9186096415f544aaf76b0a1c876a6c826a5adcfb22c4a0e5a46271caa3eaf4f389dd5fdbddc0377a4266d7b9fd61b9287e9b4be0a413ee31be0ddecab0ef7b25cba1fb3654ddf291ecb7768ac1e177042cb4c452fa6b3966955e05e9bcade0638ac187da23d6855500fe8510b51e13a890e394b84a6fa2cc8d42b97c697c29122298d55e2e1dca8e07abda2606a3f381c64b9fec0000000a7965e4854e8e3572ad5149b3876342dea9252132860c9af1bd5fe263c0313dea5de46c1c4a66d6892ed65f34667dd79b07b5cbdd8aa7dd571a26b5562d4861a7e1b0f28930e0b696ea3bee7eb72794e163d7aeac9a0fa5403ac9cb421eae283b0550f1d0d339cd7b96e71d3ab48ad9d7975e0c9b117f71d3ab80a0c9b0284ecc469fa6181c9c71fce07a6ffb23296a10776313fc35ff422e1915c86890c47925ac773d95d2ca42acb3e5f3a1553e65b898462c139ffd0106bca348373e98780ef2a0398e032f4b3c1b3d3b0d2fd059000072c298b50be72fc0b126889051c0aef5db4af69620d4046d62922695fccf94961f991a045411e62733c541e30e45bfa3ab3688a56772d2af0fe49b5cffe48b8084cc53c734cf5d0436aba2f9e74494ce"], &(0x7f0000000040)='GPL\x00', 0x4, 0x1076, &(0x7f0000000300)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuacct.usage_percpu_sys\x00', 0x26e1, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000001300)={r0, r1, 0x25, 0xf002100}, 0xc) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x4, 0x4, 0x2}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x4, 0x4, 0x2}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x4, 0x4, 0x2}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x3, 0x4, 0x8}, 0x48) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x9, 0x0, r2}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r3, &(0x7f0000000300), 0x20000000}, 0x20) 18:24:30 executing program 0: r0 = timerfd_create(0x0, 0x0) readv(r0, &(0x7f0000001840)=[{0x0}, {&(0x7f0000000140)=""/175, 0xaf}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9) [ 2638.787684][T27525] loop1: detected capacity change from 0 to 16 [ 2638.797069][T27518] CPU: 1 PID: 27518 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2638.807140][T27518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2638.816371][T27525] FAULT_INJECTION: forcing a failure. [ 2638.816371][T27525] name failslab, interval 1, probability 0, space 0, times 0 [ 2638.817027][T27518] Call Trace: [ 2638.817034][T27518] [ 2638.817042][T27518] dump_stack_lvl+0x151/0x1b7 [ 2638.839860][T27518] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2638.845151][T27518] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2638.850356][T27518] dump_stack+0x15/0x17 [ 2638.854353][T27518] should_fail+0x3c0/0x510 [ 2638.858607][T27518] should_fail_alloc_page+0x58/0x70 [ 2638.863639][T27518] __alloc_pages+0x1de/0x7c0 [ 2638.868064][T27518] ? __count_vm_events+0x30/0x30 [ 2638.872840][T27518] ? __kasan_check_read+0x11/0x20 [ 2638.877703][T27518] ? __vm_enough_memory+0x118/0x310 [ 2638.882737][T27518] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2638.888203][T27518] ? shmem_swapin_page+0x15c0/0x15c0 [ 2638.893327][T27518] ? xas_start+0x33d/0x410 [ 2638.897580][T27518] ? xas_load+0x2c7/0x2e0 [ 2638.901743][T27518] ? pagecache_get_page+0xcc8/0xdb0 [ 2638.906779][T27518] ? page_cache_prev_miss+0x430/0x430 [ 2638.911984][T27518] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2638.917371][T27518] ? lru_cache_add+0x273/0x530 [ 2638.921969][T27518] shmem_getpage_gfp+0x1487/0x25f0 [ 2638.926921][T27518] ? shmem_getpage+0xa0/0xa0 [ 2638.931344][T27518] ? fault_in_safe_writeable+0x240/0x240 [ 2638.936811][T27518] ? __kasan_check_write+0x14/0x20 [ 2638.941758][T27518] ? shmem_write_end+0x786/0x8a0 [ 2638.946536][T27518] shmem_write_begin+0xc8/0x1b0 [ 2638.951220][T27518] generic_perform_write+0x2cd/0x5d0 [ 2638.956342][T27518] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2638.961980][T27518] ? file_remove_privs+0x690/0x690 [ 2638.966928][T27518] ? __kasan_check_write+0x14/0x20 [ 2638.971876][T27518] ? down_write+0xdd/0x140 [ 2638.976134][T27518] __generic_file_write_iter+0x25b/0x4b0 [ 2638.981600][T27518] generic_file_write_iter+0xaf/0x1c0 [ 2638.986808][T27518] vfs_write+0xc8d/0x1050 [ 2638.990972][T27518] ? file_end_write+0x1b0/0x1b0 [ 2638.995662][T27518] ? __fget_files+0x310/0x370 [ 2639.000175][T27518] ? __fdget_pos+0x1fe/0x310 [ 2639.004603][T27518] ? ksys_write+0x77/0x2c0 [ 2639.008853][T27518] ksys_write+0x198/0x2c0 [ 2639.013019][T27518] ? __ia32_sys_read+0x90/0x90 [ 2639.017619][T27518] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2639.023522][T27518] __x64_sys_write+0x7b/0x90 [ 2639.027953][T27518] do_syscall_64+0x44/0xd0 [ 2639.032203][T27518] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2639.037930][T27518] RIP: 0033:0x7fb257acee4f [ 2639.042184][T27518] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2639.061625][T27518] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2639.069875][T27518] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2639.077686][T27518] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2639.085495][T27518] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2639.093310][T27518] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2639.101120][T27518] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2639.109023][T27518] [ 2639.111887][T27525] CPU: 0 PID: 27525 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2639.121956][T27525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2639.131848][T27525] Call Trace: [ 2639.134970][T27525] [ 2639.137751][T27525] dump_stack_lvl+0x151/0x1b7 [ 2639.142262][T27525] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2639.147557][T27525] dump_stack+0x15/0x17 [ 2639.151551][T27525] should_fail+0x3c0/0x510 [ 2639.155804][T27525] __should_failslab+0x9f/0xe0 [ 2639.160404][T27525] should_failslab+0x9/0x20 [ 2639.164742][T27525] kmem_cache_alloc+0x4f/0x2f0 [ 2639.169345][T27525] ? __es_insert_extent+0x800/0x1810 [ 2639.174466][T27525] __es_insert_extent+0x800/0x1810 [ 2639.179413][T27525] ? __kasan_check_write+0x14/0x20 [ 2639.184360][T27525] ext4_es_insert_extent+0x320/0x2e40 [ 2639.189571][T27525] ? ext4_es_scan_clu+0x340/0x340 [ 2639.194430][T27525] ? ext4_es_lookup_extent+0x3c5/0x9d0 [ 2639.199725][T27525] ext4_map_blocks+0xebc/0x1e20 [ 2639.204414][T27525] ? ext4_issue_zeroout+0x260/0x260 [ 2639.209450][T27525] ? __kasan_check_write+0x14/0x20 [ 2639.214392][T27525] ? up_read+0x14/0x90 [ 2639.218298][T27525] ext4_getblk+0x19c/0x6f0 [ 2639.222553][T27525] ? ext4_get_block_unwritten+0x40/0x40 [ 2639.227932][T27525] ? ext4_has_metadata_csum+0x1f0/0x1f0 [ 2639.233404][T27525] ext4_bread+0x2f/0x180 [ 2639.237493][T27525] ext4_append+0x31b/0x5b0 [ 2639.241736][T27525] ? ext4_init_new_dir+0xa10/0xa10 [ 2639.246685][T27525] ext4_init_new_dir+0x337/0xa10 [ 2639.251455][T27525] ? may_create+0x647/0x8c0 [ 2639.255796][T27525] ? ext4_init_dot_dotdot+0x500/0x500 [ 2639.261006][T27525] ext4_mkdir+0x4fa/0xcf0 [ 2639.265170][T27525] ? ext4_symlink+0xfe0/0xfe0 [ 2639.269684][T27525] ? selinux_inode_mkdir+0x22/0x30 [ 2639.274632][T27525] ? security_inode_mkdir+0xf1/0x130 [ 2639.279761][T27525] vfs_mkdir+0x360/0x580 [ 2639.283834][T27525] do_mkdirat+0x1e8/0x420 [ 2639.287999][T27525] ? vfs_mkdir+0x580/0x580 [ 2639.292251][T27525] ? getname_flags+0x1fb/0x510 [ 2639.296858][T27525] __x64_sys_mkdirat+0x89/0xa0 [ 2639.301461][T27525] do_syscall_64+0x44/0xd0 [ 2639.305713][T27525] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2639.311434][T27525] RIP: 0033:0x7fc55e5280e7 [ 2639.315689][T27525] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2639.335132][T27525] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 18:24:31 executing program 0: r0 = timerfd_create(0x0, 0x0) readv(r0, &(0x7f0000001840)=[{0x0}, {&(0x7f0000000140)=""/175, 0xaf}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9) [ 2639.343377][T27525] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e5280e7 [ 2639.351188][T27525] RDX: 00000000000001ff RSI: 00000000200001c0 RDI: 00000000ffffff9c [ 2639.358999][T27525] RBP: 0000000020000240 R08: 0000000000000000 R09: 0000000000000176 [ 2639.366812][T27525] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000180 [ 2639.374624][T27525] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2639.382444][T27525] 18:24:31 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newtaction={0x84, 0x30, 0xffff, 0x0, 0x0, {}, [{0x70, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x5c, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c}]]}, {0x4}, {0xc}, {0xc, 0xa}}}]}]}, 0x84}, 0x1, 0x40000}, 0x0) [ 2639.477260][T27523] CPU: 1 PID: 27523 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2639.487344][T27523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2639.497237][T27523] Call Trace: [ 2639.500365][T27523] [ 2639.503139][T27523] dump_stack_lvl+0x151/0x1b7 [ 2639.507653][T27523] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2639.512945][T27523] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2639.518244][T27523] dump_stack+0x15/0x17 [ 2639.522235][T27523] should_fail+0x3c0/0x510 18:24:31 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 64) 18:24:31 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 61) [ 2639.526487][T27523] should_fail_alloc_page+0x58/0x70 [ 2639.531519][T27523] __alloc_pages+0x1de/0x7c0 [ 2639.535954][T27523] ? __count_vm_events+0x30/0x30 [ 2639.537025][T27525] erofs: (device loop1): mounted with root inode @ nid 36. [ 2639.540722][T27523] ? __kasan_check_read+0x11/0x20 [ 2639.540747][T27523] ? __vm_enough_memory+0x118/0x310 [ 2639.540764][T27523] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2639.563123][T27523] ? shmem_swapin_page+0x15c0/0x15c0 [ 2639.568240][T27523] ? xas_start+0x33d/0x410 [ 2639.572491][T27523] ? xas_load+0x2c7/0x2e0 [ 2639.576657][T27523] ? pagecache_get_page+0xcc8/0xdb0 [ 2639.581690][T27523] ? page_cache_prev_miss+0x430/0x430 [ 2639.586898][T27523] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2639.592279][T27523] ? lru_cache_add+0x273/0x530 [ 2639.596881][T27523] shmem_getpage_gfp+0x1487/0x25f0 [ 2639.601832][T27523] ? shmem_getpage+0xa0/0xa0 [ 2639.606251][T27523] ? fault_in_safe_writeable+0x240/0x240 [ 2639.611721][T27523] ? __kasan_check_write+0x14/0x20 [ 2639.616668][T27523] ? shmem_write_end+0x786/0x8a0 [ 2639.621445][T27523] shmem_write_begin+0xc8/0x1b0 [ 2639.626129][T27523] generic_perform_write+0x2cd/0x5d0 [ 2639.631253][T27523] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2639.636895][T27523] ? file_remove_privs+0x690/0x690 [ 2639.641843][T27523] ? __kasan_check_write+0x14/0x20 [ 2639.646791][T27523] ? down_write+0xdd/0x140 [ 2639.651041][T27523] __generic_file_write_iter+0x25b/0x4b0 [ 2639.656510][T27523] generic_file_write_iter+0xaf/0x1c0 [ 2639.661720][T27523] vfs_write+0xc8d/0x1050 [ 2639.665884][T27523] ? file_end_write+0x1b0/0x1b0 [ 2639.670572][T27523] ? __fget_files+0x310/0x370 [ 2639.675085][T27523] ? __fdget_pos+0x1fe/0x310 [ 2639.679606][T27523] ? ksys_write+0x77/0x2c0 [ 2639.683863][T27523] ksys_write+0x198/0x2c0 [ 2639.688029][T27523] ? __ia32_sys_read+0x90/0x90 [ 2639.692628][T27523] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2639.698531][T27523] __x64_sys_write+0x7b/0x90 [ 2639.702954][T27523] do_syscall_64+0x44/0xd0 [ 2639.707219][T27523] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2639.712940][T27523] RIP: 0033:0x7fcbd55afe4f [ 2639.717192][T27523] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2639.736633][T27523] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2639.744879][T27523] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2639.752690][T27523] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2639.760503][T27523] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2639.768315][T27523] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 18:24:31 executing program 2: r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) read(r0, &(0x7f0000000140)=""/240, 0xf0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x0, &(0x7f0000000200), 0x200000, 0x4) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x0, &(0x7f00000000c0), 0xc06620, 0x4) ioctl$UFFDIO_COPY(r0, 0x8010aa02, &(0x7f0000000040)={&(0x7f000052b000/0x4000)=nil, &(0x7f00001fc000/0x3000)=nil, 0x4000}) 18:24:31 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 54) 18:24:31 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newtaction={0x84, 0x30, 0xffff, 0x0, 0x0, {}, [{0x70, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x5c, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c}]]}, {0x4}, {0xc}, {0xc, 0xa}}}]}]}, 0x84}, 0x1, 0x40000}, 0x0) 18:24:31 executing program 3: io_setup(0x480b, &(0x7f00000009c0)) io_setup(0x2, &(0x7f0000000200)) io_setup(0x4a0, &(0x7f0000000540)) [ 2639.776132][T27523] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2639.783941][T27523] [ 2639.803180][T27542] FAULT_INJECTION: forcing a failure. [ 2639.803180][T27542] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2639.816093][T27542] CPU: 1 PID: 27542 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2639.826106][T27542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2639.831160][T27547] FAULT_INJECTION: forcing a failure. [ 2639.831160][T27547] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2639.835993][T27542] Call Trace: [ 2639.836009][T27542] [ 2639.836017][T27542] dump_stack_lvl+0x151/0x1b7 [ 2639.859265][T27542] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2639.864548][T27542] ? __kasan_check_read+0x11/0x20 [ 2639.869407][T27542] dump_stack+0x15/0x17 [ 2639.873400][T27542] should_fail+0x3c0/0x510 [ 2639.877656][T27542] should_fail_usercopy+0x1a/0x20 [ 2639.882517][T27542] copy_page_from_iter_atomic+0x433/0x11c0 [ 2639.888159][T27542] ? pipe_zero+0x4d0/0x4d0 [ 2639.892415][T27542] ? __kasan_check_write+0x14/0x20 [ 2639.897357][T27542] ? shmem_write_end+0x786/0x8a0 [ 2639.902130][T27542] generic_perform_write+0x343/0x5d0 [ 2639.907254][T27542] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2639.912893][T27542] ? file_remove_privs+0x690/0x690 [ 2639.917841][T27542] ? __kasan_check_write+0x14/0x20 [ 2639.922789][T27542] ? down_write+0xdd/0x140 [ 2639.927041][T27542] __generic_file_write_iter+0x25b/0x4b0 [ 2639.932513][T27542] generic_file_write_iter+0xaf/0x1c0 [ 2639.937717][T27542] vfs_write+0xc8d/0x1050 [ 2639.941887][T27542] ? file_end_write+0x1b0/0x1b0 [ 2639.946583][T27542] ? __fget_files+0x310/0x370 [ 2639.951093][T27542] ? __fdget_pos+0x1fe/0x310 [ 2639.955512][T27542] ? ksys_write+0x77/0x2c0 [ 2639.959767][T27542] ksys_write+0x198/0x2c0 [ 2639.963932][T27542] ? __ia32_sys_read+0x90/0x90 [ 2639.968536][T27542] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2639.974435][T27542] __x64_sys_write+0x7b/0x90 [ 2639.978863][T27542] do_syscall_64+0x44/0xd0 [ 2639.983116][T27542] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2639.988843][T27542] RIP: 0033:0x7fb257acee4f [ 2639.993098][T27542] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2640.012540][T27542] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2640.020785][T27542] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2640.028600][T27542] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2640.036408][T27542] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2640.044333][T27542] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2640.052127][T27542] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2640.059943][T27542] [ 2640.062895][T27547] CPU: 0 PID: 27547 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2640.065089][T27549] loop1: detected capacity change from 0 to 16 [ 2640.072963][T27547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2640.072981][T27547] Call Trace: [ 2640.072988][T27547] [ 2640.072994][T27547] dump_stack_lvl+0x151/0x1b7 [ 2640.073017][T27547] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2640.073032][T27547] ? __kasan_check_read+0x11/0x20 [ 2640.086848][T27542] loop5: detected capacity change from 0 to 512 [ 2640.088850][T27547] dump_stack+0x15/0x17 [ 2640.088878][T27547] should_fail+0x3c0/0x510 [ 2640.088895][T27547] should_fail_usercopy+0x1a/0x20 [ 2640.088908][T27547] copy_page_from_iter_atomic+0x433/0x11c0 [ 2640.095665][T27549] FAULT_INJECTION: forcing a failure. [ 2640.095665][T27549] name failslab, interval 1, probability 0, space 0, times 0 [ 2640.099265][T27547] ? pipe_zero+0x4d0/0x4d0 [ 2640.099287][T27547] ? __kasan_check_write+0x14/0x20 [ 2640.099302][T27547] ? shmem_write_end+0x786/0x8a0 [ 2640.099319][T27547] generic_perform_write+0x343/0x5d0 [ 2640.165752][T27547] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2640.171390][T27547] ? file_remove_privs+0x690/0x690 [ 2640.176336][T27547] ? __kasan_check_write+0x14/0x20 [ 2640.181282][T27547] ? down_write+0xdd/0x140 [ 2640.185538][T27547] __generic_file_write_iter+0x25b/0x4b0 [ 2640.191016][T27547] generic_file_write_iter+0xaf/0x1c0 [ 2640.196220][T27547] vfs_write+0xc8d/0x1050 [ 2640.200557][T27547] ? file_end_write+0x1b0/0x1b0 [ 2640.205241][T27547] ? __fget_files+0x310/0x370 [ 2640.209755][T27547] ? __fdget_pos+0x1fe/0x310 [ 2640.214180][T27547] ? ksys_write+0x77/0x2c0 [ 2640.218436][T27547] ksys_write+0x198/0x2c0 [ 2640.222601][T27547] ? __ia32_sys_read+0x90/0x90 [ 2640.227202][T27547] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2640.233106][T27547] __x64_sys_write+0x7b/0x90 [ 2640.237536][T27547] do_syscall_64+0x44/0xd0 [ 2640.241842][T27547] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2640.247514][T27547] RIP: 0033:0x7fcbd55afe4f [ 2640.251779][T27547] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2640.271214][T27547] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2640.279456][T27547] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2640.287364][T27547] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2640.295166][T27547] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2640.302978][T27547] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2640.310792][T27547] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2640.318609][T27547] [ 2640.321677][T27549] CPU: 1 PID: 27549 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2640.331740][T27549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2640.341646][T27549] Call Trace: [ 2640.344755][T27549] [ 2640.347533][T27549] dump_stack_lvl+0x151/0x1b7 [ 2640.352047][T27549] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2640.357344][T27549] ? pagecache_get_page+0xce3/0xdb0 [ 2640.362377][T27549] dump_stack+0x15/0x17 [ 2640.366373][T27549] should_fail+0x3c0/0x510 [ 2640.370623][T27549] __should_failslab+0x9f/0xe0 [ 2640.375223][T27549] should_failslab+0x9/0x20 [ 2640.379562][T27549] kmem_cache_alloc+0x4f/0x2f0 [ 2640.384169][T27549] ? jbd2_journal_add_journal_head+0x84/0x4b0 [ 2640.390068][T27549] ? ext4_inode_journal_mode+0x237/0x470 [ 2640.395536][T27549] jbd2_journal_add_journal_head+0x84/0x4b0 [ 2640.401263][T27549] jbd2_journal_get_create_access+0x48/0x4a0 [ 2640.407081][T27549] __ext4_journal_get_create_access+0xaf/0x550 [ 2640.413067][T27549] ? __ext4_forget+0x850/0x850 [ 2640.417671][T27549] ? __kasan_check_write+0x14/0x20 [ 2640.422617][T27549] ? up_read+0x14/0x90 [ 2640.426527][T27549] ext4_getblk+0x3d9/0x6f0 [ 2640.430783][T27549] ? ext4_get_block_unwritten+0x40/0x40 [ 2640.436157][T27549] ? ext4_has_metadata_csum+0x1f0/0x1f0 [ 2640.441540][T27549] ext4_bread+0x2f/0x180 [ 2640.445615][T27549] ext4_append+0x31b/0x5b0 [ 2640.449868][T27549] ? ext4_init_new_dir+0xa10/0xa10 [ 2640.454827][T27549] ext4_init_new_dir+0x337/0xa10 [ 2640.459596][T27549] ? may_create+0x647/0x8c0 [ 2640.463932][T27549] ? ext4_init_dot_dotdot+0x500/0x500 [ 2640.469140][T27549] ext4_mkdir+0x4fa/0xcf0 [ 2640.473308][T27549] ? ext4_symlink+0xfe0/0xfe0 [ 2640.477819][T27549] ? selinux_inode_mkdir+0x22/0x30 [ 2640.482770][T27549] ? security_inode_mkdir+0xf1/0x130 [ 2640.487887][T27549] vfs_mkdir+0x360/0x580 [ 2640.491971][T27549] do_mkdirat+0x1e8/0x420 [ 2640.496135][T27549] ? vfs_mkdir+0x580/0x580 [ 2640.500385][T27549] ? getname_flags+0x1fb/0x510 [ 2640.504987][T27549] __x64_sys_mkdirat+0x89/0xa0 [ 2640.509594][T27549] do_syscall_64+0x44/0xd0 [ 2640.513838][T27549] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2640.519569][T27549] RIP: 0033:0x7fc55e5280e7 [ 2640.523824][T27549] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2640.543266][T27549] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 2640.551514][T27549] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e5280e7 [ 2640.559325][T27549] RDX: 00000000000001ff RSI: 00000000200001c0 RDI: 00000000ffffff9c [ 2640.567138][T27549] RBP: 0000000020000240 R08: 0000000000000000 R09: 0000000000000176 18:24:32 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newtaction={0x84, 0x30, 0xffff, 0x0, 0x0, {}, [{0x70, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x5c, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c}]]}, {0x4}, {0xc}, {0xc, 0xa}}}]}]}, 0x84}, 0x1, 0x40000}, 0x0) 18:24:32 executing program 2: r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) read(r0, &(0x7f0000000140)=""/240, 0xf0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x0, &(0x7f0000000200), 0x200000, 0x4) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x0, &(0x7f00000000c0), 0xc06620, 0x4) ioctl$UFFDIO_COPY(r0, 0x8010aa02, &(0x7f0000000040)={&(0x7f000052b000/0x4000)=nil, &(0x7f00001fc000/0x3000)=nil, 0x4000}) 18:24:32 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newtaction={0x84, 0x30, 0xffff, 0x0, 0x0, {}, [{0x70, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x5c, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c}]]}, {0x4}, {0xc}, {0xc, 0xa}}}]}]}, 0x84}, 0x1, 0x40000}, 0x0) [ 2640.574949][T27549] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000180 [ 2640.582759][T27549] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2640.590574][T27549] [ 2640.621559][T27549] ENOMEM in journal_alloc_journal_head, retrying. 18:24:32 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x6) getpid() sched_setscheduler(0x0, 0x0, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f0000000740)=[{{&(0x7f00000005c0)=@tipc, 0x80, &(0x7f0000000400)=[{&(0x7f0000001740)=""/4096, 0x1000}, {&(0x7f0000000640)=""/251, 0xfb}], 0x2}}], 0x40002db, 0x2, 0x0) syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000000040)='./file0\x00', 0x20010080, &(0x7f0000000440)={[{@errors_remount}, {@umask={'umask', 0x3d, 0xcd}}, {@errors_remount}, {@errors_remount}, {@gid}, {@errors_continue}, {@errors_continue}, {}, {@discard}]}, 0x1, 0x14d7, &(0x7f0000001580)="$eJzs3Hd0lsW2MPDZM/NAiBFfI1ICs2c/8IoBhoiISBERKSIiIiIi0kRAwIiIiIAIAWkiBkSkl4hICQiIlAgRQ+9FejNyEBERkSZNYL6F59zLPcdzF/f7zvkuf2T/1pqV2Xnevd+Z7Kw8Za28P3cdVrNxrWoNiUj8S+CvX1KEEDFCiEFCiNuEEIEQolx8ufhrx/MoSPnX3oT9ez2TfrNXwG4m7n/Oxv3P2bj/ORv3P2fj/uds3P+cjfufs3H/GcvJts4sdDuPnDv4+X9Oxuf/nI37n7Nx/3M27n/Oxv3P2bj/ORv3P2fj/uds3H/GcrKb/fyZx80dN/v3jzHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcZYznDBX6eFEP8xv9nrYowxxhhjjDHG2L+Pz32zV8AYY4wxxhhjjLH//0BIoYQWgcglcosYkUfEiltEnLhV5BW3iYi4XcSLO0Q+cafILwqIgqKQSBCFRRFhBAorSISiqCgmouIuUVzcLRJFCVFSlBJOlBZJ4h5RRtwryor7RDlxvygvHhAVREVRSVQWD4oq4iFRVTwsqolHRHVRQ9QUtcSjorZ4TNQRj4u64glRTzwp6ounRAPxtGgonhGNxLOisXhONBHPi6aimWguWoiW/0/5b4me4m3RS/QWKaKP6CveEf1EfzFADBSDxLtisHhPDBHvi1QxVAwTH4jh4kMxQnwkRopRYrQYI8aKcWK8mCAmikkiTXwsJotPxBTxqZgqponpYoZIFzPFLPGZmC3miLniczFPfCHmiwVioVgkMsSXYrFYIjLFV2Kp+FpkiWViuVghVopVYrVYI9aKdWK92CA2ik1is9gitopvxDaxXewQO8UusVvsEXvFPrFfHBDfimzx3f9l/vl/yO8GAgRIkKBBQy7IBTEQA7EQC3EQB3khL0QgAvEQD/kgH+SH/FAQCkICJEARKAIICAQERaEoRCEKxaE4JEIilISS4MBBEiRBGbgXykJZKAfloDyUhwpQESpCZagMVaAKVIWqUA2qQXWoDjWhJjwKj8JjUAfqQF2oC/WgHtSH+tAAGkBDaAiNoBE0hsbQBJpAU2gKzaE5tISW0ApaQWtoDW2hLbSDdtABOkAyJENH6AjtoRN0hs7QBbpAV+gK3aA7dIe34C14G96G3lBd9oG+0Bf6QT8YAANhILwLg+E9eA/eh1QYCsPgA/gAPoQRcA5GwigYDaOhihwH42ECkJwEaZAGk2EyTIEpMBWmwTSYAekwE2bBLJgNc2AOfA7z4Av4AhbAAlgEGZABi2EJZEImLIXzkAXLYDmsgJWwClbCGlgLa2A9bID1sAk2wRbYAt/ANzAGtsNO2Am7YTfshb2wH/ZDKmRDNhyEg3AIDsFhOAxH4AgchaNwDI7BcTgOJ+AEnIRTcBpOwVk4C+fgPFyAC3AJLsFleCPhx0a7S6xLFfIaLbXMJXPJGBkjY2WsjJNxMq/MKyMyIuNlvMwn88n8Mr8sKAvKBJkgi8giEiVKkqEsKovKqIzK4rK4TJSJsqQsKZ10MkkmyTKyjCwry8py8n5ZXj4gK8iKso2rLCvLKrKtqyofltVkNVld1pA1ZS1ZS9aWtWUdWUfWlXVlPVlP1pdPyQayDwyAZ+S1zjSWQ6GJHAZNZTPZXLaQH8ILspUcAa1lG9lWviRHwUjoIFu5ZPmK7CjHQyf5mpwAr8suchJ0lW/KbrK77CHfkj1la9dL9pZToY/sK2dAP9lfDpAD5WyoIa91rKZ8X6bKoXKY/EAugg/lCPmRHClHydFyjBwrx8nxcoKcKCfJNPmxnCw/kVPkp3KqnCanyxkyXc6Us+RncracI+fKz+U8+YWcLxfIhXKRzJBfysVyicyUX8ml8muZJZfJ5XKFXClXydVyjVwr18n1coPcKDfJzXKL3Cq/kdvkdrlD7pS75G65R+6V++R+eUB+K7Pld/Kg/Is8JL+Xh+UP8oj8UR6VP8lj8md5XP4iT8hf5Ul5Sp6WZ+RZ+Zs8J8/LC/KivCR/l5flFXlVeikUKKmU0ipQuVRuFaPyqFh1i4pTt6q86jYVUbereHWHyqfuVPlVAVVQFVIJqrAqooxCZRWpUBVVxVRU3aWKq7tVoiqhSqpSyqnSKkndo8qoe1VZdZ8qp+5X5dUDqoKqqCqpyupBVUU9pKqqh1U19YiqrmqomqqWelTVVo+pOupxVVc9oeqpJ1V99ZRqoJ5WDdUzqpF6VjVWz6km6nnVVDVTzVUL1VK9oFqpF1Vr1Ua1VS+pdqq96qBeVsnqFdVRvao6qddUZ/W66qLeUF3Vm6qb6q56qCvqqvKql+qtUlQf1Ve9o/qp/mqAGqgGqXfVYPWeGqLeV6lqqBqmPlDD1YdqhPpIjVSj1Gg1Ro1V49R4NUFNVJNUmvpYTVafqCnqUzVVTVPT1QyVrmaqAX+rNPd/kP/JP8kf8se7b1Fb1Tdqm9qudqidapfarfaoPWqf2qcOqAMqW2Wrg+qgOqQOqcPqsDqijqij6qg6po6p4+q4OqFOqJPqlLqozqiz6jd1Tp1X59VFdUldUpf/9jMQGrTUSmsd6Fw6t47ReXSsvkXH6Vt1Xn2bjujbdby+Q+fTd+r8uoAuqAvpBF1YF9FGo7aadKiL6mI6qu/SxfXdOlGX0CV1Ke10aZ2k7/mX82+0vpa6pW6lW+nWurVuq9vqdrqd7qA76GSdrDvqjrqT7qQ76866i+6iu+quupvupnvoHrqn7ql76V46Rafovvod3U/31wP0QD1Iv6sH68F6iB6iU3WqHqaH6eF6uB6hR+iReqQerUfrsXqsHq/H64l6ok7TaXqynqyn6Cl6qp6qp+vpOl2n61l6lp6tZ+u5eq6ep+fp+Xq+XqgX6gydoRfrxTpTZ+qleqnO0sv0Mr1Cr9Cr9Cq9Rq/R6/Q6vUFv0Jv0Jp2lt+qtepvepnfoHXqX3qX36D16n96nD+gDOltn64P6oD6kD+nD+rA+oo/oo/qoPqaP6eP6uD6hT+iT+qQ+rU/rs/qsPqfP6Qv6gr6kL+nL+rK+qq9eu+wLZCADHeggV5AriAligtggNogL4oK8Qd4gEkSC+CA+yBfcGeQPCgQFg0JBQlA4KBKYAAMbUBAGRYNiQTS4Kyge3B0kBiWCkkGpwAWlg6TgnqBMcG9QNrgvKBfcH5QPHggqBBWDSkHl4MGgSvBQUDV4OKgWPBJUD2oENYNawaNB7eCxoE7weFA3eCKoFzwZ1A+eChoETwcNg2eCRsGzQePguaBJ8HzQNGgWNA9aBC3/rfW9P1fgRdfL9DYppo/pa94x/Ux/M8AMNIPMu2awec8MMe+bVDPUDDMfmOHmQzPCfGRGmlFmtBljxppxZryZYCaaSSbNfGwmm0/MFPOpmWqmmelmhkk3M80s85mZbeaYueZzM898YeabBWahWWQyzJdmsVliMs1XZqn52mSZZWa5WWFWmlVmtVlj1pp1Zr3ZYDaaTWaz2WK2mm/MNrPd7DA7zS6z2+wxe80+s98cMN+abPOdOWj+Yg6Z781h84M5Yn40R81P5pj52Rw3v5gT5ldz0pwyp80Zc9b8Zs6Z8+aCuWgumd/NZXPFXDX+2sX9tdM7atSYC3NhDMZgLMZiHMZhXsyLEYxgPMZjPsyH+TE/FsSCmIAJWASL4DWEhEWxKEYxisWxOCZiIpbEkujQYRImYRksg2WxLJbDclgey2MFrICVsBI+iA/iQ/gQPowP4yP4CNbAGlgLa2FtrI11sA7WxbpYD+thfayPDbABNsSG2AgbYWNsjE2wCTbFptgcm2NLbImtsBW2xtbYFttiO2yHHbADJmMydsSO2Ak7YWfsjF2wC3bFrtgNu2EP7IE9sSf2wl6YginYF/tiP+yHA3AADsJBOBgH4xAcgqmYisNwGA7H4TgCR+BIHIWjcQyOxXE4HifgRJyEaZiGk3EyTsEpOBWn4nScjumYjrNwFs7G2TgX5+I8nIfzcT4uxIWYgRm4GBdjJmbiUlyKWZiFy3E5rsSVuBpX41pci+txPW7EjbgZN+NW3IrbcBvuwB24C3fhHtyD+3AfHsADmI3ZeBAP4iE8hIfxMB7BI3gUj+IxPIbH8TiewBN4Ek/iaTyNZ/EsnsNzeAEv4CX8HS/jFbyKHmNsHhtrb7Fx9lab195m/zEuaAvZBFvYFrHG5rcF/i5Ga22iLWFL2lLW2dI2yd7zp7iCrWgr2cr2QVvFPmSr/imubR+zdezjtq59wtayj/5dXM8+aevb52wD+7xtaJvZRraFbWyfs03s87apbWab2xa2nW1vO9iXbbJ9xXa0r/4pXmyX2LV2nV1vN9h9dr+9YC/aY/Zne8n+bnvZ3naQfdcOtu/ZIfZ9m2qH/ikebcfYsXacHW8n2Il20p/i6XaGTbcz7Sz7mZ1t5/wpzrBf2nk20863C+xCu+iP+NqaMu1Xdqn92mbZZXa5XWFX2lV2tV3zn2tdYTfZzXaL3WP32m12u91hd9pddvcf8bV9HLDf2mz7nT1qf7KH7Pf2sD1uj9gf/4iv7e+4/cWesL/ak/aUPW3P2LP2N3vOnv9j/9f2fsZesVett4KAJCnSFFAuyk0xlIdi6RaKo1spL91GEbqd4ukOykd3Un4qQAWpECVQYSpChpAsEYVUlIpRlO6i4nQ3JVIJKkmlyFFpSqJ7qAzdS2XpPipH91N5eoAqUEWqRJXpQapCD1FVepiq0SNUnWpQTapFj1Jteozq0ONUl56gevQk1aenqAE9TQ3pGWpEz1Jjeo6a0PPUlJpRc2pBLekFakUvUmtqQ23pJWpH7akDvUzJ9Ap1pFepE71Gnel16kJvUFd6k7pRd+pBb1FPept6UW9KoT7Ul96hftSfBtBAGkTv0mB6j4bQ+5RKQ2kYfUDD6UMaQR/RSBpFo2kMjaVxNJ4m0ESaRGn0MU2mT2gKfUpTaRpNpxmUTjNpFn1Gs2kOzaXPaR59QfNpAS2kRZRBX9JiWkKZ9BUtpa8pi5bRclpBK2kVraY1tJbW0XraQBtpE22mLbSVvqFttJ120E7aRbtpD+2lfbSfDtC3lE3f0UH6Cx2i7+kw/UBH6Ec6Sj/RMfqZjtMvdIJ+pZN0ik7TGTpLv9E5Ok8X6CJdot/pMl2hq+RJhBDKUIU6DMJcYe4wJswTxoa3hHHhrWHe8LYwEt4exod3hPnCO8P8YYGwYFgoTAgLh0VCE2JoQwrDsGhYLIyGd4XFw7vDxLBEWDIsFbqwdJgU3hOWCe8Ny4b3heXC+8Py4QNhhbBi+NwTlcMHwyrhQ2HV8OGwWvhIWD2sEdYMa4WPhrXDx8I64eNh3fCJsGz4ZFg/fCpsED4dNgyfCRuFz4aNw+fCJuHzYdOwWdg8bBG2DF8IW4Uvhq3DNmHb8KWwXdg+7BC+HCaHr4Qdw1dveDwl7BP2Dd8J3wm9f1wtjC6KZkS/jC6OLolmRr+KLo1+Hc2KLosuj66Iroyuiq6Oromuja6Lro9uiG6Mbopujm6Jel8rt3DgpFNOu8DlcrldjMvjYt0tLs7d6vK621zE3e7i3R0un7vT5XcFXEFXyCW4wq6IMw6ddeRCV9QVc1F3lyvu7naJroQr6Uo550q7JNfCtXQtXSv3omvt2ri27iX3kmvv2ruX3cvuFdfRveo6uddcZ/e66+LecG+4N1031931cG+5nu5t18v1dikuxfV1fV0/188NcAPcIDfIDXaD3RA3xKW6VDfMDXPD3XA3wo1wI91IN9qNdmPdWDfejXcT3USX5tLcZDfZTXFT3FQ31U130126S3ez3Cw32812c91cNy9xnpvv5ruFbqHLcBlusVvsMl2mW+qWuiyX5Za75W6lW+lWu9VurVvr1rv1bqPb6Da7zW6r2+q2uW1uh9vhdrldbo/b4/a5fe6AO+CyXbY76A66Q+6QO+x+cEfcj+6o+8kdcz+74+4Xd8L96k66U+60O+POut/cOXfeXXAX3SX3u7vsrrirzru0yMeRyZFPIlMin0amRqZFpkdmRNIjMyOzIp9FZkfmROZGPo/Mi3wRmR9ZEFkYWRTJiHwZWRxZEsmMfBVZGvk6khVZFlkeWRFZGVkV8b7wttAX9cV81N/li/u7faIv4Uv6Ut750j7J3+PL+Ht9WX+fL+fv9+X9A76Cr+gr+ed9U9/MN/ctfEv/gm/lX/StfRvf1r/k2/n2voN/2Sf7V3xH/6rv5F/znf3rvot/w3f1b/puvrvv4d/yPf3bvpfv7VN8H9/Xv+P7+f5+gB/oB/l3/WD/nh/i3/epfqgf5j/ww/2HfoT/yI/0o/xoP8aP9eP8eD/BT/STfJr/2E/2n/gp/lM/1U/z0/0Mn+5n+ln+Mz/bz/Fz/ed+nv/Cz/cL/EK/yGf4L/1iv8Rn+q/8Uv+1z/LL/HK/wq/0q/xqv8av9ev8er/Bb/Sb/Ga/xW/13/htfrvf4Xf6XX633+P3+n1+vz/gv/XZ/jt/0P/FH/Lf+8P+B3/E/+iP+p/8Mf+zP+5/8Sf8r/6kP+VP+zP+rP/Nn/Pn/QV/0V/yv/vL/oq/yv+zxhhjjDH2P6JucLzPP/me/Nu4pq8Q4tbthY78Y82N+f867y8T2kWEEK/07vrMf4zq1VNSUv722iwlgmILhBCR6/m5xPV4mWgr2otk0UaU+afr6y+7X6Ib1I/eL0Tsf8mJEdfj6/Xv/W/qj5t3w/oLhEgsdj0nj7geX69f9r+pX6DVDern+T5NiNb/JSdOXI+v108SL4pXRfLfvZIxxhhjjDHGGPur/rJS5xvd3167P0/Q13Nyi+vxje7PGWOMMcYYY4wxdvO93r3Hyy8kJ7fpzBOe8IQn/zm52X+ZGGOMMcYYY/9u1y/6b/ZKGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yxnOt/4+PEbvYeGWOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsZvt/wQAAP//bEM2nw==") r2 = socket(0x10, 0x3, 0x0) r3 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000d00)=@newqdisc={0x30, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4}}]}, 0x30}}, 0x0) 18:24:32 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 62) 18:24:32 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 65) 18:24:32 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 55) 18:24:32 executing program 3: io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) timer_create(0x9, &(0x7f0000000100)={0x0, 0x12}, &(0x7f0000000180)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(0xffffffffffffffff, 0x0, 0x4048000) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280)) timer_create(0x9, &(0x7f0000000100)={0x0, 0x21}, &(0x7f0000000540)=0x0) timer_settime(r0, 0x0, &(0x7f0000000380)={{0x77359400}}, &(0x7f00000003c0)) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devtmpfs\x00', 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='lowerdir=.:file0']) mkdir(&(0x7f00000002c0)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f0000000180)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='upperdir=./bus,workdir=./file1,lowerdir=./file0']) chdir(&(0x7f00000001c0)='./bus\x00') r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents64(r1, &(0x7f00000022c0)=""/4088, 0x18) [ 2640.630473][T27549] erofs: (device loop1): mounted with root inode @ nid 36. [ 2640.643084][T27547] loop4: detected capacity change from 0 to 512 [ 2640.656374][T27547] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 2640.687917][T27569] loop1: detected capacity change from 0 to 16 [ 2640.694421][T27569] FAULT_INJECTION: forcing a failure. [ 2640.694421][T27569] name failslab, interval 1, probability 0, space 0, times 0 [ 2640.706905][ T30] audit: type=1400 audit(1673979872.539:793): avc: denied { mounton } for pid=27566 comm="syz-executor.3" path="/root/syzkaller-testdir2634481350/syzkaller.nKXY9O/185/file0" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=dir permissive=1 [ 2640.747022][T27573] FAULT_INJECTION: forcing a failure. [ 2640.747022][T27573] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2640.761559][T27574] FAULT_INJECTION: forcing a failure. [ 2640.761559][T27574] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2640.778717][T27569] CPU: 0 PID: 27569 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 18:24:32 executing program 3: io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) timer_create(0x9, &(0x7f0000000100)={0x0, 0x12}, &(0x7f0000000180)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(0xffffffffffffffff, 0x0, 0x4048000) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280)) timer_create(0x9, &(0x7f0000000100)={0x0, 0x21}, &(0x7f0000000540)=0x0) timer_settime(r0, 0x0, &(0x7f0000000380)={{0x77359400}}, &(0x7f00000003c0)) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devtmpfs\x00', 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='lowerdir=.:file0']) mkdir(&(0x7f00000002c0)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f0000000180)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='upperdir=./bus,workdir=./file1,lowerdir=./file0']) chdir(&(0x7f00000001c0)='./bus\x00') r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents64(r1, &(0x7f00000022c0)=""/4088, 0x18) [ 2640.788790][T27569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2640.798683][T27569] Call Trace: [ 2640.801804][T27569] [ 2640.804584][T27569] dump_stack_lvl+0x151/0x1b7 [ 2640.809096][T27569] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2640.814393][T27569] dump_stack+0x15/0x17 [ 2640.818382][T27569] should_fail+0x3c0/0x510 [ 2640.822638][T27569] ? __se_sys_mount+0x9b/0x3c0 [ 2640.827237][T27569] __should_failslab+0x9f/0xe0 [ 2640.831837][T27569] should_failslab+0x9/0x20 [ 2640.836178][T27569] __kmalloc_track_caller+0x6c/0x350 [ 2640.841300][T27569] ? strnlen_user+0x130/0x1c0 [ 2640.845816][T27569] strndup_user+0x76/0x150 [ 2640.850068][T27569] __se_sys_mount+0x9b/0x3c0 [ 2640.854494][T27569] ? __x64_sys_mount+0xd0/0xd0 [ 2640.859094][T27569] __x64_sys_mount+0xbf/0xd0 [ 2640.863519][T27569] do_syscall_64+0x44/0xd0 [ 2640.867771][T27569] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2640.873505][T27569] RIP: 0033:0x7fc55e52a5fa [ 2640.877757][T27569] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2640.897201][T27569] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2640.905445][T27569] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2640.913254][T27569] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2640.921069][T27569] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 [ 2640.928881][T27569] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2640.936703][T27569] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2640.944597][T27569] [ 2640.947898][T27573] CPU: 0 PID: 27573 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2640.957951][T27573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2640.967848][T27573] Call Trace: [ 2640.970968][T27573] [ 2640.973745][T27573] dump_stack_lvl+0x151/0x1b7 [ 2640.978260][T27573] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2640.983554][T27573] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2640.988764][T27573] dump_stack+0x15/0x17 [ 2640.992841][T27573] should_fail+0x3c0/0x510 [ 2640.997094][T27573] should_fail_alloc_page+0x58/0x70 [ 2641.002133][T27573] __alloc_pages+0x1de/0x7c0 [ 2641.006557][T27573] ? __count_vm_events+0x30/0x30 [ 2641.011330][T27573] ? __kasan_check_read+0x11/0x20 [ 2641.016194][T27573] ? __vm_enough_memory+0x118/0x310 [ 2641.021493][T27573] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2641.026956][T27573] ? shmem_swapin_page+0x15c0/0x15c0 [ 2641.032077][T27573] ? xas_start+0x33d/0x410 [ 2641.036329][T27573] ? xas_load+0x2c7/0x2e0 [ 2641.040497][T27573] ? pagecache_get_page+0xcc8/0xdb0 [ 2641.045534][T27573] ? page_cache_prev_miss+0x430/0x430 [ 2641.050741][T27573] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2641.056120][T27573] ? lru_cache_add+0x273/0x530 [ 2641.060722][T27573] shmem_getpage_gfp+0x1487/0x25f0 [ 2641.065670][T27573] ? shmem_getpage+0xa0/0xa0 [ 2641.070091][T27573] ? fault_in_safe_writeable+0x240/0x240 [ 2641.075566][T27573] ? __kasan_check_write+0x14/0x20 [ 2641.080511][T27573] ? shmem_write_end+0x786/0x8a0 [ 2641.085285][T27573] shmem_write_begin+0xc8/0x1b0 [ 2641.089972][T27573] generic_perform_write+0x2cd/0x5d0 [ 2641.095102][T27573] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2641.100737][T27573] ? file_remove_privs+0x690/0x690 [ 2641.105689][T27573] ? __kasan_check_write+0x14/0x20 [ 2641.110632][T27573] ? down_write+0xdd/0x140 [ 2641.114878][T27573] __generic_file_write_iter+0x25b/0x4b0 [ 2641.120349][T27573] generic_file_write_iter+0xaf/0x1c0 [ 2641.125556][T27573] vfs_write+0xc8d/0x1050 [ 2641.129723][T27573] ? file_end_write+0x1b0/0x1b0 [ 2641.134407][T27573] ? __fget_files+0x310/0x370 [ 2641.138924][T27573] ? __fdget_pos+0x1fe/0x310 [ 2641.143345][T27573] ? ksys_write+0x77/0x2c0 [ 2641.147602][T27573] ksys_write+0x198/0x2c0 [ 2641.151771][T27573] ? __ia32_sys_read+0x90/0x90 [ 2641.156367][T27573] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2641.162270][T27573] __x64_sys_write+0x7b/0x90 [ 2641.166727][T27573] do_syscall_64+0x44/0xd0 [ 2641.170962][T27573] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2641.176679][T27573] RIP: 0033:0x7fcbd55afe4f [ 2641.180934][T27573] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2641.200377][T27573] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2641.208618][T27573] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2641.216518][T27573] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2641.224331][T27573] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2641.232146][T27573] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2641.239953][T27573] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2641.247769][T27573] [ 2641.256396][T27574] CPU: 1 PID: 27574 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2641.266486][T27574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2641.276383][T27574] Call Trace: [ 2641.279503][T27574] [ 2641.282280][T27574] dump_stack_lvl+0x151/0x1b7 [ 2641.286793][T27574] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2641.292090][T27574] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2641.297304][T27574] dump_stack+0x15/0x17 [ 2641.301292][T27574] should_fail+0x3c0/0x510 [ 2641.305545][T27574] should_fail_alloc_page+0x58/0x70 [ 2641.310579][T27574] __alloc_pages+0x1de/0x7c0 [ 2641.315004][T27574] ? __count_vm_events+0x30/0x30 [ 2641.319787][T27574] ? __kasan_check_read+0x11/0x20 [ 2641.324638][T27574] ? __vm_enough_memory+0x118/0x310 [ 2641.329681][T27574] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2641.335144][T27574] ? shmem_swapin_page+0x15c0/0x15c0 [ 2641.340266][T27574] ? xas_start+0x33d/0x410 [ 2641.344516][T27574] ? xas_load+0x2c7/0x2e0 [ 2641.348698][T27574] ? pagecache_get_page+0xcc8/0xdb0 [ 2641.353719][T27574] ? page_cache_prev_miss+0x430/0x430 [ 2641.358929][T27574] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2641.364305][T27574] ? lru_cache_add+0x273/0x530 [ 2641.368905][T27574] shmem_getpage_gfp+0x1487/0x25f0 [ 2641.374115][T27574] ? shmem_getpage+0xa0/0xa0 [ 2641.378740][T27574] ? fault_in_safe_writeable+0x240/0x240 [ 2641.384184][T27574] ? __kasan_check_write+0x14/0x20 [ 2641.389127][T27574] ? shmem_write_end+0x786/0x8a0 [ 2641.393903][T27574] shmem_write_begin+0xc8/0x1b0 [ 2641.398589][T27574] generic_perform_write+0x2cd/0x5d0 [ 2641.403714][T27574] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2641.409354][T27574] ? file_remove_privs+0x690/0x690 [ 2641.414387][T27574] ? __kasan_check_write+0x14/0x20 [ 2641.419333][T27574] ? down_write+0xdd/0x140 [ 2641.423587][T27574] __generic_file_write_iter+0x25b/0x4b0 [ 2641.429059][T27574] generic_file_write_iter+0xaf/0x1c0 [ 2641.434271][T27574] vfs_write+0xc8d/0x1050 [ 2641.438435][T27574] ? file_end_write+0x1b0/0x1b0 [ 2641.443118][T27574] ? __fget_files+0x310/0x370 [ 2641.447631][T27574] ? __fdget_pos+0x1fe/0x310 [ 2641.452056][T27574] ? ksys_write+0x77/0x2c0 [ 2641.456310][T27574] ksys_write+0x198/0x2c0 [ 2641.460478][T27574] ? __ia32_sys_read+0x90/0x90 [ 2641.465078][T27574] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2641.470984][T27574] __x64_sys_write+0x7b/0x90 [ 2641.475406][T27574] do_syscall_64+0x44/0xd0 [ 2641.479666][T27574] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2641.485388][T27574] RIP: 0033:0x7fb257acee4f [ 2641.489647][T27574] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2641.509536][T27574] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2641.517774][T27574] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2641.525585][T27574] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2641.533481][T27574] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2641.541293][T27574] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2641.549102][T27574] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2641.556920][T27574] 18:24:33 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 56) 18:24:33 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10) r1 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$KEYCTL_MOVE(0x1e, r1, 0xfffffffffffffffd, 0xfffffffffffffffc, 0x0) keyctl$set_timeout(0x3, r1, 0x0) 18:24:33 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 66) [ 2641.641845][T27582] FAULT_INJECTION: forcing a failure. [ 2641.641845][T27582] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2641.655326][T27582] CPU: 1 PID: 27582 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2641.659458][T27585] FAULT_INJECTION: forcing a failure. [ 2641.659458][T27585] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2641.665471][T27582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2641.665487][T27582] Call Trace: [ 2641.665493][T27582] [ 2641.665499][T27582] dump_stack_lvl+0x151/0x1b7 [ 2641.698768][T27582] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2641.704019][T27582] ? __kasan_check_read+0x11/0x20 [ 2641.708881][T27582] dump_stack+0x15/0x17 [ 2641.712873][T27582] should_fail+0x3c0/0x510 [ 2641.717126][T27582] should_fail_usercopy+0x1a/0x20 [ 2641.722084][T27582] copy_page_from_iter_atomic+0x433/0x11c0 [ 2641.727718][T27582] ? pipe_zero+0x4d0/0x4d0 [ 2641.731974][T27582] ? __kasan_check_write+0x14/0x20 [ 2641.736917][T27582] ? shmem_write_end+0x786/0x8a0 [ 2641.741781][T27582] generic_perform_write+0x343/0x5d0 [ 2641.746901][T27582] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2641.752544][T27582] ? file_remove_privs+0x690/0x690 [ 2641.757488][T27582] ? __kasan_check_write+0x14/0x20 [ 2641.762435][T27582] ? down_write+0xdd/0x140 [ 2641.766699][T27582] __generic_file_write_iter+0x25b/0x4b0 [ 2641.772159][T27582] generic_file_write_iter+0xaf/0x1c0 [ 2641.777368][T27582] vfs_write+0xc8d/0x1050 [ 2641.781534][T27582] ? file_end_write+0x1b0/0x1b0 [ 2641.786225][T27582] ? _raw_spin_lock_irqsave+0xf8/0x210 [ 2641.791601][T27582] ? __fget_files+0x310/0x370 [ 2641.796114][T27582] ? __fdget_pos+0x1fe/0x310 [ 2641.800636][T27582] ? ksys_write+0x77/0x2c0 [ 2641.804880][T27582] ksys_write+0x198/0x2c0 [ 2641.809047][T27582] ? __ia32_sys_read+0x90/0x90 [ 2641.813651][T27582] ? debug_smp_processor_id+0x17/0x20 [ 2641.818857][T27582] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2641.824845][T27582] __x64_sys_write+0x7b/0x90 [ 2641.829275][T27582] do_syscall_64+0x44/0xd0 [ 2641.833525][T27582] ? irqentry_exit+0x12/0x40 [ 2641.837955][T27582] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2641.843697][T27582] RIP: 0033:0x7fcbd55afe4f [ 2641.847936][T27582] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2641.867463][T27582] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2641.875710][T27582] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2641.883520][T27582] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 18:24:33 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 63) [ 2641.891333][T27582] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2641.899230][T27582] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2641.907042][T27582] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2641.914864][T27582] [ 2641.917727][T27585] CPU: 0 PID: 27585 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2641.927793][T27585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2641.937689][T27585] Call Trace: [ 2641.940814][T27585] [ 2641.943591][T27585] dump_stack_lvl+0x151/0x1b7 [ 2641.948106][T27585] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2641.953399][T27585] ? __kasan_check_read+0x11/0x20 [ 2641.958262][T27585] dump_stack+0x15/0x17 [ 2641.962255][T27585] should_fail+0x3c0/0x510 [ 2641.966511][T27585] should_fail_usercopy+0x1a/0x20 [ 2641.971365][T27585] copy_page_from_iter_atomic+0x433/0x11c0 [ 2641.977010][T27585] ? pipe_zero+0x4d0/0x4d0 [ 2641.981261][T27585] ? __kasan_check_write+0x14/0x20 [ 2641.986205][T27585] ? shmem_write_end+0x786/0x8a0 [ 2641.990985][T27585] generic_perform_write+0x343/0x5d0 [ 2641.996107][T27585] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2642.001744][T27585] ? file_remove_privs+0x690/0x690 [ 2642.006691][T27585] ? __kasan_check_write+0x14/0x20 [ 2642.011641][T27585] ? down_write+0xdd/0x140 [ 2642.015894][T27585] __generic_file_write_iter+0x25b/0x4b0 [ 2642.021383][T27585] generic_file_write_iter+0xaf/0x1c0 [ 2642.026661][T27585] vfs_write+0xc8d/0x1050 [ 2642.030823][T27585] ? file_end_write+0x1b0/0x1b0 [ 2642.035509][T27585] ? __fget_files+0x310/0x370 18:24:33 executing program 3: io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) timer_create(0x9, &(0x7f0000000100)={0x0, 0x12}, &(0x7f0000000180)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(0xffffffffffffffff, 0x0, 0x4048000) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280)) timer_create(0x9, &(0x7f0000000100)={0x0, 0x21}, &(0x7f0000000540)=0x0) timer_settime(r0, 0x0, &(0x7f0000000380)={{0x77359400}}, &(0x7f00000003c0)) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devtmpfs\x00', 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='lowerdir=.:file0']) mkdir(&(0x7f00000002c0)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f0000000180)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='upperdir=./bus,workdir=./file1,lowerdir=./file0']) chdir(&(0x7f00000001c0)='./bus\x00') r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents64(r1, &(0x7f00000022c0)=""/4088, 0x18) [ 2642.040025][T27585] ? __fdget_pos+0x1fe/0x310 [ 2642.044538][T27585] ? ksys_write+0x77/0x2c0 [ 2642.048630][T27582] loop4: detected capacity change from 0 to 512 [ 2642.048809][T27585] ksys_write+0x198/0x2c0 [ 2642.059036][T27585] ? __ia32_sys_read+0x90/0x90 [ 2642.063635][T27585] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2642.069557][T27585] __x64_sys_write+0x7b/0x90 [ 2642.073960][T27585] do_syscall_64+0x44/0xd0 [ 2642.078210][T27585] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2642.083939][T27585] RIP: 0033:0x7fb257acee4f [ 2642.088198][T27585] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2642.107724][T27585] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2642.115968][T27585] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2642.123787][T27585] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2642.131607][T27585] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 18:24:34 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10) r1 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$KEYCTL_MOVE(0x1e, r1, 0xfffffffffffffffd, 0xfffffffffffffffc, 0x0) keyctl$set_timeout(0x3, r1, 0x0) [ 2642.139412][T27585] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2642.147215][T27585] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2642.155035][T27585] [ 2642.218379][T27588] loop1: detected capacity change from 0 to 16 [ 2642.234640][T27588] FAULT_INJECTION: forcing a failure. [ 2642.234640][T27588] name failslab, interval 1, probability 0, space 0, times 0 [ 2642.274055][T27588] CPU: 0 PID: 27588 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2642.284137][T27588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2642.294033][T27588] Call Trace: [ 2642.297168][T27588] [ 2642.299945][T27588] dump_stack_lvl+0x151/0x1b7 [ 2642.304445][T27588] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2642.309745][T27588] dump_stack+0x15/0x17 [ 2642.313737][T27588] should_fail+0x3c0/0x510 [ 2642.317987][T27588] ? __se_sys_mount+0x9b/0x3c0 [ 2642.322590][T27588] __should_failslab+0x9f/0xe0 [ 2642.324541][T27585] loop5: detected capacity change from 0 to 512 [ 2642.327184][T27588] should_failslab+0x9/0x20 [ 2642.337603][T27588] __kmalloc_track_caller+0x6c/0x350 [ 2642.342724][T27588] ? strnlen_user+0x130/0x1c0 [ 2642.347238][T27588] strndup_user+0x76/0x150 [ 2642.351495][T27588] __se_sys_mount+0x9b/0x3c0 [ 2642.355919][T27588] ? __x64_sys_mount+0xd0/0xd0 [ 2642.360521][T27588] __x64_sys_mount+0xbf/0xd0 [ 2642.364948][T27588] do_syscall_64+0x44/0xd0 [ 2642.369201][T27588] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2642.374929][T27588] RIP: 0033:0x7fc55e52a5fa [ 2642.379184][T27588] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2642.398625][T27588] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2642.406870][T27588] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2642.414683][T27588] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2642.422590][T27588] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 [ 2642.430392][T27588] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2642.438201][T27588] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2642.446017][T27588] [ 2642.465627][T27582] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 18:24:34 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@acquire={0x134, 0x17, 0x1, 0x0, 0x0, {{@in6=@loopback}, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, {@in=@empty, @in=@local}, {{@in6=@private2, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0xc0, 0x0, 0x0, 0xffffffffffffffff}}}, [@mark={0xc}]}, 0x134}}, 0x0) 18:24:34 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10) r1 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$KEYCTL_MOVE(0x1e, r1, 0xfffffffffffffffd, 0xfffffffffffffffc, 0x0) keyctl$set_timeout(0x3, r1, 0x0) 18:24:34 executing program 3: io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) timer_create(0x9, &(0x7f0000000100)={0x0, 0x12}, &(0x7f0000000180)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(0xffffffffffffffff, 0x0, 0x4048000) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280)) timer_create(0x9, &(0x7f0000000100)={0x0, 0x21}, &(0x7f0000000540)=0x0) timer_settime(r0, 0x0, &(0x7f0000000380)={{0x77359400}}, &(0x7f00000003c0)) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devtmpfs\x00', 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='lowerdir=.:file0']) mkdir(&(0x7f00000002c0)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f0000000180)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='upperdir=./bus,workdir=./file1,lowerdir=./file0']) chdir(&(0x7f00000001c0)='./bus\x00') r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents64(r1, &(0x7f00000022c0)=""/4088, 0x18) 18:24:34 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 64) 18:24:34 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 57) 18:24:34 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 67) 18:24:34 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@acquire={0x134, 0x17, 0x1, 0x0, 0x0, {{@in6=@loopback}, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, {@in=@empty, @in=@local}, {{@in6=@private2, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0xc0, 0x0, 0x0, 0xffffffffffffffff}}}, [@mark={0xc}]}, 0x134}}, 0x0) [ 2642.715823][T27598] loop1: detected capacity change from 0 to 16 [ 2642.723814][T27602] FAULT_INJECTION: forcing a failure. [ 2642.723814][T27602] name fail_page_alloc, interval 1, probability 0, space 0, times 0 18:24:34 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10) r1 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$KEYCTL_MOVE(0x1e, r1, 0xfffffffffffffffd, 0xfffffffffffffffc, 0x0) keyctl$set_timeout(0x3, r1, 0x0) 18:24:34 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@acquire={0x134, 0x17, 0x1, 0x0, 0x0, {{@in6=@loopback}, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, {@in=@empty, @in=@local}, {{@in6=@private2, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0xc0, 0x0, 0x0, 0xffffffffffffffff}}}, [@mark={0xc}]}, 0x134}}, 0x0) [ 2642.761588][T27598] FAULT_INJECTION: forcing a failure. [ 2642.761588][T27598] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2642.798231][T27609] FAULT_INJECTION: forcing a failure. [ 2642.798231][T27609] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2642.809084][T27598] CPU: 1 PID: 27598 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2642.821326][T27598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2642.831222][T27598] Call Trace: [ 2642.834344][T27598] [ 2642.837122][T27598] dump_stack_lvl+0x151/0x1b7 [ 2642.841651][T27598] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2642.846929][T27598] dump_stack+0x15/0x17 [ 2642.850920][T27598] should_fail+0x3c0/0x510 [ 2642.855175][T27598] should_fail_usercopy+0x1a/0x20 [ 2642.860034][T27598] _copy_from_user+0x20/0xd0 [ 2642.864460][T27598] strndup_user+0xb3/0x150 [ 2642.868808][T27598] __se_sys_mount+0x9b/0x3c0 [ 2642.873237][T27598] ? __x64_sys_mount+0xd0/0xd0 [ 2642.878011][T27598] ? debug_smp_processor_id+0x17/0x20 [ 2642.883217][T27598] __x64_sys_mount+0xbf/0xd0 [ 2642.887646][T27598] do_syscall_64+0x44/0xd0 [ 2642.891898][T27598] ? irqentry_exit+0x12/0x40 [ 2642.896327][T27598] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2642.902053][T27598] RIP: 0033:0x7fc55e52a5fa [ 2642.906307][T27598] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2642.925752][T27598] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2642.933995][T27598] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2642.941830][T27598] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2642.949626][T27598] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 [ 2642.957803][T27598] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2642.965612][T27598] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2642.973424][T27598] [ 2642.982546][T27609] CPU: 1 PID: 27609 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2642.992630][T27609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2643.002522][T27609] Call Trace: [ 2643.005646][T27609] [ 2643.008423][T27609] dump_stack_lvl+0x151/0x1b7 [ 2643.012952][T27609] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2643.018232][T27609] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2643.023441][T27609] dump_stack+0x15/0x17 [ 2643.027433][T27609] should_fail+0x3c0/0x510 [ 2643.031688][T27609] should_fail_alloc_page+0x58/0x70 [ 2643.036728][T27609] __alloc_pages+0x1de/0x7c0 [ 2643.041147][T27609] ? __count_vm_events+0x30/0x30 [ 2643.045920][T27609] ? __kasan_check_read+0x11/0x20 [ 2643.050782][T27609] ? __vm_enough_memory+0x118/0x310 [ 2643.055817][T27609] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2643.061285][T27609] ? shmem_swapin_page+0x15c0/0x15c0 [ 2643.066407][T27609] ? xas_start+0x33d/0x410 [ 2643.070659][T27609] ? xas_load+0x2c7/0x2e0 [ 2643.074831][T27609] ? pagecache_get_page+0xcc8/0xdb0 [ 2643.079886][T27609] ? page_cache_prev_miss+0x430/0x430 [ 2643.085073][T27609] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2643.090454][T27609] ? lru_cache_add+0x273/0x530 [ 2643.095053][T27609] shmem_getpage_gfp+0x1487/0x25f0 [ 2643.100009][T27609] ? shmem_getpage+0xa0/0xa0 [ 2643.104426][T27609] ? fault_in_safe_writeable+0x240/0x240 [ 2643.109891][T27609] ? __kasan_check_write+0x14/0x20 [ 2643.114926][T27609] ? shmem_write_end+0x786/0x8a0 [ 2643.119701][T27609] shmem_write_begin+0xc8/0x1b0 [ 2643.124390][T27609] generic_perform_write+0x2cd/0x5d0 [ 2643.129512][T27609] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2643.135149][T27609] ? file_remove_privs+0x690/0x690 [ 2643.140098][T27609] ? __kasan_check_write+0x14/0x20 [ 2643.145044][T27609] ? down_write+0xdd/0x140 [ 2643.149300][T27609] __generic_file_write_iter+0x25b/0x4b0 [ 2643.154768][T27609] generic_file_write_iter+0xaf/0x1c0 [ 2643.159976][T27609] vfs_write+0xc8d/0x1050 [ 2643.164318][T27609] ? file_end_write+0x1b0/0x1b0 [ 2643.169005][T27609] ? __fget_files+0x310/0x370 [ 2643.173521][T27609] ? __fdget_pos+0x1fe/0x310 [ 2643.177942][T27609] ? ksys_write+0x77/0x2c0 [ 2643.182195][T27609] ksys_write+0x198/0x2c0 [ 2643.186361][T27609] ? __ia32_sys_read+0x90/0x90 [ 2643.190964][T27609] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2643.196865][T27609] __x64_sys_write+0x7b/0x90 [ 2643.201291][T27609] do_syscall_64+0x44/0xd0 [ 2643.205546][T27609] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2643.211272][T27609] RIP: 0033:0x7fb257acee4f [ 2643.215538][T27609] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2643.234972][T27609] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2643.243215][T27609] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2643.251026][T27609] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 18:24:35 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@acquire={0x134, 0x17, 0x1, 0x0, 0x0, {{@in6=@loopback}, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, {@in=@empty, @in=@local}, {{@in6=@private2, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0xc0, 0x0, 0x0, 0xffffffffffffffff}}}, [@mark={0xc}]}, 0x134}}, 0x0) 18:24:35 executing program 0: sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) sched_setscheduler(0x0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000020000040000000000000001040000000e0000f1850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) creat(&(0x7f0000000240)='./file0\x00', 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) fgetxattr(r3, &(0x7f0000000040)=@known='security.selinux\x00', &(0x7f0000000080)=""/161, 0xa1) pipe2$watch_queue(&(0x7f0000000740), 0x80) r4 = creat(&(0x7f0000000280)='./file1\x00', 0x0) write$eventfd(r4, &(0x7f0000000080), 0xfffffe5e) prlimit64(0x0, 0xc, &(0x7f0000000040)={0x6, 0x8}, 0x0) [ 2643.258839][T27609] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2643.266652][T27609] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2643.274473][T27609] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2643.282284][T27609] [ 2643.316912][T27602] CPU: 1 PID: 27602 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2643.326996][T27602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2643.336897][T27602] Call Trace: [ 2643.340017][T27602] [ 2643.342792][T27602] dump_stack_lvl+0x151/0x1b7 [ 2643.347302][T27602] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2643.352597][T27602] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2643.357813][T27602] dump_stack+0x15/0x17 [ 2643.361798][T27602] should_fail+0x3c0/0x510 [ 2643.366051][T27602] should_fail_alloc_page+0x58/0x70 [ 2643.371085][T27602] __alloc_pages+0x1de/0x7c0 [ 2643.375517][T27602] ? __count_vm_events+0x30/0x30 [ 2643.380288][T27602] ? __kasan_check_read+0x11/0x20 [ 2643.385147][T27602] ? __vm_enough_memory+0x118/0x310 [ 2643.390184][T27602] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2643.395652][T27602] ? shmem_swapin_page+0x15c0/0x15c0 [ 2643.400772][T27602] ? xas_start+0x33d/0x410 [ 2643.405025][T27602] ? xas_load+0x2c7/0x2e0 [ 2643.409276][T27602] ? pagecache_get_page+0xcc8/0xdb0 [ 2643.414311][T27602] ? page_cache_prev_miss+0x430/0x430 [ 2643.419519][T27602] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2643.424900][T27602] ? lru_cache_add+0x273/0x530 [ 2643.429502][T27602] shmem_getpage_gfp+0x1487/0x25f0 [ 2643.434454][T27602] ? shmem_getpage+0xa0/0xa0 [ 2643.438874][T27602] ? fault_in_safe_writeable+0x240/0x240 [ 2643.444343][T27602] ? __kasan_check_write+0x14/0x20 [ 2643.449291][T27602] ? shmem_write_end+0x786/0x8a0 [ 2643.454065][T27602] shmem_write_begin+0xc8/0x1b0 [ 2643.458753][T27602] generic_perform_write+0x2cd/0x5d0 [ 2643.463878][T27602] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2643.469518][T27602] ? file_remove_privs+0x690/0x690 [ 2643.474462][T27602] ? __kasan_check_write+0x14/0x20 [ 2643.479409][T27602] ? down_write+0xdd/0x140 [ 2643.483676][T27602] __generic_file_write_iter+0x25b/0x4b0 [ 2643.489135][T27602] generic_file_write_iter+0xaf/0x1c0 [ 2643.494340][T27602] vfs_write+0xc8d/0x1050 [ 2643.498514][T27602] ? file_end_write+0x1b0/0x1b0 [ 2643.503194][T27602] ? __fget_files+0x310/0x370 [ 2643.507712][T27602] ? __fdget_pos+0x1fe/0x310 [ 2643.512135][T27602] ? ksys_write+0x77/0x2c0 [ 2643.516388][T27602] ksys_write+0x198/0x2c0 [ 2643.520554][T27602] ? __ia32_sys_read+0x90/0x90 [ 2643.525154][T27602] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2643.531059][T27602] __x64_sys_write+0x7b/0x90 [ 2643.535496][T27602] do_syscall_64+0x44/0xd0 [ 2643.539738][T27602] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2643.545464][T27602] RIP: 0033:0x7fcbd55afe4f [ 2643.549722][T27602] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2643.569161][T27602] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2643.577409][T27602] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2643.585220][T27602] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2643.593032][T27602] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2643.600845][T27602] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2643.608661][T27602] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 18:24:35 executing program 3: r0 = getuid() syz_mount_image$msdos(&(0x7f0000000140), &(0x7f0000000980)='./file0\x00', 0x8, &(0x7f0000000740)=ANY=[@ANYRES64=r0, @ANYRESDEC, @ANYRESDEC], 0x1, 0x52f, &(0x7f0000001040)="$eJzs1b9u01AUB+DTNKSBqTNiuBILU1XYmAhCqVRhCQmUASYiNSwxQooXJws8Ag/AgzHwEChTN6Ni86cVA5Wa2Gq/b/GRf/fq3nMG++299/OTD8W7r5+/xHC0E71R3O6d7sR+9OKnYURUHwMAuD5Oqyq+V7W27wIAbIf/PwDcPK9ev3n+NMvGL1MaRqw/lZNyUj/r/Og4Gx+mM4O/dq3LcrL7O3+YaufzW3GnyR/9Mx/Eg/t1fpY9e5FdyPfiZOPdAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAzXaQUj8iUkpp/8/bdVlOduv8IP1yIa+ro+NsfNgsOJ/3425/a20AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAV6BYrubTPJ8trlkR8S0usWvvCg4dNiPdcqej5tiuTH6TxZP/Wjy43DQeR0RXGuxQ0eJHCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaFWxXM2neT5bFG3fBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoimK5mk/zfLbYYNF2jwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEA7fgQAAP//jMEtNQ==") lchown(&(0x7f00000002c0)='./file1\x00', 0xffffffffffffffff, 0x0) [ 2643.616475][T27602] 18:24:35 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 68) 18:24:35 executing program 3: syz_clone3(&(0x7f0000000280)={0x40300000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 2643.648510][T27621] loop3: detected capacity change from 0 to 2048 [ 2643.695291][T27621] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. 18:24:35 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 65) 18:24:35 executing program 3: syz_clone3(&(0x7f0000000280)={0x40300000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 2643.896797][T27631] loop1: detected capacity change from 0 to 16 [ 2643.929158][T27631] FAULT_INJECTION: forcing a failure. [ 2643.929158][T27631] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2643.993721][T27631] CPU: 1 PID: 27631 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2644.003802][T27631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2644.013699][T27631] Call Trace: [ 2644.016818][T27631] [ 2644.019595][T27631] dump_stack_lvl+0x151/0x1b7 [ 2644.024115][T27631] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2644.029409][T27631] dump_stack+0x15/0x17 [ 2644.033394][T27631] should_fail+0x3c0/0x510 [ 2644.037662][T27631] should_fail_usercopy+0x1a/0x20 [ 2644.042516][T27631] _copy_from_user+0x20/0xd0 [ 2644.046944][T27631] strndup_user+0xb3/0x150 [ 2644.051197][T27631] __se_sys_mount+0xde/0x3c0 [ 2644.055621][T27631] ? __x64_sys_mount+0xd0/0xd0 [ 2644.060223][T27631] __x64_sys_mount+0xbf/0xd0 [ 2644.064649][T27631] do_syscall_64+0x44/0xd0 [ 2644.068904][T27631] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2644.074628][T27631] RIP: 0033:0x7fc55e52a5fa [ 2644.078884][T27631] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2644.098415][T27631] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2644.106661][T27631] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2644.114471][T27631] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2644.122370][T27631] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 [ 2644.130181][T27631] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2644.137999][T27631] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2644.145819][T27631] [ 2644.261818][T27624] FAULT_INJECTION: forcing a failure. [ 2644.261818][T27624] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2644.274777][T27624] CPU: 1 PID: 27624 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2644.284924][T27624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2644.294837][T27624] Call Trace: [ 2644.297941][T27624] [ 2644.300715][T27624] dump_stack_lvl+0x151/0x1b7 [ 2644.305228][T27624] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2644.310522][T27624] ? __kasan_check_read+0x11/0x20 [ 2644.315383][T27624] dump_stack+0x15/0x17 [ 2644.319373][T27624] should_fail+0x3c0/0x510 [ 2644.323634][T27624] should_fail_usercopy+0x1a/0x20 [ 2644.328495][T27624] copy_page_from_iter_atomic+0x433/0x11c0 [ 2644.334133][T27624] ? pipe_zero+0x4d0/0x4d0 [ 2644.338385][T27624] ? __kasan_check_write+0x14/0x20 [ 2644.343331][T27624] ? shmem_write_end+0x786/0x8a0 [ 2644.348204][T27624] generic_perform_write+0x343/0x5d0 [ 2644.353324][T27624] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2644.359071][T27624] ? file_remove_privs+0x690/0x690 [ 2644.364015][T27624] ? __kasan_check_write+0x14/0x20 [ 2644.368960][T27624] ? down_write+0xdd/0x140 [ 2644.373217][T27624] __generic_file_write_iter+0x25b/0x4b0 [ 2644.378685][T27624] generic_file_write_iter+0xaf/0x1c0 [ 2644.383889][T27624] vfs_write+0xc8d/0x1050 [ 2644.388056][T27624] ? file_end_write+0x1b0/0x1b0 [ 2644.392746][T27624] ? __fget_files+0x310/0x370 [ 2644.397257][T27624] ? __fdget_pos+0x1fe/0x310 [ 2644.401686][T27624] ? ksys_write+0x77/0x2c0 [ 2644.405936][T27624] ksys_write+0x198/0x2c0 [ 2644.410112][T27624] ? __ia32_sys_read+0x90/0x90 [ 2644.414703][T27624] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2644.420608][T27624] __x64_sys_write+0x7b/0x90 [ 2644.425032][T27624] do_syscall_64+0x44/0xd0 [ 2644.429289][T27624] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2644.435016][T27624] RIP: 0033:0x7fb257acee4f [ 2644.439267][T27624] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 18:24:36 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 58) 18:24:36 executing program 3: syz_clone3(&(0x7f0000000280)={0x40300000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 18:24:36 executing program 0: sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) sched_setscheduler(0x0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000020000040000000000000001040000000e0000f1850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) creat(&(0x7f0000000240)='./file0\x00', 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) fgetxattr(r3, &(0x7f0000000040)=@known='security.selinux\x00', &(0x7f0000000080)=""/161, 0xa1) pipe2$watch_queue(&(0x7f0000000740), 0x80) r4 = creat(&(0x7f0000000280)='./file1\x00', 0x0) write$eventfd(r4, &(0x7f0000000080), 0xfffffe5e) prlimit64(0x0, 0xc, &(0x7f0000000040)={0x6, 0x8}, 0x0) [ 2644.458710][T27624] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2644.466957][T27624] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2644.474767][T27624] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2644.482579][T27624] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2644.490394][T27624] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2644.498204][T27624] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2644.506018][T27624] [ 2644.546499][T27639] FAULT_INJECTION: forcing a failure. [ 2644.546499][T27639] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2644.559448][T27639] CPU: 0 PID: 27639 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2644.569457][T27639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2644.579351][T27639] Call Trace: [ 2644.582479][T27639] [ 2644.585252][T27639] dump_stack_lvl+0x151/0x1b7 [ 2644.589769][T27639] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2644.595062][T27639] ? __kasan_check_read+0x11/0x20 [ 2644.599928][T27639] dump_stack+0x15/0x17 [ 2644.603917][T27639] should_fail+0x3c0/0x510 [ 2644.608169][T27639] should_fail_usercopy+0x1a/0x20 [ 2644.613027][T27639] copy_page_from_iter_atomic+0x433/0x11c0 [ 2644.618676][T27639] ? pipe_zero+0x4d0/0x4d0 [ 2644.622924][T27639] ? __kasan_check_write+0x14/0x20 [ 2644.627869][T27639] ? shmem_write_end+0x786/0x8a0 [ 2644.632669][T27639] generic_perform_write+0x343/0x5d0 [ 2644.637853][T27639] ? grab_cache_page_write_begin+0xa0/0xa0 18:24:36 executing program 3: syz_clone3(&(0x7f0000000280)={0x40300000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 2644.643496][T27639] ? file_remove_privs+0x690/0x690 [ 2644.648444][T27639] ? __kasan_check_write+0x14/0x20 [ 2644.653388][T27639] ? down_write+0xdd/0x140 [ 2644.657642][T27639] __generic_file_write_iter+0x25b/0x4b0 [ 2644.663111][T27639] generic_file_write_iter+0xaf/0x1c0 [ 2644.668326][T27639] vfs_write+0xc8d/0x1050 [ 2644.672489][T27639] ? file_end_write+0x1b0/0x1b0 [ 2644.677176][T27639] ? __fget_files+0x310/0x370 [ 2644.681708][T27639] ? __fdget_pos+0x1fe/0x310 [ 2644.686112][T27639] ? ksys_write+0x77/0x2c0 [ 2644.690366][T27639] ksys_write+0x198/0x2c0 [ 2644.694534][T27639] ? __ia32_sys_read+0x90/0x90 [ 2644.699139][T27639] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2644.705038][T27639] __x64_sys_write+0x7b/0x90 [ 2644.709463][T27639] do_syscall_64+0x44/0xd0 [ 2644.713803][T27639] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2644.719531][T27639] RIP: 0033:0x7fcbd55afe4f [ 2644.723786][T27639] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 18:24:36 executing program 2: sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) sched_setscheduler(0x0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000020000040000000000000001040000000e0000f1850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) creat(&(0x7f0000000240)='./file0\x00', 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) fgetxattr(r3, &(0x7f0000000040)=@known='security.selinux\x00', &(0x7f0000000080)=""/161, 0xa1) pipe2$watch_queue(&(0x7f0000000740), 0x80) r4 = creat(&(0x7f0000000280)='./file1\x00', 0x0) write$eventfd(r4, &(0x7f0000000080), 0xfffffe5e) prlimit64(0x0, 0xc, &(0x7f0000000040)={0x6, 0x8}, 0x0) 18:24:36 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 66) [ 2644.743230][T27639] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2644.751474][T27639] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2644.759285][T27639] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2644.767090][T27639] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2644.774909][T27639] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2644.782716][T27639] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2644.790531][T27639] [ 2644.806034][T27650] loop1: detected capacity change from 0 to 16 [ 2644.813410][T27650] FAULT_INJECTION: forcing a failure. [ 2644.813410][T27650] name failslab, interval 1, probability 0, space 0, times 0 [ 2644.827105][T27650] CPU: 0 PID: 27650 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2644.837172][T27650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2644.847065][T27650] Call Trace: [ 2644.850192][T27650] [ 2644.852971][T27650] dump_stack_lvl+0x151/0x1b7 [ 2644.857482][T27650] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2644.862774][T27650] dump_stack+0x15/0x17 [ 2644.866766][T27650] should_fail+0x3c0/0x510 [ 2644.871019][T27650] ? __se_sys_mount+0x156/0x3c0 [ 2644.875707][T27650] __should_failslab+0x9f/0xe0 [ 2644.880309][T27650] should_failslab+0x9/0x20 [ 2644.884650][T27650] kmem_cache_alloc_trace+0x4a/0x310 [ 2644.889769][T27650] __se_sys_mount+0x156/0x3c0 [ 2644.894282][T27650] ? __kasan_check_write+0x14/0x20 [ 2644.899229][T27650] ? fpregs_restore_userregs+0x1f0/0x3a0 [ 2644.904699][T27650] ? __x64_sys_mount+0xd0/0xd0 [ 2644.909303][T27650] __x64_sys_mount+0xbf/0xd0 [ 2644.913726][T27650] do_syscall_64+0x44/0xd0 [ 2644.917982][T27650] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2644.923709][T27650] RIP: 0033:0x7fc55e52a5fa [ 2644.927960][T27650] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2644.947403][T27650] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 18:24:36 executing program 3: sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) sched_setscheduler(0x0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000020000040000000000000001040000000e0000f1850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) creat(&(0x7f0000000240)='./file0\x00', 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) fgetxattr(r3, &(0x7f0000000040)=@known='security.selinux\x00', &(0x7f0000000080)=""/161, 0xa1) pipe2$watch_queue(&(0x7f0000000740), 0x80) r4 = creat(&(0x7f0000000280)='./file1\x00', 0x0) write$eventfd(r4, &(0x7f0000000080), 0xfffffe5e) prlimit64(0x0, 0xc, &(0x7f0000000040)={0x6, 0x8}, 0x0) [ 2644.955648][T27650] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2644.963462][T27650] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2644.971276][T27650] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 [ 2644.979083][T27650] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2644.986897][T27650] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2644.994713][T27650] 18:24:36 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 67) [ 2645.004730][T27639] loop4: detected capacity change from 0 to 512 [ 2645.013483][T27639] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 2645.036902][T27660] loop1: detected capacity change from 0 to 16 [ 2645.049116][T27660] FAULT_INJECTION: forcing a failure. [ 2645.049116][T27660] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2645.082300][T27624] loop5: detected capacity change from 0 to 512 [ 2645.091693][T27660] CPU: 1 PID: 27660 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2645.101758][T27660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2645.111656][T27660] Call Trace: [ 2645.114775][T27660] [ 2645.117553][T27660] dump_stack_lvl+0x151/0x1b7 [ 2645.122067][T27660] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2645.127368][T27660] dump_stack+0x15/0x17 [ 2645.131353][T27660] should_fail+0x3c0/0x510 [ 2645.135626][T27660] should_fail_usercopy+0x1a/0x20 [ 2645.140480][T27660] _copy_from_user+0x20/0xd0 [ 2645.144911][T27660] __se_sys_mount+0x179/0x3c0 [ 2645.149411][T27660] ? __x64_sys_mount+0xd0/0xd0 [ 2645.154043][T27660] __x64_sys_mount+0xbf/0xd0 [ 2645.158438][T27660] do_syscall_64+0x44/0xd0 [ 2645.162692][T27660] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2645.168424][T27660] RIP: 0033:0x7fc55e52a5fa [ 2645.172676][T27660] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2645.192117][T27660] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2645.200361][T27660] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2645.208179][T27660] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2645.215994][T27660] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 [ 2645.223799][T27660] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 18:24:37 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 69) 18:24:37 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 59) [ 2645.231610][T27660] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2645.239426][T27660] [ 2645.331037][T27666] FAULT_INJECTION: forcing a failure. [ 2645.331037][T27666] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2645.366428][T27668] FAULT_INJECTION: forcing a failure. [ 2645.366428][T27668] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2645.400109][T27666] CPU: 1 PID: 27666 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2645.410193][T27666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2645.420088][T27666] Call Trace: [ 2645.423205][T27666] [ 2645.425988][T27666] dump_stack_lvl+0x151/0x1b7 [ 2645.430499][T27666] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2645.435792][T27666] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2645.441006][T27666] dump_stack+0x15/0x17 [ 2645.444994][T27666] should_fail+0x3c0/0x510 [ 2645.449247][T27666] should_fail_alloc_page+0x58/0x70 [ 2645.454281][T27666] __alloc_pages+0x1de/0x7c0 [ 2645.458707][T27666] ? __count_vm_events+0x30/0x30 [ 2645.463487][T27666] ? __kasan_check_read+0x11/0x20 [ 2645.468341][T27666] ? __vm_enough_memory+0x118/0x310 [ 2645.473376][T27666] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2645.478844][T27666] ? shmem_swapin_page+0x15c0/0x15c0 [ 2645.483967][T27666] ? xas_start+0x33d/0x410 [ 2645.488221][T27666] ? xas_load+0x2c7/0x2e0 [ 2645.492401][T27666] ? pagecache_get_page+0xcc8/0xdb0 [ 2645.497425][T27666] ? page_cache_prev_miss+0x430/0x430 [ 2645.502630][T27666] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2645.508012][T27666] ? lru_cache_add+0x273/0x530 [ 2645.512613][T27666] shmem_getpage_gfp+0x1487/0x25f0 [ 2645.517561][T27666] ? shmem_getpage+0xa0/0xa0 [ 2645.521982][T27666] ? fault_in_safe_writeable+0x240/0x240 [ 2645.527450][T27666] ? __kasan_check_write+0x14/0x20 [ 2645.532400][T27666] ? shmem_write_end+0x786/0x8a0 [ 2645.537174][T27666] shmem_write_begin+0xc8/0x1b0 [ 2645.541862][T27666] generic_perform_write+0x2cd/0x5d0 [ 2645.546982][T27666] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2645.552650][T27666] ? file_remove_privs+0x690/0x690 [ 2645.557570][T27666] ? __kasan_check_write+0x14/0x20 [ 2645.562777][T27666] ? down_write+0xdd/0x140 [ 2645.567030][T27666] __generic_file_write_iter+0x25b/0x4b0 [ 2645.572504][T27666] generic_file_write_iter+0xaf/0x1c0 [ 2645.577709][T27666] vfs_write+0xc8d/0x1050 [ 2645.581875][T27666] ? file_end_write+0x1b0/0x1b0 [ 2645.586562][T27666] ? __fget_files+0x310/0x370 [ 2645.591075][T27666] ? __fdget_pos+0x1fe/0x310 [ 2645.595501][T27666] ? ksys_write+0x77/0x2c0 [ 2645.599766][T27666] ksys_write+0x198/0x2c0 [ 2645.603924][T27666] ? __ia32_sys_read+0x90/0x90 [ 2645.608523][T27666] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2645.614426][T27666] __x64_sys_write+0x7b/0x90 [ 2645.618853][T27666] do_syscall_64+0x44/0xd0 [ 2645.623105][T27666] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2645.628832][T27666] RIP: 0033:0x7fb257acee4f [ 2645.633091][T27666] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2645.652533][T27666] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2645.660780][T27666] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2645.668586][T27666] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2645.676398][T27666] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2645.684209][T27666] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2645.692023][T27666] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2645.699839][T27666] [ 2645.706557][T27668] CPU: 1 PID: 27668 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2645.716626][T27668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2645.726526][T27668] Call Trace: [ 2645.729646][T27668] [ 2645.732422][T27668] dump_stack_lvl+0x151/0x1b7 [ 2645.736938][T27668] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2645.742239][T27668] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2645.747443][T27668] dump_stack+0x15/0x17 [ 2645.751437][T27668] should_fail+0x3c0/0x510 [ 2645.755690][T27668] should_fail_alloc_page+0x58/0x70 [ 2645.760727][T27668] __alloc_pages+0x1de/0x7c0 [ 2645.765155][T27668] ? __count_vm_events+0x30/0x30 [ 2645.769935][T27668] ? __kasan_check_read+0x11/0x20 [ 2645.774788][T27668] ? __vm_enough_memory+0x118/0x310 [ 2645.779820][T27668] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2645.785292][T27668] ? shmem_swapin_page+0x15c0/0x15c0 [ 2645.790408][T27668] ? xas_start+0x33d/0x410 [ 2645.794659][T27668] ? xas_load+0x2c7/0x2e0 [ 2645.798828][T27668] ? pagecache_get_page+0xcc8/0xdb0 [ 2645.803873][T27668] ? page_cache_prev_miss+0x430/0x430 [ 2645.809070][T27668] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2645.814451][T27668] ? lru_cache_add+0x273/0x530 [ 2645.819053][T27668] shmem_getpage_gfp+0x1487/0x25f0 [ 2645.824008][T27668] ? shmem_getpage+0xa0/0xa0 [ 2645.828423][T27668] ? fault_in_safe_writeable+0x240/0x240 [ 2645.833894][T27668] ? __kasan_check_write+0x14/0x20 [ 2645.838839][T27668] ? shmem_write_end+0x786/0x8a0 [ 2645.843619][T27668] shmem_write_begin+0xc8/0x1b0 [ 2645.848300][T27668] generic_perform_write+0x2cd/0x5d0 [ 2645.853428][T27668] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2645.859066][T27668] ? file_remove_privs+0x690/0x690 [ 2645.864013][T27668] ? __kasan_check_write+0x14/0x20 [ 2645.868962][T27668] ? down_write+0xdd/0x140 [ 2645.873222][T27668] __generic_file_write_iter+0x25b/0x4b0 [ 2645.878681][T27668] generic_file_write_iter+0xaf/0x1c0 [ 2645.883888][T27668] vfs_write+0xc8d/0x1050 [ 2645.888082][T27668] ? file_end_write+0x1b0/0x1b0 [ 2645.892745][T27668] ? __fget_files+0x310/0x370 [ 2645.897257][T27668] ? __fdget_pos+0x1fe/0x310 [ 2645.901681][T27668] ? ksys_write+0x77/0x2c0 [ 2645.905938][T27668] ksys_write+0x198/0x2c0 [ 2645.910105][T27668] ? __ia32_sys_read+0x90/0x90 [ 2645.914700][T27668] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2645.920634][T27668] __x64_sys_write+0x7b/0x90 [ 2645.925121][T27668] do_syscall_64+0x44/0xd0 [ 2645.929373][T27668] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2645.935101][T27668] RIP: 0033:0x7fcbd55afe4f [ 2645.939354][T27668] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2645.958797][T27668] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2645.967042][T27668] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2645.974855][T27668] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2645.982669][T27668] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2645.990590][T27668] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 18:24:37 executing program 2: sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) sched_setscheduler(0x0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000020000040000000000000001040000000e0000f1850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) creat(&(0x7f0000000240)='./file0\x00', 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) fgetxattr(r3, &(0x7f0000000040)=@known='security.selinux\x00', &(0x7f0000000080)=""/161, 0xa1) pipe2$watch_queue(&(0x7f0000000740), 0x80) r4 = creat(&(0x7f0000000280)='./file1\x00', 0x0) write$eventfd(r4, &(0x7f0000000080), 0xfffffe5e) prlimit64(0x0, 0xc, &(0x7f0000000040)={0x6, 0x8}, 0x0) [ 2645.998377][T27668] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2646.006281][T27668] [ 2646.029451][T27660] erofs: (device loop1): mounted with root inode @ nid 36. 18:24:37 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 68) 18:24:38 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 70) [ 2646.184484][T27675] loop1: detected capacity change from 0 to 16 [ 2646.209051][T27675] FAULT_INJECTION: forcing a failure. [ 2646.209051][T27675] name failslab, interval 1, probability 0, space 0, times 0 [ 2646.245371][T27675] CPU: 1 PID: 27675 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2646.255460][T27675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2646.265354][T27675] Call Trace: [ 2646.268479][T27675] [ 2646.271253][T27675] dump_stack_lvl+0x151/0x1b7 [ 2646.276206][T27675] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2646.281503][T27675] dump_stack+0x15/0x17 [ 2646.285496][T27675] should_fail+0x3c0/0x510 [ 2646.289743][T27675] __should_failslab+0x9f/0xe0 [ 2646.294349][T27675] should_failslab+0x9/0x20 [ 2646.298859][T27675] kmem_cache_alloc+0x4f/0x2f0 [ 2646.303456][T27675] ? getname_flags+0xba/0x510 [ 2646.307971][T27675] getname_flags+0xba/0x510 [ 2646.312311][T27675] user_path_at_empty+0x2e/0x1b0 [ 2646.317432][T27675] __se_sys_mount+0x293/0x3c0 [ 2646.321944][T27675] ? __x64_sys_mount+0xd0/0xd0 [ 2646.326548][T27675] __x64_sys_mount+0xbf/0xd0 [ 2646.330972][T27675] do_syscall_64+0x44/0xd0 [ 2646.335224][T27675] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2646.341112][T27675] RIP: 0033:0x7fc55e52a5fa [ 2646.345361][T27675] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2646.364805][T27675] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2646.373063][T27675] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2646.380863][T27675] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2646.388675][T27675] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 [ 2646.396486][T27675] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2646.404303][T27675] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2646.412112][T27675] 18:24:38 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 60) [ 2646.541988][T27680] FAULT_INJECTION: forcing a failure. [ 2646.541988][T27680] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2646.554944][T27680] CPU: 0 PID: 27680 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2646.564920][T27680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2646.574814][T27680] Call Trace: [ 2646.577937][T27680] [ 2646.580719][T27680] dump_stack_lvl+0x151/0x1b7 [ 2646.585226][T27680] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2646.590523][T27680] ? __kasan_check_read+0x11/0x20 [ 2646.595400][T27680] dump_stack+0x15/0x17 [ 2646.599464][T27680] should_fail+0x3c0/0x510 [ 2646.603717][T27680] should_fail_usercopy+0x1a/0x20 [ 2646.608580][T27680] copy_page_from_iter_atomic+0x433/0x11c0 [ 2646.614222][T27680] ? pipe_zero+0x4d0/0x4d0 [ 2646.618480][T27680] ? __kasan_check_write+0x14/0x20 [ 2646.623420][T27680] ? shmem_write_end+0x786/0x8a0 [ 2646.628196][T27680] generic_perform_write+0x343/0x5d0 [ 2646.633321][T27680] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2646.638957][T27680] ? file_remove_privs+0x690/0x690 [ 2646.643907][T27680] ? __kasan_check_write+0x14/0x20 [ 2646.648850][T27680] ? down_write+0xdd/0x140 [ 2646.653104][T27680] __generic_file_write_iter+0x25b/0x4b0 [ 2646.658576][T27680] generic_file_write_iter+0xaf/0x1c0 [ 2646.663781][T27680] vfs_write+0xc8d/0x1050 [ 2646.667955][T27680] ? file_end_write+0x1b0/0x1b0 [ 2646.672637][T27680] ? __fget_files+0x310/0x370 [ 2646.677150][T27680] ? __fdget_pos+0x1fe/0x310 [ 2646.681581][T27680] ? ksys_write+0x77/0x2c0 [ 2646.685828][T27680] ksys_write+0x198/0x2c0 [ 2646.690000][T27680] ? __ia32_sys_read+0x90/0x90 [ 2646.694600][T27680] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2646.700499][T27680] __x64_sys_write+0x7b/0x90 [ 2646.704928][T27680] do_syscall_64+0x44/0xd0 [ 2646.709179][T27680] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2646.714912][T27680] RIP: 0033:0x7fcbd55afe4f [ 2646.719157][T27680] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2646.738608][T27680] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2646.746854][T27680] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2646.754661][T27680] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2646.762472][T27680] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2646.770283][T27680] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2646.778104][T27680] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2646.785921][T27680] 18:24:38 executing program 0: sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) sched_setscheduler(0x0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000020000040000000000000001040000000e0000f1850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) creat(&(0x7f0000000240)='./file0\x00', 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) fgetxattr(r3, &(0x7f0000000040)=@known='security.selinux\x00', &(0x7f0000000080)=""/161, 0xa1) pipe2$watch_queue(&(0x7f0000000740), 0x80) r4 = creat(&(0x7f0000000280)='./file1\x00', 0x0) write$eventfd(r4, &(0x7f0000000080), 0xfffffe5e) prlimit64(0x0, 0xc, &(0x7f0000000040)={0x6, 0x8}, 0x0) 18:24:38 executing program 3: sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) sched_setscheduler(0x0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000020000040000000000000001040000000e0000f1850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) creat(&(0x7f0000000240)='./file0\x00', 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) fgetxattr(r3, &(0x7f0000000040)=@known='security.selinux\x00', &(0x7f0000000080)=""/161, 0xa1) pipe2$watch_queue(&(0x7f0000000740), 0x80) r4 = creat(&(0x7f0000000280)='./file1\x00', 0x0) write$eventfd(r4, &(0x7f0000000080), 0xfffffe5e) prlimit64(0x0, 0xc, &(0x7f0000000040)={0x6, 0x8}, 0x0) [ 2646.839710][T27680] loop4: detected capacity change from 0 to 512 [ 2646.860110][T27677] FAULT_INJECTION: forcing a failure. [ 2646.860110][T27677] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2646.873106][T27677] CPU: 0 PID: 27677 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2646.883169][T27677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2646.893062][T27677] Call Trace: [ 2646.896180][T27677] [ 2646.898964][T27677] dump_stack_lvl+0x151/0x1b7 [ 2646.903472][T27677] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2646.908770][T27677] ? __kasan_check_read+0x11/0x20 [ 2646.913633][T27677] dump_stack+0x15/0x17 [ 2646.917621][T27677] should_fail+0x3c0/0x510 [ 2646.921876][T27677] should_fail_usercopy+0x1a/0x20 [ 2646.926734][T27677] copy_page_from_iter_atomic+0x433/0x11c0 [ 2646.932382][T27677] ? pipe_zero+0x4d0/0x4d0 [ 2646.936629][T27677] ? __kasan_check_write+0x14/0x20 [ 2646.941576][T27677] ? shmem_write_end+0x786/0x8a0 [ 2646.946353][T27677] generic_perform_write+0x343/0x5d0 [ 2646.951475][T27677] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2646.957119][T27677] ? file_remove_privs+0x690/0x690 [ 2646.962061][T27677] ? __kasan_check_write+0x14/0x20 [ 2646.967008][T27677] ? down_write+0xdd/0x140 [ 2646.971611][T27677] __generic_file_write_iter+0x25b/0x4b0 [ 2646.977169][T27677] generic_file_write_iter+0xaf/0x1c0 [ 2646.982464][T27677] vfs_write+0xc8d/0x1050 [ 2646.986629][T27677] ? file_end_write+0x1b0/0x1b0 [ 2646.991315][T27677] ? __fget_files+0x310/0x370 [ 2646.995833][T27677] ? __fdget_pos+0x1fe/0x310 [ 2647.000255][T27677] ? ksys_write+0x77/0x2c0 [ 2647.004506][T27677] ksys_write+0x198/0x2c0 [ 2647.008679][T27677] ? __ia32_sys_read+0x90/0x90 [ 2647.013280][T27677] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2647.019178][T27677] __x64_sys_write+0x7b/0x90 [ 2647.023610][T27677] do_syscall_64+0x44/0xd0 [ 2647.027862][T27677] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2647.033582][T27677] RIP: 0033:0x7fb257acee4f [ 2647.037836][T27677] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2647.057289][T27677] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2647.065532][T27677] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2647.073338][T27677] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2647.081233][T27677] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 18:24:38 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 69) [ 2647.089044][T27677] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2647.096854][T27677] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2647.104672][T27677] [ 2647.147318][T27680] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 2647.158717][T27691] loop1: detected capacity change from 0 to 16 [ 2647.159258][T27677] loop5: detected capacity change from 0 to 512 [ 2647.165205][T27691] FAULT_INJECTION: forcing a failure. [ 2647.165205][T27691] name failslab, interval 1, probability 0, space 0, times 0 18:24:39 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 61) [ 2647.306383][T27695] FAULT_INJECTION: forcing a failure. [ 2647.306383][T27695] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2647.323910][T27695] CPU: 1 PID: 27695 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2647.333985][T27695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2647.343873][T27695] Call Trace: [ 2647.346997][T27695] [ 2647.349783][T27695] dump_stack_lvl+0x151/0x1b7 [ 2647.354288][T27695] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2647.359674][T27695] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2647.364883][T27695] dump_stack+0x15/0x17 [ 2647.368875][T27695] should_fail+0x3c0/0x510 [ 2647.373127][T27695] should_fail_alloc_page+0x58/0x70 [ 2647.378154][T27695] __alloc_pages+0x1de/0x7c0 [ 2647.382580][T27695] ? __count_vm_events+0x30/0x30 [ 2647.387355][T27695] ? __kasan_check_read+0x11/0x20 [ 2647.392213][T27695] ? __vm_enough_memory+0x118/0x310 [ 2647.397256][T27695] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2647.402722][T27695] ? shmem_swapin_page+0x15c0/0x15c0 [ 2647.407845][T27695] ? xas_start+0x33d/0x410 [ 2647.412094][T27695] ? xas_load+0x2c7/0x2e0 [ 2647.416260][T27695] ? pagecache_get_page+0xcc8/0xdb0 [ 2647.421314][T27695] ? page_cache_prev_miss+0x430/0x430 [ 2647.426594][T27695] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2647.431968][T27695] ? lru_cache_add+0x273/0x530 [ 2647.436572][T27695] shmem_getpage_gfp+0x1487/0x25f0 [ 2647.441520][T27695] ? shmem_getpage+0xa0/0xa0 [ 2647.445943][T27695] ? fault_in_safe_writeable+0x240/0x240 [ 2647.451413][T27695] ? __kasan_check_write+0x14/0x20 [ 2647.456359][T27695] ? shmem_write_end+0x786/0x8a0 [ 2647.461136][T27695] shmem_write_begin+0xc8/0x1b0 [ 2647.465836][T27695] generic_perform_write+0x2cd/0x5d0 [ 2647.471035][T27695] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2647.476676][T27695] ? file_remove_privs+0x690/0x690 [ 2647.481621][T27695] ? __kasan_check_write+0x14/0x20 [ 2647.486565][T27695] ? down_write+0xdd/0x140 [ 2647.490827][T27695] __generic_file_write_iter+0x25b/0x4b0 [ 2647.496290][T27695] generic_file_write_iter+0xaf/0x1c0 [ 2647.501497][T27695] vfs_write+0xc8d/0x1050 [ 2647.505662][T27695] ? file_end_write+0x1b0/0x1b0 [ 2647.510352][T27695] ? __fget_files+0x310/0x370 [ 2647.514865][T27695] ? __fdget_pos+0x1fe/0x310 [ 2647.519287][T27695] ? ksys_write+0x77/0x2c0 [ 2647.523549][T27695] ksys_write+0x198/0x2c0 [ 2647.527716][T27695] ? __ia32_sys_read+0x90/0x90 [ 2647.532312][T27695] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2647.538298][T27695] __x64_sys_write+0x7b/0x90 [ 2647.542725][T27695] do_syscall_64+0x44/0xd0 [ 2647.546991][T27695] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2647.552706][T27695] RIP: 0033:0x7fcbd55afe4f [ 2647.556964][T27695] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2647.576405][T27695] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2647.584647][T27695] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2647.592460][T27695] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2647.600270][T27695] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2647.608083][T27695] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2647.615895][T27695] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2647.623713][T27695] [ 2647.627279][T27691] CPU: 1 PID: 27691 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2647.637344][T27691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2647.647237][T27691] Call Trace: [ 2647.650360][T27691] [ 2647.653138][T27691] dump_stack_lvl+0x151/0x1b7 [ 2647.657654][T27691] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2647.662950][T27691] dump_stack+0x15/0x17 [ 2647.666940][T27691] should_fail+0x3c0/0x510 [ 2647.671192][T27691] __should_failslab+0x9f/0xe0 [ 2647.675794][T27691] should_failslab+0x9/0x20 [ 2647.680147][T27691] kmem_cache_alloc+0x4f/0x2f0 [ 2647.684736][T27691] ? getname_flags+0xba/0x510 [ 2647.689258][T27691] getname_flags+0xba/0x510 [ 2647.693589][T27691] user_path_at_empty+0x2e/0x1b0 [ 2647.698365][T27691] __se_sys_mount+0x293/0x3c0 [ 2647.702874][T27691] ? __x64_sys_mount+0xd0/0xd0 [ 2647.707479][T27691] __x64_sys_mount+0xbf/0xd0 [ 2647.711900][T27691] do_syscall_64+0x44/0xd0 [ 2647.716154][T27691] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2647.721887][T27691] RIP: 0033:0x7fc55e52a5fa [ 2647.726137][T27691] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2647.745579][T27691] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 18:24:39 executing program 2: sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) sched_setscheduler(0x0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000020000040000000000000001040000000e0000f1850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) creat(&(0x7f0000000240)='./file0\x00', 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) fgetxattr(r3, &(0x7f0000000040)=@known='security.selinux\x00', &(0x7f0000000080)=""/161, 0xa1) pipe2$watch_queue(&(0x7f0000000740), 0x80) r4 = creat(&(0x7f0000000280)='./file1\x00', 0x0) write$eventfd(r4, &(0x7f0000000080), 0xfffffe5e) prlimit64(0x0, 0xc, &(0x7f0000000040)={0x6, 0x8}, 0x0) [ 2647.753827][T27691] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2647.761639][T27691] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2647.769448][T27691] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 [ 2647.777264][T27691] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2647.785077][T27691] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2647.792897][T27691] 18:24:39 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 71) 18:24:39 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 62) [ 2648.000796][T27701] FAULT_INJECTION: forcing a failure. [ 2648.000796][T27701] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2648.020256][T27701] CPU: 1 PID: 27701 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2648.030350][T27701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2648.040240][T27701] Call Trace: [ 2648.043361][T27701] [ 2648.046140][T27701] dump_stack_lvl+0x151/0x1b7 [ 2648.050654][T27701] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2648.055945][T27701] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2648.061154][T27701] dump_stack+0x15/0x17 [ 2648.065143][T27701] should_fail+0x3c0/0x510 [ 2648.069397][T27701] should_fail_alloc_page+0x58/0x70 [ 2648.074553][T27701] __alloc_pages+0x1de/0x7c0 [ 2648.078982][T27701] ? __count_vm_events+0x30/0x30 [ 2648.083744][T27701] ? __kasan_check_read+0x11/0x20 [ 2648.088611][T27701] ? __vm_enough_memory+0x118/0x310 [ 2648.093638][T27701] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2648.099105][T27701] ? shmem_swapin_page+0x15c0/0x15c0 [ 2648.104338][T27701] ? xas_start+0x33d/0x410 [ 2648.108693][T27701] ? xas_load+0x2c7/0x2e0 [ 2648.112841][T27701] ? pagecache_get_page+0xcc8/0xdb0 [ 2648.117877][T27701] ? page_cache_prev_miss+0x430/0x430 [ 2648.123082][T27701] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2648.128473][T27701] ? lru_cache_add+0x273/0x530 [ 2648.133066][T27701] shmem_getpage_gfp+0x1487/0x25f0 [ 2648.138023][T27701] ? shmem_getpage+0xa0/0xa0 [ 2648.142446][T27701] ? fault_in_safe_writeable+0x240/0x240 [ 2648.147928][T27701] ? __kasan_check_write+0x14/0x20 [ 2648.152871][T27701] ? shmem_write_end+0x786/0x8a0 [ 2648.157629][T27701] shmem_write_begin+0xc8/0x1b0 [ 2648.162319][T27701] generic_perform_write+0x2cd/0x5d0 [ 2648.167440][T27701] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2648.173079][T27701] ? file_remove_privs+0x690/0x690 [ 2648.178026][T27701] ? __kasan_check_write+0x14/0x20 [ 2648.182973][T27701] ? down_write+0xdd/0x140 [ 2648.187229][T27701] __generic_file_write_iter+0x25b/0x4b0 [ 2648.192696][T27701] generic_file_write_iter+0xaf/0x1c0 [ 2648.197906][T27701] vfs_write+0xc8d/0x1050 [ 2648.202073][T27701] ? file_end_write+0x1b0/0x1b0 [ 2648.206760][T27701] ? __fget_files+0x310/0x370 [ 2648.211278][T27701] ? __fdget_pos+0x1fe/0x310 [ 2648.215792][T27701] ? ksys_write+0x77/0x2c0 [ 2648.220045][T27701] ksys_write+0x198/0x2c0 [ 2648.224223][T27701] ? __ia32_sys_read+0x90/0x90 [ 2648.228813][T27701] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2648.234719][T27701] __x64_sys_write+0x7b/0x90 [ 2648.239142][T27701] do_syscall_64+0x44/0xd0 [ 2648.243395][T27701] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2648.249134][T27701] RIP: 0033:0x7fb257acee4f [ 2648.253394][T27701] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2648.272825][T27701] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2648.281067][T27701] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2648.288879][T27701] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2648.296691][T27701] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2648.304586][T27701] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2648.312404][T27701] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2648.320215][T27701] 18:24:40 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 70) [ 2648.382626][T27706] loop1: detected capacity change from 0 to 16 [ 2648.406518][T27706] FAULT_INJECTION: forcing a failure. [ 2648.406518][T27706] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2648.455314][T27706] CPU: 0 PID: 27706 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2648.465392][T27706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2648.475282][T27706] Call Trace: [ 2648.478406][T27706] [ 2648.481180][T27706] dump_stack_lvl+0x151/0x1b7 [ 2648.485699][T27706] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2648.490992][T27706] dump_stack+0x15/0x17 [ 2648.494983][T27706] should_fail+0x3c0/0x510 [ 2648.499238][T27706] should_fail_usercopy+0x1a/0x20 [ 2648.504098][T27706] strncpy_from_user+0x24/0x2b0 [ 2648.508784][T27706] getname_flags+0xf2/0x510 [ 2648.513123][T27706] user_path_at_empty+0x2e/0x1b0 [ 2648.517898][T27706] __se_sys_mount+0x293/0x3c0 [ 2648.522411][T27706] ? __x64_sys_mount+0xd0/0xd0 [ 2648.527013][T27706] __x64_sys_mount+0xbf/0xd0 [ 2648.531441][T27706] do_syscall_64+0x44/0xd0 [ 2648.535710][T27706] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2648.541421][T27706] RIP: 0033:0x7fc55e52a5fa [ 2648.545680][T27706] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2648.565116][T27706] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2648.573364][T27706] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2648.581174][T27706] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2648.588986][T27706] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 [ 2648.596797][T27706] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2648.604615][T27706] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2648.612424][T27706] [ 2648.680219][T27707] FAULT_INJECTION: forcing a failure. [ 2648.680219][T27707] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2648.693139][T27707] CPU: 1 PID: 27707 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2648.703148][T27707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2648.713040][T27707] Call Trace: [ 2648.716162][T27707] [ 2648.718942][T27707] dump_stack_lvl+0x151/0x1b7 [ 2648.723455][T27707] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2648.728754][T27707] ? __kasan_check_read+0x11/0x20 [ 2648.733617][T27707] dump_stack+0x15/0x17 [ 2648.737603][T27707] should_fail+0x3c0/0x510 [ 2648.741857][T27707] should_fail_usercopy+0x1a/0x20 [ 2648.746719][T27707] copy_page_from_iter_atomic+0x433/0x11c0 [ 2648.752366][T27707] ? pipe_zero+0x4d0/0x4d0 [ 2648.756611][T27707] ? __kasan_check_write+0x14/0x20 [ 2648.761571][T27707] ? shmem_write_end+0x786/0x8a0 [ 2648.766351][T27707] generic_perform_write+0x343/0x5d0 [ 2648.771457][T27707] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2648.777100][T27707] ? file_remove_privs+0x690/0x690 [ 2648.782046][T27707] ? __kasan_check_write+0x14/0x20 [ 2648.786994][T27707] ? down_write+0xdd/0x140 [ 2648.791246][T27707] __generic_file_write_iter+0x25b/0x4b0 [ 2648.796715][T27707] generic_file_write_iter+0xaf/0x1c0 [ 2648.801923][T27707] vfs_write+0xc8d/0x1050 [ 2648.806087][T27707] ? file_end_write+0x1b0/0x1b0 [ 2648.810777][T27707] ? __fget_files+0x310/0x370 [ 2648.815298][T27707] ? __fdget_pos+0x1fe/0x310 [ 2648.819717][T27707] ? ksys_write+0x77/0x2c0 [ 2648.823967][T27707] ksys_write+0x198/0x2c0 [ 2648.828136][T27707] ? __ia32_sys_read+0x90/0x90 [ 2648.832736][T27707] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2648.838641][T27707] __x64_sys_write+0x7b/0x90 [ 2648.843150][T27707] do_syscall_64+0x44/0xd0 [ 2648.847403][T27707] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2648.853132][T27707] RIP: 0033:0x7fcbd55afe4f [ 2648.857386][T27707] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 18:24:40 executing program 3: sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) sched_setscheduler(0x0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000020000040000000000000001040000000e0000f1850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) creat(&(0x7f0000000240)='./file0\x00', 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) fgetxattr(r3, &(0x7f0000000040)=@known='security.selinux\x00', &(0x7f0000000080)=""/161, 0xa1) pipe2$watch_queue(&(0x7f0000000740), 0x80) r4 = creat(&(0x7f0000000280)='./file1\x00', 0x0) write$eventfd(r4, &(0x7f0000000080), 0xfffffe5e) prlimit64(0x0, 0xc, &(0x7f0000000040)={0x6, 0x8}, 0x0) [ 2648.876831][T27707] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2648.885077][T27707] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2648.892888][T27707] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2648.900697][T27707] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2648.908513][T27707] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2648.916323][T27707] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2648.924143][T27707] 18:24:40 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 63) 18:24:40 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 72) 18:24:40 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 71) [ 2648.969376][T27707] loop4: detected capacity change from 0 to 512 [ 2648.978712][T27707] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 2649.017792][T27715] FAULT_INJECTION: forcing a failure. [ 2649.017792][T27715] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2649.030766][T27715] CPU: 0 PID: 27715 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2649.040819][T27715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2649.050716][T27715] Call Trace: [ 2649.053837][T27715] [ 2649.056615][T27715] dump_stack_lvl+0x151/0x1b7 [ 2649.061131][T27715] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2649.066425][T27715] ? __kasan_check_read+0x11/0x20 [ 2649.071285][T27715] dump_stack+0x15/0x17 [ 2649.075276][T27715] should_fail+0x3c0/0x510 [ 2649.079530][T27715] should_fail_usercopy+0x1a/0x20 [ 2649.084387][T27715] copy_page_from_iter_atomic+0x433/0x11c0 [ 2649.090034][T27715] ? pipe_zero+0x4d0/0x4d0 [ 2649.094282][T27715] ? __kasan_check_write+0x14/0x20 [ 2649.099230][T27715] ? shmem_write_end+0x786/0x8a0 [ 2649.104005][T27715] generic_perform_write+0x343/0x5d0 [ 2649.109129][T27715] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2649.114769][T27715] ? file_remove_privs+0x690/0x690 [ 2649.119726][T27715] ? __kasan_check_write+0x14/0x20 [ 2649.124664][T27715] ? down_write+0xdd/0x140 [ 2649.128923][T27715] __generic_file_write_iter+0x25b/0x4b0 [ 2649.134561][T27715] generic_file_write_iter+0xaf/0x1c0 [ 2649.139768][T27715] vfs_write+0xc8d/0x1050 [ 2649.143932][T27715] ? file_end_write+0x1b0/0x1b0 [ 2649.148620][T27715] ? __fget_files+0x310/0x370 [ 2649.153133][T27715] ? __fdget_pos+0x1fe/0x310 [ 2649.157567][T27715] ? ksys_write+0x77/0x2c0 [ 2649.161817][T27715] ksys_write+0x198/0x2c0 [ 2649.165980][T27715] ? __ia32_sys_read+0x90/0x90 [ 2649.170581][T27715] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2649.176484][T27715] __x64_sys_write+0x7b/0x90 [ 2649.180911][T27715] do_syscall_64+0x44/0xd0 [ 2649.185161][T27715] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2649.190891][T27715] RIP: 0033:0x7fb257acee4f [ 2649.195145][T27715] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2649.214588][T27715] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2649.222832][T27715] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2649.230644][T27715] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2649.238458][T27715] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2649.246270][T27715] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2649.254080][T27715] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2649.261985][T27715] 18:24:41 executing program 0: sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) sched_setscheduler(0x0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000020000040000000000000001040000000e0000f1850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) creat(&(0x7f0000000240)='./file0\x00', 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) fgetxattr(r3, &(0x7f0000000040)=@known='security.selinux\x00', &(0x7f0000000080)=""/161, 0xa1) pipe2$watch_queue(&(0x7f0000000740), 0x80) r4 = creat(&(0x7f0000000280)='./file1\x00', 0x0) write$eventfd(r4, &(0x7f0000000080), 0xfffffe5e) prlimit64(0x0, 0xc, &(0x7f0000000040)={0x6, 0x8}, 0x0) [ 2649.271756][T27719] loop1: detected capacity change from 0 to 16 [ 2649.285792][T27721] FAULT_INJECTION: forcing a failure. [ 2649.285792][T27721] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2649.331878][T27721] CPU: 0 PID: 27721 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2649.339123][T27719] FAULT_INJECTION: forcing a failure. [ 2649.339123][T27719] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2649.341955][T27721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2649.341970][T27721] Call Trace: [ 2649.367824][T27721] [ 2649.370603][T27721] dump_stack_lvl+0x151/0x1b7 [ 2649.375115][T27721] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2649.380411][T27721] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2649.385619][T27721] dump_stack+0x15/0x17 [ 2649.389616][T27721] should_fail+0x3c0/0x510 [ 2649.393869][T27721] should_fail_alloc_page+0x58/0x70 [ 2649.398898][T27721] __alloc_pages+0x1de/0x7c0 [ 2649.403327][T27721] ? __count_vm_events+0x30/0x30 [ 2649.408101][T27721] ? __kasan_check_read+0x11/0x20 [ 2649.412958][T27721] ? __vm_enough_memory+0x118/0x310 [ 2649.418084][T27721] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2649.423549][T27721] ? shmem_swapin_page+0x15c0/0x15c0 [ 2649.428674][T27721] ? xas_start+0x33d/0x410 [ 2649.432929][T27721] ? xas_load+0x2c7/0x2e0 [ 2649.437092][T27721] ? pagecache_get_page+0xcc8/0xdb0 [ 2649.442127][T27721] ? page_cache_prev_miss+0x430/0x430 [ 2649.447341][T27721] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2649.452714][T27721] ? lru_cache_add+0x273/0x530 [ 2649.457314][T27721] shmem_getpage_gfp+0x1487/0x25f0 [ 2649.462267][T27721] ? shmem_getpage+0xa0/0xa0 [ 2649.466689][T27721] ? fault_in_safe_writeable+0x240/0x240 [ 2649.472166][T27721] ? __kasan_check_write+0x14/0x20 [ 2649.477104][T27721] ? shmem_write_end+0x786/0x8a0 [ 2649.481876][T27721] shmem_write_begin+0xc8/0x1b0 [ 2649.486565][T27721] generic_perform_write+0x2cd/0x5d0 [ 2649.491700][T27721] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2649.497329][T27721] ? file_remove_privs+0x690/0x690 [ 2649.502276][T27721] ? __kasan_check_write+0x14/0x20 [ 2649.507222][T27721] ? down_write+0xdd/0x140 [ 2649.511475][T27721] __generic_file_write_iter+0x25b/0x4b0 [ 2649.516945][T27721] generic_file_write_iter+0xaf/0x1c0 [ 2649.522155][T27721] vfs_write+0xc8d/0x1050 [ 2649.526323][T27721] ? file_end_write+0x1b0/0x1b0 [ 2649.531008][T27721] ? __fget_files+0x310/0x370 [ 2649.535521][T27721] ? __fdget_pos+0x1fe/0x310 [ 2649.539948][T27721] ? ksys_write+0x77/0x2c0 [ 2649.544299][T27721] ksys_write+0x198/0x2c0 [ 2649.548459][T27721] ? __ia32_sys_read+0x90/0x90 [ 2649.553057][T27721] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2649.558957][T27721] __x64_sys_write+0x7b/0x90 [ 2649.563471][T27721] do_syscall_64+0x44/0xd0 [ 2649.567725][T27721] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2649.573451][T27721] RIP: 0033:0x7fcbd55afe4f [ 2649.577706][T27721] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2649.597236][T27721] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2649.605502][T27721] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2649.613293][T27721] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2649.621104][T27721] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2649.628916][T27721] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2649.636754][T27721] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2649.644547][T27721] [ 2649.647658][T27719] CPU: 1 PID: 27719 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2649.657712][T27719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2649.667607][T27719] Call Trace: [ 2649.670731][T27719] [ 2649.673506][T27719] dump_stack_lvl+0x151/0x1b7 [ 2649.678028][T27719] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2649.683317][T27719] dump_stack+0x15/0x17 [ 2649.687307][T27719] should_fail+0x3c0/0x510 [ 2649.691564][T27719] should_fail_usercopy+0x1a/0x20 [ 2649.696423][T27719] strncpy_from_user+0x24/0x2b0 [ 2649.701111][T27719] getname_flags+0xf2/0x510 [ 2649.705451][T27719] user_path_at_empty+0x2e/0x1b0 [ 2649.710234][T27719] __se_sys_mount+0x293/0x3c0 [ 2649.714740][T27719] ? __x64_sys_mount+0xd0/0xd0 [ 2649.719423][T27719] ? sched_clock_cpu+0x18/0x3b0 [ 2649.724113][T27719] __x64_sys_mount+0xbf/0xd0 [ 2649.728537][T27719] do_syscall_64+0x44/0xd0 [ 2649.732792][T27719] ? irqentry_exit+0x12/0x40 [ 2649.737218][T27719] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2649.742948][T27719] RIP: 0033:0x7fc55e52a5fa [ 2649.747206][T27719] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2649.766645][T27719] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2649.774891][T27719] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2649.782702][T27719] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2649.790512][T27719] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 [ 2649.798348][T27719] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2649.806144][T27719] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2649.813955][T27719] 18:24:41 executing program 3: open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, r1, {0x7, 0x1f}}, 0x50) syz_fuse_handle_req(r0, &(0x7f00000041c0)="412e450a2a7b9586d1e6e9de257afc4fd60c8de430c0d6348b2cf1db8d070a539de9c1e91a178f9240dbcfe303566018f6c20c55d643a2ed46aaacf49ca491ee2f06184bdb548778a2c56e56f6b40b994419428bbbb9dfa5f9593511ca8ae1c088fb0ee5da72f52618b1ac539377392c04754204f194ae6ceff4570d44496eeffe619998eafc7167d22e1c6aa73e89ad19224e35130a37cf68d5c41ccafe59b4b753a26e06c4306d31d78de6cede97c06e3ca2cc4af66b7548268efa91621ffca2655d2c8f1a9bb019b88fa729cb3d32f72c098c44898d42c42f39feb4faead93980726c236129acdf31c01f1cabb5ca3ec4e45eb5e6e59912792b4976e3f2b560c861d49b539d8e1870040a8cf190a8a767ec067a8048aac53336b44669d3d425843ae80681a7c02a5d5a3d90f355fd4a6ac277e75230d558f0df20cb323cc65e9b5a258cdd669c8a9534e4aff09a8fe89b124748c9e756c28789c2152a5142bc0bb205e339d43bb980b3f04a3c1a424a2a093966b20600a5410e0528fb35937c998eea19f01eaf2f39e16d85563a6737ddab3213ca1832f0afdf891e34a582f6a4ac81fda70ebc3fedac2fb3a492fdb40b91021e5d371d990064cd1f7c2c1a6472dec7505f9a4940057a3e57fd53aa3cd2eb914e073a19b6e925f8553e6875c093c7d19de25861fd9640f0eca4cda0467f12126daa2e0c6df7d4e4babe5a6e59e8391be7700790315b6b8a8aa74cd6d3f054aceaeda79430676b67fe25c9029e0894b413377fc4d8300d9f9338fadd07e4c80cac08113df8971a868458c47c06fff0c1c4bfd48ea583e9e76ef103d42c233b6de10b30612cdbeb6b60a6a4dbbe2da63cc2dd4fb93cac65af3c1279274f4af0e2c5b96e6068aa5b41f7548fb72b0c142351f64446db7425115b89132b5589ee642ebbde655adb2d7d1117456a6e4f2886879b42baf85e05d53e2aceea9c3830673bdc4d081675fe76b994651af9c3f16b7513834fce4654f84558a8308fa677d05bffcc893d9813bf87c5ec520cd66ad58dc06f0c47d253cd36dfec82980fc8dbdcd4b1c037c2b30bef455984f3e8ed19d69e185fe4fbdda2c2517ec9abfbb4841252e650b6bf56fdeca9a4ee3c311de3c6859ec14cc00e95323c57c02fa894d83ea17944f3112fc19a7e11335d7951ec6dd5b4f06fb9b637313a230341ea5da6a7a959e707d0cd5fca60a6649c8df8d6c17e9a49d230e5775df14e4b43aa3420bd0b8814ec7360ab1910e69fab8932f7646d7998bdc2e8ec354c52da21ed83fb7582cb9d37bb95f144974f72c7b0ae7b42945768fa8ec0dd6daba72d05809670506ef1054282201b00906c8af64e3e13a10f180688c96549b2d3d6b04403fd571e7b132891dd4b7cf37aec25ca1e9190c17aaefbc31e059915c12c232fb7097e9fa6f35fbb265c7102db62e2264590c583ea90f1aee3f166af81430d9084eb0c760ebbb16049c9fd1fee6ce33c8ac205e3ac9c275531feadfa4054e0c027c26beb009f54aa72b864d39bb11753f77931bb960276db33021c65671e57b3708bbf979be222e8439d71f58ca87cec7a054517af398a42735b580717377a54f139e2c46813cbb03d98e49c26f4ed54d75e48573cd06145f913f4e313eeee837496dfff75aa722fd8486c45f9c959da12ae48ba4a10712120a203e2476c7b96031d8f8773f68344e6fa21831287655aabbd594e9f272eb1a7315d2d79b8bcd5e63004cd106f80b1e40a5d9e428a01bc58264f4d63c2ee9db6efa70607a642aeb883bf4b9fe009d7f09c16b05a2c9b73573e9019e161ebbdc1fc9b9cd0c5fe1b57adcba2d0f3a767ad59aafa159b3dd181f0601ff95e8af8b5410e56c81ffb8ab35b1e04af35dabf69f08572e69260b72bfd502c5a0de627fd3fee44bf1d4a261bd356056c5739398e3ff161beec1240a089625daffbc61dc5e660c274565477a0ff1797fefff04a98704802ab0674ab72d400686229608cbfd2ca20f4e62495e8b09de9d180c47375bbad72f4474b67d56104b4b466192be60f7aa668fd0a4338b856f114311842ee806d6488ab09098ed9de0e21bcc8b42a5d5713d15eca108fcc7a65d6b414a112524a6e1418644508dd957147a92d4399d13faaf01cacef40549cd11900f9aa32a8333f55796ef25d33c554a308da9797cd0ac25888311b0ac88eff0be7a36ddedcfc2b095abb4d5a6a4edbbad67b70cdf60c7ed0c5e040ced90edb3322ef684332358942ede9191b431c99b3abf8f9c50206479f0ac118c0a99df61fb9c90d846f41caa6a2448fb7e15640965e051c2af4ee72a5cc7c962bacff7019615c10e6c3054e2e5792df3aa6e2c33425552148466a88568cc79b6edebf0107b7d3d24423a665d20c3a1c0f1a6b34eb475bf875912115914cfabcf394f8a096d64e5dc95705074fe5e985497dcf052b9f748b9d4688859c0200fa43719e4722ed6c064c0efa7e07beb2a26fd724b63537fa0eb506365d5c029cd8dce7dd0a1cb9d9058c061739734af6be9e880fe7e28a211a4c368a7babd1107110ecbb384b274cc092b9511c4abde2ddd863162e2739984a9f3c0a76e3c530a27d5e385f4a3b87607b2a944e09d28239661d27719e22c0a657ea383c30859ca29cdb8fbc79bc83e995dcb361743a7e195650c37e570b768a0a1f0b118fa5be9b3c838326343ec5b376d5ee040ee29dfd868cccf9cfa4591151f519cd6e2ae1453a58aa92f90ee5be11ceb8511ab743f399be0a190eeddfd112336866831c3255ef6520d88b2581ea3767f3df01a38d9b4656f2a89c5df41443291a795da45c8a846015cd041bea0dfbe648348b10ae73ce43d9017182792cd9172eee642c549a530cc1f537f9aa70ca63792ba4a86a713ae09b917136e5bf1506ad7f367d8d2f77f47a2318facd109bba9b1327b5db9e4aeffbdcf414db761eeacc227a15cd72aa52c8ede33bdbab9de9aa1e8f470a388013d07f08777e2131bbd4856ab5c1c38d03ef407197ccf24e8b2a8db69e78f9d6623033c453541bb79f9e0be9a55588e2e54fce65fb785467064a146c4bf218068b5e3efdafaf93a98253becaef226cd79468ff1bbe0c9d43877f5cbb5844fd8957f15d3ef208aac11816585cdccf039c36b429d3d7fb634054fd0f09c8abea3746a6b7379142abde26d998ac7e39b94746c60c09f86ddbd7497849d1ef839730672449f35a3c3253666e9fc053ac1c518e44e0b84555be507f7c00fa9e4864b4bf40ac3d93f12001eb780a779e655d0633803268c094ae161a0efd652003d6ac47f9a6c28d866b56233f371627b01e0fe9361dca611a28841968d4e12cb73d49ce08fe25de4a90b2d34607202b20e71f5e1eed38e17d0a2748f548cf61735f4c9cead1cb93b11929d906d65fc60f88e6919b7b5a1014e6d408bce9c8cc832eecf9147708fe451891717d2ed99dee70773feaa97985102abd3dd05c904c28898afe060621db6564887bc4afe158fbe1d819136a1ac1dc9d8674798a93daf5255460b50c34496205834c668db4c764e76ebb6cdaf5fc44b881cc2ae87b4a7cc045143f96b1620abfd0f116e673b335beefdafa1e58d9194e010cb78956044646da5ba853ce981667f2b8e5001c2df437c9d597ccd2be7d2887f5cb7aad0539abb3f9db1c8f5cd4d7d831946ba1c1aa8737c114fec1ac9a82519f57cb48c49b7f62e9eaa89f448df33fb307cd0036c70b490ac340f7d04e14f32bfeebb08a9d5bc7bbef8f231ea09311d4c82cc55c90eb53c6c003cc98a34dd3c4ec2d8b3a655a78e16e908f368733d0a02b36fe963e2d80b5e6f7b2e3aae3013c900c76e4d56e8348bef221f8a642e692c23b12520fb68c793e789eeeceb4efb2097a4d5952d144094cd7be6edc933d257f6230e962d70ba42e1b07ad9eca0ccd60d3d9a6e06b73ccf96a8aa490ed3bd58bf4d79db65355ae145b54be004e464f4dd23fb8b1bf15e13838116083da67186513652608e37c8f847b2bcafb57bcefc7efc8c8182c7d708cce5d14695b4e618e77f8e7be81f27a05e415fd37ac21507a665b2558daee5c0b0859fedfede8c03f181ef5e0ec0da6caa3edf402dd73bcb4026c489a7cca8ab700d3e9f050006c36768a16e8a48e48ed5750b8cdb7ad1fd12d4cc8333d324d6c83905303fa7013fc02553b587544affe38f1a95e0c4c39740d63b6d387fc89b30bd5fd745cb64844b13897ccf5cca135f7d39e03ce8adcda919d86b25b52764b0a0c4f07f88df68868415de13863df84a7e8d355b09cf90e482eb4174fd01f1b371a4dc52f3c89fc3a70c71657aa5d7573ef9acf4d2b0b321c41ff2640515bb43637ba2288ca0bff2e2a3a998ad8294c52f9edfe0a4ee0a3f8ed5b4b5c43319bb9c58dd07ea3237d7bb62cb086e7ea4a81cba2cdeb28794a09c275a704963110b64720bd089e3737ee1a91e348b5e97b63e1724de1fa9f49961d653bbb47b6fa993b035cf59659bcd0306180645162568abf51127845cbe6e37cc3c19b9d69657db4258fa5e8428a73eff6506bff474c2e302ad5559ac8de44c6f0baba5e2e579e7d7f9d9ebf540674432ac11d92bfc9abdc24126888b533f43bd6f293b0bc315915743114a35308a0ee2e710522137918a2b09ddbbc7a2313a2a6b85a1ad26f14dd70072651c8300ddf6de29704b716ce1bc431c66ccc96731f46359a9f6850976c96dcb5e0ee47446f50b6b3ba90d45224066e123ad3854d877c0cdd9325000ac0d6813c30cd43d3e150335601724ca3666458dc4c04f6562296982353e155d5255c9008c0b46d21a678c8fcb3aa8d6574476e0458eb0a76a6cb50f929ed218cc4654cb4f95fb3afbc2548b74acc312563375a19e55d488599488dfed4dd31b39f29ad61dad343dfca3b45b316a34e7a7bebd2b0f562a9e69848d13fc80a4fa52d0f17bd15d9e1fd39a7dcc86128d14493805d105a745673bddea68ca74ac09d95cc7412d5be2cbd0a247a81dc9e148111e22cdf3375805469226ca3538f960a6ba6aa0eeeb87c784ffb1bfc09180a61be3c7c535fc6d593c3b3f4de21b8c3eccc9021e80fb07dce0aeb3b023bd55f24356f646791ba80e5ca21ac092a069ae0a22cfefc08c23cc7aa69b570bd17cce9de15871d363f167288f99f04761caa67f12c949466493f661d39ee4280c955446ff5a9bb14f2d1ae21cdb91a5868e0c52097cf380f571935b140562922763f1b79c3709b949c57a00b08828ce9e685f6b234b5fe3c62d9feb249ce75e81f5efd556c14d5da24dc0554723fdbe52659969a39f470e82c50c4777c908628436e31177af1125d5f70ff627462247e5bc20c47ef75f369174586d43d42f7eefdd47fefa745badebca2a881ccc018ea411cc8a7a0881422bee8704bb98e6bea9fbec63441fb45d7ccfd436909b57a2b60b788e15bda3ca7663b19bd84d0879deb639f10def9a99d42a4b9a4fd7fecbf6d2e7598678307ba9a5b6f143c27cf1ca41e3c904007bb762cd5df6e63c4cf422c2ba959e53bd8e5664cf5df6a91a4bc8cebc52b22f30060fcbc5ead53d38eabd160c1da4cab8aa95c3640ffd78074aa2cbb05cb8ea90a0c95a4a1b2be1ee94f238000f1faffa069d87039f13f5f84ff368aec5a0b10020232b9fc954a6c22573ef48459e574d48a4845837e1d6ef386738ccedd093d4d5bf3a3f790c875ba7449d03397642feb71100f2c25ab2cadf0b0802544a2095a51b19cdece623b17d420b173a99c081f8e229b6de3c680d6bb39bb98b479517d77cca581b81cf856753a44ebd64cff111fb8ca37ea45d217a3fca44a083e6c35b0fed9f8f7631178d15e88f86c85f1ce68c900afdd1f7e5b8bd4ef3f58c447b77d3befc49180df7a5eb2ae8ae33b4ef573f3a425da8a60cde84d8eeae6d6399b9fbbfa0fa8d448b25c7f79b7554d0b02b0decbc74ae8560f630af596313fb33d442a410061ace0aa7a440d5e31ca8bb2cc495c4f0b672edb011b0c5f16781836df7f4af8329143d5a1a99d7b18ef9f774c4199d635848cedebac82637a03a189c65bf667503737c75b6639ac65ad424ca475285437e6f19830b36549f607ffc387c8b11a34a838159376a6335afaa045bd2bb04e279dd72436331d07dfbd72e2436b27f0df23a266fd15cf56d1a9e93aaac8901cfe49a3219ae36c5c65c75e5c708fb82cac4d6a50726509ec3a7d32d54cf584ae353a5bff75a6de77a0b240cf8a0a72817c9d37699ca89c96e0e0d96a7665ac3a7d1febca1a1d79e2cbde8025c271360e2f90048b2d9fd56f45c013e001dad4b794785be69dc01f8a954ef7a84455986fc5c9d5167d91808efdb4476ed79f99563d887cfd4e99809d9e388501dea228cbb3cf3770082dc566455251fd9c2c742963c33500618c6ec99e0bef007408a0462a081237be4c6e5db0258d4be5fc9cf63fd1ace1f4166c053b0fb84fe24917da1255cf40bbb1b45644f6a7699cf802a35a932c374b1d62013e6afca3787627469994c02f622ab877ed5491fc2a89eea60e4e1628da89e3ad600ff6442e4ebf20e47304176b6a1703c094b3cf6d7fbbddd8d8fa5a00f28b4d8f43d88487e9d4531071512f2027198714a8d1cef126775547fc74f2a35840510f325e50361be76557767560055e084f2ecaefa0dd8ca8215301a7a887d2eaddaeb1f5c3dfdbd2cc1ba5f02d4426b98c0f861c5f724405758f442560ea6cd1d953456cc4aac6642ad61c03dbaffc2364d8ec2ef9f483c70355139d1fbd9617ab3c7eedf0b8963c1cfdab769180db43c416a90d9fdf3fd0eb2f81187642b4e2a09d6462d27527fdfda31f7b262501749dcfc6c184983f9923424131d05cc811cacf5c2c87e8e6f135349e68cde0e8997bf1dde248e5124d5dca2681abdbe58d327a8edd585821f03fdd4515728f1336495ba25c9bba56a3f706d60c35cbd0b40d0ac0583a981f9af08510ed8ed0a726e5472f8995af3837fbf1e89587633d2ef944868a153919165778e963710872af12faf96c0919c638e5affa97104471ba6e178d27602f96b9546ebe52190d91be245be08742b96389080676a566d3229e593e4f56a76ae4c58113c6adc1088703b1b92dafe32a5600e14ac1e71df829dfef425911f16a2b91f693599ecabf93065c6c4f5fefca8d4ed095599113529f65d9120d5252f577af95b404979508c343df54e4d239720e7d3a861f1dcabfa69e12d655c8a026c10a4df279b139fd222e561d205ac9b45c1054f8699eca594fb23886e0de565186597766dd5e40f74a423d5708dac254f4172f1089270988fb18715813f13ee4d131b64dd517c7e77f27f804b229f5339ac2f483b14739ac33a9645044d3010bd77ed18fb117f7b11bb51c4ed683b59e28bf25a58f123dfbeb1f0f21f03d9b57d8e61d59b311037a5b757b03ca5c95e0eb73922c6918530c99de4d6733640f2b8db79a7958a6c58eedaab201101e48cde23a0d7e87b9511949d812e3187ee5ff11bc5858c022ed7b00790eba32f9ef7e134ce5f73a01269ca971b40e62133eca9d596a768686d6390b2c74602f6dc597faec3ed9d9658102d99c9624c1a97d00d63853578afaccc7e30a77fe054ebc23eec45f608f996fd015cd6bd50a111360f0790eff6ffb1ea59d13c8e29480bd96217188f97e53a1f5d9eae0a2badb4fea52f2bb4f8cb04d0afd99e7371a978a7d7ef473f77ea6738ff84af655313a12db24cff692ec7e282245ae9a42338db814593448f7115df3dc3f4e2faa2c2fdbd68f679d6aba01a15031347bb17d8bf8f1fad0ecf365e9dcd32e69803c5c05f4b47adbf8a21af7e9fb327f267df1c914486389a9820edf0a03bde6ef388c255761e439b2f7e1f9c1c3c95bd30c502197ab37f76b52f0d0675f366e919be19329853767bba34a540fb75bcdcc9596a4cda254a660e11bed5af9d8646ac4b7d6d7aa5d7c0005879b6d08058a56c3d3a4d3d401b883153fa7f2f6a6d34dd010f6b9e7b4e457b9ff5a5802d7723abb35f9dca0afc10f6791824dbe0a7725d534e7753445b7268d90145b6438b93fc475f44d5d678d79da6c5770f3a9106f3cffbabe4b88cbe7eda9b8a495be4f6717b0fbee6fec78c86031b6d878d47e357b2089de3e6dd19a265552553d1f7da53884ef84d0eebe782791c48a9c68a28d8ea3bb70c922b01dc20b2cd05cfb276e326651398f766f5faaea54a41da597cf6b50f3d5ebc634185b99069126b8d935c6bc42c47f2109de42091ef4ade3d87cc44aeb78709255501e64f34ac2d4b2725cf7777315f8ca9424bc9d61a896a93500faa6cf5a5aee1fb888e17b47a38a667be2ffa3bae46afa88bfd8b5b6e1186d6e41b9a4e490591043372c23f36fb48d80caff74cc349adc92bb25f701738c809ccf74c47afa193795ee67bc58ea7fd85542fa7e70218490fff212163401cfde016df2f42496bae403d5391e53fe200f758bbcdead0fe72c77861889b9632a257229c35bdfe8fa78375b4f5c768b9c60cafbde1f00aff6ca1879f6472f28001f5f13d4d9d6c3a90e04d8dfce873550daa8262d39efbe96a79c697fbcc9a7f27c9f6d782d5d5f6d024b291376e9cc40d902f809072e1f0f2c2ab88ce3d074e88461f5971853e7be749943ab6e25e25e8afa5042dd73407f49b50841c7782c54eece62ec2beef1f16caf1ca5989427bd2726ca0fee33e303702e9892e4382e92c3f3a03a6188f39762db81819c7e12b424be8fd964dcdbfbac00139e8c5a6200506f13f484ac34ef3d26e7cadd53cf402117419c1618205bfa5382486094bd55448f2b1aa4dbec2289189b601b1bbf5792b2a641c6f5dd19cf24abc72fc5264cf11f6b44a4929267a02cd1de1b602b9de65a6c06640aa0f76109baa90d66eeb17295b1711365b7d6835a2dd55b7fe868c59453613240643c847a5b48d27897a58dda63e579c1bba58350550e147b190f0a2c9a5ce719d627ce3302028b4b6801bbfa8cd74874ffba35817c0eca034d19210950796807125fe6065dcd47d7c870ed2db5c00cff235e4154e2d89ec2a09a87551f9b7ca25d519b5603c0c33d2cf72878199ffab567fc5e093529b89d1163587f3564ba8291d2d96cf9762e7f568e786ea90849f6312c1a10f45d61600cd45c48e6870a7d76c913f9c4497374fc04401cbd11f7710740148234fe8f041f24d0278fcfd48846e6aa49f05016fc332dc5d46b4a26574fed5c0751cebb9f7ab4cdbc1ee011d82d6ef95c52c9df8eedac3ab5cf30805f23d88d4f707601f8e6c606b58f2fe234e948d6756d430a5c4ec76a33874886c8fb484059b47a9bd198a61a1896419288a9e81d0969dec778a53e8233f0f63bd0134e5f29825e7817e7c8ccb7d9acd8f86ac9d3af78c43df3036d7934dd294f2bb12063bee52c547d27a218145befb0ca96cbfaabd39fa245b51c39f4cd4cf8db105f9dc46a7aaa8f7d06fa208120ce1ac49326179618fa2c8596c44e174eb7a141056b1d17689c10dee089c8b0867b8a757ae12251bbd68db5fba2be341275fb6ee379309f5cde9b31242b0b2bac44da74776fac141936bd96e3177161f057c820a8c22cca8cce29b158eb55aed0260253fbee70a6dd281d9fca23e0b0a38d46c76a95e1262f1cafcf0fc37b52e649a1ba1e2c0f97d10bbf4d2b5632cf340bce56736071d5885ec9b4e17910744d3e63e2ca6deb21e43fc21e89c6865d3ad424ef4a14efe8843ff3168c99ee395400dcc8755719d290c567c95a5e7d28ec1190ceee240084d444265cc801cd960f69b368359bbf06b8a4ec23b47c7bf9d4b16c701a1c4fb9e81abb55bf49d450b566ce03de939fc6f5c51291380086f8c995cdd4fa15a325601c4846a69f15c77f55c900270bc9ea5f406480cb0e3e89bc869fe8b7cec4fbef7e76283d50c25ab1b4d34d093a7df062990a925a9c44aa2661abd7d381a4d6cdb64821ef624dd51b72e99af914bca2f80c25b82ac6945df7c7582e6d0ce2cd073e35f1fc120a68ba210410db64592a9aa319b30f2b818c495750e1cea0610e27d52be31e52e501a3bd51b501bc51c2ec8592f679b6e55b9aa58d513fd2bebadc83ba76eb45e5676f130193e9a666b8c8132c9f5141681fbab324b555c5c890d488ac2dd00feead0a20fbd8a46391438e3193edc6fb89161cd864fca98f4f39a2893c933dcd13bc8c5d5a548d24862e8161c0fad7f33aca8c86791d620815fe3f0daddb5defd933d0c10097a7a98e67625420b6c0db7c3e17ab07ea64e6f0f53fdc670799e06a2e3a871d6be363a2639e35339361311e0f528cc433eacea4f79bf217108c7b1d657840253ffdea18bdd1f93cdee63e7a9b8dbcb4ee06162b253e09ea0641f2771bd9823dd210905e9ea495f43194bb471cdeb690e8890b03b50835d53dde1b572dd123ccc8507bb57a45e46c0efb8fb3d5596bddf9782d86dd911636eae2cf64b5829cf8893faf789be3fa22859accf688f5b5da6c29cacc96d477e23b63cc934f685b6e42e1655c9a9b94d6d78402de22b8d9776e3915391aa258e57467d770d65480ba2f6a94b0337965a8c659c42b4e90b14da4697d0c0a6d74774c94c52d8ecb694eee747bdaa6c3a6d60739db18c6446090eebba72e62ab88b0e8b88e728ba8cb133d8524eda89a2bff1c8414da3edfa6f83788331c8a7e5a8af2dd3682d4752190a3c689949abdad8350111373e7fb46151f54a10f79d91940e37efb05f9f157bddcfacf018b65a38ab614807c34a2786af4a1d48c4d1c1abd31815715f9d1b103992207fc664f12c82fd923c57d8e7cfb9f4af55182318d055c704865cf484206d60e34cf7fe9b6ce60b1772c5c7cdacb6695227d80da18ec1f98a434b1aaf9c6b6d082f5663aed2bf267e559dca6b93d3ce34273846fc677f529690482df0a8f782b8ad7269f344f5f2b4d320a7ce2d2fa02284f8db634dc930c3e2b9a629245364acf35d41e9a14c88efde4e742ef1ea4b43d0caf2e70d4a617278823e6403934524debbd933e7676e441a48f630dc8bcccd55d9032d6bf3dea97d1669c39fb865b0e619eeb3f5461e517000f5aee3ef2abdb87d3a76b88e140eb4644a9fbddbdc9e20972cdfacf00bffa3a1ca5f84122c2ebc54067cdaa23967eaeb7bbbfe44e5843382b834fae1f62a066688595e4ee67c7ff9858672355abf7893ebeb4bcf88a62b2237c6e6cec9aebe3f28bfc310ced3a590e88d4bd0f53289206deb9addbf6f3c02115ce4980dadfc112683ae250c2d438fd9c0f2a090dbf122a0072828db798bdb868dcd47384dd3f5eeebc0307a5b268683cd51f312e8f02b5a7746b11a97ac43287d9b9765f03c720503cfe6e0117660a4c00d67895224c4d42b032000a10d7a743054758a8f54941fd5eaf72498b678d1579b3de4e5518f90f1e3d32517d09d7f5da9d180215e66218e9dd64036819cf12638ce82712a6cc79a9ddb36e86814b797d72c2bc58b18ba439e99965f745b4fb7de2878e3186e3e7b835c746b0935f6c67e92e3770bd8d5eb4f66d8175ceb7850e418c55e574db891639aa77fc62bc45dcb734681ede8484d4d4109a9adb8c3d", 0x2000, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x0) dup3(r2, r0, 0x0) fallocate(r2, 0x0, 0x0, 0x4b7) 18:24:41 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 73) 18:24:41 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000012700)={0x0, 0x0, &(0x7f00000126c0)={&(0x7f0000000080)=@newtaction={0x60, 0x30, 0x1, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x30, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x2}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x60}}, 0x0) [ 2649.913987][T27715] loop5: detected capacity change from 0 to 512 [ 2649.982580][T27729] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2649.996705][T27732] FAULT_INJECTION: forcing a failure. [ 2649.996705][T27732] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2650.020746][T27732] CPU: 0 PID: 27732 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2650.028923][T27729] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2650.030826][T27732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2650.030840][T27732] Call Trace: [ 2650.030846][T27732] [ 2650.055656][T27732] dump_stack_lvl+0x151/0x1b7 [ 2650.060165][T27732] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2650.065545][T27732] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2650.066928][T27729] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2650.070752][T27732] dump_stack+0x15/0x17 [ 2650.070775][T27732] should_fail+0x3c0/0x510 [ 2650.070790][T27732] should_fail_alloc_page+0x58/0x70 [ 2650.093063][T27732] __alloc_pages+0x1de/0x7c0 [ 2650.097492][T27732] ? __count_vm_events+0x30/0x30 [ 2650.102262][T27732] ? __kasan_check_read+0x11/0x20 [ 2650.107119][T27732] ? __vm_enough_memory+0x118/0x310 [ 2650.112157][T27732] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2650.117626][T27732] ? shmem_swapin_page+0x15c0/0x15c0 [ 2650.122749][T27732] ? xas_start+0x33d/0x410 [ 2650.126997][T27732] ? xas_load+0x2c7/0x2e0 [ 2650.131165][T27732] ? pagecache_get_page+0xcc8/0xdb0 [ 2650.136201][T27732] ? page_cache_prev_miss+0x430/0x430 [ 2650.141406][T27732] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2650.146792][T27732] ? lru_cache_add+0x273/0x530 [ 2650.151390][T27732] shmem_getpage_gfp+0x1487/0x25f0 [ 2650.156777][T27732] ? shmem_getpage+0xa0/0xa0 [ 2650.161198][T27732] ? fault_in_safe_writeable+0x240/0x240 [ 2650.166799][T27732] ? __kasan_check_write+0x14/0x20 [ 2650.171704][T27732] ? shmem_write_end+0x786/0x8a0 [ 2650.176483][T27732] shmem_write_begin+0xc8/0x1b0 [ 2650.181165][T27732] generic_perform_write+0x2cd/0x5d0 [ 2650.186292][T27732] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2650.191928][T27732] ? file_remove_privs+0x690/0x690 [ 2650.196873][T27732] ? __kasan_check_write+0x14/0x20 [ 2650.201821][T27732] ? down_write+0xdd/0x140 [ 2650.206073][T27732] __generic_file_write_iter+0x25b/0x4b0 [ 2650.211540][T27732] generic_file_write_iter+0xaf/0x1c0 [ 2650.216749][T27732] vfs_write+0xc8d/0x1050 [ 2650.220916][T27732] ? file_end_write+0x1b0/0x1b0 [ 2650.225604][T27732] ? __fget_files+0x310/0x370 18:24:42 executing program 3: syz_emit_ethernet(0x3e, &(0x7f0000000080)={@local, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x2, 0x0, @private=0xa010102, @local}, @time_exceeded={0x12, 0x0, 0x0, 0x3, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @loopback=0x7f00002b}}}}}}, 0x0) [ 2650.230115][T27732] ? __fdget_pos+0x1fe/0x310 [ 2650.234550][T27732] ? ksys_write+0x77/0x2c0 [ 2650.238974][T27732] ksys_write+0x198/0x2c0 [ 2650.243137][T27732] ? __ia32_sys_read+0x90/0x90 [ 2650.247744][T27732] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2650.253643][T27732] __x64_sys_write+0x7b/0x90 [ 2650.258071][T27732] do_syscall_64+0x44/0xd0 [ 2650.262319][T27732] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2650.268045][T27732] RIP: 0033:0x7fb257acee4f [ 2650.272302][T27732] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2650.291745][T27732] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2650.299990][T27732] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2650.307803][T27732] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2650.315614][T27732] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2650.323423][T27732] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 18:24:42 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000012700)={0x0, 0x0, &(0x7f00000126c0)={&(0x7f0000000080)=@newtaction={0x60, 0x30, 0x1, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x30, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x2}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x60}}, 0x0) 18:24:42 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000280)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x800, 0x0, 0x103, 0x1}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000040)=0x1, 0x4) sendmsg$inet6(r0, &(0x7f0000000080)={&(0x7f0000000100)={0xa, 0x4e00, 0x80000, @local}, 0x1c, 0x0, 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000002900000039000000000000000000000018"], 0x30}, 0x0) 18:24:42 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000280)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x800, 0x0, 0x103, 0x1}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000040)=0x1, 0x4) sendmsg$inet6(r0, &(0x7f0000000080)={&(0x7f0000000100)={0xa, 0x4e00, 0x80000, @local}, 0x1c, 0x0, 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000002900000039000000000000000000000018"], 0x30}, 0x0) [ 2650.331328][T27732] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2650.339134][T27732] [ 2650.353205][T27739] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2650.371104][T27739] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. 18:24:42 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000280)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x800, 0x0, 0x103, 0x1}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000040)=0x1, 0x4) sendmsg$inet6(r0, &(0x7f0000000080)={&(0x7f0000000100)={0xa, 0x4e00, 0x80000, @local}, 0x1c, 0x0, 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000002900000039000000000000000000000018"], 0x30}, 0x0) 18:24:42 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 64) 18:24:42 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000012700)={0x0, 0x0, &(0x7f00000126c0)={&(0x7f0000000080)=@newtaction={0x60, 0x30, 0x1, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x30, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x2}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x60}}, 0x0) 18:24:42 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 72) [ 2650.384629][T27739] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2650.433114][T27751] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2650.434360][T27752] loop1: detected capacity change from 0 to 16 [ 2650.445888][T27748] FAULT_INJECTION: forcing a failure. [ 2650.445888][T27748] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2650.453481][T27752] FAULT_INJECTION: forcing a failure. [ 2650.453481][T27752] name failslab, interval 1, probability 0, space 0, times 0 [ 2650.461398][T27748] CPU: 1 PID: 27748 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2650.461425][T27748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2650.461435][T27748] Call Trace: [ 2650.496983][T27748] [ 2650.499758][T27748] dump_stack_lvl+0x151/0x1b7 [ 2650.504272][T27748] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2650.509567][T27748] ? __kasan_check_read+0x11/0x20 [ 2650.514428][T27748] dump_stack+0x15/0x17 [ 2650.518421][T27748] should_fail+0x3c0/0x510 [ 2650.522677][T27748] should_fail_usercopy+0x1a/0x20 [ 2650.527536][T27748] copy_page_from_iter_atomic+0x433/0x11c0 [ 2650.533180][T27748] ? pipe_zero+0x4d0/0x4d0 [ 2650.537432][T27748] ? __kasan_check_write+0x14/0x20 [ 2650.542377][T27748] ? shmem_write_end+0x786/0x8a0 [ 2650.547156][T27748] generic_perform_write+0x343/0x5d0 [ 2650.552273][T27748] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2650.557912][T27748] ? file_remove_privs+0x690/0x690 [ 2650.562863][T27748] ? __kasan_check_write+0x14/0x20 [ 2650.567812][T27748] ? down_write+0xdd/0x140 [ 2650.572065][T27748] __generic_file_write_iter+0x25b/0x4b0 [ 2650.577533][T27748] generic_file_write_iter+0xaf/0x1c0 [ 2650.582737][T27748] vfs_write+0xc8d/0x1050 [ 2650.586905][T27748] ? file_end_write+0x1b0/0x1b0 [ 2650.591596][T27748] ? __fget_files+0x310/0x370 [ 2650.596112][T27748] ? __fdget_pos+0x1fe/0x310 [ 2650.600622][T27748] ? ksys_write+0x77/0x2c0 [ 2650.604875][T27748] ksys_write+0x198/0x2c0 [ 2650.609040][T27748] ? __ia32_sys_read+0x90/0x90 [ 2650.613645][T27748] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2650.619544][T27748] __x64_sys_write+0x7b/0x90 [ 2650.623970][T27748] do_syscall_64+0x44/0xd0 [ 2650.628223][T27748] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2650.633951][T27748] RIP: 0033:0x7fcbd55afe4f [ 2650.638207][T27748] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2650.657651][T27748] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2650.665895][T27748] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2650.673707][T27748] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2650.681519][T27748] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2650.689328][T27748] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2650.697145][T27748] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2650.704961][T27748] [ 2650.707820][T27752] CPU: 0 PID: 27752 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2650.717894][T27752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2650.727787][T27752] Call Trace: [ 2650.730909][T27752] [ 2650.733277][T27751] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2650.733685][T27752] dump_stack_lvl+0x151/0x1b7 [ 2650.747228][T27752] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2650.752523][T27752] dump_stack+0x15/0x17 [ 2650.756514][T27752] should_fail+0x3c0/0x510 [ 2650.760769][T27752] ? erofs_init_fs_context+0x98/0x2d0 [ 2650.765979][T27752] __should_failslab+0x9f/0xe0 [ 2650.770581][T27752] should_failslab+0x9/0x20 [ 2650.774918][T27752] kmem_cache_alloc_trace+0x4a/0x310 [ 2650.780036][T27752] ? erofs_init_fs_context+0x54/0x2d0 [ 2650.780231][T27751] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2650.785242][T27752] erofs_init_fs_context+0x98/0x2d0 [ 2650.785266][T27752] alloc_fs_context+0x671/0x830 [ 2650.804093][T27752] fs_context_for_mount+0x24/0x30 [ 2650.808947][T27752] do_new_mount+0x15c/0xad0 [ 2650.813285][T27752] ? do_move_mount_old+0x160/0x160 [ 2650.818230][T27752] ? security_capable+0xb2/0xd0 [ 2650.822919][T27752] ? ns_capable+0x8a/0xf0 [ 2650.827086][T27752] path_mount+0x60b/0x1050 [ 2650.831337][T27752] __se_sys_mount+0x2d2/0x3c0 [ 2650.835852][T27752] ? __x64_sys_mount+0xd0/0xd0 [ 2650.840451][T27752] __x64_sys_mount+0xbf/0xd0 [ 2650.844878][T27752] do_syscall_64+0x44/0xd0 [ 2650.849130][T27752] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2650.854857][T27752] RIP: 0033:0x7fc55e52a5fa [ 2650.859109][T27752] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2650.878554][T27752] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2650.886797][T27752] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2650.894606][T27752] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2650.902418][T27752] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 [ 2650.910232][T27752] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2650.918045][T27752] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2650.925857][T27752] 18:24:42 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000280)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x800, 0x0, 0x103, 0x1}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000040)=0x1, 0x4) sendmsg$inet6(r0, &(0x7f0000000080)={&(0x7f0000000100)={0xa, 0x4e00, 0x80000, @local}, 0x1c, 0x0, 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000002900000039000000000000000000000018"], 0x30}, 0x0) 18:24:42 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000012700)={0x0, 0x0, &(0x7f00000126c0)={&(0x7f0000000080)=@newtaction={0x60, 0x30, 0x1, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x30, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x2}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x60}}, 0x0) 18:24:42 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 74) [ 2651.092316][T27758] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2651.107043][T27760] FAULT_INJECTION: forcing a failure. [ 2651.107043][T27760] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2651.120056][T27760] CPU: 0 PID: 27760 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2651.130112][T27760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2651.140181][T27760] Call Trace: [ 2651.143303][T27760] [ 2651.146092][T27760] dump_stack_lvl+0x151/0x1b7 [ 2651.150597][T27760] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2651.155894][T27760] ? __kasan_check_read+0x11/0x20 [ 2651.160751][T27760] dump_stack+0x15/0x17 [ 2651.164747][T27760] should_fail+0x3c0/0x510 [ 2651.169001][T27760] should_fail_usercopy+0x1a/0x20 [ 2651.173873][T27760] copy_page_from_iter_atomic+0x433/0x11c0 [ 2651.179506][T27760] ? pipe_zero+0x4d0/0x4d0 [ 2651.183752][T27760] ? __kasan_check_write+0x14/0x20 18:24:43 executing program 0: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000280)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x800, 0x0, 0x103, 0x1}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000040)=0x1, 0x4) sendmsg$inet6(r0, &(0x7f0000000080)={&(0x7f0000000100)={0xa, 0x4e00, 0x80000, @local}, 0x1c, 0x0, 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000002900000039000000000000000000000018"], 0x30}, 0x0) [ 2651.188701][T27760] ? shmem_write_end+0x786/0x8a0 [ 2651.193479][T27760] generic_perform_write+0x343/0x5d0 [ 2651.198599][T27760] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2651.204328][T27760] ? file_remove_privs+0x690/0x690 [ 2651.209281][T27760] ? __kasan_check_write+0x14/0x20 [ 2651.214226][T27760] ? down_write+0xdd/0x140 [ 2651.218482][T27760] __generic_file_write_iter+0x25b/0x4b0 [ 2651.224122][T27760] generic_file_write_iter+0xaf/0x1c0 [ 2651.229328][T27760] vfs_write+0xc8d/0x1050 [ 2651.233498][T27760] ? file_end_write+0x1b0/0x1b0 [ 2651.238185][T27760] ? __fget_files+0x310/0x370 18:24:43 executing program 0: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000280)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x800, 0x0, 0x103, 0x1}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000040)=0x1, 0x4) sendmsg$inet6(r0, &(0x7f0000000080)={&(0x7f0000000100)={0xa, 0x4e00, 0x80000, @local}, 0x1c, 0x0, 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000002900000039000000000000000000000018"], 0x30}, 0x0) 18:24:43 executing program 0: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000280)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x800, 0x0, 0x103, 0x1}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000040)=0x1, 0x4) sendmsg$inet6(r0, &(0x7f0000000080)={&(0x7f0000000100)={0xa, 0x4e00, 0x80000, @local}, 0x1c, 0x0, 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000002900000039000000000000000000000018"], 0x30}, 0x0) [ 2651.242782][T27760] ? __fdget_pos+0x1fe/0x310 [ 2651.247211][T27760] ? ksys_write+0x77/0x2c0 [ 2651.251464][T27760] ksys_write+0x198/0x2c0 [ 2651.255629][T27760] ? __ia32_sys_read+0x90/0x90 [ 2651.260236][T27760] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2651.266130][T27760] __x64_sys_write+0x7b/0x90 [ 2651.270561][T27760] do_syscall_64+0x44/0xd0 [ 2651.274812][T27760] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2651.280543][T27760] RIP: 0033:0x7fb257acee4f [ 2651.284792][T27760] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2651.304325][T27760] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2651.312571][T27760] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2651.320386][T27760] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2651.328193][T27760] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 18:24:43 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) r3 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r4 = openat$cgroup_procs(r3, &(0x7f0000000300)='cgroup.procs\x00', 0x2, 0x0) r5 = getpid() sched_setscheduler(r5, 0x0, &(0x7f0000000200)) sched_setscheduler(r5, 0x0, &(0x7f0000000040)=0x8) writev(r4, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1) r6 = open(&(0x7f0000000080)='./bus\x00', 0x6fe44da629969272, 0x0) r7 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r8 = syz_open_procfs(0x0, 0x0) lseek(r8, 0xf36, 0x0) recvmsg$unix(r8, &(0x7f0000001680)={&(0x7f0000000280)=@abs, 0x6e, &(0x7f0000001600)=[{&(0x7f00000016c0)=""/20, 0x14}, {0x0}, {&(0x7f0000001880)=""/196, 0xc4}, {&(0x7f0000001480)=""/102, 0x66}, {&(0x7f0000001740)=""/257, 0x101}, {&(0x7f0000000100)=""/38, 0x26}, {&(0x7f0000000400)=""/41, 0x29}], 0x7, &(0x7f0000001500)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00005a5e8800180000000000000040ba491d38e5ba54000000000000", @ANYRES32, @ANYRES32, @ANYBLOB="ca3c6fe80000", @ANYBLOB="000000002c000000000000000100000001", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r3, @ANYRES64=r3, @ANYRES32, @ANYBLOB="db000000fbffffff0000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB], 0xc0}, 0xa101) sendfile(r6, r7, 0x0, 0x80000041) 18:24:43 executing program 2: syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file1\x00', 0x21210008, &(0x7f0000000080)={[{@allow_utime={'allow_utime', 0x3d, 0x7}}, {@iocharset={'iocharset', 0x3d, 'cp874'}}, {@errors_continue}, {@dmask={'dmask', 0x3d, 0x401}}, {@iocharset={'iocharset', 0x3d, 'cp1255'}}, {@utf8}, {@umask={'umask', 0x3d, 0x3}}, {@utf8}, {@errors_continue}]}, 0x1, 0x14de, &(0x7f0000003f80)="$eJzs3AuUjlX7MPB97b3vMaZJT5Mchn3t6+ZJg02S5JAkhyRJkiSnhKRJkoTEkFPSkIQcJ8lhCMlhYjDO5/P5kLySJMkpp7C/pff9f/7v2/tf/t9X3+e/1ly/tfaafc39XNdz3XPNmue+n7Xm+anT4OoNa1SpT0TiT4G/f0kRQsQKIfoLIW4TQgRCiDIJZRKuHc+pIOXPPQn7az2TfrM7YDcTzz974/lnbzz/7I3nn73x/LM3nn/2xvPP3nj+jGVnm6fmv51X9l38/n92xq//2RvPP3vj+WdvPP/sjeefvfH8szeef/bG88/eeP6MZWc3+/1nXjd33ezfP8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj2cMFf50WQvzH/mb3xRhjjDHGGGOMsb+Oz3GzO2CMMcYYY4wxxtj/eyCkUEKLQMSIHCJW5BRx4hYRL24VucRtIiJuFwniDpFb3CnyiLwin8gvEkUBUVAYgcIKEqEoJAqLqLhLFBF3iyRRVBQTxYUTJURJcY8oJe4VpcV9ooy4X5QVD4hyoryoICqKB0Ul8ZCoLB4WVcQjoqqoJqqLGuJRUVM8JmqJx0Vt8YSoI54UdcVTop54WtQXz4gG4lnRUDwnGonnRWPRRDQVzUTz/6v8t0U38Y7oLnqIFNFT9BLvit6ij+gr+on+4j0xQLwvBooPRKoYJAaLD8UQ8ZEYKj4Ww8RwMUJ8IkaKUWK0GCPGinEiTXwqxovPxATxuZgoJonJYopIF1PFNPGFmC5miJniSzFLfCVmizlirpgnMsTXYr5YIDLFQrFILBZZYolYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie1ih9gpdondYo/YK/aJ/eIbcUB8+3+Yf/5f8juDAAESJGjQEAMxEAuxEAdxEA/xkAtyQQQikAAJkBtyQx7IA/kgHyRCIhSEgoCAQEBQCApBFKJQBIpAEiRBMSgGDhyUhJJQCu6F0lAaykAZKAtloRyUh/JQESpCJagElaEyVIEqUBWqQnWoDo/Co/AY1IJaUBtqQx2oA3WhLtSDelAf6kMDaAANoSE0gkbQGBpDU2gKzaE5tIAW0BJaQmtoDW2gDbSFtpAMydAO2kF7aA8doAN0hI7QCTpBZ+gCXeBteBvegXegB1SVPaEX9ILe0Bv6Qj/oB+/BAHgf3ocPIBUGwWD4ED6Ej2AonINhMBxGwAioJEfBaBgDJMdBGqTBeBgPE2ACTIRJMAmmQDpMhWkwDabDDJgBX8Is+Aq+gjkwB+ZBBmTAfFgAmZAJi+A8ZMESWArLYDmsgOWwClbDKlgL62AtbIANsAk2wRbYAttgG+yAHbALdsEe2AP7YB+kwgE4AAfhIByCQ3AYDsMROAJH4Sgcg2NwHI7DCTgBJ+EUnIZTcBbOwjk4DxfgAlyCS3AZ3kz8ocGuomtShbxGSy1jZIyMlbEyTsbJeBkvc8lcMiIjMkEmyNwyt8wj88h8Mp9MlImyoCwoUaIkGcpCspCMyqgsIovIJJkki8li0kknS8qSspQsJUvL0rKMvF+WlQ/IcrK8bOUqyoqykmztKsuHZRVZRVaV1WR1WUPWkDVlTVlL1pK1ZW1ZR9aRdeVTsp7sCX3hGXltMg3lIGgkB0Nj2UQ2lc3kR/CCbCGHQkvZSraWL8nhMAzayhYuWb4q28nR0F6+LsfAG7KjHAed5Fuys+wiu8q3ZTfZ0nWXPeRE6CljxBToLfvIvrKfnA7V5LWJVZcfyFQ5SA6WH8p58JEcKj+Ww+RwOUJ+IkfKUXK0HCPHynEyTX4qx8vP5AT5uZwoJ8nJcopMl1PlNPmFnC5nyJnySzlLfiVnyzlyrpwnM+TXcr5cIDPlQrlILpZZcolcKpfJ5XKFXClXydVyjVwrx+RcLzfIjXKT3Cy3yK1ym9wud8idcpfcLffIvXKf3C+/kQfkt/Kg/Js8JL+Th+X38oj8QR6VP8pj8id5XP4sT8hf5El5Sp6WZ+RZ+as8J8/LC/KivCR/k5flFXlVeikUKKmU0ipQMSqHilU5VZy6RcWrW1UudZuKqNtVgrpD5VZ3qjwqr8qn8qtEVUAVVEahsopUqAqpwiqq7lJF1N0qSRVVxVRx5VQJVVLdo0qpe1VpdZ8qo+5XZdUDqpwqryqoiupBVUk9pCqrh1UV9Yiqqqqp6qqGelTVVI+pWupxVVs9oeqoJ1Vd9ZSqp55W9dUzqoF6VjVUz6lG6nnVWDVRTVUz1Vy9oFqoF1VL1Uq1Vi+pNupl1Va9opLVq6qdek21V6+rDuoN1VG9qTqpt1Rn1UV1VVfUVeVVd9VDpaieqpd6V/VWfVRf1U/1V++pAep9NVB9oFLVIDVYfaiGqI/UUPWxGqaGqxHqEzVSjVKj1Rg1Vo1TaepTNV59piaoz9VENUlNVlNUupqq+v6j0sz/Rv5n/yZ/4O/PvkltVlvUVrVNbVc71E61S+1Wu9VetVftV/vVAXVAHVQH1SF1SB1Wh9URdUQdVUfVMXVMHVfH1Ql1Qp1Up9RFdUadVb+qc+q8Oq8uqkvqkrr8j5+B0KClVlrrQMfoHDpW59Rx+hYdr2/VufRtOqJv1wn6Dp1b36nz6Lw6n86vE3UBXVAbjdpq0qEupAvrqL5LF9F36yRdVBfTxbXTJXRJfc+fzr9Rf811c91Ct9AtdUvdWrfWbXQb3Va31ck6WbfT7XR73V530B10R91Rd9KddGfdWXfVXXU33U131911ik7RvfS7urfuo/vqfrq/fk8P0AP0QD1Qp+pUPVgP1kP0ED1UD9XD9DA9Qo/QI/VIPVqP1mP1WJ2m0/R4PV5P0BP0RD1RT9aTdbpO19P0ND1dT9cz9Uw9S8/Ss/VsPVfP1Rk6Q8/X83WmztSL9CKdpZfoJXqZXqZX6BV6lV6l1+g1ep1epzfoDTpLb9ab9Va9VW/X2/VOvVPv1rv1Xr1X79f7tdAH9EF9UB/Sh/RhfVgf0Uf0UX1UH9PH9HF9XJ/QJ/RJfVKf1qf1WX1Wn9Pn9AV9QV/Sl/RlfVlf1VevXfYFMpCBDnQQE8QEsUFsEBfEBfFBfJAryBVEgkiQECQEuYM7gzxB3iBfkD9IDAoEBQMTYGADCsKgUFA4iAZ3BUWCu4OkoGhQLCgeuKBEUDK4JygV3BuUDu4LygT3B2WDB4JyQfmgQlAxeDCoFDwUVA4eDqoEjwRVg2pB9aBG8GhQM3gsqBU8HtQOngjqBE8GdYOngnrB00H94JmgQfBs0DB4LmgUPB80DpoETYNmQfO/tL735/K+6LqbHibF9DS9zLumt+lj+pp+pr95zwww75uB5gOTagaZweZDM8R8ZIaaj80wM9yMMJ+YkWaUGW3GmLFmnEkzn5rx5jMzwXxuJppJZrKZYtLNVDPNfGGmmxlmpvnSzDJfmdlmjplr5pkM87WZbxaYTLPQLDKLTZZZYpaaZWa5WWFWmlVmtVlj1pp1Zr3ZYDaaTWaz2WK2mm1mu9lhdppdZrfZY/aafWa/+cYcMN+ag+Zv5pD5zhw235sj5gdz1PxojpmfzHHzszlhfjEnzSlz2pwxZ82v5pw5by6Yi+aS+c1cNlfMVeOvXdxfe3lHjRpjMAZjMRbjMA7jMR5zYS6MYAQTMAFzY27Mg3kwH+bDREzEglgQryEkLISFMIpRLIJFMAmTsBgWQ4dOCiyJpbAUlsbSWAbLYFksi+WwHFbACvggPogP4UP4MD6Mj+AjWA2rYQ2sgTWxJtbCWlgba2MdrIN1sS7Ww3pYH+tjA2yADbEhNsJG2BgbY1Nsis2xObbAFtgSW2JrbI1tsA22xbaYjMnYDtthe2yPHbADdsSO2Ak7YWfsjF2xK3bDbtgdu2MKpmAv7IW9sTf2xb7YH/vjAByAA3EgpmIqDsbBOASH4FAcisNwOI7AT3AkjsLROAbH4jhMwzQcj+NxAk7AiTgRJ+NkTMd0nIbTcDpOx5k4E2fhLJyNs3EuzsUMzMD5OB8zMRMX4SLMwixciktxOS7HlbgSV+NqXItrcT2ux424ETfjZtyKW3E7bseduBN3427ci3txP+7HA3gAD+JBPISH8DAexiN4BI/iUTyGx/A4HscTeAJP4kk8jafxLJ7Fc3gOL+AFvIS/4WW8glfRY6zNaePsLTbe3mpz2dvsv8b5bH6baAvYgtbYPDbvP8VorU2yRW0xW9w6W8KWtPf8IS5ny9sKtqJ90FayD9nKf4hr2sdsLfu4rW2fsDXso/8U17FP2rr2OVvPPm/r2ya2gW1mG9rnbCP7vG1sm9imtpltY1+2be0rNtm+atvZ1/4Qz7cL7Gq7xq616+xeu89esBftMfuTvWR/s91tD9vfvmcH2PftQPuBTbWD/hCPsJ/YkXaUHW3H2LF23B/iyXaKTbdT7TT7hZ1uZ/whzrBf21k20862c+xcO+/3+FpPmXahXWQX2yy7xC61y+xyu8KutKv+d6/L7Aa70W6yu+0eu9Vus9vtDrvT7vo9vnYe++039oD91h61P9pD9jt72B63R+wPv8fXzu+4/dmesL/Yk/aUPW3P2LP2V3vOnv/9/K+d+xl7xV613goCkqRIU0AxlINiKSfF0S0UT7dSLrqNInQ7JdAdlJvupDyUl/JRfkqkAlSQDCFZIgqpEBWmKN1FRehuSqKiVIyKk6MSVJLuoVJ0L5Wm+6gM3U9l6QEqR+WpAlWkB6kSPUSV6WGqQo9QVapG1akGPUo16TGqRY9TbXqC6tCTVJeeonr0NNWnZ6gBPUsN6TlqRM9TY2pCTakZNacXqAW9SC2pFbWml6gNvUxt6RVKplepHb1G7el16kBvUEd6kzrRW9SZulBXepu60TvUnXpQCvWkXvQu9aY+1Jf6UX96jwbQ+zSQPqBUGkSD6UMaQh/RUPqYhtFwGkGf0EgaRaNpDI2lcZRGksbTZzSBPqeJNIkm0xRKp6k0jb6g6TSDZtKXNIu+otk0h+bSPMqgr2k+LaBMWkiLaDFl0RJaSstoOa2glbSKVtMaWkvraD1toI20iTbTFtpK22g77aCdtIt20x7aS/toP31DB+hbOkh/o0P0HR2m7+kI/UBH6Uc6Rj/RcfqZTtAvdJJO0Wk6Q2fpVzpH5+kCXaRL9Btdpit0lTyJEEIZqlCHQRgT5ghjw5xhXHhLGB/eGuYKbwsj4e1hQnhHmDu8M8wT5g3zhfnDxLBAWDA0IYY2pDAMC4WFw2h4V1gkvDtMCouGxcLioQtLhCXDe8JS4b1h6fC+sEx4f1g2fCAsF5YPn3uiYvhgWCl8KKwcPhxWCR8Jq4bVwuphjfDRsGb4WFgrfDysHT4Rlg6fDOuGT4X1wqfD+uEzYYPw2bBh+FzYKHw+bBw2CZuGzcLm4Qthi/DFsGXYKmwdvhS2CV8O24avhMnhq2G78LUbHk8Je4a9wnfDd0PvH1dzo/OiGdGvo/OjC6KZ0YXRRdHF0azokujS6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kao9zVyCAdOOuW0C1yMy+FiXU4X525x8e5Wl8vd5iLudpfg7nC53Z0uj8vr8rn8LtEVcAWdceisIxe6Qq6wi7q7XBF3t0tyRV0xV9w5V8KVdM1cc9fctXAvupaulWvtXnIvuZfdy+4V94p71bVzr7n27nXXwb3hOro33ZvuLdfZdXFd3duum3vHdXc9XIpLcb1cL9fb9XZ9XV/X3/V3A9wAN9ANdKku1Q12g90QN8QNdUPdMDfMjXAj3Eg30o12o91YN9aluTQ33o13E9wEN9FNdJPdZJfu0t00N81Nd9PdTDfTzUqa5Wa72W6um+syXIab7+a7TJfpFrlFLstluaVuqVvulruVbqVb7Va7tW6tW+/Wu41uo9vsNrutbqvb7ra7nW6n2+12u71ur9vv9rsD7oA76A66Q+6QO+y+d0fcD+6o+9Edcz+54+5nd8L94k66U+60O+POul/dOXfeXXAX3SX3m7vsrrirzru0yKeR8ZHPIhMin0cmRiZFJkemRNIjUyPTIl9EpkdmRGZGvozMinwVmR2ZE5kbmRfJiHwdmR9ZEMmMLIwsiiyOZEWWRJZGlkWWR1ZEvC+wNfSFfGEf9Xf5Iv5un+SL+mK+uHe+hC/p7/Gl/L2+tL/Pl/H3+7L+AV/Ol/cV/PO+sW/im/pmvrl/wbfwL/qWvpVv7V/ybfzLvq1/xSf7V307/5pv71/3HfwbvqN/03fyb/nOvovv6t/23fw7vrvv4VN8T9/Lv+t7+z6+r+/n+/v3/AD/vh/oP/CpfpAf7D/0Q/xHfqj/2A/zw/0I/4kf6Uf50X6MH+vH+TT/qR/vP/MT/Od+op/kJ/spPt1P9dP8F366n+Fn+i/9LP+Vn+3n+Ll+ns/wX/v5foHP9Av9Ir/YZ/klfqlf5pf7FX6lX+VX+zV+rV/n1/sNfqPf5Df7LX6r3+a3+x1+p9/ld/s9fq/f5/f7b/wB/60/6P/mD/nv/GH/vT/if/BH/Y/+mP/JH/c/+xP+F3/Sn/Kn/Rl/1v/qz/nz/oK/6C/53/xlf8Vf5f9ZY4wxxhj7b1E3ON7z33xP/mNd00sIceu2/Ef+teb6PH/f95GJbSJCiFd7dHrmP1bVqikpKf94bJYSQeE5QojI9fwYcT1eIlqLl0WyaCVK/dv++sgul+gG9aP3CxH3n3JixfX4ev17/4v6o2bdsP4cIZIKX8/JKa7H1+uX/i/q521xg/o5v0sTouV/yokX1+Pr9UuKF8VrIvmfHskYY4wxxhhjjP1dH1mhw43ub6/dnyfq6zk5xPX4RvfnjDHGGGOMMcYYu/ne6NL1lReSk1t14A1v/sxGRIT4H9AGb/6qzc3+y8QYY4wxxhj7q12/6L/ZnTDGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY9nX/4+PE7vZ58gYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4zdbP8rAAD//0EmMrM=") syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000006ac0)='cpuacct.stat\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="85"], 0x9) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0xfe, 0x0) 18:24:43 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000080), 0x0, 0x0) ioctl$LOOP_SET_STATUS(r0, 0x80041284, &(0x7f00000000c0)={0x0, {}, 0x0, {}, 0x0, 0x0, 0x0, 0x0, "c7f7a922d96a6b855eb43963ea6d49e896b029922fef5c6e6c7fb7be4f0e332905134fda83969a0c0b5471ad107d656db4fff742216ca0d9e61f0c58ab42d7a1", "3f087f5f93e65a3ba1d3d23472e35d8c4443da77dea9e614658352817980634a"}) 18:24:43 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x1, 0x0, 0x0, {}, [@NHA_GROUP={0x4}, @NHA_FDB={0x4}]}, 0x20}}, 0x0) [ 2651.336009][T27760] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2651.343819][T27760] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2651.351638][T27760] [ 2651.356603][T27760] loop5: detected capacity change from 0 to 512 [ 2651.370948][T27771] loop2: detected capacity change from 0 to 256 [ 2651.375006][T27748] loop4: detected capacity change from 0 to 512 [ 2651.391559][T27771] exfat: Deprecated parameter 'utf8' [ 2651.399632][T27771] exfat: Deprecated parameter 'utf8' [ 2651.460533][T27771] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1e705bfb, utbl_chksum : 0xe619d30d) 18:24:43 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 65) 18:24:43 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 75) 18:24:43 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x1, 0x0, 0x0, {}, [@NHA_GROUP={0x4}, @NHA_FDB={0x4}]}, 0x20}}, 0x0) 18:24:43 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 73) 18:24:43 executing program 2: socket(0x8, 0x0, 0x0) [ 2651.623375][T27748] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 2651.652809][T27782] loop1: detected capacity change from 0 to 16 [ 2651.656415][T27780] FAULT_INJECTION: forcing a failure. [ 2651.656415][T27780] name fail_page_alloc, interval 1, probability 0, space 0, times 0 18:24:43 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x1, 0x0, 0x0, {}, [@NHA_GROUP={0x4}, @NHA_FDB={0x4}]}, 0x20}}, 0x0) [ 2651.662624][T27782] FAULT_INJECTION: forcing a failure. [ 2651.662624][T27782] name failslab, interval 1, probability 0, space 0, times 0 [ 2651.674053][T27780] CPU: 1 PID: 27780 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2651.694564][T27780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2651.704455][T27780] Call Trace: [ 2651.707578][T27780] [ 2651.710370][T27780] dump_stack_lvl+0x151/0x1b7 [ 2651.714865][T27780] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2651.720161][T27780] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2651.725370][T27780] dump_stack+0x15/0x17 [ 2651.729359][T27780] should_fail+0x3c0/0x510 [ 2651.733614][T27780] should_fail_alloc_page+0x58/0x70 [ 2651.738645][T27780] __alloc_pages+0x1de/0x7c0 [ 2651.743074][T27780] ? __count_vm_events+0x30/0x30 [ 2651.747851][T27780] ? __kasan_check_read+0x11/0x20 [ 2651.752714][T27780] ? __vm_enough_memory+0x118/0x310 [ 2651.757748][T27780] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2651.763211][T27780] ? shmem_swapin_page+0x15c0/0x15c0 [ 2651.768336][T27780] ? xas_start+0x33d/0x410 [ 2651.772587][T27780] ? xas_load+0x2c7/0x2e0 [ 2651.776752][T27780] ? pagecache_get_page+0xcc8/0xdb0 [ 2651.781789][T27780] ? page_cache_prev_miss+0x430/0x430 [ 2651.786994][T27780] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2651.792555][T27780] ? lru_cache_add+0x273/0x530 [ 2651.797178][T27780] shmem_getpage_gfp+0x1487/0x25f0 [ 2651.802104][T27780] ? shmem_getpage+0xa0/0xa0 [ 2651.806523][T27780] ? fault_in_safe_writeable+0x240/0x240 [ 2651.811992][T27780] ? __kasan_check_write+0x14/0x20 [ 2651.816941][T27780] ? shmem_write_end+0x786/0x8a0 [ 2651.821715][T27780] shmem_write_begin+0xc8/0x1b0 [ 2651.826411][T27780] generic_perform_write+0x2cd/0x5d0 [ 2651.831525][T27780] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2651.837168][T27780] ? file_remove_privs+0x690/0x690 [ 2651.842118][T27780] ? __kasan_check_write+0x14/0x20 [ 2651.847060][T27780] ? down_write+0xdd/0x140 [ 2651.851314][T27780] __generic_file_write_iter+0x25b/0x4b0 [ 2651.856783][T27780] generic_file_write_iter+0xaf/0x1c0 [ 2651.861989][T27780] vfs_write+0xc8d/0x1050 [ 2651.866160][T27780] ? file_end_write+0x1b0/0x1b0 [ 2651.870844][T27780] ? __fget_files+0x310/0x370 [ 2651.875361][T27780] ? __fdget_pos+0x1fe/0x310 [ 2651.879784][T27780] ? ksys_write+0x77/0x2c0 [ 2651.884034][T27780] ksys_write+0x198/0x2c0 [ 2651.888203][T27780] ? __ia32_sys_read+0x90/0x90 [ 2651.892803][T27780] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2651.898707][T27780] __x64_sys_write+0x7b/0x90 [ 2651.903132][T27780] do_syscall_64+0x44/0xd0 [ 2651.907382][T27780] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2651.913113][T27780] RIP: 0033:0x7fb257acee4f [ 2651.917367][T27780] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2651.936812][T27780] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2651.945058][T27780] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2651.952871][T27780] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2651.960693][T27780] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2651.968494][T27780] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2651.976303][T27780] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2651.984120][T27780] [ 2651.986986][T27782] CPU: 0 PID: 27782 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2651.997054][T27782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2652.006950][T27782] Call Trace: [ 2652.010076][T27782] [ 2652.012846][T27782] dump_stack_lvl+0x151/0x1b7 [ 2652.017361][T27782] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2652.022751][T27782] dump_stack+0x15/0x17 [ 2652.026741][T27782] should_fail+0x3c0/0x510 [ 2652.031000][T27782] ? vfs_parse_fs_string+0x169/0x2a0 [ 2652.036109][T27782] __should_failslab+0x9f/0xe0 [ 2652.040712][T27782] should_failslab+0x9/0x20 [ 2652.045060][T27782] __kmalloc_track_caller+0x6c/0x350 [ 2652.050173][T27782] kmemdup_nul+0x2a/0xa0 [ 2652.054246][T27782] vfs_parse_fs_string+0x169/0x2a0 [ 2652.059197][T27782] ? __init_rwsem+0xd5/0x1c0 [ 2652.063621][T27782] ? vfs_parse_fs_param+0x4a0/0x4a0 [ 2652.068656][T27782] do_new_mount+0x22c/0xad0 [ 2652.072999][T27782] ? do_move_mount_old+0x160/0x160 [ 2652.077945][T27782] ? security_capable+0xb2/0xd0 [ 2652.082636][T27782] ? ns_capable+0x8a/0xf0 [ 2652.086795][T27782] path_mount+0x60b/0x1050 [ 2652.091054][T27782] __se_sys_mount+0x2d2/0x3c0 [ 2652.095565][T27782] ? __x64_sys_mount+0xd0/0xd0 [ 2652.100166][T27782] __x64_sys_mount+0xbf/0xd0 [ 2652.104591][T27782] do_syscall_64+0x44/0xd0 [ 2652.108845][T27782] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2652.114571][T27782] RIP: 0033:0x7fc55e52a5fa [ 2652.118826][T27782] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2652.138267][T27782] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2652.146515][T27782] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2652.154331][T27782] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2652.162136][T27782] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 18:24:44 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) r3 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r4 = openat$cgroup_procs(r3, &(0x7f0000000300)='cgroup.procs\x00', 0x2, 0x0) r5 = getpid() sched_setscheduler(r5, 0x0, &(0x7f0000000200)) sched_setscheduler(r5, 0x0, &(0x7f0000000040)=0x8) writev(r4, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1) r6 = open(&(0x7f0000000080)='./bus\x00', 0x6fe44da629969272, 0x0) r7 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r8 = syz_open_procfs(0x0, 0x0) lseek(r8, 0xf36, 0x0) recvmsg$unix(r8, &(0x7f0000001680)={&(0x7f0000000280)=@abs, 0x6e, &(0x7f0000001600)=[{&(0x7f00000016c0)=""/20, 0x14}, {0x0}, {&(0x7f0000001880)=""/196, 0xc4}, {&(0x7f0000001480)=""/102, 0x66}, {&(0x7f0000001740)=""/257, 0x101}, {&(0x7f0000000100)=""/38, 0x26}, {&(0x7f0000000400)=""/41, 0x29}], 0x7, &(0x7f0000001500)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00005a5e8800180000000000000040ba491d38e5ba54000000000000", @ANYRES32, @ANYRES32, @ANYBLOB="ca3c6fe80000", @ANYBLOB="000000002c000000000000000100000001", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r3, @ANYRES64=r3, @ANYRES32, @ANYBLOB="db000000fbffffff0000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB], 0xc0}, 0xa101) sendfile(r6, r7, 0x0, 0x80000041) 18:24:44 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x1, 0x0, 0x0, {}, [@NHA_GROUP={0x4}, @NHA_FDB={0x4}]}, 0x20}}, 0x0) 18:24:44 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) r3 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r4 = openat$cgroup_procs(r3, &(0x7f0000000300)='cgroup.procs\x00', 0x2, 0x0) r5 = getpid() sched_setscheduler(r5, 0x0, &(0x7f0000000200)) sched_setscheduler(r5, 0x0, &(0x7f0000000040)=0x8) writev(r4, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1) r6 = open(&(0x7f0000000080)='./bus\x00', 0x6fe44da629969272, 0x0) r7 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r8 = syz_open_procfs(0x0, 0x0) lseek(r8, 0xf36, 0x0) recvmsg$unix(r8, &(0x7f0000001680)={&(0x7f0000000280)=@abs, 0x6e, &(0x7f0000001600)=[{&(0x7f00000016c0)=""/20, 0x14}, {0x0}, {&(0x7f0000001880)=""/196, 0xc4}, {&(0x7f0000001480)=""/102, 0x66}, {&(0x7f0000001740)=""/257, 0x101}, {&(0x7f0000000100)=""/38, 0x26}, {&(0x7f0000000400)=""/41, 0x29}], 0x7, &(0x7f0000001500)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00005a5e8800180000000000000040ba491d38e5ba54000000000000", @ANYRES32, @ANYRES32, @ANYBLOB="ca3c6fe80000", @ANYBLOB="000000002c000000000000000100000001", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r3, @ANYRES64=r3, @ANYRES32, @ANYBLOB="db000000fbffffff0000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB], 0xc0}, 0xa101) sendfile(r6, r7, 0x0, 0x80000041) 18:24:44 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 76) [ 2652.169956][T27782] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2652.177762][T27782] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2652.185578][T27782] [ 2652.191870][ T30] audit: type=1400 audit(1673979884.029:794): avc: denied { create } for pid=27786 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1 [ 2652.254241][T27798] FAULT_INJECTION: forcing a failure. [ 2652.254241][T27798] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2652.260465][T27800] FAULT_INJECTION: forcing a failure. [ 2652.260465][T27800] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2652.280194][T27800] CPU: 1 PID: 27800 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2652.290180][T27800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2652.300203][T27800] Call Trace: [ 2652.303323][T27800] [ 2652.306104][T27800] dump_stack_lvl+0x151/0x1b7 [ 2652.310612][T27800] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2652.315905][T27800] ? __kasan_check_read+0x11/0x20 [ 2652.320772][T27800] dump_stack+0x15/0x17 [ 2652.324758][T27800] should_fail+0x3c0/0x510 [ 2652.329019][T27800] should_fail_usercopy+0x1a/0x20 [ 2652.333873][T27800] copy_page_from_iter_atomic+0x433/0x11c0 [ 2652.339518][T27800] ? pipe_zero+0x4d0/0x4d0 [ 2652.343774][T27800] ? __kasan_check_write+0x14/0x20 [ 2652.348722][T27800] ? shmem_write_end+0x786/0x8a0 [ 2652.353491][T27800] generic_perform_write+0x343/0x5d0 [ 2652.358613][T27800] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2652.364253][T27800] ? file_remove_privs+0x690/0x690 [ 2652.369200][T27800] ? __kasan_check_write+0x14/0x20 [ 2652.374151][T27800] ? down_write+0xdd/0x140 [ 2652.378437][T27800] __generic_file_write_iter+0x25b/0x4b0 [ 2652.383870][T27800] generic_file_write_iter+0xaf/0x1c0 [ 2652.389078][T27800] vfs_write+0xc8d/0x1050 [ 2652.393245][T27800] ? file_end_write+0x1b0/0x1b0 [ 2652.397929][T27800] ? __fget_files+0x310/0x370 [ 2652.402449][T27800] ? __fdget_pos+0x1fe/0x310 [ 2652.406873][T27800] ? ksys_write+0x77/0x2c0 [ 2652.411128][T27800] ksys_write+0x198/0x2c0 [ 2652.415303][T27800] ? __ia32_sys_read+0x90/0x90 [ 2652.419896][T27800] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2652.425801][T27800] __x64_sys_write+0x7b/0x90 [ 2652.430224][T27800] do_syscall_64+0x44/0xd0 [ 2652.434476][T27800] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2652.440204][T27800] RIP: 0033:0x7fb257acee4f [ 2652.444462][T27800] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2652.463900][T27800] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2652.472232][T27800] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2652.480045][T27800] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2652.487860][T27800] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2652.495669][T27800] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2652.503483][T27800] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2652.511298][T27800] [ 2652.514587][T27798] CPU: 1 PID: 27798 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2652.519512][T27800] loop5: detected capacity change from 0 to 512 [ 2652.524642][T27798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2652.524654][T27798] Call Trace: [ 2652.524661][T27798] [ 2652.546517][T27798] dump_stack_lvl+0x151/0x1b7 [ 2652.551024][T27798] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2652.556324][T27798] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2652.561960][T27798] dump_stack+0x15/0x17 [ 2652.565950][T27798] should_fail+0x3c0/0x510 [ 2652.570206][T27798] should_fail_alloc_page+0x58/0x70 [ 2652.575238][T27798] __alloc_pages+0x1de/0x7c0 [ 2652.579671][T27798] ? __count_vm_events+0x30/0x30 [ 2652.584443][T27798] ? __kasan_check_read+0x11/0x20 [ 2652.589311][T27798] ? __vm_enough_memory+0x118/0x310 [ 2652.594335][T27798] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2652.599805][T27798] ? shmem_swapin_page+0x15c0/0x15c0 [ 2652.604930][T27798] ? xas_start+0x33d/0x410 [ 2652.609177][T27798] ? xas_load+0x2c7/0x2e0 [ 2652.613346][T27798] ? pagecache_get_page+0xcc8/0xdb0 [ 2652.618469][T27798] ? page_cache_prev_miss+0x430/0x430 [ 2652.623679][T27798] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2652.629056][T27798] ? lru_cache_add+0x273/0x530 [ 2652.633658][T27798] shmem_getpage_gfp+0x1487/0x25f0 [ 2652.638606][T27798] ? shmem_getpage+0xa0/0xa0 [ 2652.643029][T27798] ? fault_in_safe_writeable+0x240/0x240 [ 2652.648497][T27798] ? __kasan_check_write+0x14/0x20 [ 2652.653445][T27798] ? shmem_write_end+0x786/0x8a0 [ 2652.658219][T27798] shmem_write_begin+0xc8/0x1b0 [ 2652.662912][T27798] generic_perform_write+0x2cd/0x5d0 [ 2652.668030][T27798] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2652.673669][T27798] ? file_remove_privs+0x690/0x690 [ 2652.678617][T27798] ? __kasan_check_write+0x14/0x20 [ 2652.683564][T27798] ? down_write+0xdd/0x140 [ 2652.687911][T27798] __generic_file_write_iter+0x25b/0x4b0 [ 2652.693373][T27798] generic_file_write_iter+0xaf/0x1c0 [ 2652.698583][T27798] vfs_write+0xc8d/0x1050 [ 2652.702747][T27798] ? file_end_write+0x1b0/0x1b0 [ 2652.707436][T27798] ? __fget_files+0x310/0x370 [ 2652.711949][T27798] ? __fdget_pos+0x1fe/0x310 [ 2652.716373][T27798] ? ksys_write+0x77/0x2c0 [ 2652.720630][T27798] ksys_write+0x198/0x2c0 [ 2652.724797][T27798] ? __ia32_sys_read+0x90/0x90 [ 2652.729397][T27798] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2652.735296][T27798] __x64_sys_write+0x7b/0x90 [ 2652.739727][T27798] do_syscall_64+0x44/0xd0 [ 2652.743978][T27798] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2652.749707][T27798] RIP: 0033:0x7fcbd55afe4f [ 2652.753961][T27798] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2652.773404][T27798] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2652.781649][T27798] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2652.789547][T27798] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2652.797360][T27798] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 18:24:44 executing program 3: syz_usb_connect$cdc_ecm(0x0, 0x4d, &(0x7f0000000000)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x3b, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2, 0x6, 0x0, 0x0, {{0x5}, {0x5}, {0xd}}}}]}}]}}, &(0x7f0000000480)={0x0, 0x0, 0x5, &(0x7f00000000c0)={0x5, 0xf, 0x5}}) 18:24:44 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 74) 18:24:44 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 66) [ 2652.805171][T27798] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2652.812982][T27798] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2652.820799][T27798] 18:24:44 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 77) [ 2652.859358][T27807] loop1: detected capacity change from 0 to 16 [ 2652.867196][T27807] FAULT_INJECTION: forcing a failure. [ 2652.867196][T27807] name failslab, interval 1, probability 0, space 0, times 0 [ 2652.881953][T27807] CPU: 0 PID: 27807 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2652.883107][T27809] FAULT_INJECTION: forcing a failure. [ 2652.883107][T27809] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2652.892020][T27807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2652.892037][T27807] Call Trace: [ 2652.892043][T27807] [ 2652.892050][T27807] dump_stack_lvl+0x151/0x1b7 [ 2652.892075][T27807] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2652.930574][T27807] ? avc_has_perm_noaudit+0x358/0x450 [ 2652.935772][T27807] dump_stack+0x15/0x17 [ 2652.939750][T27807] should_fail+0x3c0/0x510 [ 2652.944007][T27807] __should_failslab+0x9f/0xe0 [ 2652.948606][T27807] should_failslab+0x9/0x20 [ 2652.953032][T27807] kmem_cache_alloc+0x4f/0x2f0 [ 2652.957814][T27807] ? getname_kernel+0x59/0x2e0 [ 2652.962410][T27807] getname_kernel+0x59/0x2e0 [ 2652.966833][T27807] kern_path+0x24/0x1b0 [ 2652.970827][T27807] blkdev_get_by_path+0xc3/0x2d0 [ 2652.975601][T27807] ? bd_finish_claiming+0x230/0x230 [ 2652.980638][T27807] ? vfs_parse_fs_string+0x2a0/0x2a0 [ 2652.985755][T27807] ? vfs_parse_fs_string+0x1dd/0x2a0 [ 2652.990878][T27807] ? __init_rwsem+0xd5/0x1c0 [ 2652.995305][T27807] get_tree_bdev+0xd4/0x680 [ 2652.999644][T27807] ? erofs_release_device_info+0x90/0x90 [ 2653.005118][T27807] erofs_fc_get_tree+0x1c/0x20 [ 2653.009712][T27807] vfs_get_tree+0x88/0x290 [ 2653.013971][T27807] do_new_mount+0x289/0xad0 [ 2653.018308][T27807] ? do_move_mount_old+0x160/0x160 [ 2653.023254][T27807] ? security_capable+0xb2/0xd0 [ 2653.027939][T27807] ? ns_capable+0x8a/0xf0 [ 2653.032105][T27807] path_mount+0x60b/0x1050 [ 2653.036360][T27807] __se_sys_mount+0x2d2/0x3c0 [ 2653.040874][T27807] ? __x64_sys_mount+0xd0/0xd0 [ 2653.045474][T27807] __x64_sys_mount+0xbf/0xd0 [ 2653.049898][T27807] do_syscall_64+0x44/0xd0 [ 2653.054162][T27807] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2653.059883][T27807] RIP: 0033:0x7fc55e52a5fa [ 2653.064139][T27807] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2653.083577][T27807] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2653.091825][T27807] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2653.099639][T27807] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2653.107447][T27807] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 [ 2653.115261][T27807] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2653.123075][T27807] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2653.130888][T27807] [ 2653.133749][T27809] CPU: 1 PID: 27809 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2653.143827][T27809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2653.153714][T27809] Call Trace: [ 2653.156836][T27809] [ 2653.159615][T27809] dump_stack_lvl+0x151/0x1b7 [ 2653.164127][T27809] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2653.169424][T27809] ? __kasan_check_read+0x11/0x20 [ 2653.174284][T27809] dump_stack+0x15/0x17 [ 2653.178274][T27809] should_fail+0x3c0/0x510 [ 2653.182529][T27809] should_fail_usercopy+0x1a/0x20 [ 2653.187390][T27809] copy_page_from_iter_atomic+0x433/0x11c0 [ 2653.193035][T27809] ? pipe_zero+0x4d0/0x4d0 [ 2653.197286][T27809] ? __kasan_check_write+0x14/0x20 [ 2653.202234][T27809] ? shmem_write_end+0x786/0x8a0 [ 2653.207009][T27809] generic_perform_write+0x343/0x5d0 [ 2653.212129][T27809] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2653.217770][T27809] ? file_remove_privs+0x690/0x690 [ 2653.222723][T27809] ? __kasan_check_write+0x14/0x20 [ 2653.227666][T27809] ? down_write+0xdd/0x140 [ 2653.231916][T27809] __generic_file_write_iter+0x25b/0x4b0 [ 2653.237386][T27809] generic_file_write_iter+0xaf/0x1c0 [ 2653.242593][T27809] vfs_write+0xc8d/0x1050 [ 2653.246759][T27809] ? file_end_write+0x1b0/0x1b0 [ 2653.251446][T27809] ? __fget_files+0x310/0x370 [ 2653.255963][T27809] ? __fdget_pos+0x1fe/0x310 [ 2653.260394][T27809] ? ksys_write+0x77/0x2c0 [ 2653.264654][T27809] ksys_write+0x198/0x2c0 [ 2653.268815][T27809] ? __ia32_sys_read+0x90/0x90 [ 2653.273412][T27809] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2653.279315][T27809] __x64_sys_write+0x7b/0x90 [ 2653.283737][T27809] do_syscall_64+0x44/0xd0 [ 2653.287988][T27809] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2653.293718][T27809] RIP: 0033:0x7fcbd55afe4f [ 2653.297972][T27809] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2653.317420][T27809] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2653.325670][T27809] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2653.333473][T27809] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2653.341284][T27809] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2653.349097][T27809] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 18:24:45 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) r3 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r4 = openat$cgroup_procs(r3, &(0x7f0000000300)='cgroup.procs\x00', 0x2, 0x0) r5 = getpid() sched_setscheduler(r5, 0x0, &(0x7f0000000200)) sched_setscheduler(r5, 0x0, &(0x7f0000000040)=0x8) writev(r4, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1) r6 = open(&(0x7f0000000080)='./bus\x00', 0x6fe44da629969272, 0x0) r7 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r8 = syz_open_procfs(0x0, 0x0) lseek(r8, 0xf36, 0x0) recvmsg$unix(r8, &(0x7f0000001680)={&(0x7f0000000280)=@abs, 0x6e, &(0x7f0000001600)=[{&(0x7f00000016c0)=""/20, 0x14}, {0x0}, {&(0x7f0000001880)=""/196, 0xc4}, {&(0x7f0000001480)=""/102, 0x66}, {&(0x7f0000001740)=""/257, 0x101}, {&(0x7f0000000100)=""/38, 0x26}, {&(0x7f0000000400)=""/41, 0x29}], 0x7, &(0x7f0000001500)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00005a5e8800180000000000000040ba491d38e5ba54000000000000", @ANYRES32, @ANYRES32, @ANYBLOB="ca3c6fe80000", @ANYBLOB="000000002c000000000000000100000001", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r3, @ANYRES64=r3, @ANYRES32, @ANYBLOB="db000000fbffffff0000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB], 0xc0}, 0xa101) sendfile(r6, r7, 0x0, 0x80000041) 18:24:45 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) r3 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r4 = openat$cgroup_procs(r3, &(0x7f0000000300)='cgroup.procs\x00', 0x2, 0x0) r5 = getpid() sched_setscheduler(r5, 0x0, &(0x7f0000000200)) sched_setscheduler(r5, 0x0, &(0x7f0000000040)=0x8) writev(r4, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1) r6 = open(&(0x7f0000000080)='./bus\x00', 0x6fe44da629969272, 0x0) r7 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r8 = syz_open_procfs(0x0, 0x0) lseek(r8, 0xf36, 0x0) recvmsg$unix(r8, &(0x7f0000001680)={&(0x7f0000000280)=@abs, 0x6e, &(0x7f0000001600)=[{&(0x7f00000016c0)=""/20, 0x14}, {0x0}, {&(0x7f0000001880)=""/196, 0xc4}, {&(0x7f0000001480)=""/102, 0x66}, {&(0x7f0000001740)=""/257, 0x101}, {&(0x7f0000000100)=""/38, 0x26}, {&(0x7f0000000400)=""/41, 0x29}], 0x7, &(0x7f0000001500)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00005a5e8800180000000000000040ba491d38e5ba54000000000000", @ANYRES32, @ANYRES32, @ANYBLOB="ca3c6fe80000", @ANYBLOB="000000002c000000000000000100000001", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r3, @ANYRES64=r3, @ANYRES32, @ANYBLOB="db000000fbffffff0000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB], 0xc0}, 0xa101) sendfile(r6, r7, 0x0, 0x80000041) 18:24:45 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 75) [ 2653.356906][T27809] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2653.364724][T27809] [ 2653.369376][T27807] /dev/loop1: Can't open blockdev [ 2653.381920][T27809] loop4: detected capacity change from 0 to 512 [ 2653.424263][T27818] loop1: detected capacity change from 0 to 16 [ 2653.431383][T27809] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 2653.442447][T27818] FAULT_INJECTION: forcing a failure. [ 2653.442447][T27818] name failslab, interval 1, probability 0, space 0, times 0 [ 2653.448600][T16764] usb 4-1: new high-speed USB device number 38 using dummy_hcd [ 2653.455687][T27818] CPU: 1 PID: 27818 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2653.472391][T27818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2653.482282][T27818] Call Trace: [ 2653.485405][T27818] [ 2653.488180][T27818] dump_stack_lvl+0x151/0x1b7 [ 2653.492694][T27818] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2653.497985][T27818] ? _raw_spin_lock+0xa3/0x1b0 [ 2653.502608][T27818] dump_stack+0x15/0x17 [ 2653.506579][T27818] should_fail+0x3c0/0x510 [ 2653.510838][T27818] ? alloc_super+0x5d/0x7d0 [ 2653.515174][T27818] __should_failslab+0x9f/0xe0 [ 2653.519778][T27818] should_failslab+0x9/0x20 [ 2653.524114][T27818] kmem_cache_alloc_trace+0x4a/0x310 [ 2653.529237][T27818] ? _raw_spin_trylock_bh+0x1d0/0x1d0 [ 2653.534443][T27818] alloc_super+0x5d/0x7d0 [ 2653.538613][T27818] ? get_tree_bdev+0x680/0x680 [ 2653.543208][T27818] sget_fc+0x236/0x640 [ 2653.547115][T27818] ? test_bdev_super_fc+0x70/0x70 [ 2653.551977][T27818] get_tree_bdev+0x28c/0x680 [ 2653.556403][T27818] ? erofs_release_device_info+0x90/0x90 [ 2653.561872][T27818] erofs_fc_get_tree+0x1c/0x20 [ 2653.566472][T27818] vfs_get_tree+0x88/0x290 [ 2653.570727][T27818] do_new_mount+0x289/0xad0 [ 2653.575073][T27818] ? do_move_mount_old+0x160/0x160 [ 2653.580015][T27818] ? security_capable+0xb2/0xd0 [ 2653.584874][T27818] ? ns_capable+0x8a/0xf0 [ 2653.589044][T27818] path_mount+0x60b/0x1050 [ 2653.593302][T27818] __se_sys_mount+0x2d2/0x3c0 [ 2653.597811][T27818] ? __x64_sys_mount+0xd0/0xd0 [ 2653.602414][T27818] __x64_sys_mount+0xbf/0xd0 [ 2653.606848][T27818] do_syscall_64+0x44/0xd0 [ 2653.611088][T27818] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2653.616822][T27818] RIP: 0033:0x7fc55e52a5fa [ 2653.621073][T27818] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2653.640621][T27818] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2653.648847][T27818] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2653.656662][T27818] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2653.664475][T27818] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 [ 2653.672288][T27818] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2653.680097][T27818] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2653.687911][T27818] 18:24:45 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 67) 18:24:45 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 76) [ 2653.932100][T27823] FAULT_INJECTION: forcing a failure. [ 2653.932100][T27823] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2653.958619][T27823] CPU: 1 PID: 27823 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2653.968700][T27823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2653.978593][T27823] Call Trace: [ 2653.981722][T27823] [ 2653.984493][T27823] dump_stack_lvl+0x151/0x1b7 [ 2653.989009][T27823] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2653.994303][T27823] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2653.999515][T27823] dump_stack+0x15/0x17 [ 2654.003505][T27823] should_fail+0x3c0/0x510 [ 2654.007765][T27823] should_fail_alloc_page+0x58/0x70 [ 2654.012792][T27823] __alloc_pages+0x1de/0x7c0 [ 2654.017227][T27823] ? __count_vm_events+0x30/0x30 [ 2654.021996][T27823] ? __kasan_check_read+0x11/0x20 [ 2654.026857][T27823] ? __vm_enough_memory+0x118/0x310 [ 2654.031890][T27823] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2654.037358][T27823] ? shmem_swapin_page+0x15c0/0x15c0 [ 2654.042480][T27823] ? xas_start+0x33d/0x410 [ 2654.046731][T27823] ? xas_load+0x2c7/0x2e0 [ 2654.050898][T27823] ? pagecache_get_page+0xcc8/0xdb0 [ 2654.055931][T27823] ? page_cache_prev_miss+0x430/0x430 [ 2654.061140][T27823] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2654.066519][T27823] ? lru_cache_add+0x273/0x530 [ 2654.071119][T27823] shmem_getpage_gfp+0x1487/0x25f0 [ 2654.076072][T27823] ? shmem_getpage+0xa0/0xa0 [ 2654.080496][T27823] ? fault_in_safe_writeable+0x240/0x240 [ 2654.086081][T27823] ? __kasan_check_write+0x14/0x20 [ 2654.091053][T27823] ? shmem_write_end+0x786/0x8a0 [ 2654.095808][T27823] shmem_write_begin+0xc8/0x1b0 [ 2654.100490][T27823] generic_perform_write+0x2cd/0x5d0 [ 2654.105612][T27823] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2654.111254][T27823] ? file_remove_privs+0x690/0x690 [ 2654.116206][T27823] ? __kasan_check_write+0x14/0x20 [ 2654.121145][T27823] ? down_write+0xdd/0x140 [ 2654.125400][T27823] __generic_file_write_iter+0x25b/0x4b0 [ 2654.130872][T27823] generic_file_write_iter+0xaf/0x1c0 [ 2654.136082][T27823] vfs_write+0xc8d/0x1050 [ 2654.140244][T27823] ? file_end_write+0x1b0/0x1b0 [ 2654.145018][T27823] ? __fget_files+0x310/0x370 [ 2654.149534][T27823] ? __fdget_pos+0x1fe/0x310 [ 2654.153959][T27823] ? ksys_write+0x77/0x2c0 [ 2654.158213][T27823] ksys_write+0x198/0x2c0 [ 2654.162393][T27823] ? __ia32_sys_read+0x90/0x90 [ 2654.166986][T27823] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2654.172888][T27823] __x64_sys_write+0x7b/0x90 [ 2654.177308][T27823] do_syscall_64+0x44/0xd0 [ 2654.181559][T27823] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2654.187295][T27823] RIP: 0033:0x7fb257acee4f [ 2654.191540][T27823] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2654.210984][T27823] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2654.219233][T27823] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f 18:24:46 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) r3 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r4 = openat$cgroup_procs(r3, &(0x7f0000000300)='cgroup.procs\x00', 0x2, 0x0) r5 = getpid() sched_setscheduler(r5, 0x0, &(0x7f0000000200)) sched_setscheduler(r5, 0x0, &(0x7f0000000040)=0x8) writev(r4, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1) r6 = open(&(0x7f0000000080)='./bus\x00', 0x6fe44da629969272, 0x0) r7 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r8 = syz_open_procfs(0x0, 0x0) lseek(r8, 0xf36, 0x0) recvmsg$unix(r8, &(0x7f0000001680)={&(0x7f0000000280)=@abs, 0x6e, &(0x7f0000001600)=[{&(0x7f00000016c0)=""/20, 0x14}, {0x0}, {&(0x7f0000001880)=""/196, 0xc4}, {&(0x7f0000001480)=""/102, 0x66}, {&(0x7f0000001740)=""/257, 0x101}, {&(0x7f0000000100)=""/38, 0x26}, {&(0x7f0000000400)=""/41, 0x29}], 0x7, &(0x7f0000001500)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00005a5e8800180000000000000040ba491d38e5ba54000000000000", @ANYRES32, @ANYRES32, @ANYBLOB="ca3c6fe80000", @ANYBLOB="000000002c000000000000000100000001", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r3, @ANYRES64=r3, @ANYRES32, @ANYBLOB="db000000fbffffff0000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB], 0xc0}, 0xa101) sendfile(r6, r7, 0x0, 0x80000041) [ 2654.227044][T27823] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2654.234857][T27823] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2654.242669][T27823] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2654.250478][T27823] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2654.258295][T27823] [ 2654.270856][T27825] loop1: detected capacity change from 0 to 16 18:24:46 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 78) [ 2654.292170][T27825] FAULT_INJECTION: forcing a failure. [ 2654.292170][T27825] name failslab, interval 1, probability 0, space 0, times 0 [ 2654.335177][T27825] CPU: 0 PID: 27825 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2654.345268][T27825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2654.350968][T27827] FAULT_INJECTION: forcing a failure. [ 2654.350968][T27827] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2654.355152][T27825] Call Trace: [ 2654.355162][T27825] [ 2654.374080][T27825] dump_stack_lvl+0x151/0x1b7 [ 2654.378588][T27825] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2654.383886][T27825] dump_stack+0x15/0x17 [ 2654.387878][T27825] should_fail+0x3c0/0x510 [ 2654.392131][T27825] ? security_sb_alloc+0x3f/0x140 [ 2654.396986][T27825] __should_failslab+0x9f/0xe0 [ 2654.401586][T27825] should_failslab+0x9/0x20 [ 2654.405925][T27825] __kmalloc+0x6d/0x350 [ 2654.409917][T27825] ? down_read_killable+0x250/0x250 [ 2654.414955][T27825] ? __kasan_kmalloc+0x9/0x10 [ 2654.419467][T27825] security_sb_alloc+0x3f/0x140 [ 2654.424153][T27825] alloc_super+0x172/0x7d0 [ 2654.428495][T27825] ? get_tree_bdev+0x680/0x680 [ 2654.433091][T27825] sget_fc+0x236/0x640 [ 2654.437083][T27825] ? test_bdev_super_fc+0x70/0x70 [ 2654.441949][T27825] get_tree_bdev+0x28c/0x680 [ 2654.446371][T27825] ? erofs_release_device_info+0x90/0x90 [ 2654.451844][T27825] erofs_fc_get_tree+0x1c/0x20 [ 2654.456444][T27825] vfs_get_tree+0x88/0x290 [ 2654.460705][T27825] do_new_mount+0x289/0xad0 [ 2654.465037][T27825] ? do_move_mount_old+0x160/0x160 [ 2654.469985][T27825] ? security_capable+0xb2/0xd0 [ 2654.474671][T27825] ? ns_capable+0x8a/0xf0 [ 2654.478840][T27825] path_mount+0x60b/0x1050 [ 2654.483091][T27825] __se_sys_mount+0x2d2/0x3c0 [ 2654.487603][T27825] ? __x64_sys_mount+0xd0/0xd0 [ 2654.492292][T27825] __x64_sys_mount+0xbf/0xd0 [ 2654.496717][T27825] do_syscall_64+0x44/0xd0 [ 2654.500970][T27825] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2654.506696][T27825] RIP: 0033:0x7fc55e52a5fa [ 2654.510953][T27825] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2654.530393][T27825] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2654.538642][T27825] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2654.546453][T27825] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2654.554266][T27825] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 [ 2654.562077][T27825] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2654.569888][T27825] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2654.577709][T27825] [ 2654.585494][T27827] CPU: 0 PID: 27827 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2654.595561][T27827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2654.605457][T27827] Call Trace: [ 2654.608582][T27827] [ 2654.611364][T27827] dump_stack_lvl+0x151/0x1b7 [ 2654.615873][T27827] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2654.621166][T27827] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2654.626377][T27827] dump_stack+0x15/0x17 [ 2654.630445][T27827] should_fail+0x3c0/0x510 [ 2654.634650][T27827] should_fail_alloc_page+0x58/0x70 [ 2654.639656][T27827] __alloc_pages+0x1de/0x7c0 [ 2654.644086][T27827] ? __count_vm_events+0x30/0x30 [ 2654.648875][T27827] ? __kasan_check_read+0x11/0x20 [ 2654.649999][T27832] FAULT_INJECTION: forcing a failure. [ 2654.649999][T27832] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2654.653715][T27827] ? __vm_enough_memory+0x118/0x310 [ 2654.653738][T27827] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2654.677238][T27827] ? shmem_swapin_page+0x15c0/0x15c0 [ 2654.682359][T27827] ? xas_start+0x33d/0x410 [ 2654.686610][T27827] ? xas_load+0x2c7/0x2e0 [ 2654.690776][T27827] ? pagecache_get_page+0xcc8/0xdb0 [ 2654.695811][T27827] ? page_cache_prev_miss+0x430/0x430 [ 2654.701016][T27827] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2654.706409][T27827] ? lru_cache_add+0x273/0x530 [ 2654.711001][T27827] shmem_getpage_gfp+0x1487/0x25f0 [ 2654.715949][T27827] ? shmem_getpage+0xa0/0xa0 [ 2654.720376][T27827] ? fault_in_safe_writeable+0x240/0x240 [ 2654.725847][T27827] ? __kasan_check_write+0x14/0x20 [ 2654.730792][T27827] ? shmem_write_end+0x786/0x8a0 [ 2654.735566][T27827] shmem_write_begin+0xc8/0x1b0 [ 2654.740251][T27827] generic_perform_write+0x2cd/0x5d0 [ 2654.745375][T27827] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2654.751015][T27827] ? file_remove_privs+0x690/0x690 [ 2654.755960][T27827] ? __kasan_check_write+0x14/0x20 [ 2654.760908][T27827] ? down_write+0xdd/0x140 [ 2654.765164][T27827] __generic_file_write_iter+0x25b/0x4b0 [ 2654.770632][T27827] generic_file_write_iter+0xaf/0x1c0 [ 2654.775839][T27827] vfs_write+0xc8d/0x1050 [ 2654.780008][T27827] ? file_end_write+0x1b0/0x1b0 [ 2654.784694][T27827] ? __fget_files+0x310/0x370 [ 2654.789206][T27827] ? __fdget_pos+0x1fe/0x310 [ 2654.793728][T27827] ? ksys_write+0x77/0x2c0 [ 2654.797974][T27827] ksys_write+0x198/0x2c0 [ 2654.802141][T27827] ? __ia32_sys_read+0x90/0x90 [ 2654.806737][T27827] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2654.812640][T27827] __x64_sys_write+0x7b/0x90 [ 2654.817067][T27827] do_syscall_64+0x44/0xd0 [ 2654.821320][T27827] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2654.827047][T27827] RIP: 0033:0x7fcbd55afe4f [ 2654.831316][T27827] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2654.850747][T27827] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2654.858992][T27827] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2654.866804][T27827] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2654.874615][T27827] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2654.882429][T27827] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2654.890239][T27827] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2654.898058][T27827] [ 2654.900926][T27832] CPU: 1 PID: 27832 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2654.910998][T27832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2654.920881][T27832] Call Trace: [ 2654.924003][T27832] [ 2654.926781][T27832] dump_stack_lvl+0x151/0x1b7 [ 2654.931293][T27832] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2654.936590][T27832] ? __kasan_check_read+0x11/0x20 [ 2654.941452][T27832] dump_stack+0x15/0x17 [ 2654.945450][T27832] should_fail+0x3c0/0x510 [ 2654.949697][T27832] should_fail_usercopy+0x1a/0x20 [ 2654.954558][T27832] copy_page_from_iter_atomic+0x433/0x11c0 [ 2654.960202][T27832] ? pipe_zero+0x4d0/0x4d0 [ 2654.964451][T27832] ? __kasan_check_write+0x14/0x20 [ 2654.969402][T27832] ? shmem_write_end+0x786/0x8a0 [ 2654.974175][T27832] generic_perform_write+0x343/0x5d0 [ 2654.979297][T27832] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2654.984939][T27832] ? file_remove_privs+0x690/0x690 [ 2654.989886][T27832] ? __kasan_check_write+0x14/0x20 [ 2654.994918][T27832] ? down_write+0xdd/0x140 [ 2654.999171][T27832] __generic_file_write_iter+0x25b/0x4b0 [ 2655.004648][T27832] generic_file_write_iter+0xaf/0x1c0 [ 2655.009851][T27832] vfs_write+0xc8d/0x1050 [ 2655.014018][T27832] ? file_end_write+0x1b0/0x1b0 [ 2655.018707][T27832] ? __fget_files+0x310/0x370 [ 2655.023390][T27832] ? __fdget_pos+0x1fe/0x310 [ 2655.027814][T27832] ? ksys_write+0x77/0x2c0 [ 2655.032071][T27832] ksys_write+0x198/0x2c0 [ 2655.036240][T27832] ? __ia32_sys_read+0x90/0x90 [ 2655.040837][T27832] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2655.046746][T27832] __x64_sys_write+0x7b/0x90 [ 2655.051170][T27832] do_syscall_64+0x44/0xd0 [ 2655.055425][T27832] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2655.061146][T27832] RIP: 0033:0x7fb257acee4f [ 2655.065403][T27832] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 18:24:46 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 68) [ 2655.084846][T27832] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2655.093089][T27832] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2655.100909][T27832] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2655.108712][T27832] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2655.116525][T27832] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2655.124337][T27832] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2655.132151][T27832] [ 2655.344353][T16764] usb 4-1: Using ep0 maxpacket: 8 [ 2655.349434][T27836] FAULT_INJECTION: forcing a failure. [ 2655.349434][T27836] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2655.362286][T27836] CPU: 0 PID: 27836 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2655.372341][T27836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2655.382230][T27836] Call Trace: [ 2655.385357][T27836] [ 2655.388130][T27836] dump_stack_lvl+0x151/0x1b7 [ 2655.392656][T27836] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2655.397938][T27836] ? __kasan_check_read+0x11/0x20 [ 2655.402801][T27836] dump_stack+0x15/0x17 [ 2655.406793][T27836] should_fail+0x3c0/0x510 [ 2655.411048][T27836] should_fail_usercopy+0x1a/0x20 [ 2655.415906][T27836] copy_page_from_iter_atomic+0x433/0x11c0 [ 2655.421550][T27836] ? pipe_zero+0x4d0/0x4d0 [ 2655.425830][T27836] ? __kasan_check_write+0x14/0x20 [ 2655.430757][T27836] ? shmem_write_end+0x786/0x8a0 [ 2655.435523][T27836] generic_perform_write+0x343/0x5d0 [ 2655.440644][T27836] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2655.446286][T27836] ? file_remove_privs+0x690/0x690 [ 2655.451232][T27836] ? generic_file_write_iter+0x9f/0x1c0 [ 2655.456619][T27836] __generic_file_write_iter+0x25b/0x4b0 [ 2655.462084][T27836] generic_file_write_iter+0xaf/0x1c0 [ 2655.467290][T27836] vfs_write+0xc8d/0x1050 [ 2655.471457][T27836] ? irqentry_exit+0x30/0x40 [ 2655.475887][T27836] ? file_end_write+0x1b0/0x1b0 [ 2655.480573][T27836] ? __rcu_read_unlock+0x7c/0xd0 [ 2655.485446][T27836] ? __fget_files+0x310/0x370 [ 2655.489959][T27836] ? __fdget_pos+0x1fe/0x310 [ 2655.494382][T27836] ? ksys_write+0x77/0x2c0 [ 2655.498634][T27836] ksys_write+0x198/0x2c0 [ 2655.502803][T27836] ? __ia32_sys_read+0x90/0x90 [ 2655.507402][T27836] __x64_sys_write+0x7b/0x90 [ 2655.512086][T27836] do_syscall_64+0x44/0xd0 [ 2655.516344][T27836] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2655.522068][T27836] RIP: 0033:0x7fcbd55afe4f [ 2655.526326][T27836] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2655.545863][T27836] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2655.554097][T27836] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2655.561910][T27836] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2655.569724][T27836] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2655.577533][T27836] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2655.585351][T27836] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2655.593164][T27836] [ 2655.604315][T27836] loop4: detected capacity change from 0 to 512 [ 2655.612910][T27832] loop5: detected capacity change from 0 to 512 [ 2655.652473][T27836] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 18:24:47 executing program 3: openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0) r0 = creat(0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, 0x0, 0x0) r3 = pidfd_getfd(0xffffffffffffffff, r2, 0x0) connect$unix(r3, &(0x7f0000000500)=@file={0x1, './file0\x00'}, 0x6e) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10) sched_setaffinity(0x0, 0x0, 0x0) fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f00000028c0)={0x0, 0x1, 0x0, 0x3}) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={0xffffffffffffffff, 0x18000000000002a0, 0x7, 0x0, &(0x7f0000000500)="b9ff0f00600d69", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x48) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002e40)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000480)="6f97ded0f6e6e401a209cd7b81a07a190f796be3e3666c20d020c7e5d97067293060a032ac81c32c5262d87c02293e569027a150481acc7a2b62db2dba70c542231829ce63735e41c03a0510f5317d06e379c94c3330cb680970c82ecec62f5dc9746b83c6f7093625901f19a7f6cea959ba7daaaa8b2ceaf7f3af798090de3180765bf567a42f4f9eb0d1fa55ef5d2158b4ed1150384b1a715f0e566562c890507c0cc247acb8314c51806dc8", 0xad}, {0x0}], 0x2, &(0x7f00000029c0)=[@cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xffffffffffffffff, 0xee00}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r2]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff, 0xee00}}}], 0xa8, 0x4040080}}, {{&(0x7f0000000580)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000002d40)=[{&(0x7f0000000840)="5d207facdc2d0e0d8848f861e0af36deb7527804c65cf2455b9156bbb98fe3eefef25fd43be157c4672e5f7953a6ba56beb9b864c80bae3fdb020bbeb530c0b2ca6067109fee776dbb52d2276ecefd6977b345ac7f6706c082896baff48064691b9cf826973676b0401082219d778c63774fda286995db48c2173bf85f5c6dc9097dfe775b7f4c1246c9b8bddf229f510b36b5cfca42be053ee6fae1171cab22e51c19044284733006416d4cfdbc834158ad2d432838986e6b332a03f9c32f2e0b24aa5471f06917f8e4be3064dc5ba80b25320efd79adc9a11af683fb8e2ed952e4bbefef873d", 0xe7}, {&(0x7f0000000940)="a3fb2fdfb92fe6f72ba22576595a16c21c222edc3036a3d9bd0b6f53c9ee8c3b54b4402eca5d17d9b766c8f8580a712a1d5ae2b3db8d820fa5b5a207a08cf1a0af2c388db573d3c32ac8670b7f9dccd9e43b797a161bf450e005e137e16b6e4d7382f989a7520d790a8ef1c9927d3b2c9e644f158a7f38c7e7b3fe32cde5506fb2d6378f50246187eec7d85f2a7d0fb5feb985a10d9cac38117e503807aba5471fa1413bad56e2dfc2ede3fd8dbdd7fa068eb0e746d06e4b1a8f4c4b905919021b4e50e4dca19613adca5c5d7445a54d57568378700d944d9f5037a0232780f761dacc5bbe1c9b378b074dc3350d8f57e38e0e5a36e041407e57805cb0fdfe54e93be6773594ae78bcd9b353f6cc03ec956a1bdd1c5cf1ef35a39c96d9dc2a474fc3082dc33af5fa2aafe57696a936a31bf8974123d624e1fb43b920103569c79daba59df975106884e6db20f9ecc232312f33d36bbb7c7f63ed3b7d9bc50b07fc697e77227d9c6bee82ab4b7fc383b0355edf1908542e3a88171639c2f45dea627c1ca18d8f4594ba2c0f9089899fe052a0d52aee255f43dfb22e06bea4d0b57054773e5a7165b7e7515a5243c661d607d26ba2a2bdf6d05630a935d0b52ca6f86f06632cf350d651da12d6b6404d9967856aeddc0239cc8a5d0a6cdf96e31dd9bacdd35399772929e7124fdb1c87dc652be34a5935771b849d4e177cf3edb1f73499440f06aa84fe8396665692141bff0c2103903ad632ebede0f5c043cabf70d7c2c80b5f842987a40fcfc1dcd6ee767ecf2dd718ace56341a8c935c70d13fec303bd7331d39e8ec4e4d4169430f8f576fe8a58e86598a6b725484077c7662e600fed0252b3a722886394d7b288272a2b45aeadc65659775ed5743a0bffd765768caa77202de6a051106f44341f7b454530f72f109eeb4a5c34b01c7a2a4e0c8b2e8b9ec1e9890b46beada38b7eb4f0e9cf8e5a4ec246bdc8883bbdb113d458015b12f4b037005e48fa3cb30be1ca0a478590e365bb378a500ce0bb06af00709e14ba113e8a279362bc35e9ef4ce2d65e5cda70ffd189a7792019fa8063a67da76690a13b153a08689bdcd554eef440a71ce0157e51c5144bcf27c06f95306a50f0fda4264d84fc474b543b65902116f44f33d69fad247abf4433f642d437c943d98d49735037edb104ded7c41ef0a10d1d3a9db57251f60e2195d115e81a33dced341e06602271590a1c1444635dd0493d2b49f441e84bbe1f3d7102f9d8eb325809e9a3c080095cd56c1d70ae1ad0fdb7af809b01292a5a7120a4aefbbc27ebe3296d3f7822d1257d2d9cdfad5b7e405e99471a414c7746c45a73af937a1e6f60f20bf6bab1c8681407ff41624832371b646623eac0177582bd3011f6444727e8131f29fa756499e095695be601a146c902e0718169d9c1697bdabaa5bc374e9db64cd5b7b8da02cb64df5b566b78e949094e970c6b6ab29d6b9101fae663460b49d36554a29f262185670e09fcb5d43dcc00ddf3d7e107b42bea1f8269dce3c7a3cc4ec8d60c8c0e204f7e1e3962ad8e32c3c18ed4d53bc881d1c47515253b522d40483a70d58d757828e630e82655df7d6ef5394b10524fca5fdf04d4349312488bce1ec98c5b8de11947f06f57ba5f3021958924c1b1260a332b83adddd3ba2be1543a8fee0e2f88b4d5a6f13225763b11d2d81edaf76ebea46446dcbb8d2d61ebfac264d4dadb9b0cfcd7bda5631e0eb86150310f9edd4e13fe18c8bfbfe2928494098b1127e4c6f14f8d3c8a771f1823be1444d2984afd1094aaf38ccfd168c4c9fa8cb0986f0d07586e96a506dcf7050e1c7581623d8915f230af6dd4fc3db985986ab364ee517773cc052de9d7eeae8f9ddef3ac06dd8c160f799bc98f4f0a8b05863a9e3d9e1b360159c838be38a29ed7704f2ca609a1b3249ce1c93e306ed9fb973c70179ed5bfb8b5bd411b67ab920d4ebca4b435e8bd169a38175384a4bc7936935ba68a30ef011bc884c6e8e738f39888d18e8423ee7ebab33048a9a371cc76d5c68ffdcf521b24bafb0e58e054a6309d0fa4009d9defdacd1f5a944272f44a78e413830308c11625f9b977552de20e23f4184c9d05d5c2f0fd6c08b179e1598ee40bfbbec119e8c5766f622e85be34e583488975ed0bb4276da08d589ce1e56a50c6e6ddbef02833eb691882061571d374f2e3bc9bd38d0606f8e7eebfbfe5dd956a3dca783b63e788386261a445afe036211e636db7132d16fcf717a8050278d34270387318b0c064cc6fc08cf5df48a31a1858c0f238a766ef0a0e5a57b2721b908564f81f9d862ad28cc87a446549dadca99fcfa51cfcc88aefcdff35ad74dd2a1c44f1b9cb6e76e3536298935b3e478791a9b359ddfe90279337b00fff2496f1de034228e16742630c6a3246a2b29e4760c2456741600c284fa11ac47cbd1387cde6cd85162fad9dc8897bbd059cc7ae726208dcf6aa3841444574f76f6ab1d532938e752c7d502e8e9d3a9da30bb4ef3e26426ef7bc80a250b76814ac43140bfc5e1bde3eda9ea9b25f30bbbbddd80f6a4b239aacb6604c5413456aea4cae10fee0945879f02514b1493ef1ce84bae47d3ce341fb22c91bbdf76b2f57d7c5fc136ef0a9428b4c2e1fb52bedd79bc3d15205e266a58091cd9038ba18a577b7b12271c756983e845df4182acfd815b0a5a67895a78c7282688b1260e5f8ca372c531c6cd5d205d3b7397f6bde28597bbab633536b5595fdc5eede671ecefa7be5a2c8aa0c2116bdc8ca310e205f2ccb9f939228df09aaa572d2e566c98312ca3c1d1f7bfa24837c73d3e1af6981207249708afd67bd2d8232428403b251604252df616323a57a7120297c380c7f41f835f8201248295dc5f9d1ff6ab073699ab2bf90426729f2cbd982a55d99b2bbe715a89a4ef6ab5d3532eb24547a349ff05b12720c3ac0a56fd7a282f6538ddf64fbae03b55648775d2dc52a2b987fb38fb5a33f55cc0672912c4942b59f15da1f4e72007aa5d1af2bd987bb9611582861aaae11f50b9a91e9aa4f964e2cec1a699a6ebd44545d9f376c4cb4d70fad6e7fed6f1fb4f88e15abe5c92f5810c62eec568fc0d37f02e902cacee2846e57fc9bebf32a4c042bba616c857bd447667214933e63bbe3b48706c8d62588c0937abd51048bb1c565347d313a4d2acc135def73dcedc598f7ed0e6b41d2165cde5e4b8e8d6244c9d63411d694da185ef099e7d4fb92bb412236a20458d98c38311632d7393b48f4af6bc0d16403450c6212b1fb7504f883c7351a1a7a9d69d957c543b4fc751f642658fbfdbc67e25916fb4e63be1a4f03e5f8e7b31d167966be3eb4978e3d78e2d399a5ebca00c7cea334a3cedbe5ae4c898714e2e3b25761e22ae61cac8edeb8806f58dd39b77752ee3037cbf5d2aba1c1fbdd3ebe950138799a2b677b0216be4482b3e8b58ba5a6946753fd295360af1b573068dc345eafe78b2bffc47f6a150a4e18217ffad05c091acdeef0d691f184bd87f1a5409479be1e23370405ba532138e5fae001f461d5431f63c99a323e38e79c08439a3322964b89428f48c2989ecaa447ebadb13fb6591902c2e1cd995ed3f900b5fcf9e7586c7f8a9ca69edd57dfff6d3666faeb64fcb6c569611a529f55dd93b6cacdc81f2c4ece1bf0ff1d0643a9edfc2907ebfaca0fb43ffadddd92a98a3d82c01933ba594d2dc5213df57d561910305622f9a7b674adb7a186a13f989276ea35b03b383ee7625f1e4dd73e54609787414c0a1dca3f8eb6fa848a16b5a244018e32abf1df8c4a3e010d6c4631d380c0b4e98e17de95d96b30595f35a1af7912e1232559231df63d7f1f6722ac837aab92d4748a06d99eff3f243cc536289fdd160c28846ac47cffe6e12b826d68d688f36d809427b992f5495917f359a432afb811a2d055318f837e93c153e3cc66389baaf95182a1190363c8c481a094732a6f1b083b51450c2c0ee5f953c0407f7b894360596d00bded578953655da7d692be278e65214dbb511b277f861c8618e0e096e0260ea02bbbe089f60b15afebc01285e54946599c1684c3b311a37f1f189b1e09cda22d49bf80625f2b205b71eabc8e5410da8eade80095360d006af77a3041134dea3a5c6657a1140d596fda35f11aa4d0617e3c04d55faae311b35fabe3e848a740424a648e04f2642de4f0963a1aa7cdcc752416e4132cf8da8c7a79daafc75afcf2f9dcebcba9ee368f672d03f4b69e7023852cdef7a4ab1e1461575468fb58bb36b94fab87a22660ac266c892ce71abf8f34940b079e99a6415abd545fa50923535be3e32eae19844ca89b964b92847d8166986d79d2139ac2146efacb2422094036e2bd0069b7dbb1e6bf0f03027e7da505c3a7abab8b4a5888d78720fdd285851755835a5f662224cab313032d2cb0512f737e7827c0af5d9a9872513b3e62481b7de31d21870aa4351c118377754c2ccaef5e5dba3f2a8e91d8e4a7f250c69ff80f0252348beb9420c248f860409cb9554d6575a858b6476b033cdc156edf15be36e2b2f1536d4f361fc417a2a2f56d076ba28382497e3e1546b933c15e427a2dc69d8653c58b5177af2a15e806415f511729c30afd4ecd17a8790e1280defed980b0680d5a4e6215ef89005adae40675bb5c17ced3f9e06cda551843c5b099fb65ed6a3d3f481f543be07ab8c9271a90da034b505b9dfef83b6f0bd6995e1c81a5bdaa3e093b399f2a7a224f8fe7863f1cc3e982d71fb23ad92d8f972a38109a4e1cbe9e04307c0741e829f05303140895e845ad4332895c665e0c55afcec954923b43fac75523870ab37a8d8d846f752962dd71e1c88920bf6071dde5760a192178b2c218e600204fff720d149e82f1143681d8501103740158291f6fe0c77535d65b80bd08a1087e8921265bc77c2b42f996c495d38d67d23dcde444cf3e2d87ce02afa3a4ef28d1d50d449becf0622d5bd393542f82cca7f03e62d3409ec5a9b93ed1636c290208c31ede73ff1a03afdf5b4b1f0dad0df9d7d2a79a1d2e6a03c04f7bfbb8ea77a6f5fce6103bd5afdf781a6217ccc2992eeba8d4b5bb20f67ca5ac3986ea042cfb2f25a946bce4485f9d62555d1d9c90f493767a0bc6a0d5eaa3660fe383451ec40514aa57b96ca5a556ba5745468a3a5ca08e3314a65ef7ecc3975e3290db24f3b2f091d3313562c20c0e569489699181d5d79d96cdba523329cc944c93ae492fc262f05a8a7bcdc0cd233d0d716fd8a870fd449299b5d8756e96e8fb75dcb687058555cfc0103bf3aefe1c301aa33a7acfc46089a4e2f90f601b1dce3909aa7855b54331719a2d8ce58941da3135c70d79c75e0b3be5ff6580905e7ee8504414a0517efe8c95ec2b1e619788aad82c3ee5d88cbd89bd51e562d0aeb96e43ccd1117a749c07259a0d874398f93acd3031dab75a288a689b4c66cbe0ee694372c344d3ae16150c371f40afaa885402aca60941a587459664f8c7abbca4bf338c1af4ed515f113b5b3202713a09c4f02073dd49d95bf0b5d1931093faa0659ac51bd659575a2f3638fa3714f2fb31881693", 0xf74}, {&(0x7f0000001940)="b5600b34543ab5004a7b26658247d5150a9ff5be44da35ad690f36e63ce9629f053e1e524618ed96f720f91f107035ea6301a6a6eeb4dab5f05e111317b1560a6fc4e8b5a5a24946445413cac951cc2c64ec9c886e8e7c3f1c817e6df3f33b97166fc35a1530a0954aad72abc663fec9b0c3ab0f127a25b2dea7719addff5d8446b8a8cf46d437127882c2a7352f5e1e27821f302d25f3f87a7d2c8f26f91d928e8a6ab1469510c920a4d7b16ef8c4d6504f0576f6a79f8f0f58184e69f5a9c5f405262e6758fbd7af868d3c4fdbe62382c592f41f9f4a4c3629811f9195a2898a6dda8d2435094c89ca7bb51397b3faf5c5c41976b265a267cbcf54564c39e45723928f816f01f479c1a3d03a43632d267ac094d83734c5616699f59f8bf14e6ac0e32730de08c192f251101871b16f19cd9d298e2c175216877e780761b54a8bb480a53384a105d452f599beefdd95f04851a63f62f32ea91503cc380d1e9e3ede61388f932989c65f1a78a7c1246c71cdcaebe47dccedfb168d61150ad5c10d8472c1241fb245f38e51f9efdfac038d885e3014dc3930da233f666768bb781315d47e41688125faecb83554161a906fd864c5a2fc67a3d9b49f781609bde0aca9a65fa52de09ac7234a147ff10c3cc47d8e161d1a331b44fa9e1f0a796ff2c7a72c17112c756168e2cc341e5f1e1948e5fa03f848fff3cbf6f2e9408d4874cc56150dc119fd265c83a5eada288f4e79b259b6289612782b21871524ddf0512383cca58df14391b13364804ef853fc389d5a9d63bb9aaeff3a9579eb6af679efa0aa9ab7bb254d396f68eefa64b353884a75e06c344f648c747295c3714593f6fb7ca5e0f4633ea9d07b85130d22293d349da612c5409299fd4556610a612aab90201104d213c30df4369dd24bf538c3b42b6176fed5a3a304a268aa46ea1bc7763d03d25d237d84eded09b833952065af9d430dbea89da7785aab298fad3000333279f64291b1504c6066db14d26ea358b8b9dacbe0be4138be2813dc7552f56c4cd5ea552dac9d06a1d44e68979775e6d7593c0425f0de9572f32e3bf2aca3b397419808122098a2a760e2056398c3d1cc0cb461a80d7e75d10fe083ed84539fe0c00f246ec2ffb95dd6f10a007316b577ec44d83e79ba3353f515f082de6a122a7fd26c0724797bf0a9119e64eb3eb4ba204c1c5d8d1909c4be3a34490b771bdaf7506d29c8253045add8279f6b0eb79055dc14b9c4a443c61a11055b8de9205bcd841b86d385eb0e5dc7127a7af848baaf3d1c242a4a8b6d3efe879580ed445a5ee51804aaf6999e605788dcda64181c7d66c68ccc9288ba2516d6d1d3fec6e72dd736486efcc1f0016d4efc1ffeca1e17f7c32f8cc8dead7570b1d6e0f21619dcd88d10d34d9332ad07c0df03da549d61b2238607cfdc6d093d0ae1abac496519c2bd2a1fdd96cbc60a48cc62850878393dffabecd5371abe6a9fe510416931713994fb6f30c9895101ecc0b201e2b6fedb4240b2bc9dd8675061fdc81a42cd8919ba39a75c866871553309cac3651623c8d25fd21a6b6531365913314153c27b394a43ba10bff39ee6ca83c2bed0d1038d63e655e9ac466a8ac978c2efdb5c1d4620a56bf808c314136501932a44bdbe881fca860e1a65fac8be8b6a1aa2e2716a62695e99b27a68a2b2db1dcb6324c693347c911e682e61d29d1cd2d5e1befc72ca04369d0d0dcd3339ff0f079b6dfaf217c8e16c4217520cce78a8b01edb23e90b863d80fe7c7fc066ea9a951e7790dbad30b4d7effbdcf3f1dca779185870bfd5a10bf5bde5253cd22a465a498c72d76a5bd1983741f456b879cc95b7826f7bceb1fc39359df6d33d0e8968fa230c3c19533da8eff19d2d773fb61e4eb8a05408efdeb95e7127d0e8f873aff29c0a8e3eab183cce7a96ad48e0ad7e5aa6ae2bdaf3f775c2cc47379af2d6020e6076dce257c12fe2ced321d34ed7629f91e027fb25e50e478337758b3c8f7867c8a1f6859a5f9f4bfed90595436ba655c3902b90444301ffc376992da9ca1ed4c22f8ec8f083675d71b59cebbe5338a65a7533bcfda1c26415078972082a8966369b112b8ea97963281fd28fc6e9306369f11578eb4ecd7aa0df65864870f16acd183f0e35d1c9ed3c7b0756e6d7deef7c5da8e057264e754f5365cfcc40c09695be364ba23393b0e3fcfc0ea6290d427663a91fd957928839af4253d77797b4cf7a32ab5b79dbe7ab0ea7aa1d019f82d7fb994deca0d0da9cf95d0d7b190abcaf6ac4da10bebb2667ae32b193a4bc150b5ec7b85e88ae079484df79aa65b6f793e4aed7c7c82f908136e71caa3440347f990bd852888bb833cfbfe2854fb9189d6c2367aee183e6aed398725456d245f0e15c302cf6e607bd540c0f6007d1bd788b628a635fae6730fad0ac5eeb1ee150fc79d18201425afb577f1fae7c240aa9e7d81a11e64e08cea0d00234f806e6847dbbb79787b23d783b84d423f12ded22f211e0fef9693274689ef1f06313d4dc387ba96ccf844356de2de373b23a03b50f922571768f7cd722f081a2a2217e9307883b823f41a07d1735fb1daec47a3d687b72014599aada457dbbfb889672d7b985b9e9db7757676b749244b21f1712b3a9c901c48fccb790eb39b4f532622c6f4065e5067ca14ca3815df8eeee4988e3c92389f6bff0fbeb3c5846401d38660fb25fd401fecc865473f5a6122e6340bcb35e16fa777c566147ff98a49e72b9f2751246683ff50e7ebc91e503496e507f20074868c5609d6a9cedbdde", 0x7c0}, {&(0x7f0000000600)="9cfbb62ebaff1a1c5e6bda2380e7fd73dc5096e823e9a7d904698d4b0c9bcba33f3e00711b4f1d7cda09055306af058d2e18ede7d9fa0234d956aef5ce895b5f6d1bcbd0a2fefddecee1b8d45a54559a77db4165d3e3c6ac35ed6e5b1747ecc1263998e5e9688a0d4deb5a44905792e699541495151e5b3500a75a468cc45add13a54462ef4d3db4ff", 0x89}, {&(0x7f0000002a80)="4a6ca44d04831f376b7a7078a74a17a6c869db17f4a67fc3dec1f385698d413dcc44531042664b818b4a08e5c8e4040b209a4030b83096c9f36e80de70348e180d6f538304dd6fa49f4de3c4866f8a88682d2061b51f8b5c60b8b3814c44ac1e23ca70150f610b631ffa40228b7c440261d2a35ff92b0fe2d17bd47e0935d5da2047a0e656dc6f8f68ac6ed043fc72d437355d5cd4ca7577bc09c4c54ba6533279ca7b2c7fa66116fecec1bdf6b4ce26fcb8a4", 0xb3}, {&(0x7f0000002b40)}, {&(0x7f0000002c40)="3b394bfd11b4fc7bbc10d12d92d6db247df412ec494f129cfbb9b8cc695a516ea72631802187467dfb0546bd89a3051e01c61a771d3cdf507b8231c972982a50fa1ae06a5f0f96962bdd7029ed999069cdb43087ce3b7b693e3251d2541e41d039bf1c4d06207a52cd7ac69d3e056e72c04c2c681d62f6649480b534c1", 0x7d}], 0x7, &(0x7f0000002100)=ANY=[@ANYBLOB="100000000000000001000000010000000574f268920000000100000001000000c3cbfb771406d2b1a707329c589828acbe7504aea84eba160a2f57cb8ab5dc3dbcc537b177b5a0545e9d7a879569f784d9c3cb1b59e2c3e4cec2078169269a01dc6c0d4b8a1883840f0349e580e692016fe0a6002c3e9e8cda39e6be9adcb89b19a7af1a871668be524c961e6510aa87099850739df0969b216f1dcb0689467403e23b8a5756169ed7095bbaef9443887e6efcd18310933eecc2c748a13e039e0ae60519516c81a63112ce89495504e78f2d2d02def557638c5b92302f17de2d3dec774775bc3b2208ae6853105c43b8ee4b986b882320497d5d10006109f9f1d4d63eb61e4347f535d4af12dd2478612e8727796a352bb7ccf812691648f024f1cd9d46e5ea42b67b22f6be696f6fcfd09e1dbc7e3091de492e18bce1d81e188732b995ee35ce270d4add6957abc7782e77d8ff44d89a8f5e4e73cf97117d98870159c7bb8906bca09be1c10fec6ff42b2e259d6c95e7979994a2e4ecab71c3ae0f6224db7879cf1de27a53e125813b02c1a214f4b7c82541f12e9c75607d5dc94b75a945efbb7464934b9f86eb", @ANYRES32=r0, @ANYRES32, @ANYRES32, @ANYRES32=r4, @ANYRES32=r4, @ANYRES32=r1, @ANYRES32, @ANYRES32], 0x40, 0x40}}], 0x2, 0x20000010) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000940)={0x11, 0xc, &(0x7f0000000580)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x7}, [@call={0x85, 0x0, 0x0, 0xc7}, @alu={0x4, 0x1, 0x9, 0x0, 0x4, 0x18, 0x1}, @ldst={0x0, 0x3, 0x3, 0x4, 0xa, 0xfffffffffffffffe, 0x8}, @initr0={0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x1}, @map_idx_val={0x18, 0xa, 0x6, 0x0, 0xb, 0x0, 0x0, 0x0, 0x204b}, @map_fd={0x18, 0x8, 0x1, 0x0, r3}]}, &(0x7f0000000440)='syzkaller\x00', 0x8, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f00000006c0)={0x7}, 0x8, 0x10, &(0x7f00000008c0)={0x5, 0xb}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000900)=[r0, 0xffffffffffffffff]}, 0x80) sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x5}, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000070700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c128aee67a85995dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081963409ed2912c811ae63f03212a5331c2a4ead00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) geteuid() sendmmsg$unix(r0, &(0x7f0000002440)=[{{&(0x7f0000000300)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f00000007c0)=[{&(0x7f00000004c0)="add584d10b4928587aef60a05a9e803898c55df902fce269febe079ac554432f781939e78fb9500f7179b8a7b269cbdb5eaefb88f864d85cc58b", 0x3a}, {&(0x7f00000001c0)="040c5de9329770701bb4299b4c0b47f2ff1241b10ee5a5fa9127c1296fa633dc5f01db013d", 0x25}, {0x0}, {&(0x7f0000000640)="973df1f6d09928b94f695b88ff0d00509261500fcc979a83df209adb03cc74c0c375624f7e8de086016145083832127122714de5f6e6a24bba53df403fa764cde5b2a24462ac4ebf208b8354e589451e2856e2a38143eedb658b498eb8b366ff6a675f5b0dd87913789d785d5e11", 0x6e}, {&(0x7f0000000700)="e014a0b6f7f573f72c86f9e1cbc30a5c690989d5059bebc54161086c91d561febe6b3c2a72eded22877dd44624e6b65b", 0x30}], 0x5, &(0x7f0000000840)=ANY=[@ANYRES32=r5, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100", @ANYRES32=0x0, @ANYRES32, @ANYRES32=0xee01, @ANYBLOB="000000001c000000000000000100000002000000", @ANYBLOB, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r5, @ANYBLOB="6d32118b"], 0xa8}}, {{&(0x7f0000000a00)=@abs, 0x6e, 0x0, 0x0, 0x0, 0x0, 0xd3a897386bf428e9}}], 0x2, 0x24000800) 18:24:47 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 77) 18:24:47 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) r3 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r4 = openat$cgroup_procs(r3, &(0x7f0000000300)='cgroup.procs\x00', 0x2, 0x0) r5 = getpid() sched_setscheduler(r5, 0x0, &(0x7f0000000200)) sched_setscheduler(r5, 0x0, &(0x7f0000000040)=0x8) writev(r4, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1) r6 = open(&(0x7f0000000080)='./bus\x00', 0x6fe44da629969272, 0x0) r7 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r8 = syz_open_procfs(0x0, 0x0) lseek(r8, 0xf36, 0x0) recvmsg$unix(r8, &(0x7f0000001680)={&(0x7f0000000280)=@abs, 0x6e, &(0x7f0000001600)=[{&(0x7f00000016c0)=""/20, 0x14}, {0x0}, {&(0x7f0000001880)=""/196, 0xc4}, {&(0x7f0000001480)=""/102, 0x66}, {&(0x7f0000001740)=""/257, 0x101}, {&(0x7f0000000100)=""/38, 0x26}, {&(0x7f0000000400)=""/41, 0x29}], 0x7, &(0x7f0000001500)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRESDEC, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00005a5e8800180000000000000040ba491d38e5ba54000000000000", @ANYRES32, @ANYRES32, @ANYBLOB="ca3c6fe80000", @ANYBLOB="000000002c000000000000000100000001", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r3, @ANYRES64=r3, @ANYRES32, @ANYBLOB="db000000fbffffff0000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB], 0xc0}, 0xa101) sendfile(r6, r7, 0x0, 0x80000041) 18:24:47 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet6(r0, &(0x7f0000003840)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x0, @loopback}, 0x1c, 0x0}}, {{&(0x7f00000013c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c, 0x0, 0x0, &(0x7f0000001540)=[@rthdrdstopts={{0x18}}, @dontfrag={{0x14, 0x29, 0x1600bd74}}], 0x30}}], 0x2, 0x0) 18:24:47 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 69) 18:24:47 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 79) [ 2655.798672][T16764] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 18:24:47 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet6(r0, &(0x7f0000003840)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x0, @loopback}, 0x1c, 0x0}}, {{&(0x7f00000013c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c, 0x0, 0x0, &(0x7f0000001540)=[@rthdrdstopts={{0x18}}, @dontfrag={{0x14, 0x29, 0x1600bd74}}], 0x30}}], 0x2, 0x0) 18:24:47 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet6(r0, &(0x7f0000003840)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x0, @loopback}, 0x1c, 0x0}}, {{&(0x7f00000013c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c, 0x0, 0x0, &(0x7f0000001540)=[@rthdrdstopts={{0x18}}, @dontfrag={{0x14, 0x29, 0x1600bd74}}], 0x30}}], 0x2, 0x0) [ 2655.846740][T27845] FAULT_INJECTION: forcing a failure. [ 2655.846740][T27845] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2655.861408][T27847] loop1: detected capacity change from 0 to 16 [ 2655.867488][T27852] FAULT_INJECTION: forcing a failure. [ 2655.867488][T27852] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2655.867901][T27847] FAULT_INJECTION: forcing a failure. [ 2655.867901][T27847] name failslab, interval 1, probability 0, space 0, times 0 [ 2655.884704][T27852] CPU: 1 PID: 27852 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2655.903157][T27852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2655.913049][T27852] Call Trace: [ 2655.916177][T27852] [ 2655.918952][T27852] dump_stack_lvl+0x151/0x1b7 [ 2655.923466][T27852] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2655.928757][T27852] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2655.933964][T27852] dump_stack+0x15/0x17 [ 2655.937959][T27852] should_fail+0x3c0/0x510 [ 2655.942216][T27852] should_fail_alloc_page+0x58/0x70 [ 2655.947247][T27852] __alloc_pages+0x1de/0x7c0 [ 2655.951676][T27852] ? __count_vm_events+0x30/0x30 [ 2655.956448][T27852] ? __kasan_check_read+0x11/0x20 [ 2655.961346][T27852] ? __vm_enough_memory+0x118/0x310 [ 2655.966345][T27852] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2655.971815][T27852] ? shmem_swapin_page+0x15c0/0x15c0 [ 2655.976933][T27852] ? xas_start+0x33d/0x410 [ 2655.981182][T27852] ? xas_load+0x2c7/0x2e0 [ 2655.985349][T27852] ? pagecache_get_page+0xcc8/0xdb0 [ 2655.990384][T27852] ? page_cache_prev_miss+0x430/0x430 [ 2655.995600][T27852] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2656.000990][T27852] ? lru_cache_add+0x273/0x530 [ 2656.005586][T27852] shmem_getpage_gfp+0x1487/0x25f0 [ 2656.010534][T27852] ? shmem_getpage+0xa0/0xa0 [ 2656.014957][T27852] ? fault_in_safe_writeable+0x240/0x240 [ 2656.020421][T27852] ? __kasan_check_write+0x14/0x20 [ 2656.025366][T27852] ? shmem_write_end+0x786/0x8a0 [ 2656.030138][T27852] shmem_write_begin+0xc8/0x1b0 [ 2656.034829][T27852] generic_perform_write+0x2cd/0x5d0 [ 2656.039953][T27852] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2656.045587][T27852] ? file_remove_privs+0x690/0x690 [ 2656.050537][T27852] ? __kasan_check_write+0x14/0x20 [ 2656.055483][T27852] ? down_write+0xdd/0x140 [ 2656.059745][T27852] __generic_file_write_iter+0x25b/0x4b0 [ 2656.065208][T27852] generic_file_write_iter+0xaf/0x1c0 [ 2656.070418][T27852] vfs_write+0xc8d/0x1050 [ 2656.074584][T27852] ? file_end_write+0x1b0/0x1b0 [ 2656.079269][T27852] ? __fget_files+0x310/0x370 [ 2656.083779][T27852] ? __fdget_pos+0x1fe/0x310 [ 2656.088211][T27852] ? ksys_write+0x77/0x2c0 [ 2656.092461][T27852] ksys_write+0x198/0x2c0 [ 2656.096627][T27852] ? __ia32_sys_read+0x90/0x90 [ 2656.101231][T27852] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2656.107129][T27852] __x64_sys_write+0x7b/0x90 [ 2656.111608][T27852] do_syscall_64+0x44/0xd0 [ 2656.115809][T27852] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2656.121538][T27852] RIP: 0033:0x7fb257acee4f [ 2656.125794][T27852] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2656.145241][T27852] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2656.153486][T27852] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2656.161298][T27852] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2656.169279][T27852] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2656.177093][T27852] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2656.184989][T27852] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2656.192815][T27852] 18:24:48 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet6(r0, &(0x7f0000003840)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x0, @loopback}, 0x1c, 0x0}}, {{&(0x7f00000013c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c, 0x0, 0x0, &(0x7f0000001540)=[@rthdrdstopts={{0x18}}, @dontfrag={{0x14, 0x29, 0x1600bd74}}], 0x30}}], 0x2, 0x0) 18:24:48 executing program 2: syz_clone3(&(0x7f0000000240)={0x2004100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000000)=[0x0], 0x1}, 0x58) [ 2656.198780][T16764] usb 4-1: string descriptor 0 read error: -71 [ 2656.216073][T16764] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 2656.228160][T27847] CPU: 0 PID: 27847 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2656.238237][T27847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 18:24:48 executing program 2: r0 = creat(&(0x7f0000000400)='./bus\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000440)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [{}], "c736176aabaa68c083e0934f4d0e2db6f5b3d7ea82e11cdb0246429f37308042916a2fcb9bd4cd83cedc01f8d9dbb048df5fb6494f1e70b1984ab413015b605ab750b6223942aee799daaa159d03a4b45db2ba095412f548ba66f6dffa7f62b8907a5036240a1315e232c25a00a1ab351213ddcaca2f4d149183b4fc783a1ea822bd2248356c283497b75d526c64a4a10d1db3a65f2d90c34af2aed5c608f21866878bd03f7a107e2335a3f7f52a72717d3dbfbf84e17866868aec7d33936987eb8f692be69ec5cf3fa5697a9533ddebd7047b86c288a5aec219a8dc6284cab06741730ee9b20ea7d1a9fb01e065703d696a69c11a196554186fecf630c2b9bdb76255702c0fa3658a802891e3fcee3ab11f5ec0ee9c46efeb0f4da12b752a2e13a3c36e4f31919cdc4404d1833504091951784fca8c9b596263fee6b1cafa7be4431f67a9cbf48ec56a171a719a9fe77b7f9fefa99c46bdc067e8b5477a32655c09b3024f6917a4dd4f77fb095d06fa47aa8b8ab199c18cf101a8904d1415b63abc35ee7e6c9bb41528ef467f4be7f105779d6114923e22b3561de8825984e134d5aecbd2aea530bcc639beafec06a298605f22e801b45363b79046b86d3991880249aeebe9e81d80405bfac3c0351651692151db3d0c8ca2db3948077e3b1fdcc691bceaa30ba484b7236dc113339486d7b89df507a918d5087e5f3e242b0e5c0bbb726d36e8e106f00cb7a8a107353ab481c9a724a72dd6539acb7a033984413aa2fdf3dbeecf8ac5850e5cc2b8ec5e08c6683d108db0a5f155fc876bda4ead7174fa5e2c3a5902d1636986aecb78037e6d7ebb55d4ef2e62d0a0c49f74671d93ea4b9a125cca9e54b635c37530271933f436e36c451aea20eeaf2b8aa097647776265f7f1d8f69f2fa816bfd5df516f005850cef1d34fec93cf0a2dfa59e42bc9ad7a4c379d7fd5d6cbbeb260ee194efde03dec8f66097b2a6333d12a4971de897832cfb179786261190e864a24ca465cc13dd39fd7aa1343cd434e26857d473b256bd0471a344002ea5adab20493d8f6cf1ea7b675697328dea75b32c991b12a8f8170585cd4e78ff748ab096a94c1ccb4053e59c6e6cf26d404a1228f2c4a3e067676df3e7d33fce2ffe58ef1188bcc165859989b1e832a2e79327721f2ed116af1a4bb75e59a1f23661f7a843b817328e14c38052c8eec8932b3f6c83db58ee998d5fba5f7057f3b39db2d926867c53d9e7e00248d9ebf5e2abeda344cadda244677508215eeef271e42f94b9e9ddc740b2fbd97ff267d9ab4b657941393558af51007de29e16e4ae8b42c6211ee1ab4473ea803a3fe613b4351d8c6aeb48f12e6cf56cd4af0eadb090440ceb41a973481ded8808992eb65ea5fe1adc08da534b8079ed12a3917bbc201cd46ecf71d5c6e8fc2625fa61e8b0ff318d541eeb5b3f9f90ab231dd0f03dd67c56c5fa7a3490f9cc59e984debfb8e1c4421eab95cab7293c031caec7ec310080297a5ce5f5bba473f996c30c88d5ae3978cbd71a79ac09913d0d680c9f63fbc7bbf9f6e66f0cb6c4648d66d800305a8d06054f7489a0c4fca58643d4a571353275a6375c2195be358d90b30a226db7d6371a61297947b4d5af8c0d5ef951a464da024d9045df54f425ae12b4eb79dcbe7d412b5dd7256ced54db5156d15f5917de7cbfa6b4140425f0ab456eb6a84d00a9e3b4082d4556d0b51e8ef51bd7296645a59ee07ed59ab20f56f59dbed83b31db7063b7d0d2c83a7df1fb94af215c02f330cd0e60603a9eadecdcdf821e9bc6ba162a6a49798962d32383671dd4d70d132144fcee390796f043d6c4042e4f7b1374ae91fe618c1064df0f956ea81c8410e68377a9a8f027b7a551eb9c211469d8fdee0e3cb3c016173e96f1b13581ce82b55b440b632771e8d540f5f615172761d60b9fde87123c91b205654c8be1f03653221ab4dc85606b1178b114f0835e25394a17c48902b11c60d0813a20c6a6e7bfd7228effe03e8797beb0468d78178308d46340602b0c527f4f05ea4c71850135585decebe9ec401cca19eafc9fc69ab9d5ad404174be8561033822535a2626306008e2142658198e0983d8c7c4cdab10834125e54ba3d36e45e70fa208cfebc54e2af883cda1ba7058d53ffb87d5432d6626bdb161b7814c02c08d0d6061e8d8f8d6aebd64099c1209961b52f26378ff69362b5b2f746a9f52837595725b67551d21da1c4e1419fd0ec5f414a6366018c1d7c32921dd395a36cca7bc3de8d8a76fc3d425afe63b129f7fa2b0660e23a1a1b684aaf3d39406a63132cd926eed5b513f2fd8546b251591c51e2e4f230fe1e8ecd1de19897d1ad965e31570acd8811f3fd369fcfc48df6d5856e95a3e72bfda51cf97901e4befa35e14415433107aef436ff6249099b957503545da788b50a9e2feb1e88e7283f1708a1f2f146cd215f642fe77014f386b25a6d92a91418759d95096ead5e427ed03d47c2b9fcff8a1c8217ada7051e6233061ec6085101622254f6470227d0bc629349912655202d31a3bc1d75263c6bab968da0d0a459de1251c048d19272a08256d45b8370917dfe70cc50d3fca5f3d105cb0c64eccca0deef4a256cc051491bde751169a672e272137fdc7cfca1639b9ea4382f7fe0312b83d5e87830abe79bc537abe7a2f689d90f08b40e4166bcaaa608248a6e39cec4fa0bce8b84b34abff6d3ab25f0a93599194c105d02ece067586f77f48a9c7905bf3937f143aded01f8ed7b7ddf3cd03e5b4f60878f38be59a742c69b50a1c19cecb8233b5429f1ea4db173610cbad6b5ebf8311549feb3506600d7e544eb6eada7f45af93621fbaa6466c80125119aae8d830d4726da3d733904d94afa8a45be1284c862cefa1eb0e7dd37262bb69740f103851b03f4725b026d460ad1f27b0135caf805cb366fedc0dc301333aa5a5c33a435da6a731aee0ec321263478d5805cd5768e1ae0f464db2647fb1131af40571c244113c5eead1b96f2659c7cd54e4d398b5481bcdd6c7c64ba46ad0f6dac075a16724961355950f45dd3779999ec8eb1f00ab8468ef3f3fd3deaffb01bec66befd002b659faa01314711378cc6a1dbbb69f3f2a659bae32c4e058f0198b6581a27abb26da5d73d0f5e6db7e94838790a8ca9d7e9abc1867069b57115b5c49a61fed59cbd3643dd22a3b45f2b49a3c3cd80d8f6e7950181cd1ba57d66ef6be437c41f773d078108fa0aaf2d12b6a797f694f20611102ec75e580a52997e7cbd84ddd1fe647f12153574bfdb3644c72c0f8c6c43430b7b0d055e9cc7f351ef311d4b1d0951f8ca5b6375542bb947ff65a251941cd9534825d18d1e25ce855797fa7c7bac8d140a83913ea90c73640436ae1e4c21c02881e6bccd5795c9be890a6aaea190fd6873fa1d455ea08b11cf7c503bb8f4f9f39c2dac87de74e5980ab8ef95fca0bc2784bf00622ab7909efb269c2bbd6174817e2f12aaed8419feea21a83866a55641e85f1b5bcdf5b02d1c8c30826847aa097b1ed8e6f15431c247313d18de00849441d9ab0ac7ef3fdabfc058fd8398d76d3d277848a46d94c452ffe41a93b5d75eed7109b1a631e66cae951c3907bd644ef07e8477d9ec0d5111f7088e243ac47ab7618de9b8ac14366b34d0b021fbf05ebcd39896817ab1ec30bf5d24c66af693618be4fa937826a0f9d38c16713f04fc5d2123749a65c657c58272f9786e5a5c9c5cff2c77986b7ca7ec606d4b75cb4dfbd7bab75a5fa3b46507cbc91230942b3aef3cb79f4a10daf453f27079e800db39403a2089090ad75563a22aa63c0fd8026f5ed2cc574a65e4e02f7db0dda520f2bb06fb735c56e0f6075add4f835011ad151188476a69684c13bd0cca1372c2be4d1961f8cd535c3476a2b2dbc98cf35a6f7cbc5e8aee2e51093137d1149f78984f0785fa87fb1c417ecd6918e938817e7e6e8980312436901e59d80d4a0f823219bf1f30a7da9cc4b8bcc7eb75534b7bffcce23fb33435ca2c83a2561dd695f137db335ace61d8c0cd23b64cdf32342bef774cf5acb455bffe40361bbdf008253e978a680a67928521a79b9dae368605573bd2a1bd2c6dffcc1764ff998e8923eaa5097f1116e83a2cba326baff4ed63315c6a9290a46ad06494380c554c1f28403dc97f929bf00c119f0f79cbd0cb36acc58e5c3250fa4cf7b536478f8f580dd3ec6d088aeca20ddf5cab2a4de1afa483e9aff7f6c06b17a41596ff0fbbd20859d2691e0118f262a6b26e9db78be6bcdb92780273ef22c894a25bb7c5cd191106e74b313412f8e730af2de88d3c243798a1223d9b26e632ed9a8ada8d6ab6a081295c1d9a200e684846b07d638bf7e15d658d04f0d4e729054b250f857ece5a54e6be4661758b77074551b2eaa2186f9c3293228aa911a929baa75f244c7f6b94382baa8a6117459418d3ebf31ced793ee03dcc5e670627a15abf58f1fd36f489df15beaf0e4e64f84a3b9fb40435eab1d46db59347721d1aecdc3e5bfea", ['\x00', '\x00', '\x00']}, 0x1000) r1 = open(&(0x7f0000000200)='./bus\x00', 0x185200, 0x0) write$binfmt_elf64(r0, &(0x7f00000017c0)=ANY=[], 0x12) dup3(r1, r0, 0x0) finit_module(r1, 0x0, 0x0) 18:24:48 executing program 2: r0 = creat(&(0x7f0000000400)='./bus\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000440)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [{}], "c736176aabaa68c083e0934f4d0e2db6f5b3d7ea82e11cdb0246429f37308042916a2fcb9bd4cd83cedc01f8d9dbb048df5fb6494f1e70b1984ab413015b605ab750b6223942aee799daaa159d03a4b45db2ba095412f548ba66f6dffa7f62b8907a5036240a1315e232c25a00a1ab351213ddcaca2f4d149183b4fc783a1ea822bd2248356c283497b75d526c64a4a10d1db3a65f2d90c34af2aed5c608f21866878bd03f7a107e2335a3f7f52a72717d3dbfbf84e17866868aec7d33936987eb8f692be69ec5cf3fa5697a9533ddebd7047b86c288a5aec219a8dc6284cab06741730ee9b20ea7d1a9fb01e065703d696a69c11a196554186fecf630c2b9bdb76255702c0fa3658a802891e3fcee3ab11f5ec0ee9c46efeb0f4da12b752a2e13a3c36e4f31919cdc4404d1833504091951784fca8c9b596263fee6b1cafa7be4431f67a9cbf48ec56a171a719a9fe77b7f9fefa99c46bdc067e8b5477a32655c09b3024f6917a4dd4f77fb095d06fa47aa8b8ab199c18cf101a8904d1415b63abc35ee7e6c9bb41528ef467f4be7f105779d6114923e22b3561de8825984e134d5aecbd2aea530bcc639beafec06a298605f22e801b45363b79046b86d3991880249aeebe9e81d80405bfac3c0351651692151db3d0c8ca2db3948077e3b1fdcc691bceaa30ba484b7236dc113339486d7b89df507a918d5087e5f3e242b0e5c0bbb726d36e8e106f00cb7a8a107353ab481c9a724a72dd6539acb7a033984413aa2fdf3dbeecf8ac5850e5cc2b8ec5e08c6683d108db0a5f155fc876bda4ead7174fa5e2c3a5902d1636986aecb78037e6d7ebb55d4ef2e62d0a0c49f74671d93ea4b9a125cca9e54b635c37530271933f436e36c451aea20eeaf2b8aa097647776265f7f1d8f69f2fa816bfd5df516f005850cef1d34fec93cf0a2dfa59e42bc9ad7a4c379d7fd5d6cbbeb260ee194efde03dec8f66097b2a6333d12a4971de897832cfb179786261190e864a24ca465cc13dd39fd7aa1343cd434e26857d473b256bd0471a344002ea5adab20493d8f6cf1ea7b675697328dea75b32c991b12a8f8170585cd4e78ff748ab096a94c1ccb4053e59c6e6cf26d404a1228f2c4a3e067676df3e7d33fce2ffe58ef1188bcc165859989b1e832a2e79327721f2ed116af1a4bb75e59a1f23661f7a843b817328e14c38052c8eec8932b3f6c83db58ee998d5fba5f7057f3b39db2d926867c53d9e7e00248d9ebf5e2abeda344cadda244677508215eeef271e42f94b9e9ddc740b2fbd97ff267d9ab4b657941393558af51007de29e16e4ae8b42c6211ee1ab4473ea803a3fe613b4351d8c6aeb48f12e6cf56cd4af0eadb090440ceb41a973481ded8808992eb65ea5fe1adc08da534b8079ed12a3917bbc201cd46ecf71d5c6e8fc2625fa61e8b0ff318d541eeb5b3f9f90ab231dd0f03dd67c56c5fa7a3490f9cc59e984debfb8e1c4421eab95cab7293c031caec7ec310080297a5ce5f5bba473f996c30c88d5ae3978cbd71a79ac09913d0d680c9f63fbc7bbf9f6e66f0cb6c4648d66d800305a8d06054f7489a0c4fca58643d4a571353275a6375c2195be358d90b30a226db7d6371a61297947b4d5af8c0d5ef951a464da024d9045df54f425ae12b4eb79dcbe7d412b5dd7256ced54db5156d15f5917de7cbfa6b4140425f0ab456eb6a84d00a9e3b4082d4556d0b51e8ef51bd7296645a59ee07ed59ab20f56f59dbed83b31db7063b7d0d2c83a7df1fb94af215c02f330cd0e60603a9eadecdcdf821e9bc6ba162a6a49798962d32383671dd4d70d132144fcee390796f043d6c4042e4f7b1374ae91fe618c1064df0f956ea81c8410e68377a9a8f027b7a551eb9c211469d8fdee0e3cb3c016173e96f1b13581ce82b55b440b632771e8d540f5f615172761d60b9fde87123c91b205654c8be1f03653221ab4dc85606b1178b114f0835e25394a17c48902b11c60d0813a20c6a6e7bfd7228effe03e8797beb0468d78178308d46340602b0c527f4f05ea4c71850135585decebe9ec401cca19eafc9fc69ab9d5ad404174be8561033822535a2626306008e2142658198e0983d8c7c4cdab10834125e54ba3d36e45e70fa208cfebc54e2af883cda1ba7058d53ffb87d5432d6626bdb161b7814c02c08d0d6061e8d8f8d6aebd64099c1209961b52f26378ff69362b5b2f746a9f52837595725b67551d21da1c4e1419fd0ec5f414a6366018c1d7c32921dd395a36cca7bc3de8d8a76fc3d425afe63b129f7fa2b0660e23a1a1b684aaf3d39406a63132cd926eed5b513f2fd8546b251591c51e2e4f230fe1e8ecd1de19897d1ad965e31570acd8811f3fd369fcfc48df6d5856e95a3e72bfda51cf97901e4befa35e14415433107aef436ff6249099b957503545da788b50a9e2feb1e88e7283f1708a1f2f146cd215f642fe77014f386b25a6d92a91418759d95096ead5e427ed03d47c2b9fcff8a1c8217ada7051e6233061ec6085101622254f6470227d0bc629349912655202d31a3bc1d75263c6bab968da0d0a459de1251c048d19272a08256d45b8370917dfe70cc50d3fca5f3d105cb0c64eccca0deef4a256cc051491bde751169a672e272137fdc7cfca1639b9ea4382f7fe0312b83d5e87830abe79bc537abe7a2f689d90f08b40e4166bcaaa608248a6e39cec4fa0bce8b84b34abff6d3ab25f0a93599194c105d02ece067586f77f48a9c7905bf3937f143aded01f8ed7b7ddf3cd03e5b4f60878f38be59a742c69b50a1c19cecb8233b5429f1ea4db173610cbad6b5ebf8311549feb3506600d7e544eb6eada7f45af93621fbaa6466c80125119aae8d830d4726da3d733904d94afa8a45be1284c862cefa1eb0e7dd37262bb69740f103851b03f4725b026d460ad1f27b0135caf805cb366fedc0dc301333aa5a5c33a435da6a731aee0ec321263478d5805cd5768e1ae0f464db2647fb1131af40571c244113c5eead1b96f2659c7cd54e4d398b5481bcdd6c7c64ba46ad0f6dac075a16724961355950f45dd3779999ec8eb1f00ab8468ef3f3fd3deaffb01bec66befd002b659faa01314711378cc6a1dbbb69f3f2a659bae32c4e058f0198b6581a27abb26da5d73d0f5e6db7e94838790a8ca9d7e9abc1867069b57115b5c49a61fed59cbd3643dd22a3b45f2b49a3c3cd80d8f6e7950181cd1ba57d66ef6be437c41f773d078108fa0aaf2d12b6a797f694f20611102ec75e580a52997e7cbd84ddd1fe647f12153574bfdb3644c72c0f8c6c43430b7b0d055e9cc7f351ef311d4b1d0951f8ca5b6375542bb947ff65a251941cd9534825d18d1e25ce855797fa7c7bac8d140a83913ea90c73640436ae1e4c21c02881e6bccd5795c9be890a6aaea190fd6873fa1d455ea08b11cf7c503bb8f4f9f39c2dac87de74e5980ab8ef95fca0bc2784bf00622ab7909efb269c2bbd6174817e2f12aaed8419feea21a83866a55641e85f1b5bcdf5b02d1c8c30826847aa097b1ed8e6f15431c247313d18de00849441d9ab0ac7ef3fdabfc058fd8398d76d3d277848a46d94c452ffe41a93b5d75eed7109b1a631e66cae951c3907bd644ef07e8477d9ec0d5111f7088e243ac47ab7618de9b8ac14366b34d0b021fbf05ebcd39896817ab1ec30bf5d24c66af693618be4fa937826a0f9d38c16713f04fc5d2123749a65c657c58272f9786e5a5c9c5cff2c77986b7ca7ec606d4b75cb4dfbd7bab75a5fa3b46507cbc91230942b3aef3cb79f4a10daf453f27079e800db39403a2089090ad75563a22aa63c0fd8026f5ed2cc574a65e4e02f7db0dda520f2bb06fb735c56e0f6075add4f835011ad151188476a69684c13bd0cca1372c2be4d1961f8cd535c3476a2b2dbc98cf35a6f7cbc5e8aee2e51093137d1149f78984f0785fa87fb1c417ecd6918e938817e7e6e8980312436901e59d80d4a0f823219bf1f30a7da9cc4b8bcc7eb75534b7bffcce23fb33435ca2c83a2561dd695f137db335ace61d8c0cd23b64cdf32342bef774cf5acb455bffe40361bbdf008253e978a680a67928521a79b9dae368605573bd2a1bd2c6dffcc1764ff998e8923eaa5097f1116e83a2cba326baff4ed63315c6a9290a46ad06494380c554c1f28403dc97f929bf00c119f0f79cbd0cb36acc58e5c3250fa4cf7b536478f8f580dd3ec6d088aeca20ddf5cab2a4de1afa483e9aff7f6c06b17a41596ff0fbbd20859d2691e0118f262a6b26e9db78be6bcdb92780273ef22c894a25bb7c5cd191106e74b313412f8e730af2de88d3c243798a1223d9b26e632ed9a8ada8d6ab6a081295c1d9a200e684846b07d638bf7e15d658d04f0d4e729054b250f857ece5a54e6be4661758b77074551b2eaa2186f9c3293228aa911a929baa75f244c7f6b94382baa8a6117459418d3ebf31ced793ee03dcc5e670627a15abf58f1fd36f489df15beaf0e4e64f84a3b9fb40435eab1d46db59347721d1aecdc3e5bfea", ['\x00', '\x00', '\x00']}, 0x1000) r1 = open(&(0x7f0000000200)='./bus\x00', 0x185200, 0x0) write$binfmt_elf64(r0, &(0x7f00000017c0)=ANY=[], 0x12) dup3(r1, r0, 0x0) finit_module(r1, 0x0, 0x0) [ 2656.248130][T27847] Call Trace: [ 2656.251258][T27847] [ 2656.254028][T27847] dump_stack_lvl+0x151/0x1b7 [ 2656.258541][T27847] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2656.263856][T27847] ? idr_alloc+0x202/0x2f0 [ 2656.268091][T27847] dump_stack+0x15/0x17 [ 2656.272081][T27847] should_fail+0x3c0/0x510 [ 2656.276332][T27847] ? __list_lru_init+0xae/0x5a0 [ 2656.281022][T27847] __should_failslab+0x9f/0xe0 [ 2656.285630][T27847] should_failslab+0x9/0x20 [ 2656.289961][T27847] kmem_cache_alloc_trace+0x4a/0x310 [ 2656.295084][T27847] __list_lru_init+0xae/0x5a0 [ 2656.299596][T27847] ? prealloc_shrinker+0xeb/0x140 [ 2656.304458][T27847] alloc_super+0x667/0x7d0 [ 2656.308710][T27847] ? get_tree_bdev+0x680/0x680 [ 2656.309076][ T30] audit: type=1400 audit(1673979888.119:795): avc: denied { module_load } for pid=27868 comm="syz-executor.2" path="/root/syzkaller-testdir2741201583/syzkaller.odHrbn/612/bus" dev="sda1" ino=1228 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=system permissive=1 [ 2656.313390][T27847] sget_fc+0x236/0x640 [ 2656.313409][T27847] ? test_bdev_super_fc+0x70/0x70 [ 2656.313426][T27847] get_tree_bdev+0x28c/0x680 [ 2656.313441][T27847] ? erofs_release_device_info+0x90/0x90 [ 2656.313460][T27847] erofs_fc_get_tree+0x1c/0x20 [ 2656.364005][T27847] vfs_get_tree+0x88/0x290 [ 2656.368260][T27847] do_new_mount+0x289/0xad0 [ 2656.372599][T27847] ? do_move_mount_old+0x160/0x160 [ 2656.377541][T27847] ? security_capable+0xb2/0xd0 [ 2656.382239][T27847] ? ns_capable+0x8a/0xf0 [ 2656.386393][T27847] path_mount+0x60b/0x1050 [ 2656.390647][T27847] __se_sys_mount+0x2d2/0x3c0 [ 2656.395159][T27847] ? __x64_sys_mount+0xd0/0xd0 [ 2656.399762][T27847] __x64_sys_mount+0xbf/0xd0 [ 2656.404185][T27847] do_syscall_64+0x44/0xd0 [ 2656.408444][T27847] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2656.414174][T27847] RIP: 0033:0x7fc55e52a5fa [ 2656.418430][T27847] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2656.437868][T27847] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2656.446112][T27847] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2656.453925][T27847] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2656.461732][T27847] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 [ 2656.469549][T27847] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2656.477364][T27847] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2656.485192][T27847] [ 2656.490328][T27845] CPU: 1 PID: 27845 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2656.500444][T27845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2656.510294][T27845] Call Trace: [ 2656.513414][T27845] [ 2656.516191][T27845] dump_stack_lvl+0x151/0x1b7 [ 2656.520705][T27845] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2656.526001][T27845] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2656.531208][T27845] dump_stack+0x15/0x17 [ 2656.535202][T27845] should_fail+0x3c0/0x510 [ 2656.539455][T27845] should_fail_alloc_page+0x58/0x70 [ 2656.544487][T27845] __alloc_pages+0x1de/0x7c0 [ 2656.548917][T27845] ? __count_vm_events+0x30/0x30 [ 2656.553690][T27845] ? __kasan_check_read+0x11/0x20 [ 2656.558551][T27845] ? __vm_enough_memory+0x118/0x310 [ 2656.563585][T27845] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2656.569068][T27845] ? shmem_swapin_page+0x15c0/0x15c0 [ 2656.574178][T27845] ? xas_start+0x33d/0x410 [ 2656.578429][T27845] ? xas_load+0x2c7/0x2e0 [ 2656.582599][T27845] ? pagecache_get_page+0xcc8/0xdb0 [ 2656.587631][T27845] ? page_cache_prev_miss+0x430/0x430 [ 2656.592834][T27845] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2656.598217][T27845] ? lru_cache_add+0x273/0x530 [ 2656.602819][T27845] shmem_getpage_gfp+0x1487/0x25f0 [ 2656.607770][T27845] ? shmem_getpage+0xa0/0xa0 [ 2656.612192][T27845] ? fault_in_safe_writeable+0x240/0x240 [ 2656.617662][T27845] ? __kasan_check_write+0x14/0x20 [ 2656.622608][T27845] ? shmem_write_end+0x786/0x8a0 [ 2656.627383][T27845] shmem_write_begin+0xc8/0x1b0 [ 2656.632071][T27845] generic_perform_write+0x2cd/0x5d0 [ 2656.637367][T27845] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2656.643014][T27845] ? file_remove_privs+0x690/0x690 [ 2656.647952][T27845] ? __kasan_check_write+0x14/0x20 [ 2656.652903][T27845] ? down_write+0xdd/0x140 [ 2656.657156][T27845] __generic_file_write_iter+0x25b/0x4b0 [ 2656.662625][T27845] generic_file_write_iter+0xaf/0x1c0 [ 2656.667831][T27845] vfs_write+0xc8d/0x1050 [ 2656.671999][T27845] ? file_end_write+0x1b0/0x1b0 [ 2656.676685][T27845] ? __fget_files+0x310/0x370 [ 2656.681200][T27845] ? __fdget_pos+0x1fe/0x310 [ 2656.685624][T27845] ? ksys_write+0x77/0x2c0 [ 2656.689881][T27845] ksys_write+0x198/0x2c0 [ 2656.694046][T27845] ? __ia32_sys_read+0x90/0x90 [ 2656.698649][T27845] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2656.704983][T27845] __x64_sys_write+0x7b/0x90 [ 2656.709411][T27845] do_syscall_64+0x44/0xd0 [ 2656.713661][T27845] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2656.719387][T27845] RIP: 0033:0x7fcbd55afe4f [ 2656.723643][T27845] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2656.743088][T27845] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2656.751331][T27845] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2656.759144][T27845] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2656.766955][T27845] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2656.774767][T27845] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2656.782579][T27845] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2656.790394][T27845] [ 2656.851753][T16764] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 18:24:48 executing program 3: r0 = creat(&(0x7f0000000400)='./bus\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000440)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [{}], "c736176aabaa68c083e0934f4d0e2db6f5b3d7ea82e11cdb0246429f37308042916a2fcb9bd4cd83cedc01f8d9dbb048df5fb6494f1e70b1984ab413015b605ab750b6223942aee799daaa159d03a4b45db2ba095412f548ba66f6dffa7f62b8907a5036240a1315e232c25a00a1ab351213ddcaca2f4d149183b4fc783a1ea822bd2248356c283497b75d526c64a4a10d1db3a65f2d90c34af2aed5c608f21866878bd03f7a107e2335a3f7f52a72717d3dbfbf84e17866868aec7d33936987eb8f692be69ec5cf3fa5697a9533ddebd7047b86c288a5aec219a8dc6284cab06741730ee9b20ea7d1a9fb01e065703d696a69c11a196554186fecf630c2b9bdb76255702c0fa3658a802891e3fcee3ab11f5ec0ee9c46efeb0f4da12b752a2e13a3c36e4f31919cdc4404d1833504091951784fca8c9b596263fee6b1cafa7be4431f67a9cbf48ec56a171a719a9fe77b7f9fefa99c46bdc067e8b5477a32655c09b3024f6917a4dd4f77fb095d06fa47aa8b8ab199c18cf101a8904d1415b63abc35ee7e6c9bb41528ef467f4be7f105779d6114923e22b3561de8825984e134d5aecbd2aea530bcc639beafec06a298605f22e801b45363b79046b86d3991880249aeebe9e81d80405bfac3c0351651692151db3d0c8ca2db3948077e3b1fdcc691bceaa30ba484b7236dc113339486d7b89df507a918d5087e5f3e242b0e5c0bbb726d36e8e106f00cb7a8a107353ab481c9a724a72dd6539acb7a033984413aa2fdf3dbeecf8ac5850e5cc2b8ec5e08c6683d108db0a5f155fc876bda4ead7174fa5e2c3a5902d1636986aecb78037e6d7ebb55d4ef2e62d0a0c49f74671d93ea4b9a125cca9e54b635c37530271933f436e36c451aea20eeaf2b8aa097647776265f7f1d8f69f2fa816bfd5df516f005850cef1d34fec93cf0a2dfa59e42bc9ad7a4c379d7fd5d6cbbeb260ee194efde03dec8f66097b2a6333d12a4971de897832cfb179786261190e864a24ca465cc13dd39fd7aa1343cd434e26857d473b256bd0471a344002ea5adab20493d8f6cf1ea7b675697328dea75b32c991b12a8f8170585cd4e78ff748ab096a94c1ccb4053e59c6e6cf26d404a1228f2c4a3e067676df3e7d33fce2ffe58ef1188bcc165859989b1e832a2e79327721f2ed116af1a4bb75e59a1f23661f7a843b817328e14c38052c8eec8932b3f6c83db58ee998d5fba5f7057f3b39db2d926867c53d9e7e00248d9ebf5e2abeda344cadda244677508215eeef271e42f94b9e9ddc740b2fbd97ff267d9ab4b657941393558af51007de29e16e4ae8b42c6211ee1ab4473ea803a3fe613b4351d8c6aeb48f12e6cf56cd4af0eadb090440ceb41a973481ded8808992eb65ea5fe1adc08da534b8079ed12a3917bbc201cd46ecf71d5c6e8fc2625fa61e8b0ff318d541eeb5b3f9f90ab231dd0f03dd67c56c5fa7a3490f9cc59e984debfb8e1c4421eab95cab7293c031caec7ec310080297a5ce5f5bba473f996c30c88d5ae3978cbd71a79ac09913d0d680c9f63fbc7bbf9f6e66f0cb6c4648d66d800305a8d06054f7489a0c4fca58643d4a571353275a6375c2195be358d90b30a226db7d6371a61297947b4d5af8c0d5ef951a464da024d9045df54f425ae12b4eb79dcbe7d412b5dd7256ced54db5156d15f5917de7cbfa6b4140425f0ab456eb6a84d00a9e3b4082d4556d0b51e8ef51bd7296645a59ee07ed59ab20f56f59dbed83b31db7063b7d0d2c83a7df1fb94af215c02f330cd0e60603a9eadecdcdf821e9bc6ba162a6a49798962d32383671dd4d70d132144fcee390796f043d6c4042e4f7b1374ae91fe618c1064df0f956ea81c8410e68377a9a8f027b7a551eb9c211469d8fdee0e3cb3c016173e96f1b13581ce82b55b440b632771e8d540f5f615172761d60b9fde87123c91b205654c8be1f03653221ab4dc85606b1178b114f0835e25394a17c48902b11c60d0813a20c6a6e7bfd7228effe03e8797beb0468d78178308d46340602b0c527f4f05ea4c71850135585decebe9ec401cca19eafc9fc69ab9d5ad404174be8561033822535a2626306008e2142658198e0983d8c7c4cdab10834125e54ba3d36e45e70fa208cfebc54e2af883cda1ba7058d53ffb87d5432d6626bdb161b7814c02c08d0d6061e8d8f8d6aebd64099c1209961b52f26378ff69362b5b2f746a9f52837595725b67551d21da1c4e1419fd0ec5f414a6366018c1d7c32921dd395a36cca7bc3de8d8a76fc3d425afe63b129f7fa2b0660e23a1a1b684aaf3d39406a63132cd926eed5b513f2fd8546b251591c51e2e4f230fe1e8ecd1de19897d1ad965e31570acd8811f3fd369fcfc48df6d5856e95a3e72bfda51cf97901e4befa35e14415433107aef436ff6249099b957503545da788b50a9e2feb1e88e7283f1708a1f2f146cd215f642fe77014f386b25a6d92a91418759d95096ead5e427ed03d47c2b9fcff8a1c8217ada7051e6233061ec6085101622254f6470227d0bc629349912655202d31a3bc1d75263c6bab968da0d0a459de1251c048d19272a08256d45b8370917dfe70cc50d3fca5f3d105cb0c64eccca0deef4a256cc051491bde751169a672e272137fdc7cfca1639b9ea4382f7fe0312b83d5e87830abe79bc537abe7a2f689d90f08b40e4166bcaaa608248a6e39cec4fa0bce8b84b34abff6d3ab25f0a93599194c105d02ece067586f77f48a9c7905bf3937f143aded01f8ed7b7ddf3cd03e5b4f60878f38be59a742c69b50a1c19cecb8233b5429f1ea4db173610cbad6b5ebf8311549feb3506600d7e544eb6eada7f45af93621fbaa6466c80125119aae8d830d4726da3d733904d94afa8a45be1284c862cefa1eb0e7dd37262bb69740f103851b03f4725b026d460ad1f27b0135caf805cb366fedc0dc301333aa5a5c33a435da6a731aee0ec321263478d5805cd5768e1ae0f464db2647fb1131af40571c244113c5eead1b96f2659c7cd54e4d398b5481bcdd6c7c64ba46ad0f6dac075a16724961355950f45dd3779999ec8eb1f00ab8468ef3f3fd3deaffb01bec66befd002b659faa01314711378cc6a1dbbb69f3f2a659bae32c4e058f0198b6581a27abb26da5d73d0f5e6db7e94838790a8ca9d7e9abc1867069b57115b5c49a61fed59cbd3643dd22a3b45f2b49a3c3cd80d8f6e7950181cd1ba57d66ef6be437c41f773d078108fa0aaf2d12b6a797f694f20611102ec75e580a52997e7cbd84ddd1fe647f12153574bfdb3644c72c0f8c6c43430b7b0d055e9cc7f351ef311d4b1d0951f8ca5b6375542bb947ff65a251941cd9534825d18d1e25ce855797fa7c7bac8d140a83913ea90c73640436ae1e4c21c02881e6bccd5795c9be890a6aaea190fd6873fa1d455ea08b11cf7c503bb8f4f9f39c2dac87de74e5980ab8ef95fca0bc2784bf00622ab7909efb269c2bbd6174817e2f12aaed8419feea21a83866a55641e85f1b5bcdf5b02d1c8c30826847aa097b1ed8e6f15431c247313d18de00849441d9ab0ac7ef3fdabfc058fd8398d76d3d277848a46d94c452ffe41a93b5d75eed7109b1a631e66cae951c3907bd644ef07e8477d9ec0d5111f7088e243ac47ab7618de9b8ac14366b34d0b021fbf05ebcd39896817ab1ec30bf5d24c66af693618be4fa937826a0f9d38c16713f04fc5d2123749a65c657c58272f9786e5a5c9c5cff2c77986b7ca7ec606d4b75cb4dfbd7bab75a5fa3b46507cbc91230942b3aef3cb79f4a10daf453f27079e800db39403a2089090ad75563a22aa63c0fd8026f5ed2cc574a65e4e02f7db0dda520f2bb06fb735c56e0f6075add4f835011ad151188476a69684c13bd0cca1372c2be4d1961f8cd535c3476a2b2dbc98cf35a6f7cbc5e8aee2e51093137d1149f78984f0785fa87fb1c417ecd6918e938817e7e6e8980312436901e59d80d4a0f823219bf1f30a7da9cc4b8bcc7eb75534b7bffcce23fb33435ca2c83a2561dd695f137db335ace61d8c0cd23b64cdf32342bef774cf5acb455bffe40361bbdf008253e978a680a67928521a79b9dae368605573bd2a1bd2c6dffcc1764ff998e8923eaa5097f1116e83a2cba326baff4ed63315c6a9290a46ad06494380c554c1f28403dc97f929bf00c119f0f79cbd0cb36acc58e5c3250fa4cf7b536478f8f580dd3ec6d088aeca20ddf5cab2a4de1afa483e9aff7f6c06b17a41596ff0fbbd20859d2691e0118f262a6b26e9db78be6bcdb92780273ef22c894a25bb7c5cd191106e74b313412f8e730af2de88d3c243798a1223d9b26e632ed9a8ada8d6ab6a081295c1d9a200e684846b07d638bf7e15d658d04f0d4e729054b250f857ece5a54e6be4661758b77074551b2eaa2186f9c3293228aa911a929baa75f244c7f6b94382baa8a6117459418d3ebf31ced793ee03dcc5e670627a15abf58f1fd36f489df15beaf0e4e64f84a3b9fb40435eab1d46db59347721d1aecdc3e5bfea", ['\x00', '\x00', '\x00']}, 0x1000) r1 = open(&(0x7f0000000200)='./bus\x00', 0x185200, 0x0) write$binfmt_elf64(r0, &(0x7f00000017c0)=ANY=[], 0x12) dup3(r1, r0, 0x0) finit_module(r1, 0x0, 0x0) 18:24:48 executing program 2: r0 = creat(&(0x7f0000000400)='./bus\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000440)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [{}], "c736176aabaa68c083e0934f4d0e2db6f5b3d7ea82e11cdb0246429f37308042916a2fcb9bd4cd83cedc01f8d9dbb048df5fb6494f1e70b1984ab413015b605ab750b6223942aee799daaa159d03a4b45db2ba095412f548ba66f6dffa7f62b8907a5036240a1315e232c25a00a1ab351213ddcaca2f4d149183b4fc783a1ea822bd2248356c283497b75d526c64a4a10d1db3a65f2d90c34af2aed5c608f21866878bd03f7a107e2335a3f7f52a72717d3dbfbf84e17866868aec7d33936987eb8f692be69ec5cf3fa5697a9533ddebd7047b86c288a5aec219a8dc6284cab06741730ee9b20ea7d1a9fb01e065703d696a69c11a196554186fecf630c2b9bdb76255702c0fa3658a802891e3fcee3ab11f5ec0ee9c46efeb0f4da12b752a2e13a3c36e4f31919cdc4404d1833504091951784fca8c9b596263fee6b1cafa7be4431f67a9cbf48ec56a171a719a9fe77b7f9fefa99c46bdc067e8b5477a32655c09b3024f6917a4dd4f77fb095d06fa47aa8b8ab199c18cf101a8904d1415b63abc35ee7e6c9bb41528ef467f4be7f105779d6114923e22b3561de8825984e134d5aecbd2aea530bcc639beafec06a298605f22e801b45363b79046b86d3991880249aeebe9e81d80405bfac3c0351651692151db3d0c8ca2db3948077e3b1fdcc691bceaa30ba484b7236dc113339486d7b89df507a918d5087e5f3e242b0e5c0bbb726d36e8e106f00cb7a8a107353ab481c9a724a72dd6539acb7a033984413aa2fdf3dbeecf8ac5850e5cc2b8ec5e08c6683d108db0a5f155fc876bda4ead7174fa5e2c3a5902d1636986aecb78037e6d7ebb55d4ef2e62d0a0c49f74671d93ea4b9a125cca9e54b635c37530271933f436e36c451aea20eeaf2b8aa097647776265f7f1d8f69f2fa816bfd5df516f005850cef1d34fec93cf0a2dfa59e42bc9ad7a4c379d7fd5d6cbbeb260ee194efde03dec8f66097b2a6333d12a4971de897832cfb179786261190e864a24ca465cc13dd39fd7aa1343cd434e26857d473b256bd0471a344002ea5adab20493d8f6cf1ea7b675697328dea75b32c991b12a8f8170585cd4e78ff748ab096a94c1ccb4053e59c6e6cf26d404a1228f2c4a3e067676df3e7d33fce2ffe58ef1188bcc165859989b1e832a2e79327721f2ed116af1a4bb75e59a1f23661f7a843b817328e14c38052c8eec8932b3f6c83db58ee998d5fba5f7057f3b39db2d926867c53d9e7e00248d9ebf5e2abeda344cadda244677508215eeef271e42f94b9e9ddc740b2fbd97ff267d9ab4b657941393558af51007de29e16e4ae8b42c6211ee1ab4473ea803a3fe613b4351d8c6aeb48f12e6cf56cd4af0eadb090440ceb41a973481ded8808992eb65ea5fe1adc08da534b8079ed12a3917bbc201cd46ecf71d5c6e8fc2625fa61e8b0ff318d541eeb5b3f9f90ab231dd0f03dd67c56c5fa7a3490f9cc59e984debfb8e1c4421eab95cab7293c031caec7ec310080297a5ce5f5bba473f996c30c88d5ae3978cbd71a79ac09913d0d680c9f63fbc7bbf9f6e66f0cb6c4648d66d800305a8d06054f7489a0c4fca58643d4a571353275a6375c2195be358d90b30a226db7d6371a61297947b4d5af8c0d5ef951a464da024d9045df54f425ae12b4eb79dcbe7d412b5dd7256ced54db5156d15f5917de7cbfa6b4140425f0ab456eb6a84d00a9e3b4082d4556d0b51e8ef51bd7296645a59ee07ed59ab20f56f59dbed83b31db7063b7d0d2c83a7df1fb94af215c02f330cd0e60603a9eadecdcdf821e9bc6ba162a6a49798962d32383671dd4d70d132144fcee390796f043d6c4042e4f7b1374ae91fe618c1064df0f956ea81c8410e68377a9a8f027b7a551eb9c211469d8fdee0e3cb3c016173e96f1b13581ce82b55b440b632771e8d540f5f615172761d60b9fde87123c91b205654c8be1f03653221ab4dc85606b1178b114f0835e25394a17c48902b11c60d0813a20c6a6e7bfd7228effe03e8797beb0468d78178308d46340602b0c527f4f05ea4c71850135585decebe9ec401cca19eafc9fc69ab9d5ad404174be8561033822535a2626306008e2142658198e0983d8c7c4cdab10834125e54ba3d36e45e70fa208cfebc54e2af883cda1ba7058d53ffb87d5432d6626bdb161b7814c02c08d0d6061e8d8f8d6aebd64099c1209961b52f26378ff69362b5b2f746a9f52837595725b67551d21da1c4e1419fd0ec5f414a6366018c1d7c32921dd395a36cca7bc3de8d8a76fc3d425afe63b129f7fa2b0660e23a1a1b684aaf3d39406a63132cd926eed5b513f2fd8546b251591c51e2e4f230fe1e8ecd1de19897d1ad965e31570acd8811f3fd369fcfc48df6d5856e95a3e72bfda51cf97901e4befa35e14415433107aef436ff6249099b957503545da788b50a9e2feb1e88e7283f1708a1f2f146cd215f642fe77014f386b25a6d92a91418759d95096ead5e427ed03d47c2b9fcff8a1c8217ada7051e6233061ec6085101622254f6470227d0bc629349912655202d31a3bc1d75263c6bab968da0d0a459de1251c048d19272a08256d45b8370917dfe70cc50d3fca5f3d105cb0c64eccca0deef4a256cc051491bde751169a672e272137fdc7cfca1639b9ea4382f7fe0312b83d5e87830abe79bc537abe7a2f689d90f08b40e4166bcaaa608248a6e39cec4fa0bce8b84b34abff6d3ab25f0a93599194c105d02ece067586f77f48a9c7905bf3937f143aded01f8ed7b7ddf3cd03e5b4f60878f38be59a742c69b50a1c19cecb8233b5429f1ea4db173610cbad6b5ebf8311549feb3506600d7e544eb6eada7f45af93621fbaa6466c80125119aae8d830d4726da3d733904d94afa8a45be1284c862cefa1eb0e7dd37262bb69740f103851b03f4725b026d460ad1f27b0135caf805cb366fedc0dc301333aa5a5c33a435da6a731aee0ec321263478d5805cd5768e1ae0f464db2647fb1131af40571c244113c5eead1b96f2659c7cd54e4d398b5481bcdd6c7c64ba46ad0f6dac075a16724961355950f45dd3779999ec8eb1f00ab8468ef3f3fd3deaffb01bec66befd002b659faa01314711378cc6a1dbbb69f3f2a659bae32c4e058f0198b6581a27abb26da5d73d0f5e6db7e94838790a8ca9d7e9abc1867069b57115b5c49a61fed59cbd3643dd22a3b45f2b49a3c3cd80d8f6e7950181cd1ba57d66ef6be437c41f773d078108fa0aaf2d12b6a797f694f20611102ec75e580a52997e7cbd84ddd1fe647f12153574bfdb3644c72c0f8c6c43430b7b0d055e9cc7f351ef311d4b1d0951f8ca5b6375542bb947ff65a251941cd9534825d18d1e25ce855797fa7c7bac8d140a83913ea90c73640436ae1e4c21c02881e6bccd5795c9be890a6aaea190fd6873fa1d455ea08b11cf7c503bb8f4f9f39c2dac87de74e5980ab8ef95fca0bc2784bf00622ab7909efb269c2bbd6174817e2f12aaed8419feea21a83866a55641e85f1b5bcdf5b02d1c8c30826847aa097b1ed8e6f15431c247313d18de00849441d9ab0ac7ef3fdabfc058fd8398d76d3d277848a46d94c452ffe41a93b5d75eed7109b1a631e66cae951c3907bd644ef07e8477d9ec0d5111f7088e243ac47ab7618de9b8ac14366b34d0b021fbf05ebcd39896817ab1ec30bf5d24c66af693618be4fa937826a0f9d38c16713f04fc5d2123749a65c657c58272f9786e5a5c9c5cff2c77986b7ca7ec606d4b75cb4dfbd7bab75a5fa3b46507cbc91230942b3aef3cb79f4a10daf453f27079e800db39403a2089090ad75563a22aa63c0fd8026f5ed2cc574a65e4e02f7db0dda520f2bb06fb735c56e0f6075add4f835011ad151188476a69684c13bd0cca1372c2be4d1961f8cd535c3476a2b2dbc98cf35a6f7cbc5e8aee2e51093137d1149f78984f0785fa87fb1c417ecd6918e938817e7e6e8980312436901e59d80d4a0f823219bf1f30a7da9cc4b8bcc7eb75534b7bffcce23fb33435ca2c83a2561dd695f137db335ace61d8c0cd23b64cdf32342bef774cf5acb455bffe40361bbdf008253e978a680a67928521a79b9dae368605573bd2a1bd2c6dffcc1764ff998e8923eaa5097f1116e83a2cba326baff4ed63315c6a9290a46ad06494380c554c1f28403dc97f929bf00c119f0f79cbd0cb36acc58e5c3250fa4cf7b536478f8f580dd3ec6d088aeca20ddf5cab2a4de1afa483e9aff7f6c06b17a41596ff0fbbd20859d2691e0118f262a6b26e9db78be6bcdb92780273ef22c894a25bb7c5cd191106e74b313412f8e730af2de88d3c243798a1223d9b26e632ed9a8ada8d6ab6a081295c1d9a200e684846b07d638bf7e15d658d04f0d4e729054b250f857ece5a54e6be4661758b77074551b2eaa2186f9c3293228aa911a929baa75f244c7f6b94382baa8a6117459418d3ebf31ced793ee03dcc5e670627a15abf58f1fd36f489df15beaf0e4e64f84a3b9fb40435eab1d46db59347721d1aecdc3e5bfea", ['\x00', '\x00', '\x00']}, 0x1000) r1 = open(&(0x7f0000000200)='./bus\x00', 0x185200, 0x0) write$binfmt_elf64(r0, &(0x7f00000017c0)=ANY=[], 0x12) dup3(r1, r0, 0x0) finit_module(r1, 0x0, 0x0) [ 2656.898601][T16764] usb 4-1: can't set config #1, error -71 [ 2656.906521][T16764] usb 4-1: USB disconnect, device number 38 18:24:48 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 70) 18:24:48 executing program 2: r0 = creat(&(0x7f0000000400)='./bus\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000440)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [{}], "c736176aabaa68c083e0934f4d0e2db6f5b3d7ea82e11cdb0246429f37308042916a2fcb9bd4cd83cedc01f8d9dbb048df5fb6494f1e70b1984ab413015b605ab750b6223942aee799daaa159d03a4b45db2ba095412f548ba66f6dffa7f62b8907a5036240a1315e232c25a00a1ab351213ddcaca2f4d149183b4fc783a1ea822bd2248356c283497b75d526c64a4a10d1db3a65f2d90c34af2aed5c608f21866878bd03f7a107e2335a3f7f52a72717d3dbfbf84e17866868aec7d33936987eb8f692be69ec5cf3fa5697a9533ddebd7047b86c288a5aec219a8dc6284cab06741730ee9b20ea7d1a9fb01e065703d696a69c11a196554186fecf630c2b9bdb76255702c0fa3658a802891e3fcee3ab11f5ec0ee9c46efeb0f4da12b752a2e13a3c36e4f31919cdc4404d1833504091951784fca8c9b596263fee6b1cafa7be4431f67a9cbf48ec56a171a719a9fe77b7f9fefa99c46bdc067e8b5477a32655c09b3024f6917a4dd4f77fb095d06fa47aa8b8ab199c18cf101a8904d1415b63abc35ee7e6c9bb41528ef467f4be7f105779d6114923e22b3561de8825984e134d5aecbd2aea530bcc639beafec06a298605f22e801b45363b79046b86d3991880249aeebe9e81d80405bfac3c0351651692151db3d0c8ca2db3948077e3b1fdcc691bceaa30ba484b7236dc113339486d7b89df507a918d5087e5f3e242b0e5c0bbb726d36e8e106f00cb7a8a107353ab481c9a724a72dd6539acb7a033984413aa2fdf3dbeecf8ac5850e5cc2b8ec5e08c6683d108db0a5f155fc876bda4ead7174fa5e2c3a5902d1636986aecb78037e6d7ebb55d4ef2e62d0a0c49f74671d93ea4b9a125cca9e54b635c37530271933f436e36c451aea20eeaf2b8aa097647776265f7f1d8f69f2fa816bfd5df516f005850cef1d34fec93cf0a2dfa59e42bc9ad7a4c379d7fd5d6cbbeb260ee194efde03dec8f66097b2a6333d12a4971de897832cfb179786261190e864a24ca465cc13dd39fd7aa1343cd434e26857d473b256bd0471a344002ea5adab20493d8f6cf1ea7b675697328dea75b32c991b12a8f8170585cd4e78ff748ab096a94c1ccb4053e59c6e6cf26d404a1228f2c4a3e067676df3e7d33fce2ffe58ef1188bcc165859989b1e832a2e79327721f2ed116af1a4bb75e59a1f23661f7a843b817328e14c38052c8eec8932b3f6c83db58ee998d5fba5f7057f3b39db2d926867c53d9e7e00248d9ebf5e2abeda344cadda244677508215eeef271e42f94b9e9ddc740b2fbd97ff267d9ab4b657941393558af51007de29e16e4ae8b42c6211ee1ab4473ea803a3fe613b4351d8c6aeb48f12e6cf56cd4af0eadb090440ceb41a973481ded8808992eb65ea5fe1adc08da534b8079ed12a3917bbc201cd46ecf71d5c6e8fc2625fa61e8b0ff318d541eeb5b3f9f90ab231dd0f03dd67c56c5fa7a3490f9cc59e984debfb8e1c4421eab95cab7293c031caec7ec310080297a5ce5f5bba473f996c30c88d5ae3978cbd71a79ac09913d0d680c9f63fbc7bbf9f6e66f0cb6c4648d66d800305a8d06054f7489a0c4fca58643d4a571353275a6375c2195be358d90b30a226db7d6371a61297947b4d5af8c0d5ef951a464da024d9045df54f425ae12b4eb79dcbe7d412b5dd7256ced54db5156d15f5917de7cbfa6b4140425f0ab456eb6a84d00a9e3b4082d4556d0b51e8ef51bd7296645a59ee07ed59ab20f56f59dbed83b31db7063b7d0d2c83a7df1fb94af215c02f330cd0e60603a9eadecdcdf821e9bc6ba162a6a49798962d32383671dd4d70d132144fcee390796f043d6c4042e4f7b1374ae91fe618c1064df0f956ea81c8410e68377a9a8f027b7a551eb9c211469d8fdee0e3cb3c016173e96f1b13581ce82b55b440b632771e8d540f5f615172761d60b9fde87123c91b205654c8be1f03653221ab4dc85606b1178b114f0835e25394a17c48902b11c60d0813a20c6a6e7bfd7228effe03e8797beb0468d78178308d46340602b0c527f4f05ea4c71850135585decebe9ec401cca19eafc9fc69ab9d5ad404174be8561033822535a2626306008e2142658198e0983d8c7c4cdab10834125e54ba3d36e45e70fa208cfebc54e2af883cda1ba7058d53ffb87d5432d6626bdb161b7814c02c08d0d6061e8d8f8d6aebd64099c1209961b52f26378ff69362b5b2f746a9f52837595725b67551d21da1c4e1419fd0ec5f414a6366018c1d7c32921dd395a36cca7bc3de8d8a76fc3d425afe63b129f7fa2b0660e23a1a1b684aaf3d39406a63132cd926eed5b513f2fd8546b251591c51e2e4f230fe1e8ecd1de19897d1ad965e31570acd8811f3fd369fcfc48df6d5856e95a3e72bfda51cf97901e4befa35e14415433107aef436ff6249099b957503545da788b50a9e2feb1e88e7283f1708a1f2f146cd215f642fe77014f386b25a6d92a91418759d95096ead5e427ed03d47c2b9fcff8a1c8217ada7051e6233061ec6085101622254f6470227d0bc629349912655202d31a3bc1d75263c6bab968da0d0a459de1251c048d19272a08256d45b8370917dfe70cc50d3fca5f3d105cb0c64eccca0deef4a256cc051491bde751169a672e272137fdc7cfca1639b9ea4382f7fe0312b83d5e87830abe79bc537abe7a2f689d90f08b40e4166bcaaa608248a6e39cec4fa0bce8b84b34abff6d3ab25f0a93599194c105d02ece067586f77f48a9c7905bf3937f143aded01f8ed7b7ddf3cd03e5b4f60878f38be59a742c69b50a1c19cecb8233b5429f1ea4db173610cbad6b5ebf8311549feb3506600d7e544eb6eada7f45af93621fbaa6466c80125119aae8d830d4726da3d733904d94afa8a45be1284c862cefa1eb0e7dd37262bb69740f103851b03f4725b026d460ad1f27b0135caf805cb366fedc0dc301333aa5a5c33a435da6a731aee0ec321263478d5805cd5768e1ae0f464db2647fb1131af40571c244113c5eead1b96f2659c7cd54e4d398b5481bcdd6c7c64ba46ad0f6dac075a16724961355950f45dd3779999ec8eb1f00ab8468ef3f3fd3deaffb01bec66befd002b659faa01314711378cc6a1dbbb69f3f2a659bae32c4e058f0198b6581a27abb26da5d73d0f5e6db7e94838790a8ca9d7e9abc1867069b57115b5c49a61fed59cbd3643dd22a3b45f2b49a3c3cd80d8f6e7950181cd1ba57d66ef6be437c41f773d078108fa0aaf2d12b6a797f694f20611102ec75e580a52997e7cbd84ddd1fe647f12153574bfdb3644c72c0f8c6c43430b7b0d055e9cc7f351ef311d4b1d0951f8ca5b6375542bb947ff65a251941cd9534825d18d1e25ce855797fa7c7bac8d140a83913ea90c73640436ae1e4c21c02881e6bccd5795c9be890a6aaea190fd6873fa1d455ea08b11cf7c503bb8f4f9f39c2dac87de74e5980ab8ef95fca0bc2784bf00622ab7909efb269c2bbd6174817e2f12aaed8419feea21a83866a55641e85f1b5bcdf5b02d1c8c30826847aa097b1ed8e6f15431c247313d18de00849441d9ab0ac7ef3fdabfc058fd8398d76d3d277848a46d94c452ffe41a93b5d75eed7109b1a631e66cae951c3907bd644ef07e8477d9ec0d5111f7088e243ac47ab7618de9b8ac14366b34d0b021fbf05ebcd39896817ab1ec30bf5d24c66af693618be4fa937826a0f9d38c16713f04fc5d2123749a65c657c58272f9786e5a5c9c5cff2c77986b7ca7ec606d4b75cb4dfbd7bab75a5fa3b46507cbc91230942b3aef3cb79f4a10daf453f27079e800db39403a2089090ad75563a22aa63c0fd8026f5ed2cc574a65e4e02f7db0dda520f2bb06fb735c56e0f6075add4f835011ad151188476a69684c13bd0cca1372c2be4d1961f8cd535c3476a2b2dbc98cf35a6f7cbc5e8aee2e51093137d1149f78984f0785fa87fb1c417ecd6918e938817e7e6e8980312436901e59d80d4a0f823219bf1f30a7da9cc4b8bcc7eb75534b7bffcce23fb33435ca2c83a2561dd695f137db335ace61d8c0cd23b64cdf32342bef774cf5acb455bffe40361bbdf008253e978a680a67928521a79b9dae368605573bd2a1bd2c6dffcc1764ff998e8923eaa5097f1116e83a2cba326baff4ed63315c6a9290a46ad06494380c554c1f28403dc97f929bf00c119f0f79cbd0cb36acc58e5c3250fa4cf7b536478f8f580dd3ec6d088aeca20ddf5cab2a4de1afa483e9aff7f6c06b17a41596ff0fbbd20859d2691e0118f262a6b26e9db78be6bcdb92780273ef22c894a25bb7c5cd191106e74b313412f8e730af2de88d3c243798a1223d9b26e632ed9a8ada8d6ab6a081295c1d9a200e684846b07d638bf7e15d658d04f0d4e729054b250f857ece5a54e6be4661758b77074551b2eaa2186f9c3293228aa911a929baa75f244c7f6b94382baa8a6117459418d3ebf31ced793ee03dcc5e670627a15abf58f1fd36f489df15beaf0e4e64f84a3b9fb40435eab1d46db59347721d1aecdc3e5bfea", ['\x00', '\x00', '\x00']}, 0x1000) r1 = open(&(0x7f0000000200)='./bus\x00', 0x185200, 0x0) write$binfmt_elf64(r0, &(0x7f00000017c0)=ANY=[], 0x12) dup3(r1, r0, 0x0) finit_module(r1, 0x0, 0x0) 18:24:48 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 78) 18:24:48 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 80) 18:24:48 executing program 3: r0 = creat(&(0x7f0000000400)='./bus\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000440)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [{}], "c736176aabaa68c083e0934f4d0e2db6f5b3d7ea82e11cdb0246429f37308042916a2fcb9bd4cd83cedc01f8d9dbb048df5fb6494f1e70b1984ab413015b605ab750b6223942aee799daaa159d03a4b45db2ba095412f548ba66f6dffa7f62b8907a5036240a1315e232c25a00a1ab351213ddcaca2f4d149183b4fc783a1ea822bd2248356c283497b75d526c64a4a10d1db3a65f2d90c34af2aed5c608f21866878bd03f7a107e2335a3f7f52a72717d3dbfbf84e17866868aec7d33936987eb8f692be69ec5cf3fa5697a9533ddebd7047b86c288a5aec219a8dc6284cab06741730ee9b20ea7d1a9fb01e065703d696a69c11a196554186fecf630c2b9bdb76255702c0fa3658a802891e3fcee3ab11f5ec0ee9c46efeb0f4da12b752a2e13a3c36e4f31919cdc4404d1833504091951784fca8c9b596263fee6b1cafa7be4431f67a9cbf48ec56a171a719a9fe77b7f9fefa99c46bdc067e8b5477a32655c09b3024f6917a4dd4f77fb095d06fa47aa8b8ab199c18cf101a8904d1415b63abc35ee7e6c9bb41528ef467f4be7f105779d6114923e22b3561de8825984e134d5aecbd2aea530bcc639beafec06a298605f22e801b45363b79046b86d3991880249aeebe9e81d80405bfac3c0351651692151db3d0c8ca2db3948077e3b1fdcc691bceaa30ba484b7236dc113339486d7b89df507a918d5087e5f3e242b0e5c0bbb726d36e8e106f00cb7a8a107353ab481c9a724a72dd6539acb7a033984413aa2fdf3dbeecf8ac5850e5cc2b8ec5e08c6683d108db0a5f155fc876bda4ead7174fa5e2c3a5902d1636986aecb78037e6d7ebb55d4ef2e62d0a0c49f74671d93ea4b9a125cca9e54b635c37530271933f436e36c451aea20eeaf2b8aa097647776265f7f1d8f69f2fa816bfd5df516f005850cef1d34fec93cf0a2dfa59e42bc9ad7a4c379d7fd5d6cbbeb260ee194efde03dec8f66097b2a6333d12a4971de897832cfb179786261190e864a24ca465cc13dd39fd7aa1343cd434e26857d473b256bd0471a344002ea5adab20493d8f6cf1ea7b675697328dea75b32c991b12a8f8170585cd4e78ff748ab096a94c1ccb4053e59c6e6cf26d404a1228f2c4a3e067676df3e7d33fce2ffe58ef1188bcc165859989b1e832a2e79327721f2ed116af1a4bb75e59a1f23661f7a843b817328e14c38052c8eec8932b3f6c83db58ee998d5fba5f7057f3b39db2d926867c53d9e7e00248d9ebf5e2abeda344cadda244677508215eeef271e42f94b9e9ddc740b2fbd97ff267d9ab4b657941393558af51007de29e16e4ae8b42c6211ee1ab4473ea803a3fe613b4351d8c6aeb48f12e6cf56cd4af0eadb090440ceb41a973481ded8808992eb65ea5fe1adc08da534b8079ed12a3917bbc201cd46ecf71d5c6e8fc2625fa61e8b0ff318d541eeb5b3f9f90ab231dd0f03dd67c56c5fa7a3490f9cc59e984debfb8e1c4421eab95cab7293c031caec7ec310080297a5ce5f5bba473f996c30c88d5ae3978cbd71a79ac09913d0d680c9f63fbc7bbf9f6e66f0cb6c4648d66d800305a8d06054f7489a0c4fca58643d4a571353275a6375c2195be358d90b30a226db7d6371a61297947b4d5af8c0d5ef951a464da024d9045df54f425ae12b4eb79dcbe7d412b5dd7256ced54db5156d15f5917de7cbfa6b4140425f0ab456eb6a84d00a9e3b4082d4556d0b51e8ef51bd7296645a59ee07ed59ab20f56f59dbed83b31db7063b7d0d2c83a7df1fb94af215c02f330cd0e60603a9eadecdcdf821e9bc6ba162a6a49798962d32383671dd4d70d132144fcee390796f043d6c4042e4f7b1374ae91fe618c1064df0f956ea81c8410e68377a9a8f027b7a551eb9c211469d8fdee0e3cb3c016173e96f1b13581ce82b55b440b632771e8d540f5f615172761d60b9fde87123c91b205654c8be1f03653221ab4dc85606b1178b114f0835e25394a17c48902b11c60d0813a20c6a6e7bfd7228effe03e8797beb0468d78178308d46340602b0c527f4f05ea4c71850135585decebe9ec401cca19eafc9fc69ab9d5ad404174be8561033822535a2626306008e2142658198e0983d8c7c4cdab10834125e54ba3d36e45e70fa208cfebc54e2af883cda1ba7058d53ffb87d5432d6626bdb161b7814c02c08d0d6061e8d8f8d6aebd64099c1209961b52f26378ff69362b5b2f746a9f52837595725b67551d21da1c4e1419fd0ec5f414a6366018c1d7c32921dd395a36cca7bc3de8d8a76fc3d425afe63b129f7fa2b0660e23a1a1b684aaf3d39406a63132cd926eed5b513f2fd8546b251591c51e2e4f230fe1e8ecd1de19897d1ad965e31570acd8811f3fd369fcfc48df6d5856e95a3e72bfda51cf97901e4befa35e14415433107aef436ff6249099b957503545da788b50a9e2feb1e88e7283f1708a1f2f146cd215f642fe77014f386b25a6d92a91418759d95096ead5e427ed03d47c2b9fcff8a1c8217ada7051e6233061ec6085101622254f6470227d0bc629349912655202d31a3bc1d75263c6bab968da0d0a459de1251c048d19272a08256d45b8370917dfe70cc50d3fca5f3d105cb0c64eccca0deef4a256cc051491bde751169a672e272137fdc7cfca1639b9ea4382f7fe0312b83d5e87830abe79bc537abe7a2f689d90f08b40e4166bcaaa608248a6e39cec4fa0bce8b84b34abff6d3ab25f0a93599194c105d02ece067586f77f48a9c7905bf3937f143aded01f8ed7b7ddf3cd03e5b4f60878f38be59a742c69b50a1c19cecb8233b5429f1ea4db173610cbad6b5ebf8311549feb3506600d7e544eb6eada7f45af93621fbaa6466c80125119aae8d830d4726da3d733904d94afa8a45be1284c862cefa1eb0e7dd37262bb69740f103851b03f4725b026d460ad1f27b0135caf805cb366fedc0dc301333aa5a5c33a435da6a731aee0ec321263478d5805cd5768e1ae0f464db2647fb1131af40571c244113c5eead1b96f2659c7cd54e4d398b5481bcdd6c7c64ba46ad0f6dac075a16724961355950f45dd3779999ec8eb1f00ab8468ef3f3fd3deaffb01bec66befd002b659faa01314711378cc6a1dbbb69f3f2a659bae32c4e058f0198b6581a27abb26da5d73d0f5e6db7e94838790a8ca9d7e9abc1867069b57115b5c49a61fed59cbd3643dd22a3b45f2b49a3c3cd80d8f6e7950181cd1ba57d66ef6be437c41f773d078108fa0aaf2d12b6a797f694f20611102ec75e580a52997e7cbd84ddd1fe647f12153574bfdb3644c72c0f8c6c43430b7b0d055e9cc7f351ef311d4b1d0951f8ca5b6375542bb947ff65a251941cd9534825d18d1e25ce855797fa7c7bac8d140a83913ea90c73640436ae1e4c21c02881e6bccd5795c9be890a6aaea190fd6873fa1d455ea08b11cf7c503bb8f4f9f39c2dac87de74e5980ab8ef95fca0bc2784bf00622ab7909efb269c2bbd6174817e2f12aaed8419feea21a83866a55641e85f1b5bcdf5b02d1c8c30826847aa097b1ed8e6f15431c247313d18de00849441d9ab0ac7ef3fdabfc058fd8398d76d3d277848a46d94c452ffe41a93b5d75eed7109b1a631e66cae951c3907bd644ef07e8477d9ec0d5111f7088e243ac47ab7618de9b8ac14366b34d0b021fbf05ebcd39896817ab1ec30bf5d24c66af693618be4fa937826a0f9d38c16713f04fc5d2123749a65c657c58272f9786e5a5c9c5cff2c77986b7ca7ec606d4b75cb4dfbd7bab75a5fa3b46507cbc91230942b3aef3cb79f4a10daf453f27079e800db39403a2089090ad75563a22aa63c0fd8026f5ed2cc574a65e4e02f7db0dda520f2bb06fb735c56e0f6075add4f835011ad151188476a69684c13bd0cca1372c2be4d1961f8cd535c3476a2b2dbc98cf35a6f7cbc5e8aee2e51093137d1149f78984f0785fa87fb1c417ecd6918e938817e7e6e8980312436901e59d80d4a0f823219bf1f30a7da9cc4b8bcc7eb75534b7bffcce23fb33435ca2c83a2561dd695f137db335ace61d8c0cd23b64cdf32342bef774cf5acb455bffe40361bbdf008253e978a680a67928521a79b9dae368605573bd2a1bd2c6dffcc1764ff998e8923eaa5097f1116e83a2cba326baff4ed63315c6a9290a46ad06494380c554c1f28403dc97f929bf00c119f0f79cbd0cb36acc58e5c3250fa4cf7b536478f8f580dd3ec6d088aeca20ddf5cab2a4de1afa483e9aff7f6c06b17a41596ff0fbbd20859d2691e0118f262a6b26e9db78be6bcdb92780273ef22c894a25bb7c5cd191106e74b313412f8e730af2de88d3c243798a1223d9b26e632ed9a8ada8d6ab6a081295c1d9a200e684846b07d638bf7e15d658d04f0d4e729054b250f857ece5a54e6be4661758b77074551b2eaa2186f9c3293228aa911a929baa75f244c7f6b94382baa8a6117459418d3ebf31ced793ee03dcc5e670627a15abf58f1fd36f489df15beaf0e4e64f84a3b9fb40435eab1d46db59347721d1aecdc3e5bfea", ['\x00', '\x00', '\x00']}, 0x1000) r1 = open(&(0x7f0000000200)='./bus\x00', 0x185200, 0x0) write$binfmt_elf64(r0, &(0x7f00000017c0)=ANY=[], 0x12) dup3(r1, r0, 0x0) finit_module(r1, 0x0, 0x0) 18:24:48 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000100000000000080eff95d2f84101c425c103457badc8f5a7b10a39b96b1a7ca128513d540818cc329350ec0bb223beb4cee5e08510947a3ec8be52205ce561b3bcf2c30496cf67401aef97"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='rcu_utilization\x00', r3}, 0x10) sched_setaffinity(r0, 0x8, &(0x7f0000000180)=0x1f) ioctl$BTRFS_IOC_SCRUB(r3, 0xc400941b, 0x0) pipe(&(0x7f00000018c0)={0xffffffffffffffff}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x0, 0x4, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x1}, [@alu={0x4, 0x1, 0x1, 0x8, 0x5, 0x7fffffffffffffc0, 0xfffffffffffffff0}]}, 0x0, 0x3, 0x48, &(0x7f00000002c0)=""/72, 0x41100, 0xa, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000440)={0x4, 0x5}, 0x8, 0x10, &(0x7f0000000480)={0x1, 0x0, 0x9, 0x1}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[r4]}, 0x80) r5 = socket$netlink(0x10, 0x3, 0x0) process_mrelease(0xffffffffffffffff, 0x0) sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x3, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="4000000010001fff000009000000004109000000", @ANYRES32=0x0, @ANYBLOB="81ffffff00000000180012800e0001007769726567756172640000000381028008000a00", @ANYRES32], 0x40}}, 0x0) pipe(&(0x7f0000000400)) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000001b00)='/proc/thread-self/attr/keycreate\x00', 0x2, 0x0) r6 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382) r7 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n [ 2657.074986][T27885] dump_stack_lvl+0x151/0x1b7 [ 2657.075010][T27885] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2657.075026][T27885] ? __kasan_check_read+0x11/0x20 [ 2657.075042][T27885] dump_stack+0x15/0x17 [ 2657.121833][T27885] should_fail+0x3c0/0x510 [ 2657.126084][T27885] should_fail_usercopy+0x1a/0x20 [ 2657.130944][T27885] copy_page_from_iter_atomic+0x433/0x11c0 [ 2657.136586][T27885] ? pipe_zero+0x4d0/0x4d0 [ 2657.140840][T27885] ? __kasan_check_write+0x14/0x20 [ 2657.145786][T27885] ? shmem_write_end+0x786/0x8a0 [ 2657.150559][T27885] generic_perform_write+0x343/0x5d0 [ 2657.155681][T27885] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2657.161324][T27885] ? file_remove_privs+0x690/0x690 [ 2657.166270][T27885] ? __kasan_check_write+0x14/0x20 [ 2657.171217][T27885] ? down_write+0xdd/0x140 [ 2657.175479][T27885] __generic_file_write_iter+0x25b/0x4b0 [ 2657.180260][T27889] FAULT_INJECTION: forcing a failure. [ 2657.180260][T27889] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2657.180942][T27885] generic_file_write_iter+0xaf/0x1c0 [ 2657.198996][T27885] vfs_write+0xc8d/0x1050 [ 2657.203171][T27885] ? file_end_write+0x1b0/0x1b0 [ 2657.207847][T27885] ? __fget_files+0x310/0x370 [ 2657.212363][T27885] ? __fdget_pos+0x1fe/0x310 [ 2657.216784][T27885] ? ksys_write+0x77/0x2c0 [ 2657.221043][T27885] ksys_write+0x198/0x2c0 [ 2657.225214][T27885] ? __ia32_sys_read+0x90/0x90 [ 2657.229806][T27885] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2657.235709][T27885] __x64_sys_write+0x7b/0x90 [ 2657.240142][T27885] do_syscall_64+0x44/0xd0 [ 2657.244390][T27885] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2657.250119][T27885] RIP: 0033:0x7fcbd55afe4f [ 2657.254385][T27885] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2657.273814][T27885] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2657.282057][T27885] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2657.289887][T27885] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2657.298034][T27885] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2657.305846][T27885] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2657.313662][T27885] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2657.321472][T27885] [ 2657.324331][T27889] CPU: 1 PID: 27889 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2657.334418][T27889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2657.344297][T27889] Call Trace: [ 2657.347425][T27889] [ 2657.350206][T27889] dump_stack_lvl+0x151/0x1b7 [ 2657.354722][T27889] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2657.360036][T27889] ? __kasan_check_read+0x11/0x20 [ 2657.364866][T27889] dump_stack+0x15/0x17 [ 2657.368858][T27889] should_fail+0x3c0/0x510 [ 2657.373111][T27889] should_fail_usercopy+0x1a/0x20 [ 2657.377973][T27889] copy_page_from_iter_atomic+0x433/0x11c0 [ 2657.383618][T27889] ? pipe_zero+0x4d0/0x4d0 [ 2657.387869][T27889] ? __kasan_check_write+0x14/0x20 [ 2657.392815][T27889] ? shmem_write_end+0x786/0x8a0 [ 2657.397594][T27889] generic_perform_write+0x343/0x5d0 [ 2657.402710][T27889] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2657.408349][T27889] ? file_remove_privs+0x690/0x690 [ 2657.413301][T27889] ? __kasan_check_write+0x14/0x20 [ 2657.418247][T27889] ? down_write+0xdd/0x140 [ 2657.422503][T27889] __generic_file_write_iter+0x25b/0x4b0 [ 2657.427977][T27889] generic_file_write_iter+0xaf/0x1c0 [ 2657.433184][T27889] vfs_write+0xc8d/0x1050 [ 2657.437345][T27889] ? file_end_write+0x1b0/0x1b0 [ 2657.442032][T27889] ? __fget_files+0x310/0x370 [ 2657.446554][T27889] ? __fdget_pos+0x1fe/0x310 [ 2657.450973][T27889] ? ksys_write+0x77/0x2c0 [ 2657.455228][T27889] ksys_write+0x198/0x2c0 [ 2657.459394][T27889] ? __ia32_sys_read+0x90/0x90 [ 2657.463992][T27889] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2657.469892][T27889] __x64_sys_write+0x7b/0x90 [ 2657.474325][T27889] do_syscall_64+0x44/0xd0 [ 2657.478571][T27889] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2657.484304][T27889] RIP: 0033:0x7fb257acee4f [ 2657.488562][T27889] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2657.508085][T27889] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2657.516339][T27889] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2657.524140][T27889] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2657.531958][T27889] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2657.539767][T27889] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 18:24:49 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) sched_setscheduler(0x0, 0x0, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000940)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000800000095000000000000009500a5050000000077d8f3b423cdac85800000000000000024e16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d7535f7866907dc6751dfb292f7d3acec77f5efad9c1165a0e3ccae669e173a649c1cfd6587d452d66b7cc957d77578f4c35235138d5521f9453559c3421eed73d5661cfeecf9c66c54c3b3ff02000000d7c983c044c03bf3a48dfe3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff050011bbecc2f4a37c9af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a13ed38ae89d24e1cebfba2fc7925bfacba83109753f541cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b70a70000000000000000000000d7900a820b63278f4e9a217b98000000002a92895614cd50cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e08679b3ce48e90defb6670c3d62ad0a97aec773713a66b223fa8b148871c8d31d24291c25449f106a99893ed20fa7a050fbbef90327e827e513e96068fd1e8a43e89f9c050022a961546ed5363c17ff1432d0881406bc376e3e69ee52b59d13182e1f24ed200ada12f7a1525320e71666f472a97214d0b2874df30ed5eb1affb87ba55b2d72078e9f40e4ffff06aabca77e64c988dd4132307681314df1c2abe69cb47be5329ac624fb2997df9e6867583a4b239d17ba83b4973cd9bcddd186acbc7a961c384357a2885a56c8d8cea072ffda6c6abbe8fda393f3ed1b706069f21692"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) r5 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) write(r3, &(0x7f0000001400)="bb8f9f640903127a53527c6fbfe65d43b0e0586f2d40c7e7df58cac83420e83662d6e39bb6d5430622431454eedeeaee423d8f210bc3525fa7927c18d5fbc91ab13c2041136047d8da9375934d00f325499bfe7712208d387d41c31821c2a22d1325b556528e9b790b74053d1ed631c6ec8126d37c87216173138c00cef396868029af5b76bebac5e38b74d8bbc6ae66b6e202b6d505710377710ea7d43edf00e1a4c1c670bb4c263ce777da81abdd5ba5a5c82f67232f9b4d6f21b2e6afa8b38e4642b0daa2acbc0478d89b88e8b2094d4248855e5e81992e60be3afff0f3c3799350615489a901a659abdeca0c615a622ebf64175f990320e0356d4a11ed62eff72b709c23dd65942e8b534d7d775d370c1e435654a2634e6ee3649c4c3bcbe39e866f1eb9972af1a9cef42e701798a53dc92a242aadbac343e1765cf8ea5665e22deda69777e52b1e9e5d3edc022256939e1eee013448294911139d5b9c6241049fecdf9b31f4cdf6cff65d71b5071ef70e1798347c8846aa5b905e83050e3e606986ed3f603d18c5cdeb11cda1ce3abddea9376231af130e19fc7601ec1ab8cb5a7de9e2174547f18225b09a54fc8720dbb91eb69c1be88e601c3c9df4f2758f39a5151951b9c6dbb419ffd783a34c9fad10f201b8724d31865e2fc1fcf48db2be713053b43a0e3943c1e2b08e8a26e946c439d891db2a80b5ffa054bc8d0177d3214056250c61a537d2ec7630fb90395df2cd6aa9c5e573365db580520bdc3f1c6b2be992e1516a4b810a11935dc780699e461d9715f70c6d103ff49bf168f3cff4c0d0d6ba5671fcd2975450b0e1a3474139cb0f2d3476fcd87a8bccbeb2f5f8a821017b879aa5b9d1fafa9f4c429a74cd2da782114d97bf031746a817dd0293c4eddc3a9ecb5afe496f4971474ccd827449409f07cf94dda2e7dbe8520b5afff10a7e3b0b4289a167fc692635b5b7426d9e771b95860b09a3e752c867213c772e48ba30a78feecc7ff26e63e1749c62b52d377ac5cc52db830c965e04ccfcfb24ceacc69cfdc2094124dd27b2d68f699476a2562bab1de117ffc2b0702ee8b0b77f85fecec3a25b37ab7eb06232c9a73b4470f1727c82581d81942abf42d3ea37957927ad3dbd0ebe46678a9f4d25c47acaac83c14210a54b71fed40df017e2be27f01e3e6ea3ea381ca14efd202858e6535ad4f79a8cdf47e385b740a70c14e3651731a45cc0ca4a56f2e903cad0384efcc364caf67e09551d35c682ebc90a9286c4d274ba1b8ced742ede4e55a62db7ef9a96fde2add05b41599fd72a79ba280cc125cb266ef21b7eeafe3ee6aa78eef33fc66454549c3ec298cb683a55a32208cf6ce88b560166159d59e65f30540f62c5437652ea7f2a02f87ca242dd2250f58e75938a9a3ded51ae6598c2aba53287ff5cdaab17be7f4310f8e07e310d52778de79e1c2e4391b254be38910aa1cf6e1ca0e75d24be97d59f7025f16c6fbd549529b74e319c58f50438765ef0e3dc394eeb75dec41b3d80435b17520c97f5cd7ee692fb86d188fb0089fbf737dc1b96b9cc49be23a38a8cd92e5075f349993d7866369dd25eccbe1481477a05fee14e0edd1617921d7fcaa8fdc642e63b64388fa5b63442ff1466b1938d02546750b01ed9c980282ccbe10f204741249aed88c555ed6fdf7f68af9209807a71bbf4f31bef5a4223466da74ba8b034df529aef6ec6610a0d25973961e50e02af22d0ca8be1b9804a5918acbdb536e8f2f441ec9d640ed15133ee747440c86fc4526c9195954528673d25c8390170f3c19cb0b0c30b9e634c7ebae96946ae97c19eabca92226da925d22be37abbe0740938ea899ec42fd529a3b1063981e4c154219df5cf5af60a29b5a8ee530905725a14b28900eae937e705401ba8f632a7bca00d9724a992afdc9ed14aac71b8e3a7ee5ca095888feb195b4e083c3b611a1c2f8d092febe3b9f5f0df61e8d3c31a643c935b76bc1ad4265164e755484beb06610510bc51e8c6da8d71123bbe83a5e4128f41cf5c486d6a60496c300c406f990bee485cbdef794f2663ee66d2b18d8e55210c25c04b1a0c6d9c5f904e72806d2d4f5e5439bcdf146343cdffe4d0d70d42a9959cff9bd50c37cd478b0b0add16aae4dc839b46bca2ac7547144b6a422aed5e2db661bcb31a82bc0fc678e71a6cb090ef772860f3008b4152b5d281033be4a77b367baec3ab8ce7c83c601b11c8199bafcd15161a5454a6a982dbc3c2e3a5172b6a63e4904817075754eccbb0188c9cb2e5da9600f567485014887463b40f189b7ec3c5c0f36d502509e402c285765c78417ce6b3aab130ee79622dcd8ada842233e73a14554ee5e4995e32b3fe4075e247eb9bdeef64d1a7436c9b5782fb2f84f74e4c6e976289729c37b5bb8200a9480d181a6b11f5ec229b818134b8334967ae935ac1d81be4776fae4cb68b6fa330e93bd8de388b38455d569159bcd166df030a6dfedf28caf4608de7243f5df2c76f6680c301d819dc67d24d2f780432a931700a253b0a5b075195c6dbfd1fe17a1c11a3dffa872a07b877adc66d069fffb6d8326e1998c5a337c3d530250cae335ceffcf81dc438a47e73490d050a053813dbe6674e42c91ae94b4a88144f36adc1b08b4bcd6ddf4058c4e08d4dc83d5fbd843ee27eaf50b297c220350260d9abbeeb6deb921e50cae0ea590cfb6f00fb3c71520f565bb769705e2481ef27cf537d29f163c9fe3d39ed9fd18dc8b0c976cd302283e430807a9d751357f89092532d89fe280c69ad36e3541b5da9dea13fd19d0434c760fe295dfd9b9e63453c7853914c50b1b77ccd4b33c8b1f31fcb1aec040ffe2f9d728d8ea84297bac2e22230ebd1488c503b05b2e433cc37ce9fc123b7d3eb244b4549e9a841e73b664c8f6621ea5a4c9ff9c1da032255311f2c063a682baf4c97e7ba552bf71af4bd64f43872b846d15c65c487089be272cfa24a33f8c50930ea0bc4b089505fb8e97ded0e7e64a5ce897da6b940df4c3dddb8b4871d773f6ebf02058518c55c19aadb0f266caf18777ae68d2bfcfb2225961fcd10538ba664fd053a443320072707533ab761b9397bd0559126b84fe9196463ae50633017ea2d80940311d9c867102b1017f34af1965d8eb61be616a0d40656e2bbb750aee6f74f788c8acb2578e8686f5f8da6a19e979c152b7ee7c7f16902120588e2ff630144b5f929ffc593e946d9717c5968aa16c2d73d689fb5cce117acda3e23e5e0116de1cb6bddfa1a84cefb22c1e2c3753017696f27b9aec5d44f15411247643b84dd4410e784b4eb5b9c68fea671976f9b51c6526e2ddb40659611b0b3bcc7e249c77396fdb8c864ea9318f9de7fd3936fcbdc732c2f8b9556ec9afeb15d5e2df890351d66074d53dddc6e8dba8c91d733623ac95a49eb69c7de37ff2364ccddb01f6500750a012c2acf32a9f6bbd9e92d17ef858fbc34575db414ea42ad87a65b11ae5506469db256c421328f45aec73bdf18562447dc2840bbe9fc84dedd0fe6276fa174f21210d40193530ec7a70a9e60bfd6b00cba4d483be59950f16fa0dbd089b5fd0bb078badfcf42270cc62fe37be22b0d81f755263d74636fa466d2574ca62b58c649936d21e949de73ea45df3acade6609413f56fc218d6f11947bf1fd629d38d8acce90ee3c1a51117601ae126bec537e3e76ce7ecc53cfeefee8aaa104aa853a65aadf27bac9849ee0122793b11cd8e4f32fb07afa39e439cb738c30a6df958160aac15c26032a61aaf614b2e6601581fb0ab8d115e045005dee3df8ea42643cbcbb0b111130c42c94b7e874cfee50d5c2eb13b3a38c417fce9d740b7d43120431a7d44bc3934ee87b112401cbee3553837b6a0b4b3faaceb46eca4064301c8060870350e256ac9d5557f674536b9d9717a82fa211e7dfb52ca410d8a4f2f6b733c2a082f247538a6c40f56cf64204e62515db692f32733ff6f4b0787ef305d5e80881375467ae603ac3600e688c42f89a4fea4fdda09a8d59e19457c654a98c8129a8c65bae3310af2b170729e18400c915d0a2f4c4fc51747846630b95ec181228bda7ef48ad389815aa82de6c4a3b0746c28c01f9ec697ff17f095e1cf9d2fe78fdab9cbb1ca7aefc8af6a0cd98444735fad79e394a8f9c2fd358c3cde4ca6d57a620d0bb52dc6ff93f034b596f407c21511cc2c5ec8b0ede7f5c0acca61939ac7f2cad820c15133e69507eaa739e9a88936f4a74f0ad1574a1591f31f582a76157d89805cb3ba5e8d10509bf7a08e928653b4f05ba797a06765b74c8759fc34178624c08a2b99e59bcff5d33af2b0f9176b56c35f4da31c751a4c2fd88a1997cd9fc9bbf78220731d4c8cea23be1fd29c36b34d8458b7021ebcfafdc7e54096e517da3eb684298f742532d776164d9c9658e5faca0a3b08afca1bc27ed357884f49fe51bd0c38057f4288f1917e36e3865310b5eed140aef6150ae363293cf7467abd5e06cd7af5e2c49e7c5253a1155741e380bccb023a0faed93d9a64512d72436f1ef4ac0904a413e45164c23413bd57274a0a951c41a9a43aed094d4ea5c480ce64663cc9d36723179e2b19a48e9277a6591bbd888a06e0f2f142cd4495be4ba7274d69ba32a2788b935b2f18c5f336cb9de062829e2e0bb476efb36c3f53a766c14314f31637a464ac59d378ad7f51bef8d88715613653a427038e0d3e4dc3948bb1d70eb55c91c92f7510b1c0387253b458d2c90d17238f9eb239c680179a6c1e0759be367963e3b4d7395fd3911626582a094e6a8d0e746242f94267a4c57d5b2360ce3a6f7f3e3c10e124a54ed24d1585bc7b731cf731c94ee00ebf070b999b9bf28d76bfec9dcf12fcce2b9c4444c706ec6b943b5f39e9151a764ba1cd0cd6c1c7cdc3aa824cf17da705be27a18fbee41be39d6ae4dd4312f5f4bfee2c5bb21d941666f9d79b0f80c9b1bace84a05d2b0e3be1c3fd04d72b4b0124595c435813969d413960fddc858730a433383f3bc0472cb7683ea569e001f00"/3584, 0xe00) sendfile(r3, r5, 0x0, 0x11f06) [ 2657.547576][T27889] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2657.555392][T27889] [ 2657.565271][T27885] loop4: detected capacity change from 0 to 512 [ 2657.578123][T27889] loop5: detected capacity change from 0 to 512 [ 2657.585323][T27881] CPU: 1 PID: 27881 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2657.595376][T27881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2657.605273][T27881] Call Trace: [ 2657.608394][T27881] [ 2657.611172][T27881] dump_stack_lvl+0x151/0x1b7 [ 2657.615684][T27881] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2657.620981][T27881] dump_stack+0x15/0x17 [ 2657.624972][T27881] should_fail+0x3c0/0x510 [ 2657.629223][T27881] ? security_sb_alloc+0x3f/0x140 [ 2657.634083][T27881] __should_failslab+0x9f/0xe0 [ 2657.638686][T27881] should_failslab+0x9/0x20 [ 2657.643024][T27881] __kmalloc+0x6d/0x350 [ 2657.647028][T27881] ? down_read_killable+0x250/0x250 [ 2657.652061][T27881] ? __kasan_kmalloc+0x9/0x10 [ 2657.656566][T27881] security_sb_alloc+0x3f/0x140 [ 2657.661260][T27881] alloc_super+0x172/0x7d0 [ 2657.665511][T27881] ? get_tree_bdev+0x680/0x680 [ 2657.670109][T27881] sget_fc+0x236/0x640 [ 2657.674014][T27881] ? test_bdev_super_fc+0x70/0x70 [ 2657.678879][T27881] get_tree_bdev+0x28c/0x680 [ 2657.683305][T27881] ? erofs_release_device_info+0x90/0x90 [ 2657.688775][T27881] erofs_fc_get_tree+0x1c/0x20 [ 2657.693372][T27881] vfs_get_tree+0x88/0x290 [ 2657.697622][T27881] do_new_mount+0x289/0xad0 [ 2657.701965][T27881] ? do_move_mount_old+0x160/0x160 [ 2657.706911][T27881] ? security_capable+0xb2/0xd0 [ 2657.711598][T27881] ? ns_capable+0x8a/0xf0 [ 2657.715770][T27881] path_mount+0x60b/0x1050 [ 2657.720194][T27881] __se_sys_mount+0x2d2/0x3c0 [ 2657.724707][T27881] ? __x64_sys_mount+0xd0/0xd0 [ 2657.729308][T27881] __x64_sys_mount+0xbf/0xd0 [ 2657.733734][T27881] do_syscall_64+0x44/0xd0 [ 2657.737987][T27881] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2657.743712][T27881] RIP: 0033:0x7fc55e52a5fa [ 2657.747969][T27881] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2657.767415][T27881] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2657.775657][T27881] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2657.783470][T27881] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2657.791281][T27881] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 18:24:49 executing program 3: r0 = creat(&(0x7f0000000400)='./bus\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000440)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [{}], "c736176aabaa68c083e0934f4d0e2db6f5b3d7ea82e11cdb0246429f37308042916a2fcb9bd4cd83cedc01f8d9dbb048df5fb6494f1e70b1984ab413015b605ab750b6223942aee799daaa159d03a4b45db2ba095412f548ba66f6dffa7f62b8907a5036240a1315e232c25a00a1ab351213ddcaca2f4d149183b4fc783a1ea822bd2248356c283497b75d526c64a4a10d1db3a65f2d90c34af2aed5c608f21866878bd03f7a107e2335a3f7f52a72717d3dbfbf84e17866868aec7d33936987eb8f692be69ec5cf3fa5697a9533ddebd7047b86c288a5aec219a8dc6284cab06741730ee9b20ea7d1a9fb01e065703d696a69c11a196554186fecf630c2b9bdb76255702c0fa3658a802891e3fcee3ab11f5ec0ee9c46efeb0f4da12b752a2e13a3c36e4f31919cdc4404d1833504091951784fca8c9b596263fee6b1cafa7be4431f67a9cbf48ec56a171a719a9fe77b7f9fefa99c46bdc067e8b5477a32655c09b3024f6917a4dd4f77fb095d06fa47aa8b8ab199c18cf101a8904d1415b63abc35ee7e6c9bb41528ef467f4be7f105779d6114923e22b3561de8825984e134d5aecbd2aea530bcc639beafec06a298605f22e801b45363b79046b86d3991880249aeebe9e81d80405bfac3c0351651692151db3d0c8ca2db3948077e3b1fdcc691bceaa30ba484b7236dc113339486d7b89df507a918d5087e5f3e242b0e5c0bbb726d36e8e106f00cb7a8a107353ab481c9a724a72dd6539acb7a033984413aa2fdf3dbeecf8ac5850e5cc2b8ec5e08c6683d108db0a5f155fc876bda4ead7174fa5e2c3a5902d1636986aecb78037e6d7ebb55d4ef2e62d0a0c49f74671d93ea4b9a125cca9e54b635c37530271933f436e36c451aea20eeaf2b8aa097647776265f7f1d8f69f2fa816bfd5df516f005850cef1d34fec93cf0a2dfa59e42bc9ad7a4c379d7fd5d6cbbeb260ee194efde03dec8f66097b2a6333d12a4971de897832cfb179786261190e864a24ca465cc13dd39fd7aa1343cd434e26857d473b256bd0471a344002ea5adab20493d8f6cf1ea7b675697328dea75b32c991b12a8f8170585cd4e78ff748ab096a94c1ccb4053e59c6e6cf26d404a1228f2c4a3e067676df3e7d33fce2ffe58ef1188bcc165859989b1e832a2e79327721f2ed116af1a4bb75e59a1f23661f7a843b817328e14c38052c8eec8932b3f6c83db58ee998d5fba5f7057f3b39db2d926867c53d9e7e00248d9ebf5e2abeda344cadda244677508215eeef271e42f94b9e9ddc740b2fbd97ff267d9ab4b657941393558af51007de29e16e4ae8b42c6211ee1ab4473ea803a3fe613b4351d8c6aeb48f12e6cf56cd4af0eadb090440ceb41a973481ded8808992eb65ea5fe1adc08da534b8079ed12a3917bbc201cd46ecf71d5c6e8fc2625fa61e8b0ff318d541eeb5b3f9f90ab231dd0f03dd67c56c5fa7a3490f9cc59e984debfb8e1c4421eab95cab7293c031caec7ec310080297a5ce5f5bba473f996c30c88d5ae3978cbd71a79ac09913d0d680c9f63fbc7bbf9f6e66f0cb6c4648d66d800305a8d06054f7489a0c4fca58643d4a571353275a6375c2195be358d90b30a226db7d6371a61297947b4d5af8c0d5ef951a464da024d9045df54f425ae12b4eb79dcbe7d412b5dd7256ced54db5156d15f5917de7cbfa6b4140425f0ab456eb6a84d00a9e3b4082d4556d0b51e8ef51bd7296645a59ee07ed59ab20f56f59dbed83b31db7063b7d0d2c83a7df1fb94af215c02f330cd0e60603a9eadecdcdf821e9bc6ba162a6a49798962d32383671dd4d70d132144fcee390796f043d6c4042e4f7b1374ae91fe618c1064df0f956ea81c8410e68377a9a8f027b7a551eb9c211469d8fdee0e3cb3c016173e96f1b13581ce82b55b440b632771e8d540f5f615172761d60b9fde87123c91b205654c8be1f03653221ab4dc85606b1178b114f0835e25394a17c48902b11c60d0813a20c6a6e7bfd7228effe03e8797beb0468d78178308d46340602b0c527f4f05ea4c71850135585decebe9ec401cca19eafc9fc69ab9d5ad404174be8561033822535a2626306008e2142658198e0983d8c7c4cdab10834125e54ba3d36e45e70fa208cfebc54e2af883cda1ba7058d53ffb87d5432d6626bdb161b7814c02c08d0d6061e8d8f8d6aebd64099c1209961b52f26378ff69362b5b2f746a9f52837595725b67551d21da1c4e1419fd0ec5f414a6366018c1d7c32921dd395a36cca7bc3de8d8a76fc3d425afe63b129f7fa2b0660e23a1a1b684aaf3d39406a63132cd926eed5b513f2fd8546b251591c51e2e4f230fe1e8ecd1de19897d1ad965e31570acd8811f3fd369fcfc48df6d5856e95a3e72bfda51cf97901e4befa35e14415433107aef436ff6249099b957503545da788b50a9e2feb1e88e7283f1708a1f2f146cd215f642fe77014f386b25a6d92a91418759d95096ead5e427ed03d47c2b9fcff8a1c8217ada7051e6233061ec6085101622254f6470227d0bc629349912655202d31a3bc1d75263c6bab968da0d0a459de1251c048d19272a08256d45b8370917dfe70cc50d3fca5f3d105cb0c64eccca0deef4a256cc051491bde751169a672e272137fdc7cfca1639b9ea4382f7fe0312b83d5e87830abe79bc537abe7a2f689d90f08b40e4166bcaaa608248a6e39cec4fa0bce8b84b34abff6d3ab25f0a93599194c105d02ece067586f77f48a9c7905bf3937f143aded01f8ed7b7ddf3cd03e5b4f60878f38be59a742c69b50a1c19cecb8233b5429f1ea4db173610cbad6b5ebf8311549feb3506600d7e544eb6eada7f45af93621fbaa6466c80125119aae8d830d4726da3d733904d94afa8a45be1284c862cefa1eb0e7dd37262bb69740f103851b03f4725b026d460ad1f27b0135caf805cb366fedc0dc301333aa5a5c33a435da6a731aee0ec321263478d5805cd5768e1ae0f464db2647fb1131af40571c244113c5eead1b96f2659c7cd54e4d398b5481bcdd6c7c64ba46ad0f6dac075a16724961355950f45dd3779999ec8eb1f00ab8468ef3f3fd3deaffb01bec66befd002b659faa01314711378cc6a1dbbb69f3f2a659bae32c4e058f0198b6581a27abb26da5d73d0f5e6db7e94838790a8ca9d7e9abc1867069b57115b5c49a61fed59cbd3643dd22a3b45f2b49a3c3cd80d8f6e7950181cd1ba57d66ef6be437c41f773d078108fa0aaf2d12b6a797f694f20611102ec75e580a52997e7cbd84ddd1fe647f12153574bfdb3644c72c0f8c6c43430b7b0d055e9cc7f351ef311d4b1d0951f8ca5b6375542bb947ff65a251941cd9534825d18d1e25ce855797fa7c7bac8d140a83913ea90c73640436ae1e4c21c02881e6bccd5795c9be890a6aaea190fd6873fa1d455ea08b11cf7c503bb8f4f9f39c2dac87de74e5980ab8ef95fca0bc2784bf00622ab7909efb269c2bbd6174817e2f12aaed8419feea21a83866a55641e85f1b5bcdf5b02d1c8c30826847aa097b1ed8e6f15431c247313d18de00849441d9ab0ac7ef3fdabfc058fd8398d76d3d277848a46d94c452ffe41a93b5d75eed7109b1a631e66cae951c3907bd644ef07e8477d9ec0d5111f7088e243ac47ab7618de9b8ac14366b34d0b021fbf05ebcd39896817ab1ec30bf5d24c66af693618be4fa937826a0f9d38c16713f04fc5d2123749a65c657c58272f9786e5a5c9c5cff2c77986b7ca7ec606d4b75cb4dfbd7bab75a5fa3b46507cbc91230942b3aef3cb79f4a10daf453f27079e800db39403a2089090ad75563a22aa63c0fd8026f5ed2cc574a65e4e02f7db0dda520f2bb06fb735c56e0f6075add4f835011ad151188476a69684c13bd0cca1372c2be4d1961f8cd535c3476a2b2dbc98cf35a6f7cbc5e8aee2e51093137d1149f78984f0785fa87fb1c417ecd6918e938817e7e6e8980312436901e59d80d4a0f823219bf1f30a7da9cc4b8bcc7eb75534b7bffcce23fb33435ca2c83a2561dd695f137db335ace61d8c0cd23b64cdf32342bef774cf5acb455bffe40361bbdf008253e978a680a67928521a79b9dae368605573bd2a1bd2c6dffcc1764ff998e8923eaa5097f1116e83a2cba326baff4ed63315c6a9290a46ad06494380c554c1f28403dc97f929bf00c119f0f79cbd0cb36acc58e5c3250fa4cf7b536478f8f580dd3ec6d088aeca20ddf5cab2a4de1afa483e9aff7f6c06b17a41596ff0fbbd20859d2691e0118f262a6b26e9db78be6bcdb92780273ef22c894a25bb7c5cd191106e74b313412f8e730af2de88d3c243798a1223d9b26e632ed9a8ada8d6ab6a081295c1d9a200e684846b07d638bf7e15d658d04f0d4e729054b250f857ece5a54e6be4661758b77074551b2eaa2186f9c3293228aa911a929baa75f244c7f6b94382baa8a6117459418d3ebf31ced793ee03dcc5e670627a15abf58f1fd36f489df15beaf0e4e64f84a3b9fb40435eab1d46db59347721d1aecdc3e5bfea", ['\x00', '\x00', '\x00']}, 0x1000) r1 = open(&(0x7f0000000200)='./bus\x00', 0x185200, 0x0) write$binfmt_elf64(r0, &(0x7f00000017c0)=ANY=[], 0x12) dup3(r1, r0, 0x0) finit_module(r1, 0x0, 0x0) 18:24:49 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 81) [ 2657.799105][T27881] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2657.806905][T27881] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2657.814724][T27881] [ 2657.820636][T27887] __nla_validate_parse: 2 callbacks suppressed [ 2657.820654][T27887] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2657.826758][T27885] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 18:24:49 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 71) 18:24:49 executing program 3: syz_mount_image$f2fs(&(0x7f00000105c0), &(0x7f0000010600)='./file0\x00', 0x2, &(0x7f00000003c0)=ANY=[@ANYBLOB="009f8bbda91e8d8c0a952f40080341bb1de824dfe4555cc62fd300684a0cad4c455e5102bc62570d87538f8f86a41ce0df140728def7dbd573b203c1b1ba6defe961b5cb5334d74af0671ebf1eafb1cc84d8e25e5840d3de756f4062577e952b0999d5217516e0250f9756920709c4014c286b5940f9e4"], 0x1, 0x105a5, &(0x7f0000020c40)="$eJzs3M1rI2UcB/Bftu6r61pkX/TkgAgNmNC03aIgUnUXXbBL8eXgSdNkGrKbZEqTvrhnPemf4FUQ8ebf4MV/Y/EgeBK8rSiZmcpW96A226zbzwem32eePPPL84RcnkyZAI6t2eTXXypxIc5GxExEnI/I25XyyK0U8WxEPB8RJ+47KmX/nx2nIuJcRFwYFy9qVsqXln+7e++r5268+vk3d6uNn77+cnqrBqbtxYjobxbt3X6RWafIW2V/c6ebZ39pp8zihf7t8jwrcjddzyvsNvfHNfNc7BTjs83t4Tg3es3WODvdjbx/c1C84XCns18nv+BWcys/b6freXaHWZ6dO8W89sq8MxwVddplvU/y8jEa7WfRn+6lxXo2b+fZGozK/qJu1k73xrlTZvl20cp67Xwe6//5Y37kvdMdbO8lO+nWsJsNkqv1xsv1xnKtsZW101G6VGv228tLyVynNx5WG6XN/konyzq9tN7K+tVkrtNq1RqNZO5aut5tDpJGo75Yn69drZatl5K3bn6Q9NrJ3Djf6A62R93eMNnItpLiimqyUF98pZq80EjeW11L1t69fn117f2Prn148/XVG2+Wg/42rWRuYX5hodaYry00qtZ/GJXDXc5x5wsE8K/Z/wPTYP9v/x/2v8d+/bZvHIovEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAsfXjye/ezhuzxfmTZf9TZdczEXElIi5HxKWI+P0BZuLUgZoXI6JSth80/uRf5vB9JfIK42tOl8e5iFgpj3tPP+xPAQAAAB5f3/7w6WcRM+Nm/ue1aU+Io1T+aHNmUvXyn3yemFS1i3mxvQlVu7RfciIuR8TJ2Z8nVO1KRJw4//GEqv0jMwfizH1RKeLEUc4GAAA4Ggd3AhPbvQEAAPDI+WLaE2A68vu15f/il/eCTxdR3hA8e+AMAAAA+B+qTHsCAAAAwEOX7/89/w8AAAAeb8Xz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD/YuZfctKEoDMAHqAt9qajisRVGVYcMWESX0GEnnbW76aisoRJiD5mRWZYQQYR9E8URg0i+xgn6Psmcawt+HZgdX2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo03WxXv7d/v7TNGd/aCbPtwEAAABO2RXrZbkYV+cf0vVP6dKXiJhHxCwiphFxanYfxNta5iQieml96v3Fkx7+R5QJx88M0/E+Ir6l4/Zz278CAAAAXK7tZrGKGByX5cvXrhvinNJNm1GuvPKWz5tcaZMy7GemtOl9ZBaziCjGN5nS5hHR//g9U9qzDGpl9Kj0qtI/ZzcAAMB51CeBbNMbAAAAL86PrhugG+V+bfovftoLHlYlbQi+q50BAAAAr1Cv6wYAAACA1pXzv+f/AQAAwGWrnv8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAm3bFerndLFZNc/aHZh6CJv+ufjVtBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDv25x0FQiAMwmDv+r7T4P2PJQ2amZtUgfDxNwYDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8+t1f/k9MjTPJ3Gtj6XkkWTs1tk6NvXPj6A/j69cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABf7c3cCIRAEYbDv/M9pMf+wpEFjEKEKFj5mmIcFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPii3/3yf2JqnEnmThtLxyPJ2lVj66qx96Bx9GC8/RsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrC/tzbJgyEcRx+fUmUuE1GSG8lMAMNFYIR+JCQLHkGBmAhGipai0VgBZDgXNOZgudp/r/iinsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNd0efjiLSKKSF2mSOPNz+k9Ij4ibdt29HnLYnc+Nl/3nO0Pk5zfMf0tI6KMoo9zAAB6V3WbY7Wul395//MO8g7zVvOmXjzz0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAV3buWLWpKAwA8EnSRKuToxVEcNDFxiZWI2RxKHQXBN1CG0sxVUkztKVLn0B0cvUV7Kav4AsIDlpwcOig4CKIkuQmPcEgKcK9oX4f/Pf+ucO552QI/Pc/NwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwLEc7oWzgzwXQpibOcq73n/dXRl3fvvsw9wgvtx5czEesztEMYTwcL3VvJ7iWqbd5vbOo0ar1WxLJBLJMMn6lwkAgJOmmES3rv9U3F/uXsvVQ/j1arT+vxLl4S/1/+eX5y8M4ufWu058r7j+X0hthdOv3Nl4Wt7c3rm2vtFYa641H1erlcWbizdu36qUe89Kyp6YAAAA8G9KScT1f77+Z///TJSHCev/e0sP7sf3Kqj/xzpq+mU9EwAAgP/buUvfv+XGXM+VSmGr0em0F/rH4edK/5jBVI/tVBJx/V+oZz0rAAAAIA2He7mR/v9qlIcJ+//zr3cP4jELIYTZpP8/v/KktZrecqZaGq8TZ71GAAAAsjWbRNz/L/b2/+eHWx7yIYSrl/t58jeAE9X/H1/cHXlpPd7/X01viVMpX+t/H71zLYSZWtYzAgAA4CQ7nUS32D8o7i+3fzxfKtn/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBvduwYJWIgCgBoNtloJS5YiFp5AVG0sFqwEMRG8AqiIHgCEdQDiKWW3sHSO2ytIIiF5RZ6AplJRmUttEqUfQ8m/2cImZ9Jkx8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgR8ONz7wIh16V5/Xc/evJXogPIzF4uZ5bCCPknSaL/oc6621XAAAAwDgoUn+fZdlzebsVYt6P/X+Zrgk9/81Ulad+frTvT/Hu8nE+9f+nO4vHHwv1qnXCTQ8Oj/aXG3vCv2/6+9TV7tPq29nabH3ajTsf/70U8YXk2+czwzLuZ+diMNiciOlkw4UDAL+2lGKdpO+hEFfaLAyAsdGtR/al/y/67dYEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0IT3AAAA//9UhWfc") open(&(0x7f0000002000)='./bus\x00', 0x143142, 0x0) r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.throttle.io_serviced_recursive\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f00000001c0)=ANY=[], 0x208e24b) preadv(0xffffffffffffffff, &(0x7f00000015c0)=[{0x0}], 0x1, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 18:24:49 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 79) [ 2657.849345][T27887] device wireguard0 entered promiscuous mode [ 2657.917115][T27904] FAULT_INJECTION: forcing a failure. [ 2657.917115][T27904] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2657.932042][T27906] loop7: detected capacity change from 0 to 32064 [ 2657.968803][T27904] CPU: 0 PID: 27904 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2657.970459][T27908] loop1: detected capacity change from 0 to 16 [ 2657.978883][T27904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2657.978899][T27904] Call Trace: [ 2657.978904][T27904] [ 2657.978911][T27904] dump_stack_lvl+0x151/0x1b7 [ 2657.978937][T27904] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2657.978953][T27904] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2657.978971][T27904] dump_stack+0x15/0x17 [ 2657.978986][T27904] should_fail+0x3c0/0x510 [ 2657.979005][T27904] should_fail_alloc_page+0x58/0x70 [ 2657.979021][T27904] __alloc_pages+0x1de/0x7c0 [ 2657.979037][T27904] ? __count_vm_events+0x30/0x30 [ 2658.038366][T27904] ? __kasan_check_read+0x11/0x20 [ 2658.043223][T27904] ? __vm_enough_memory+0x118/0x310 [ 2658.048258][T27904] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2658.053726][T27904] ? shmem_swapin_page+0x15c0/0x15c0 [ 2658.058850][T27904] ? xas_start+0x33d/0x410 [ 2658.063098][T27904] ? xas_load+0x2c7/0x2e0 [ 2658.067279][T27904] ? pagecache_get_page+0xcc8/0xdb0 [ 2658.072314][T27904] ? page_cache_prev_miss+0x430/0x430 [ 2658.077510][T27904] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2658.082890][T27904] ? lru_cache_add+0x273/0x530 [ 2658.087491][T27904] shmem_getpage_gfp+0x1487/0x25f0 [ 2658.092461][T27904] ? shmem_getpage+0xa0/0xa0 [ 2658.096868][T27904] ? fault_in_safe_writeable+0x240/0x240 [ 2658.102340][T27904] ? __kasan_check_write+0x14/0x20 [ 2658.107281][T27904] ? shmem_write_end+0x786/0x8a0 [ 2658.112056][T27904] shmem_write_begin+0xc8/0x1b0 [ 2658.116741][T27904] generic_perform_write+0x2cd/0x5d0 [ 2658.121863][T27904] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2658.127503][T27904] ? file_remove_privs+0x690/0x690 [ 2658.132452][T27904] ? __kasan_check_write+0x14/0x20 [ 2658.137401][T27904] ? down_write+0xdd/0x140 [ 2658.141663][T27904] __generic_file_write_iter+0x25b/0x4b0 [ 2658.147123][T27904] generic_file_write_iter+0xaf/0x1c0 [ 2658.152330][T27904] vfs_write+0xc8d/0x1050 [ 2658.156498][T27904] ? file_end_write+0x1b0/0x1b0 [ 2658.161184][T27904] ? __fget_files+0x310/0x370 [ 2658.165697][T27904] ? __fdget_pos+0x1fe/0x310 [ 2658.170126][T27904] ? ksys_write+0x77/0x2c0 [ 2658.174378][T27904] ksys_write+0x198/0x2c0 [ 2658.178546][T27904] ? __ia32_sys_read+0x90/0x90 [ 2658.183143][T27904] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2658.189047][T27904] __x64_sys_write+0x7b/0x90 [ 2658.193471][T27904] do_syscall_64+0x44/0xd0 [ 2658.197727][T27904] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2658.203452][T27904] RIP: 0033:0x7fcbd55afe4f [ 2658.207706][T27904] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2658.227236][T27904] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2658.235480][T27904] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2658.243311][T27904] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2658.251104][T27904] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2658.258917][T27904] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2658.266730][T27904] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2658.274544][T27904] [ 2658.289259][T27908] FAULT_INJECTION: forcing a failure. [ 2658.289259][T27908] name failslab, interval 1, probability 0, space 0, times 0 [ 2658.303480][T27910] FAULT_INJECTION: forcing a failure. [ 2658.303480][T27910] name fail_page_alloc, interval 1, probability 0, space 0, times 0 18:24:50 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 72) [ 2658.318631][T27906] loop_set_block_size: loop7 () has still dirty pages (nrpages=48) [ 2658.339615][T27912] FAULT_INJECTION: forcing a failure. [ 2658.339615][T27912] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2658.352535][T27912] CPU: 0 PID: 27912 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2658.362557][T27912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2658.372447][T27912] Call Trace: [ 2658.375579][T27912] [ 2658.378355][T27912] dump_stack_lvl+0x151/0x1b7 [ 2658.382869][T27912] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2658.388157][T27912] ? __kasan_check_read+0x11/0x20 [ 2658.393018][T27912] dump_stack+0x15/0x17 [ 2658.397010][T27912] should_fail+0x3c0/0x510 [ 2658.401284][T27912] should_fail_usercopy+0x1a/0x20 [ 2658.406123][T27912] copy_page_from_iter_atomic+0x433/0x11c0 [ 2658.411769][T27912] ? pipe_zero+0x4d0/0x4d0 [ 2658.416022][T27912] ? __kasan_check_write+0x14/0x20 [ 2658.420966][T27912] ? shmem_write_end+0x786/0x8a0 [ 2658.425743][T27912] generic_perform_write+0x343/0x5d0 [ 2658.430864][T27912] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2658.436503][T27912] ? file_remove_privs+0x690/0x690 [ 2658.441451][T27912] ? __kasan_check_write+0x14/0x20 [ 2658.446397][T27912] ? down_write+0xdd/0x140 [ 2658.450660][T27912] __generic_file_write_iter+0x25b/0x4b0 [ 2658.456122][T27912] generic_file_write_iter+0xaf/0x1c0 [ 2658.461327][T27912] vfs_write+0xc8d/0x1050 [ 2658.465495][T27912] ? file_end_write+0x1b0/0x1b0 [ 2658.470181][T27912] ? __fget_files+0x310/0x370 [ 2658.474709][T27912] ? __fdget_pos+0x1fe/0x310 [ 2658.479120][T27912] ? ksys_write+0x77/0x2c0 [ 2658.483377][T27912] ksys_write+0x198/0x2c0 [ 2658.487629][T27912] ? __ia32_sys_read+0x90/0x90 [ 2658.492231][T27912] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2658.498130][T27912] __x64_sys_write+0x7b/0x90 [ 2658.502559][T27912] do_syscall_64+0x44/0xd0 [ 2658.506812][T27912] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2658.512539][T27912] RIP: 0033:0x7fcbd55afe4f [ 2658.516793][T27912] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2658.536237][T27912] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2658.544480][T27912] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2658.552293][T27912] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2658.560108][T27912] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2658.567916][T27912] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2658.575729][T27912] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2658.583545][T27912] [ 2658.592737][T27910] CPU: 1 PID: 27910 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2658.602813][T27910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2658.612720][T27910] Call Trace: [ 2658.615830][T27910] [ 2658.618614][T27910] dump_stack_lvl+0x151/0x1b7 [ 2658.623121][T27910] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2658.628417][T27910] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2658.633626][T27910] dump_stack+0x15/0x17 [ 2658.637618][T27910] should_fail+0x3c0/0x510 [ 2658.641957][T27910] should_fail_alloc_page+0x58/0x70 [ 2658.646991][T27910] __alloc_pages+0x1de/0x7c0 [ 2658.651419][T27910] ? __count_vm_events+0x30/0x30 [ 2658.656191][T27910] ? __kasan_check_read+0x11/0x20 [ 2658.661053][T27910] ? __vm_enough_memory+0x118/0x310 [ 2658.666090][T27910] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2658.671557][T27910] ? shmem_swapin_page+0x15c0/0x15c0 [ 2658.676678][T27910] ? xas_start+0x33d/0x410 [ 2658.680931][T27910] ? xas_load+0x2c7/0x2e0 [ 2658.685098][T27910] ? pagecache_get_page+0xcc8/0xdb0 [ 2658.690132][T27910] ? page_cache_prev_miss+0x430/0x430 [ 2658.695337][T27910] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2658.700723][T27910] ? lru_cache_add+0x273/0x530 [ 2658.705367][T27910] shmem_getpage_gfp+0x1487/0x25f0 [ 2658.710274][T27910] ? shmem_getpage+0xa0/0xa0 [ 2658.714703][T27910] ? fault_in_safe_writeable+0x240/0x240 [ 2658.720161][T27910] ? __kasan_check_write+0x14/0x20 [ 2658.725115][T27910] ? shmem_write_end+0x786/0x8a0 [ 2658.729886][T27910] shmem_write_begin+0xc8/0x1b0 [ 2658.734575][T27910] generic_perform_write+0x2cd/0x5d0 [ 2658.739697][T27910] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2658.745336][T27910] ? file_remove_privs+0x690/0x690 [ 2658.750283][T27910] ? __kasan_check_write+0x14/0x20 [ 2658.755230][T27910] ? down_write+0xdd/0x140 [ 2658.759482][T27910] __generic_file_write_iter+0x25b/0x4b0 [ 2658.764955][T27910] generic_file_write_iter+0xaf/0x1c0 [ 2658.770159][T27910] vfs_write+0xc8d/0x1050 [ 2658.774330][T27910] ? file_end_write+0x1b0/0x1b0 [ 2658.779024][T27910] ? __fget_files+0x310/0x370 [ 2658.783528][T27910] ? __fdget_pos+0x1fe/0x310 [ 2658.787954][T27910] ? ksys_write+0x77/0x2c0 [ 2658.792212][T27910] ksys_write+0x198/0x2c0 [ 2658.796371][T27910] ? __ia32_sys_read+0x90/0x90 [ 2658.800986][T27910] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2658.806880][T27910] __x64_sys_write+0x7b/0x90 [ 2658.811304][T27910] do_syscall_64+0x44/0xd0 [ 2658.815555][T27910] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2658.821282][T27910] RIP: 0033:0x7fb257acee4f [ 2658.825536][T27910] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2658.844985][T27910] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2658.853232][T27910] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2658.861039][T27910] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2658.868852][T27910] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2658.876667][T27910] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2658.884478][T27910] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2658.892294][T27910] [ 2658.900025][T27908] CPU: 0 PID: 27908 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2658.901443][T27912] loop4: detected capacity change from 0 to 512 [ 2658.910087][T27908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2658.910101][T27908] Call Trace: [ 2658.910107][T27908] [ 2658.910114][T27908] dump_stack_lvl+0x151/0x1b7 [ 2658.910137][T27908] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2658.920597][T27912] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 2658.926063][T27908] dump_stack+0x15/0x17 [ 2658.926089][T27908] should_fail+0x3c0/0x510 [ 2658.960343][T27908] ? __list_lru_init+0xae/0x5a0 [ 2658.965029][T27908] __should_failslab+0x9f/0xe0 [ 2658.969632][T27908] should_failslab+0x9/0x20 [ 2658.973971][T27908] kmem_cache_alloc_trace+0x4a/0x310 [ 2658.979095][T27908] __list_lru_init+0xae/0x5a0 [ 2658.983606][T27908] alloc_super+0x696/0x7d0 [ 2658.987858][T27908] ? get_tree_bdev+0x680/0x680 [ 2658.992459][T27908] sget_fc+0x236/0x640 [ 2658.996371][T27908] ? test_bdev_super_fc+0x70/0x70 [ 2659.001226][T27908] get_tree_bdev+0x28c/0x680 [ 2659.005650][T27908] ? erofs_release_device_info+0x90/0x90 [ 2659.011122][T27908] erofs_fc_get_tree+0x1c/0x20 [ 2659.015719][T27908] vfs_get_tree+0x88/0x290 [ 2659.019974][T27908] do_new_mount+0x289/0xad0 [ 2659.024405][T27908] ? do_move_mount_old+0x160/0x160 [ 2659.029348][T27908] ? security_capable+0xb2/0xd0 [ 2659.034034][T27908] ? ns_capable+0x8a/0xf0 [ 2659.038202][T27908] path_mount+0x60b/0x1050 [ 2659.042457][T27908] __se_sys_mount+0x2d2/0x3c0 [ 2659.046968][T27908] ? __x64_sys_mount+0xd0/0xd0 [ 2659.051569][T27908] __x64_sys_mount+0xbf/0xd0 [ 2659.055994][T27908] do_syscall_64+0x44/0xd0 [ 2659.060257][T27908] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2659.065978][T27908] RIP: 0033:0x7fc55e52a5fa [ 2659.070230][T27908] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2659.090110][T27908] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2659.098355][T27908] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2659.106164][T27908] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2659.113978][T27908] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 18:24:51 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 82) 18:24:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000003d000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f0000000240)="26400f070f53f366b821018ee0c481dd567c4e1466baf80cb8b0e03e81ef66bafc0cedb8982e3b8aef66bafc0c66b8000066ef43abb97e030000b800400000ba000000000f30643ef3400f1a534b440f20c03508000000440f22c066420f32", 0x5f}], 0x1, 0x41, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000080)=0x1) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000340)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x10005, 0x0, 0x0, 0x112200}) [ 2659.121789][T27908] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2659.129599][T27908] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2659.137416][T27908] [ 2659.175047][T27918] FAULT_INJECTION: forcing a failure. [ 2659.175047][T27918] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2659.187989][T27918] CPU: 1 PID: 27918 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2659.197966][T27918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2659.207865][T27918] Call Trace: [ 2659.210984][T27918] [ 2659.213849][T27918] dump_stack_lvl+0x151/0x1b7 [ 2659.218365][T27918] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2659.223662][T27918] ? __kasan_check_read+0x11/0x20 [ 2659.228519][T27918] dump_stack+0x15/0x17 [ 2659.232511][T27918] should_fail+0x3c0/0x510 [ 2659.236765][T27918] should_fail_usercopy+0x1a/0x20 [ 2659.241628][T27918] copy_page_from_iter_atomic+0x433/0x11c0 [ 2659.247279][T27918] ? pipe_zero+0x4d0/0x4d0 [ 2659.251523][T27918] ? __kasan_check_write+0x14/0x20 [ 2659.256477][T27918] ? shmem_write_end+0x786/0x8a0 [ 2659.261247][T27918] generic_perform_write+0x343/0x5d0 [ 2659.266369][T27918] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2659.272010][T27918] ? file_remove_privs+0x690/0x690 [ 2659.276960][T27918] ? __kasan_check_write+0x14/0x20 [ 2659.281907][T27918] ? down_write+0xdd/0x140 [ 2659.286160][T27918] __generic_file_write_iter+0x25b/0x4b0 [ 2659.291629][T27918] generic_file_write_iter+0xaf/0x1c0 [ 2659.296837][T27918] vfs_write+0xc8d/0x1050 [ 2659.301001][T27918] ? file_end_write+0x1b0/0x1b0 [ 2659.305687][T27918] ? __fget_files+0x310/0x370 [ 2659.310203][T27918] ? __fdget_pos+0x1fe/0x310 [ 2659.314629][T27918] ? ksys_write+0x77/0x2c0 [ 2659.318879][T27918] ksys_write+0x198/0x2c0 [ 2659.323046][T27918] ? __ia32_sys_read+0x90/0x90 [ 2659.327647][T27918] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2659.333565][T27918] __x64_sys_write+0x7b/0x90 [ 2659.337976][T27918] do_syscall_64+0x44/0xd0 [ 2659.342229][T27918] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2659.347960][T27918] RIP: 0033:0x7fb257acee4f [ 2659.352210][T27918] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2659.371655][T27918] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2659.379900][T27918] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2659.387712][T27918] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2659.392928][T27905] loop3: detected capacity change from 0 to 131072 [ 2659.395520][T27918] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2659.395536][T27918] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2659.417487][T27918] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 18:24:51 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 73) 18:24:51 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 80) [ 2659.425297][T27918] [ 2659.438612][T27918] loop5: detected capacity change from 0 to 512 [ 2659.456606][T27924] loop1: detected capacity change from 0 to 16 [ 2659.468049][T27905] F2FS-fs (loop3): Found nat_bits in checkpoint 18:24:51 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 83) [ 2659.472322][T27924] FAULT_INJECTION: forcing a failure. [ 2659.472322][T27924] name failslab, interval 1, probability 0, space 0, times 0 [ 2659.492519][T27924] CPU: 1 PID: 27924 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2659.502600][T27924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2659.512492][T27924] Call Trace: [ 2659.515612][T27924] [ 2659.518391][T27924] dump_stack_lvl+0x151/0x1b7 [ 2659.522907][T27924] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2659.528199][T27924] dump_stack+0x15/0x17 [ 2659.532192][T27924] should_fail+0x3c0/0x510 [ 2659.536450][T27924] ? __list_lru_init+0xae/0x5a0 [ 2659.541133][T27924] __should_failslab+0x9f/0xe0 [ 2659.545739][T27924] should_failslab+0x9/0x20 [ 2659.550078][T27924] kmem_cache_alloc_trace+0x4a/0x310 [ 2659.550774][T27927] FAULT_INJECTION: forcing a failure. [ 2659.550774][T27927] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2659.555194][T27924] __list_lru_init+0xae/0x5a0 [ 2659.572730][T27924] alloc_super+0x696/0x7d0 [ 2659.576980][T27924] ? get_tree_bdev+0x680/0x680 [ 2659.581578][T27924] sget_fc+0x236/0x640 [ 2659.585485][T27924] ? test_bdev_super_fc+0x70/0x70 [ 2659.590347][T27924] get_tree_bdev+0x28c/0x680 [ 2659.594775][T27924] ? erofs_release_device_info+0x90/0x90 [ 2659.600250][T27924] erofs_fc_get_tree+0x1c/0x20 [ 2659.604855][T27924] vfs_get_tree+0x88/0x290 [ 2659.609094][T27924] do_new_mount+0x289/0xad0 [ 2659.613434][T27924] ? do_move_mount_old+0x160/0x160 [ 2659.618382][T27924] ? security_capable+0xb2/0xd0 [ 2659.623073][T27924] ? ns_capable+0x8a/0xf0 [ 2659.627244][T27924] path_mount+0x60b/0x1050 [ 2659.631490][T27924] __se_sys_mount+0x2d2/0x3c0 [ 2659.636003][T27924] ? __x64_sys_mount+0xd0/0xd0 [ 2659.640603][T27924] __x64_sys_mount+0xbf/0xd0 [ 2659.645035][T27924] do_syscall_64+0x44/0xd0 [ 2659.649282][T27924] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2659.655012][T27924] RIP: 0033:0x7fc55e52a5fa [ 2659.659267][T27924] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2659.678707][T27924] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2659.686955][T27924] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2659.694766][T27924] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2659.702578][T27924] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 [ 2659.710388][T27924] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2659.718205][T27924] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 18:24:51 executing program 2: socket$inet6(0xa, 0x800000000000002, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$loop_ctrl(0xffffff9c, &(0x7f0000000980), 0x0, 0x0) r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10) openat2(0xffffffffffffffff, &(0x7f0000000280)='./bus\x00', &(0x7f0000000400)={0x0, 0x0, 0x10}, 0x18) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) read$FUSE(0xffffffffffffffff, &(0x7f0000000a80)={0x2020}, 0x2020) statx(0xffffffffffffffff, &(0x7f0000002ac0)='./bus\x00', 0x0, 0x484, 0x0) sendmsg$unix(0xffffffffffffffff, 0x0, 0x4000001) r5 = pidfd_getfd(0xffffffffffffffff, r4, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x14, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b6c", @ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000950000000000000018000000010000000000000000800000950000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f0000000240)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000000340)={0x1, 0x3}, 0x10, 0xffffffffffffffff, r2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='sched_switch\x00'}, 0x10) ioctl$LOOP_CTL_ADD(r3, 0x4c80, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000001c0)) syz_open_procfs(0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, 0x0) 18:24:51 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000000)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) rt_sigprocmask(0x0, &(0x7f0000000200)={[0xfffff7feffff7ffd]}, 0x0, 0x8) r1 = gettid() prlimit64(0x0, 0xb, &(0x7f0000000000), 0x0) tkill(r1, 0x12) r2 = gettid() tkill(r2, 0x15) [ 2659.726018][T27924] [ 2659.728879][T27927] CPU: 0 PID: 27927 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2659.738959][T27927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2659.748842][T27927] Call Trace: [ 2659.751966][T27927] [ 2659.754744][T27927] dump_stack_lvl+0x151/0x1b7 [ 2659.759257][T27927] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2659.764551][T27927] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2659.769760][T27927] dump_stack+0x15/0x17 [ 2659.773754][T27927] should_fail+0x3c0/0x510 [ 2659.778008][T27927] should_fail_alloc_page+0x58/0x70 [ 2659.783041][T27927] __alloc_pages+0x1de/0x7c0 [ 2659.787468][T27927] ? __count_vm_events+0x30/0x30 [ 2659.792254][T27927] ? __kasan_check_read+0x11/0x20 [ 2659.797101][T27927] ? __vm_enough_memory+0x118/0x310 [ 2659.802139][T27927] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2659.807606][T27927] ? shmem_swapin_page+0x15c0/0x15c0 [ 2659.812728][T27927] ? xas_start+0x33d/0x410 [ 2659.816980][T27927] ? xas_load+0x2c7/0x2e0 [ 2659.821233][T27927] ? pagecache_get_page+0xcc8/0xdb0 [ 2659.826271][T27927] ? page_cache_prev_miss+0x430/0x430 [ 2659.831648][T27927] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2659.837031][T27927] ? lru_cache_add+0x273/0x530 [ 2659.841630][T27927] shmem_getpage_gfp+0x1487/0x25f0 [ 2659.846580][T27927] ? shmem_getpage+0xa0/0xa0 [ 2659.851005][T27927] ? fault_in_safe_writeable+0x240/0x240 [ 2659.856472][T27927] ? __kasan_check_write+0x14/0x20 [ 2659.861418][T27927] ? shmem_write_end+0x786/0x8a0 [ 2659.866196][T27927] shmem_write_begin+0xc8/0x1b0 [ 2659.870881][T27927] generic_perform_write+0x2cd/0x5d0 [ 2659.876003][T27927] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2659.881648][T27927] ? file_remove_privs+0x690/0x690 [ 2659.886591][T27927] ? __kasan_check_write+0x14/0x20 [ 2659.891538][T27927] ? down_write+0xdd/0x140 [ 2659.895791][T27927] __generic_file_write_iter+0x25b/0x4b0 [ 2659.901263][T27927] generic_file_write_iter+0xaf/0x1c0 [ 2659.906469][T27927] vfs_write+0xc8d/0x1050 [ 2659.910635][T27927] ? file_end_write+0x1b0/0x1b0 [ 2659.915322][T27927] ? __fget_files+0x310/0x370 [ 2659.919835][T27927] ? __fdget_pos+0x1fe/0x310 [ 2659.924260][T27927] ? ksys_write+0x77/0x2c0 [ 2659.928517][T27927] ksys_write+0x198/0x2c0 [ 2659.932685][T27927] ? __ia32_sys_read+0x90/0x90 [ 2659.937284][T27927] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2659.943191][T27927] __x64_sys_write+0x7b/0x90 [ 2659.947613][T27927] do_syscall_64+0x44/0xd0 [ 2659.951873][T27927] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2659.957689][T27927] RIP: 0033:0x7fcbd55afe4f [ 2659.961934][T27927] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2659.981377][T27927] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2659.989622][T27927] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2659.997434][T27927] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2660.005247][T27927] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2660.013064][T27927] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2660.020879][T27927] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 18:24:51 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000000)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) rt_sigprocmask(0x0, &(0x7f0000000200)={[0xfffff7feffff7ffd]}, 0x0, 0x8) r1 = gettid() prlimit64(0x0, 0xb, &(0x7f0000000000), 0x0) tkill(r1, 0x12) r2 = gettid() tkill(r2, 0x15) 18:24:51 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 81) [ 2660.028685][T27927] [ 2660.035672][T27905] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 2660.055519][T27937] FAULT_INJECTION: forcing a failure. [ 2660.055519][T27937] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2660.086948][T27941] loop1: detected capacity change from 0 to 16 [ 2660.094124][T27937] CPU: 1 PID: 27937 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2660.104185][T27937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2660.114085][T27937] Call Trace: [ 2660.117206][T27937] [ 2660.119984][T27937] dump_stack_lvl+0x151/0x1b7 [ 2660.124508][T27937] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2660.129792][T27937] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2660.134997][T27937] dump_stack+0x15/0x17 [ 2660.138990][T27937] should_fail+0x3c0/0x510 [ 2660.143248][T27937] should_fail_alloc_page+0x58/0x70 [ 2660.148278][T27937] __alloc_pages+0x1de/0x7c0 [ 2660.148656][T27941] FAULT_INJECTION: forcing a failure. [ 2660.148656][T27941] name failslab, interval 1, probability 0, space 0, times 0 [ 2660.152704][T27937] ? __count_vm_events+0x30/0x30 [ 2660.152728][T27937] ? __kasan_check_read+0x11/0x20 [ 2660.174762][T27937] ? __vm_enough_memory+0x118/0x310 [ 2660.179792][T27937] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2660.185259][T27937] ? shmem_swapin_page+0x15c0/0x15c0 [ 2660.190379][T27937] ? xas_start+0x33d/0x410 [ 2660.194629][T27937] ? xas_load+0x2c7/0x2e0 [ 2660.198796][T27937] ? pagecache_get_page+0xcc8/0xdb0 [ 2660.203828][T27937] ? page_cache_prev_miss+0x430/0x430 [ 2660.209037][T27937] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2660.214420][T27937] ? lru_cache_add+0x273/0x530 [ 2660.219020][T27937] shmem_getpage_gfp+0x1487/0x25f0 [ 2660.223968][T27937] ? shmem_getpage+0xa0/0xa0 [ 2660.228391][T27937] ? fault_in_safe_writeable+0x240/0x240 [ 2660.233861][T27937] ? __kasan_check_write+0x14/0x20 [ 2660.238810][T27937] ? shmem_write_end+0x786/0x8a0 [ 2660.243586][T27937] shmem_write_begin+0xc8/0x1b0 [ 2660.248273][T27937] generic_perform_write+0x2cd/0x5d0 [ 2660.253390][T27937] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2660.259031][T27937] ? file_remove_privs+0x690/0x690 [ 2660.264068][T27937] ? __kasan_check_write+0x14/0x20 [ 2660.269012][T27937] ? down_write+0xdd/0x140 [ 2660.273270][T27937] __generic_file_write_iter+0x25b/0x4b0 [ 2660.278739][T27937] generic_file_write_iter+0xaf/0x1c0 [ 2660.283947][T27937] vfs_write+0xc8d/0x1050 [ 2660.288115][T27937] ? file_end_write+0x1b0/0x1b0 [ 2660.292802][T27937] ? __fget_files+0x310/0x370 [ 2660.297322][T27937] ? __fdget_pos+0x1fe/0x310 [ 2660.301738][T27937] ? ksys_write+0x77/0x2c0 [ 2660.305992][T27937] ksys_write+0x198/0x2c0 [ 2660.310158][T27937] ? __ia32_sys_read+0x90/0x90 [ 2660.314769][T27937] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2660.320661][T27937] __x64_sys_write+0x7b/0x90 [ 2660.325087][T27937] do_syscall_64+0x44/0xd0 [ 2660.329340][T27937] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2660.335067][T27937] RIP: 0033:0x7fb257acee4f [ 2660.339322][T27937] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2660.358768][T27937] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2660.367013][T27937] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2660.374825][T27937] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2660.382637][T27937] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2660.390450][T27937] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2660.398257][T27937] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2660.406073][T27937] [ 2660.409659][T27941] CPU: 0 PID: 27941 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2660.419721][T27941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2660.429612][T27941] Call Trace: [ 2660.432739][T27941] [ 2660.435515][T27941] dump_stack_lvl+0x151/0x1b7 [ 2660.440028][T27941] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2660.445323][T27941] dump_stack+0x15/0x17 [ 2660.449313][T27941] should_fail+0x3c0/0x510 [ 2660.453570][T27941] ? kvmalloc_node+0x82/0x130 [ 2660.458084][T27941] __should_failslab+0x9f/0xe0 [ 2660.462684][T27941] should_failslab+0x9/0x20 [ 2660.467022][T27941] __kmalloc+0x6d/0x350 [ 2660.471015][T27941] ? __kasan_kmalloc+0x9/0x10 [ 2660.475531][T27941] kvmalloc_node+0x82/0x130 [ 2660.479868][T27941] __list_lru_init+0x1d6/0x5a0 [ 2660.484476][T27941] alloc_super+0x696/0x7d0 [ 2660.488723][T27941] ? get_tree_bdev+0x680/0x680 [ 2660.493321][T27941] sget_fc+0x236/0x640 [ 2660.497314][T27941] ? test_bdev_super_fc+0x70/0x70 [ 2660.502181][T27941] get_tree_bdev+0x28c/0x680 [ 2660.506606][T27941] ? erofs_release_device_info+0x90/0x90 [ 2660.512073][T27941] erofs_fc_get_tree+0x1c/0x20 [ 2660.516673][T27941] vfs_get_tree+0x88/0x290 [ 2660.520929][T27941] do_new_mount+0x289/0xad0 [ 2660.525266][T27941] ? do_move_mount_old+0x160/0x160 [ 2660.530214][T27941] ? security_capable+0xb2/0xd0 [ 2660.534900][T27941] ? ns_capable+0x8a/0xf0 [ 2660.539082][T27941] path_mount+0x60b/0x1050 [ 2660.543322][T27941] __se_sys_mount+0x2d2/0x3c0 [ 2660.547835][T27941] ? __x64_sys_mount+0xd0/0xd0 [ 2660.552440][T27941] __x64_sys_mount+0xbf/0xd0 [ 2660.556866][T27941] do_syscall_64+0x44/0xd0 [ 2660.561114][T27941] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2660.566850][T27941] RIP: 0033:0x7fc55e52a5fa [ 2660.571093][T27941] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2660.590535][T27941] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2660.598780][T27941] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2660.606773][T27941] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2660.614574][T27941] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 [ 2660.622390][T27941] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2660.630198][T27941] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 18:24:52 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) timer_create(0x0, 0x0, &(0x7f0000000280)) timer_getoverrun(0x0) 18:24:52 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 74) 18:24:52 executing program 2: syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x1e, &(0x7f0000000000)=ANY=[], 0x42, 0x42d, &(0x7f00000004c0)="$eJzs27tvHMUfAPDv7tnO+2f/QnjECWAICIuHXwmQggIQSBQgIUERSsd2IpNLjGIjkciCgFAoUSR6RInEX0AFDQIqJFroUaQIuUmgOrR3u35c7ozPPvsS7vORNpnZndPMd2fnbnbHG0DXGsr+SSL2R8RvEdFfy64tMFT779bS4tRfS4tTSVQqb/2ZVMvdXFqcKooWn9uXZ4bTiPTTJI40qHf+0uVzk+XyzMU8P7pw/r3R+UuXn5k9P3l25uzMhYmTJ08cH3/+uYln2xJnFtfNwQ/njh5+7Z1rb0ydunb6p2+SIv66ONpkaL2Dj7e5sk47sCqd9HSwIbSkFBFZd/VWx39/lGKl8/rj1U862jhgW1Uqlcqu5od3V4D/sCQ63QKgM4of+uz+t9h2aOpxR7jxUu0GKIv7Vr7VjvREmpfprbu/baehiDh15e8vsy225zkEAMAa32Xzn6cbzf/SuG9Vuf/laygDEfH/iDgYEfdExKGIuDeiWvb+iHigxfrrF0lun/+k1zcV2AZl878X8rWttfO/YvYXA6U8d6Aaf29yZrY8M5afk+Ho3ZXlx9ep4/tXfv282bHV879sy+ov5oJ5O6731D2gm55cmNxKzKvd+DhisKdR/MnySkASEYcjYnCTdcw++fXRZsf+Pf51tGGdqfJVxBO1/r8SdfEXkvXXJ0d3R3lmbLS4Km738y9X32xW/5bib4Os//c2vP6X4x9IVq/Xzrdex9XfP2t6T7PZ678vebua7sv3fTC5sHBxPKIveT3f/+LK/omVzxb5onwW//CxxuP/YKyciSMRkV3ED0bEQxHxcN72RyLi0Yg4tk78P7782Lubj397ZfFPt9T/rSdK5374dk2lA63En/X/iWpqON+zke+/jTZwq+cPAAAA7gZpROyPJB1ZTqfpyEjtb/gPxd60PDe/8NSZufcvTNfeERiI3jQrN7b8PLj2PHQ8v60v8hN1+eP5c+MvSnuq+ZGpufJ0p4OHLrevyfjP/FHqdOuAbed9Lehexj90L+MfupfxD92rwfjf04l2ADuv0e//Rx1oB7DzzP+hexn/0L2Mf+hexj90pa281y/RzYlI74hmSGxTYu33xGnvAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHepfwIAAP//2qTlHA==") r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14da42, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80001d00c0d0) open(0x0, 0x0, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143142, 0x0) r3 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r3, 0x2007ffb) sendfile(r2, r3, 0x0, 0x1000000201005) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_user\x00', 0x275a, 0x0) write$binfmt_script(r4, &(0x7f00000003c0)=ANY=[], 0x7c774aac) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) 18:24:52 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000000)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) rt_sigprocmask(0x0, &(0x7f0000000200)={[0xfffff7feffff7ffd]}, 0x0, 0x8) r1 = gettid() prlimit64(0x0, 0xb, &(0x7f0000000000), 0x0) tkill(r1, 0x12) r2 = gettid() tkill(r2, 0x15) 18:24:52 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 84) [ 2660.638015][T27941] [ 2660.658401][T27950] loop2: detected capacity change from 0 to 512 [ 2660.668129][T27951] FAULT_INJECTION: forcing a failure. [ 2660.668129][T27951] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2660.681114][T27951] CPU: 0 PID: 27951 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2660.691169][T27951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2660.701068][T27951] Call Trace: [ 2660.704191][T27951] [ 2660.706966][T27951] dump_stack_lvl+0x151/0x1b7 [ 2660.711483][T27951] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2660.716780][T27951] ? __kasan_check_read+0x11/0x20 [ 2660.721634][T27951] dump_stack+0x15/0x17 [ 2660.725631][T27951] should_fail+0x3c0/0x510 [ 2660.729882][T27951] should_fail_usercopy+0x1a/0x20 18:24:52 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000000)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) rt_sigprocmask(0x0, &(0x7f0000000200)={[0xfffff7feffff7ffd]}, 0x0, 0x8) r1 = gettid() prlimit64(0x0, 0xb, &(0x7f0000000000), 0x0) tkill(r1, 0x12) r2 = gettid() tkill(r2, 0x15) [ 2660.734743][T27951] copy_page_from_iter_atomic+0x433/0x11c0 [ 2660.740391][T27951] ? pipe_zero+0x4d0/0x4d0 [ 2660.744637][T27951] ? __kasan_check_write+0x14/0x20 [ 2660.749588][T27951] ? shmem_write_end+0x786/0x8a0 [ 2660.754360][T27951] generic_perform_write+0x343/0x5d0 [ 2660.759480][T27951] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2660.765125][T27951] ? file_remove_privs+0x690/0x690 [ 2660.769519][T27950] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 2660.770066][T27951] ? __kasan_check_write+0x14/0x20 [ 2660.784653][T27951] ? down_write+0xdd/0x140 [ 2660.788905][T27951] __generic_file_write_iter+0x25b/0x4b0 [ 2660.794376][T27951] generic_file_write_iter+0xaf/0x1c0 [ 2660.799585][T27951] vfs_write+0xc8d/0x1050 [ 2660.800821][T27950] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2201: inode #15: comm syz-executor.2: corrupted in-inode xattr [ 2660.803747][T27951] ? file_end_write+0x1b0/0x1b0 [ 2660.820497][T27951] ? __fget_files+0x310/0x370 [ 2660.825010][T27951] ? __fdget_pos+0x1fe/0x310 [ 2660.829437][T27951] ? ksys_write+0x77/0x2c0 [ 2660.833692][T27951] ksys_write+0x198/0x2c0 [ 2660.837856][T27951] ? __ia32_sys_read+0x90/0x90 [ 2660.842456][T27951] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2660.848361][T27951] __x64_sys_write+0x7b/0x90 [ 2660.852785][T27951] do_syscall_64+0x44/0xd0 [ 2660.857041][T27951] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2660.862769][T27951] RIP: 0033:0x7fb257acee4f [ 2660.867019][T27951] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2660.886464][T27951] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2660.894708][T27951] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2660.902521][T27951] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2660.910333][T27951] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2660.918145][T27951] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2660.925960][T27951] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2660.933772][T27951] [ 2660.938409][T27951] loop5: detected capacity change from 0 to 512 18:24:52 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 85) [ 2660.972600][T27950] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz-executor.2: couldn't read orphan inode 15 (err -117) [ 2661.008020][T27950] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 2661.011460][T27956] FAULT_INJECTION: forcing a failure. [ 2661.011460][T27956] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2661.031496][T27956] CPU: 1 PID: 27956 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2661.041469][T27956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2661.051356][T27956] Call Trace: [ 2661.054477][T27956] [ 2661.057264][T27956] dump_stack_lvl+0x151/0x1b7 [ 2661.061774][T27956] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2661.067067][T27956] ? __kasan_check_read+0x11/0x20 [ 2661.071928][T27956] dump_stack+0x15/0x17 [ 2661.076016][T27956] should_fail+0x3c0/0x510 [ 2661.080266][T27956] should_fail_usercopy+0x1a/0x20 [ 2661.085119][T27956] copy_page_from_iter_atomic+0x433/0x11c0 [ 2661.090768][T27956] ? pipe_zero+0x4d0/0x4d0 [ 2661.095020][T27956] ? __kasan_check_write+0x14/0x20 [ 2661.095443][T27959] netlink: 92 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2661.099958][T27956] ? shmem_write_end+0x786/0x8a0 [ 2661.099983][T27956] generic_perform_write+0x343/0x5d0 [ 2661.118973][T27956] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2661.124612][T27956] ? file_remove_privs+0x690/0x690 [ 2661.125197][T27959] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2661.129567][T27956] ? __kasan_check_write+0x14/0x20 [ 2661.129593][T27956] ? down_write+0xdd/0x140 [ 2661.129610][T27956] __generic_file_write_iter+0x25b/0x4b0 [ 2661.129627][T27956] generic_file_write_iter+0xaf/0x1c0 [ 2661.158556][T27956] vfs_write+0xc8d/0x1050 [ 2661.162728][T27956] ? file_end_write+0x1b0/0x1b0 [ 2661.167411][T27956] ? __fget_files+0x310/0x370 [ 2661.171921][T27956] ? __fdget_pos+0x1fe/0x310 [ 2661.176345][T27956] ? ksys_write+0x77/0x2c0 [ 2661.180601][T27956] ksys_write+0x198/0x2c0 [ 2661.184766][T27956] ? __ia32_sys_read+0x90/0x90 [ 2661.189365][T27956] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2661.195270][T27956] __x64_sys_write+0x7b/0x90 [ 2661.199690][T27956] do_syscall_64+0x44/0xd0 [ 2661.203956][T27956] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2661.209674][T27956] RIP: 0033:0x7fcbd55afe4f [ 2661.213925][T27956] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2661.233368][T27956] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2661.241614][T27956] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2661.249427][T27956] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2661.257238][T27956] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2661.265048][T27956] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 18:24:52 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="e00000000101070c00000000000000000a0000070800074000000006680001801400018008000100ffffffff08000200ac1e00012c0001801400030020010000000000000000000000000000140004"], 0xe0}}, 0x0) 18:24:53 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg$unix(r0, &(0x7f0000001580)={0x0, 0x0, 0x0}, 0x0) sendmmsg$unix(r1, &(0x7f0000000280)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=[@rights={{0x14, 0x1, 0x1, [r0]}}], 0x18}}], 0x1, 0x0) 18:24:53 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000880)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000002"], 0x110) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @empty}}}, 0x108) setsockopt$inet_group_source_req(r0, 0x0, 0x2b, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @dev}}}, 0x108) [ 2661.272863][T27956] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2661.280676][T27956] [ 2661.293605][T27967] FAULT_INJECTION: forcing a failure. [ 2661.293605][T27967] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2661.306792][T27967] CPU: 1 PID: 27967 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2661.316919][T27967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2661.326737][T27967] Call Trace: [ 2661.329862][T27967] [ 2661.332635][T27967] dump_stack_lvl+0x151/0x1b7 [ 2661.337153][T27967] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2661.342444][T27967] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2661.347653][T27967] dump_stack+0x15/0x17 [ 2661.351743][T27967] should_fail+0x3c0/0x510 [ 2661.356002][T27967] should_fail_alloc_page+0x58/0x70 [ 2661.361020][T27967] __alloc_pages+0x1de/0x7c0 [ 2661.365449][T27967] ? __count_vm_events+0x30/0x30 [ 2661.370222][T27967] ? __kasan_check_read+0x11/0x20 [ 2661.375081][T27967] ? __vm_enough_memory+0x118/0x310 [ 2661.380115][T27967] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2661.385586][T27967] ? shmem_swapin_page+0x15c0/0x15c0 [ 2661.386824][T27956] loop4: detected capacity change from 0 to 512 [ 2661.390711][T27967] ? xas_start+0x33d/0x410 [ 2661.390730][T27967] ? xas_load+0x2c7/0x2e0 [ 2661.390747][T27967] ? pagecache_get_page+0xcc8/0xdb0 [ 2661.410242][T27967] ? page_cache_prev_miss+0x430/0x430 [ 2661.415444][T27967] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2661.420827][T27967] ? lru_cache_add+0x273/0x530 [ 2661.425432][T27967] shmem_getpage_gfp+0x1487/0x25f0 [ 2661.430378][T27967] ? shmem_getpage+0xa0/0xa0 [ 2661.434798][T27967] ? fault_in_safe_writeable+0x240/0x240 [ 2661.440268][T27967] ? __kasan_check_write+0x14/0x20 [ 2661.445219][T27967] ? shmem_write_end+0x786/0x8a0 [ 2661.449990][T27967] shmem_write_begin+0xc8/0x1b0 [ 2661.454680][T27967] generic_perform_write+0x2cd/0x5d0 [ 2661.459821][T27967] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2661.465439][T27967] ? file_remove_privs+0x690/0x690 [ 2661.470391][T27967] ? __kasan_check_write+0x14/0x20 [ 2661.475329][T27967] ? down_write+0xdd/0x140 [ 2661.479583][T27967] __generic_file_write_iter+0x25b/0x4b0 [ 2661.485055][T27967] generic_file_write_iter+0xaf/0x1c0 [ 2661.490261][T27967] vfs_write+0xc8d/0x1050 [ 2661.494428][T27967] ? file_end_write+0x1b0/0x1b0 [ 2661.499115][T27967] ? __fget_files+0x310/0x370 [ 2661.503637][T27967] ? __fdget_pos+0x1fe/0x310 [ 2661.508053][T27967] ? ksys_write+0x77/0x2c0 [ 2661.512308][T27967] ksys_write+0x198/0x2c0 [ 2661.516477][T27967] ? __ia32_sys_read+0x90/0x90 [ 2661.521081][T27967] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2661.526978][T27967] __x64_sys_write+0x7b/0x90 [ 2661.531402][T27967] do_syscall_64+0x44/0xd0 [ 2661.535657][T27967] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2661.541384][T27967] RIP: 0033:0x7fb257acee4f [ 2661.545640][T27967] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2661.565170][T27967] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2661.573417][T27967] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2661.581233][T27967] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2661.589035][T27967] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2661.596856][T27967] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2661.604669][T27967] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2661.612562][T27967] 18:24:53 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000880)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000002"], 0x110) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @empty}}}, 0x108) setsockopt$inet_group_source_req(r0, 0x0, 0x2b, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @dev}}}, 0x108) 18:24:53 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 82) [ 2661.618543][ T30] audit: type=1326 audit(1673979893.459:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27969 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ddc97f0c9 code=0x7ffc0000 [ 2661.675936][T27976] loop1: detected capacity change from 0 to 16 [ 2661.685607][T27976] FAULT_INJECTION: forcing a failure. [ 2661.685607][T27976] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2661.698939][T27976] CPU: 1 PID: 27976 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2661.708990][T27976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2661.718888][T27976] Call Trace: [ 2661.722015][T27976] [ 2661.724787][T27976] dump_stack_lvl+0x151/0x1b7 [ 2661.729303][T27976] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2661.734601][T27976] ? erofs_fc_fill_super+0xbb/0x1180 [ 2661.739714][T27976] ? ____kasan_kmalloc+0xee/0x110 [ 2661.744835][T27976] ? ____kasan_kmalloc+0xdc/0x110 [ 2661.749699][T27976] ? __kasan_kmalloc+0x9/0x10 [ 2661.754212][T27976] dump_stack+0x15/0x17 [ 2661.758203][T27976] should_fail+0x3c0/0x510 [ 2661.762462][T27976] should_fail_alloc_page+0x58/0x70 [ 2661.767490][T27976] __alloc_pages+0x1de/0x7c0 [ 2661.771918][T27976] ? __count_vm_events+0x30/0x30 [ 2661.776698][T27976] do_read_cache_page+0x16d/0xa70 [ 2661.781555][T27976] read_cache_page+0x4d/0x70 [ 2661.785980][T27976] erofs_fc_fill_super+0x1eb/0x1180 [ 2661.791022][T27976] ? sb_set_blocksize+0xb7/0xf0 [ 2661.795877][T27976] get_tree_bdev+0x441/0x680 [ 2661.800303][T27976] ? erofs_release_device_info+0x90/0x90 [ 2661.805770][T27976] erofs_fc_get_tree+0x1c/0x20 [ 2661.810374][T27976] vfs_get_tree+0x88/0x290 [ 2661.814626][T27976] do_new_mount+0x289/0xad0 [ 2661.818966][T27976] ? do_move_mount_old+0x160/0x160 [ 2661.823917][T27976] ? security_capable+0xb2/0xd0 [ 2661.828610][T27976] ? ns_capable+0x8a/0xf0 [ 2661.832766][T27976] path_mount+0x60b/0x1050 [ 2661.837028][T27976] __se_sys_mount+0x2d2/0x3c0 [ 2661.842139][T27976] ? __x64_sys_mount+0xd0/0xd0 [ 2661.846741][T27976] __x64_sys_mount+0xbf/0xd0 [ 2661.851168][T27976] do_syscall_64+0x44/0xd0 [ 2661.855420][T27976] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2661.861152][T27976] RIP: 0033:0x7fc55e52a5fa [ 2661.865408][T27976] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2661.884853][T27976] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2661.893094][T27976] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2661.900906][T27976] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2661.908717][T27976] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 [ 2661.916528][T27976] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2661.924342][T27976] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2661.932157][T27976] [ 2661.935333][ T30] audit: type=1326 audit(1673979893.539:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27969 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f3ddc97f0c9 code=0x7ffc0000 [ 2661.959289][T27976] erofs: (device loop1): erofs_read_superblock: cannot read erofs superblock 18:24:53 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) timer_create(0x0, 0x0, &(0x7f0000000280)) timer_getoverrun(0x0) 18:24:53 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 75) 18:24:53 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000880)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000002"], 0x110) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @empty}}}, 0x108) setsockopt$inet_group_source_req(r0, 0x0, 0x2b, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @dev}}}, 0x108) 18:24:53 executing program 2: syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x1e, &(0x7f0000000000)=ANY=[], 0x42, 0x42d, &(0x7f00000004c0)="$eJzs27tvHMUfAPDv7tnO+2f/QnjECWAICIuHXwmQggIQSBQgIUERSsd2IpNLjGIjkciCgFAoUSR6RInEX0AFDQIqJFroUaQIuUmgOrR3u35c7ozPPvsS7vORNpnZndPMd2fnbnbHG0DXGsr+SSL2R8RvEdFfy64tMFT779bS4tRfS4tTSVQqb/2ZVMvdXFqcKooWn9uXZ4bTiPTTJI40qHf+0uVzk+XyzMU8P7pw/r3R+UuXn5k9P3l25uzMhYmTJ08cH3/+uYln2xJnFtfNwQ/njh5+7Z1rb0ydunb6p2+SIv66ONpkaL2Dj7e5sk47sCqd9HSwIbSkFBFZd/VWx39/lGKl8/rj1U862jhgW1Uqlcqu5od3V4D/sCQ63QKgM4of+uz+t9h2aOpxR7jxUu0GKIv7Vr7VjvREmpfprbu/baehiDh15e8vsy225zkEAMAa32Xzn6cbzf/SuG9Vuf/laygDEfH/iDgYEfdExKGIuDeiWvb+iHigxfrrF0lun/+k1zcV2AZl878X8rWttfO/YvYXA6U8d6Aaf29yZrY8M5afk+Ho3ZXlx9ep4/tXfv282bHV879sy+ov5oJ5O6731D2gm55cmNxKzKvd+DhisKdR/MnySkASEYcjYnCTdcw++fXRZsf+Pf51tGGdqfJVxBO1/r8SdfEXkvXXJ0d3R3lmbLS4Km738y9X32xW/5bib4Os//c2vP6X4x9IVq/Xzrdex9XfP2t6T7PZ678vebua7sv3fTC5sHBxPKIveT3f/+LK/omVzxb5onwW//CxxuP/YKyciSMRkV3ED0bEQxHxcN72RyLi0Yg4tk78P7782Lubj397ZfFPt9T/rSdK5374dk2lA63En/X/iWpqON+zke+/jTZwq+cPAAAA7gZpROyPJB1ZTqfpyEjtb/gPxd60PDe/8NSZufcvTNfeERiI3jQrN7b8PLj2PHQ8v60v8hN1+eP5c+MvSnuq+ZGpufJ0p4OHLrevyfjP/FHqdOuAbed9Lehexj90L+MfupfxD92rwfjf04l2ADuv0e//Rx1oB7DzzP+hexn/0L2Mf+hexj90pa281y/RzYlI74hmSGxTYu33xGnvAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHepfwIAAP//2qTlHA==") r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14da42, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80001d00c0d0) open(0x0, 0x0, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143142, 0x0) r3 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r3, 0x2007ffb) sendfile(r2, r3, 0x0, 0x1000000201005) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_user\x00', 0x275a, 0x0) write$binfmt_script(r4, &(0x7f00000003c0)=ANY=[], 0x7c774aac) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) 18:24:53 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 86) [ 2661.959773][ T30] audit: type=1326 audit(1673979893.539:798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27969 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ddc97f0c9 code=0x7ffc0000 [ 2661.968366][T27956] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 18:24:53 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000880)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000002"], 0x110) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @empty}}}, 0x108) setsockopt$inet_group_source_req(r0, 0x0, 0x2b, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @dev}}}, 0x108) 18:24:53 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 83) [ 2662.037946][ T30] audit: type=1326 audit(1673979893.539:799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27969 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ddc97f0c9 code=0x7ffc0000 [ 2662.066943][T27987] loop2: detected capacity change from 0 to 512 [ 2662.076239][T27982] FAULT_INJECTION: forcing a failure. [ 2662.076239][T27982] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2662.087394][T27989] FAULT_INJECTION: forcing a failure. [ 2662.087394][T27989] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2662.089172][T27982] CPU: 1 PID: 27982 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2662.089195][T27982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2662.089205][T27982] Call Trace: [ 2662.089210][T27982] [ 2662.089217][T27982] dump_stack_lvl+0x151/0x1b7 [ 2662.089241][T27982] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2662.111493][T27991] loop1: detected capacity change from 0 to 16 [ 2662.112289][T27982] ? __kasan_check_read+0x11/0x20 [ 2662.112317][T27982] dump_stack+0x15/0x17 [ 2662.152737][T27982] should_fail+0x3c0/0x510 [ 2662.156986][T27982] should_fail_usercopy+0x1a/0x20 [ 2662.161847][T27982] copy_page_from_iter_atomic+0x433/0x11c0 [ 2662.167489][T27982] ? pipe_zero+0x4d0/0x4d0 [ 2662.171742][T27982] ? __kasan_check_write+0x14/0x20 [ 2662.176687][T27982] ? shmem_write_end+0x786/0x8a0 [ 2662.181463][T27982] generic_perform_write+0x343/0x5d0 [ 2662.186585][T27982] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2662.192231][T27982] ? file_remove_privs+0x690/0x690 [ 2662.197263][T27982] ? __kasan_check_write+0x14/0x20 [ 2662.202207][T27982] ? down_write+0xdd/0x140 [ 2662.206559][T27982] __generic_file_write_iter+0x25b/0x4b0 [ 2662.212028][T27982] generic_file_write_iter+0xaf/0x1c0 [ 2662.217312][T27982] vfs_write+0xc8d/0x1050 [ 2662.221479][T27982] ? file_end_write+0x1b0/0x1b0 [ 2662.226164][T27982] ? __fget_files+0x310/0x370 [ 2662.230772][T27982] ? __fdget_pos+0x1fe/0x310 [ 2662.235190][T27982] ? ksys_write+0x77/0x2c0 [ 2662.239447][T27982] ksys_write+0x198/0x2c0 [ 2662.243613][T27982] ? __ia32_sys_read+0x90/0x90 [ 2662.248213][T27982] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2662.254114][T27982] __x64_sys_write+0x7b/0x90 [ 2662.258541][T27982] do_syscall_64+0x44/0xd0 [ 2662.262795][T27982] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2662.268525][T27982] RIP: 0033:0x7fb257acee4f [ 2662.272800][T27982] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2662.292218][T27982] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2662.300466][T27982] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2662.308277][T27982] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2662.316094][T27982] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2662.323900][T27982] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 18:24:53 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000400)=0x14) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='blkio.bfq.dequeue\x00', 0x0, 0x0) recvfrom$inet6(r2, &(0x7f0000000140)=""/160, 0xa0, 0x22, &(0x7f0000000200)={0xa, 0x4e20, 0x7, @private0={0xfc, 0x0, '\x00', 0x1}, 0xfffffffb}, 0x1c) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8) connect$inet6(r3, &(0x7f00000003c0)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x8, 0x10, 0xffffffffffffffff, 0x75591000) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000080)='batadv0\x00', 0x10) write(r3, &(0x7f0000000100)="fe4222cb15ad64a07de5a7133257dd55268f006da51b7a16", 0x18) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r3, 0x8982, &(0x7f0000000300)={0x1, 'veth1_virt_wifi\x00', {}, 0x9}) recvmmsg(r1, &(0x7f0000000280), 0x0, 0x2020, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000240)={@mcast2={0xff, 0x5}, 0x0, 0x0, 0xff}, 0x20) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000280)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @ipv4={'\x00', '\xff\xff', @multicast2}, @private2, 0x4, 0x1, 0x87, 0x800, 0x0, 0x0, r0}) ioctl$sock_SIOCGIFBR(r4, 0x8940, &(0x7f00000000c0)=@add_del={0x2, &(0x7f0000000080)='geneve1\x00'}) madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0) mmap(&(0x7f0000ffb000/0x5000)=nil, 0x5000, 0x1000003, 0x10, r3, 0xd6a0c000) mlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000) setsockopt$inet6_mreq(r2, 0x29, 0x15, &(0x7f0000000340)={@rand_addr=' \x01\x00', r0}, 0x14) setsockopt$inet6_int(r3, 0x29, 0x7d, &(0x7f0000000380)=0xffffff01, 0x4) 18:24:54 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) timer_create(0x0, 0x0, &(0x7f0000000280)) timer_getoverrun(0x0) 18:24:54 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000400)=0x14) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='blkio.bfq.dequeue\x00', 0x0, 0x0) recvfrom$inet6(r2, &(0x7f0000000140)=""/160, 0xa0, 0x22, &(0x7f0000000200)={0xa, 0x4e20, 0x7, @private0={0xfc, 0x0, '\x00', 0x1}, 0xfffffffb}, 0x1c) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8) connect$inet6(r3, &(0x7f00000003c0)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x8, 0x10, 0xffffffffffffffff, 0x75591000) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000080)='batadv0\x00', 0x10) write(r3, &(0x7f0000000100)="fe4222cb15ad64a07de5a7133257dd55268f006da51b7a16", 0x18) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r3, 0x8982, &(0x7f0000000300)={0x1, 'veth1_virt_wifi\x00', {}, 0x9}) recvmmsg(r1, &(0x7f0000000280), 0x0, 0x2020, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000240)={@mcast2={0xff, 0x5}, 0x0, 0x0, 0xff}, 0x20) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000280)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @ipv4={'\x00', '\xff\xff', @multicast2}, @private2, 0x4, 0x1, 0x87, 0x800, 0x0, 0x0, r0}) ioctl$sock_SIOCGIFBR(r4, 0x8940, &(0x7f00000000c0)=@add_del={0x2, &(0x7f0000000080)='geneve1\x00'}) madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0) mmap(&(0x7f0000ffb000/0x5000)=nil, 0x5000, 0x1000003, 0x10, r3, 0xd6a0c000) mlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000) setsockopt$inet6_mreq(r2, 0x29, 0x15, &(0x7f0000000340)={@rand_addr=' \x01\x00', r0}, 0x14) setsockopt$inet6_int(r3, 0x29, 0x7d, &(0x7f0000000380)=0xffffff01, 0x4) [ 2662.331718][T27982] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2662.339535][T27982] [ 2662.350424][T27982] loop5: detected capacity change from 0 to 512 [ 2662.357054][T27987] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 2662.359019][T27991] FAULT_INJECTION: forcing a failure. [ 2662.359019][T27991] name failslab, interval 1, probability 0, space 0, times 0 [ 2662.381349][T27989] CPU: 0 PID: 27989 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2662.383976][ T30] audit: type=1326 audit(1673979893.779:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27969 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=225 compat=0 ip=0x7f3ddc97f0c9 code=0x7ffc0000 [ 2662.391414][T27989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2662.391426][T27989] Call Trace: [ 2662.391431][T27989] [ 2662.391436][T27989] dump_stack_lvl+0x151/0x1b7 [ 2662.391461][T27989] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2662.391480][T27989] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2662.391499][T27989] dump_stack+0x15/0x17 [ 2662.391514][T27989] should_fail+0x3c0/0x510 [ 2662.391530][T27989] should_fail_alloc_page+0x58/0x70 [ 2662.447774][ T30] audit: type=1326 audit(1673979893.779:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27969 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ddc97f0c9 code=0x7ffc0000 [ 2662.450093][T27989] __alloc_pages+0x1de/0x7c0 [ 2662.450118][T27989] ? __count_vm_events+0x30/0x30 [ 2662.450134][T27989] ? __kasan_check_read+0x11/0x20 [ 2662.457593][ T30] audit: type=1326 audit(1673979893.779:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27969 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ddc97f0c9 code=0x7ffc0000 [ 2662.459379][T27989] ? __vm_enough_memory+0x118/0x310 [ 2662.459402][T27989] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2662.509999][ T30] audit: type=1326 audit(1673979893.909:803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27978 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ddc97f0c9 code=0x7ffc0000 [ 2662.520832][T27989] ? shmem_swapin_page+0x15c0/0x15c0 [ 2662.520857][T27989] ? xas_start+0x33d/0x410 [ 2662.520871][T27989] ? xas_load+0x2c7/0x2e0 [ 2662.520884][T27989] ? pagecache_get_page+0xcc8/0xdb0 [ 2662.520900][T27989] ? page_cache_prev_miss+0x430/0x430 [ 2662.536869][ T30] audit: type=1326 audit(1673979893.929:804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27978 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ddc97f0c9 code=0x7ffc0000 [ 2662.555033][T27989] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2662.555058][T27989] ? lru_cache_add+0x273/0x530 [ 2662.555074][T27989] shmem_getpage_gfp+0x1487/0x25f0 [ 2662.555093][T27989] ? shmem_getpage+0xa0/0xa0 [ 2662.584924][ T30] audit: type=1326 audit(1673979893.929:805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27978 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f3ddc97f0c9 code=0x7ffc0000 [ 2662.602510][T27989] ? fault_in_safe_writeable+0x240/0x240 [ 2662.602535][T27989] ? __kasan_check_write+0x14/0x20 [ 2662.602550][T27989] ? shmem_write_end+0x786/0x8a0 [ 2662.660762][T27989] shmem_write_begin+0xc8/0x1b0 [ 2662.665446][T27989] generic_perform_write+0x2cd/0x5d0 [ 2662.670570][T27989] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2662.676209][T27989] ? file_remove_privs+0x690/0x690 [ 2662.681154][T27989] ? __kasan_check_write+0x14/0x20 [ 2662.686102][T27989] ? down_write+0xdd/0x140 [ 2662.690354][T27989] __generic_file_write_iter+0x25b/0x4b0 [ 2662.695822][T27989] generic_file_write_iter+0xaf/0x1c0 [ 2662.701031][T27989] vfs_write+0xc8d/0x1050 [ 2662.705197][T27989] ? file_end_write+0x1b0/0x1b0 [ 2662.709886][T27989] ? __fget_files+0x310/0x370 [ 2662.714400][T27989] ? __fdget_pos+0x1fe/0x310 [ 2662.718823][T27989] ? ksys_write+0x77/0x2c0 [ 2662.723078][T27989] ksys_write+0x198/0x2c0 [ 2662.727245][T27989] ? __ia32_sys_read+0x90/0x90 [ 2662.731844][T27989] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2662.737749][T27989] __x64_sys_write+0x7b/0x90 [ 2662.742176][T27989] do_syscall_64+0x44/0xd0 [ 2662.746437][T27989] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2662.752154][T27989] RIP: 0033:0x7fcbd55afe4f [ 2662.756411][T27989] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2662.776021][T27989] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 18:24:54 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 76) [ 2662.784266][T27989] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2662.792168][T27989] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2662.800066][T27989] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2662.807881][T27989] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2662.815691][T27989] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2662.823503][T27989] [ 2662.836397][T27991] CPU: 0 PID: 27991 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2662.838127][T27987] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2201: inode #15: comm syz-executor.2: corrupted in-inode xattr [ 2662.846474][T27991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2662.846489][T27991] Call Trace: [ 2662.846494][T27991] [ 2662.846500][T27991] dump_stack_lvl+0x151/0x1b7 [ 2662.846522][T27991] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2662.846542][T27991] dump_stack+0x15/0x17 [ 2662.846557][T27991] should_fail+0x3c0/0x510 [ 2662.846572][T27991] ? mempool_free+0x310/0x310 [ 2662.846588][T27991] __should_failslab+0x9f/0xe0 [ 2662.846604][T27991] should_failslab+0x9/0x20 [ 2662.846618][T27991] kmem_cache_alloc+0x4f/0x2f0 [ 2662.846633][T27991] ? mempool_alloc_slab+0x1d/0x30 [ 2662.846648][T27991] ? mempool_free+0x310/0x310 [ 2662.846662][T27991] mempool_alloc_slab+0x1d/0x30 [ 2662.846677][T27991] mempool_alloc+0x149/0x580 [ 2662.846694][T27991] ? mempool_resize+0x8e0/0x8e0 [ 2662.846709][T27991] ? __kasan_check_write+0x14/0x20 [ 2662.846724][T27991] ? _raw_spin_lock+0xa3/0x1b0 [ 2662.846739][T27991] bio_alloc_bioset+0x12e/0x960 [ 2662.846762][T27991] submit_bh_wbc+0x1c6/0x6b0 [ 2662.846779][T27991] ? __kasan_check_write+0x14/0x20 [ 2662.846794][T27991] block_read_full_page+0x8a6/0xa70 [ 2662.846812][T27991] ? blkdev_fallocate+0x3e0/0x3e0 [ 2662.846827][T27991] ? block_is_partially_uptodate+0x270/0x270 [ 2662.846846][T27991] ? add_to_page_cache_locked+0x40/0x40 [ 2662.846863][T27991] blkdev_readpage+0x1c/0x20 [ 2662.846877][T27991] do_read_cache_page+0x68b/0xa70 [ 2662.846892][T27991] read_cache_page+0x4d/0x70 [ 2662.846906][T27991] erofs_fc_fill_super+0x1eb/0x1180 [ 2662.846924][T27991] ? sb_set_blocksize+0xb7/0xf0 [ 2662.846939][T27991] get_tree_bdev+0x441/0x680 [ 2662.846954][T27991] ? erofs_release_device_info+0x90/0x90 [ 2662.846971][T27991] erofs_fc_get_tree+0x1c/0x20 [ 2662.846986][T27991] vfs_get_tree+0x88/0x290 [ 2662.847000][T27991] do_new_mount+0x289/0xad0 [ 2663.025343][T27991] ? do_move_mount_old+0x160/0x160 [ 2663.030287][T27991] ? security_capable+0xb2/0xd0 [ 2663.034973][T27991] ? ns_capable+0x8a/0xf0 [ 2663.039139][T27991] path_mount+0x60b/0x1050 [ 2663.043394][T27991] __se_sys_mount+0x2d2/0x3c0 [ 2663.047908][T27991] ? __x64_sys_mount+0xd0/0xd0 [ 2663.052509][T27991] __x64_sys_mount+0xbf/0xd0 [ 2663.056934][T27991] do_syscall_64+0x44/0xd0 [ 2663.061188][T27991] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2663.066924][T27991] RIP: 0033:0x7fc55e52a5fa [ 2663.071174][T27991] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2663.090610][T27991] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2663.098859][T27991] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2663.106670][T27991] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2663.114482][T27991] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 [ 2663.122293][T27991] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2663.130107][T27991] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2663.137922][T27991] 18:24:54 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) timer_create(0x0, 0x0, &(0x7f0000000280)) timer_getoverrun(0x0) 18:24:54 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000400)=0x14) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='blkio.bfq.dequeue\x00', 0x0, 0x0) recvfrom$inet6(r2, &(0x7f0000000140)=""/160, 0xa0, 0x22, &(0x7f0000000200)={0xa, 0x4e20, 0x7, @private0={0xfc, 0x0, '\x00', 0x1}, 0xfffffffb}, 0x1c) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8) connect$inet6(r3, &(0x7f00000003c0)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x8, 0x10, 0xffffffffffffffff, 0x75591000) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000080)='batadv0\x00', 0x10) write(r3, &(0x7f0000000100)="fe4222cb15ad64a07de5a7133257dd55268f006da51b7a16", 0x18) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r3, 0x8982, &(0x7f0000000300)={0x1, 'veth1_virt_wifi\x00', {}, 0x9}) recvmmsg(r1, &(0x7f0000000280), 0x0, 0x2020, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000240)={@mcast2={0xff, 0x5}, 0x0, 0x0, 0xff}, 0x20) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000280)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @ipv4={'\x00', '\xff\xff', @multicast2}, @private2, 0x4, 0x1, 0x87, 0x800, 0x0, 0x0, r0}) ioctl$sock_SIOCGIFBR(r4, 0x8940, &(0x7f00000000c0)=@add_del={0x2, &(0x7f0000000080)='geneve1\x00'}) madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0) mmap(&(0x7f0000ffb000/0x5000)=nil, 0x5000, 0x1000003, 0x10, r3, 0xd6a0c000) mlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000) setsockopt$inet6_mreq(r2, 0x29, 0x15, &(0x7f0000000340)={@rand_addr=' \x01\x00', r0}, 0x14) setsockopt$inet6_int(r3, 0x29, 0x7d, &(0x7f0000000380)=0xffffff01, 0x4) [ 2663.142746][T27987] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz-executor.2: couldn't read orphan inode 15 (err -117) [ 2663.159360][T27991] erofs: (device loop1): mounted with root inode @ nid 36. [ 2663.169082][T28006] FAULT_INJECTION: forcing a failure. [ 2663.169082][T28006] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2663.182021][T28006] CPU: 0 PID: 28006 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2663.192079][T28006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2663.198773][T27987] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 2663.201968][T28006] Call Trace: [ 2663.201975][T28006] [ 2663.201982][T28006] dump_stack_lvl+0x151/0x1b7 [ 2663.222724][T28006] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2663.223993][T27987] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3824: comm syz-executor.2: Allocating blocks 254-257 which overlap fs metadata [ 2663.228013][T28006] ? __kasan_check_read+0x11/0x20 [ 2663.246854][T28006] dump_stack+0x15/0x17 [ 2663.250835][T28006] should_fail+0x3c0/0x510 [ 2663.255091][T28006] should_fail_usercopy+0x1a/0x20 [ 2663.259948][T28006] copy_page_from_iter_atomic+0x433/0x11c0 [ 2663.265595][T28006] ? pipe_zero+0x4d0/0x4d0 [ 2663.269843][T28006] ? __kasan_check_write+0x14/0x20 [ 2663.274791][T28006] ? shmem_write_end+0x786/0x8a0 [ 2663.279568][T28006] generic_perform_write+0x343/0x5d0 [ 2663.284688][T28006] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2663.290330][T28006] ? file_remove_privs+0x690/0x690 [ 2663.295277][T28006] ? __kasan_check_write+0x14/0x20 [ 2663.300226][T28006] ? down_write+0xdd/0x140 [ 2663.304477][T28006] __generic_file_write_iter+0x25b/0x4b0 [ 2663.309946][T28006] generic_file_write_iter+0xaf/0x1c0 [ 2663.315158][T28006] vfs_write+0xc8d/0x1050 [ 2663.319321][T28006] ? file_end_write+0x1b0/0x1b0 [ 2663.324006][T28006] ? __fget_files+0x310/0x370 [ 2663.328525][T28006] ? __fdget_pos+0x1fe/0x310 [ 2663.332946][T28006] ? ksys_write+0x77/0x2c0 [ 2663.337200][T28006] ksys_write+0x198/0x2c0 [ 2663.341366][T28006] ? __ia32_sys_read+0x90/0x90 [ 2663.345967][T28006] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2663.351870][T28006] __x64_sys_write+0x7b/0x90 [ 2663.356296][T28006] do_syscall_64+0x44/0xd0 [ 2663.360637][T28006] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2663.366367][T28006] RIP: 0033:0x7fcbd55afe4f [ 2663.370620][T28006] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 18:24:55 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 87) 18:24:55 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000400)=0x14) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='blkio.bfq.dequeue\x00', 0x0, 0x0) recvfrom$inet6(r2, &(0x7f0000000140)=""/160, 0xa0, 0x22, &(0x7f0000000200)={0xa, 0x4e20, 0x7, @private0={0xfc, 0x0, '\x00', 0x1}, 0xfffffffb}, 0x1c) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8) connect$inet6(r3, &(0x7f00000003c0)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x8, 0x10, 0xffffffffffffffff, 0x75591000) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000080)='batadv0\x00', 0x10) write(r3, &(0x7f0000000100)="fe4222cb15ad64a07de5a7133257dd55268f006da51b7a16", 0x18) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r3, 0x8982, &(0x7f0000000300)={0x1, 'veth1_virt_wifi\x00', {}, 0x9}) recvmmsg(r1, &(0x7f0000000280), 0x0, 0x2020, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000240)={@mcast2={0xff, 0x5}, 0x0, 0x0, 0xff}, 0x20) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000280)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @ipv4={'\x00', '\xff\xff', @multicast2}, @private2, 0x4, 0x1, 0x87, 0x800, 0x0, 0x0, r0}) ioctl$sock_SIOCGIFBR(r4, 0x8940, &(0x7f00000000c0)=@add_del={0x2, &(0x7f0000000080)='geneve1\x00'}) madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0) mmap(&(0x7f0000ffb000/0x5000)=nil, 0x5000, 0x1000003, 0x10, r3, 0xd6a0c000) mlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000) setsockopt$inet6_mreq(r2, 0x29, 0x15, &(0x7f0000000340)={@rand_addr=' \x01\x00', r0}, 0x14) setsockopt$inet6_int(r3, 0x29, 0x7d, &(0x7f0000000380)=0xffffff01, 0x4) [ 2663.390063][T28006] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2663.398308][T28006] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2663.406119][T28006] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2663.413930][T28006] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2663.422181][T28006] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2663.429989][T28006] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2663.437807][T28006] [ 2663.456315][T27987] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3824: comm syz-executor.2: Allocating blocks 256-257 which overlap fs metadata [ 2663.463814][T28006] loop4: detected capacity change from 0 to 512 [ 2663.471930][T27987] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3824: comm syz-executor.2: Allocating blocks 256-257 which overlap fs metadata [ 2663.493306][T28006] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 2663.497668][T27987] EXT4-fs (loop2): pa ffff88810985e5e8: logic 10, phys. 254, len 3 [ 2663.511381][T27987] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4813: group 0, free 0, pa_free 3 [ 2663.536202][T28012] FAULT_INJECTION: forcing a failure. [ 2663.536202][T28012] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2663.549495][T28012] CPU: 1 PID: 28012 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2663.559555][T28012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2663.569456][T28012] Call Trace: [ 2663.572572][T28012] [ 2663.575349][T28012] dump_stack_lvl+0x151/0x1b7 [ 2663.579864][T28012] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2663.585157][T28012] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2663.590363][T28012] dump_stack+0x15/0x17 [ 2663.594358][T28012] should_fail+0x3c0/0x510 [ 2663.598612][T28012] should_fail_alloc_page+0x58/0x70 [ 2663.603650][T28012] __alloc_pages+0x1de/0x7c0 [ 2663.608088][T28012] ? __count_vm_events+0x30/0x30 [ 2663.612847][T28012] ? __kasan_check_read+0x11/0x20 [ 2663.617705][T28012] ? __vm_enough_memory+0x118/0x310 [ 2663.622741][T28012] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2663.628211][T28012] ? shmem_swapin_page+0x15c0/0x15c0 [ 2663.633334][T28012] ? xas_start+0x33d/0x410 [ 2663.637585][T28012] ? xas_load+0x2c7/0x2e0 [ 2663.641749][T28012] ? pagecache_get_page+0xcc8/0xdb0 [ 2663.646786][T28012] ? page_cache_prev_miss+0x430/0x430 [ 2663.651993][T28012] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2663.657373][T28012] ? lru_cache_add+0x273/0x530 [ 2663.661974][T28012] shmem_getpage_gfp+0x1487/0x25f0 [ 2663.666926][T28012] ? shmem_getpage+0xa0/0xa0 [ 2663.671349][T28012] ? fault_in_safe_writeable+0x240/0x240 [ 2663.676823][T28012] ? __kasan_check_write+0x14/0x20 [ 2663.681765][T28012] ? shmem_write_end+0x786/0x8a0 [ 2663.686538][T28012] shmem_write_begin+0xc8/0x1b0 [ 2663.691230][T28012] generic_perform_write+0x2cd/0x5d0 [ 2663.696349][T28012] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2663.701987][T28012] ? file_remove_privs+0x690/0x690 [ 2663.706937][T28012] ? __kasan_check_write+0x14/0x20 [ 2663.711886][T28012] ? down_write+0xdd/0x140 [ 2663.716135][T28012] __generic_file_write_iter+0x25b/0x4b0 [ 2663.721606][T28012] generic_file_write_iter+0xaf/0x1c0 [ 2663.726815][T28012] vfs_write+0xc8d/0x1050 [ 2663.730982][T28012] ? file_end_write+0x1b0/0x1b0 [ 2663.735672][T28012] ? __fget_files+0x310/0x370 [ 2663.740183][T28012] ? __fdget_pos+0x1fe/0x310 [ 2663.744608][T28012] ? ksys_write+0x77/0x2c0 [ 2663.748862][T28012] ksys_write+0x198/0x2c0 [ 2663.753028][T28012] ? __ia32_sys_read+0x90/0x90 [ 2663.757627][T28012] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2663.763531][T28012] __x64_sys_write+0x7b/0x90 [ 2663.767956][T28012] do_syscall_64+0x44/0xd0 [ 2663.772212][T28012] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2663.777937][T28012] RIP: 0033:0x7fb257acee4f [ 2663.782195][T28012] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2663.801638][T28012] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2663.809883][T28012] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2663.832898][T28012] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2663.840693][T28012] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2663.848506][T28012] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 18:24:55 executing program 2: syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x1e, &(0x7f0000000000)=ANY=[], 0x42, 0x42d, &(0x7f00000004c0)="$eJzs27tvHMUfAPDv7tnO+2f/QnjECWAICIuHXwmQggIQSBQgIUERSsd2IpNLjGIjkciCgFAoUSR6RInEX0AFDQIqJFroUaQIuUmgOrR3u35c7ozPPvsS7vORNpnZndPMd2fnbnbHG0DXGsr+SSL2R8RvEdFfy64tMFT779bS4tRfS4tTSVQqb/2ZVMvdXFqcKooWn9uXZ4bTiPTTJI40qHf+0uVzk+XyzMU8P7pw/r3R+UuXn5k9P3l25uzMhYmTJ08cH3/+uYln2xJnFtfNwQ/njh5+7Z1rb0ydunb6p2+SIv66ONpkaL2Dj7e5sk47sCqd9HSwIbSkFBFZd/VWx39/lGKl8/rj1U862jhgW1Uqlcqu5od3V4D/sCQ63QKgM4of+uz+t9h2aOpxR7jxUu0GKIv7Vr7VjvREmpfprbu/baehiDh15e8vsy225zkEAMAa32Xzn6cbzf/SuG9Vuf/laygDEfH/iDgYEfdExKGIuDeiWvb+iHigxfrrF0lun/+k1zcV2AZl878X8rWttfO/YvYXA6U8d6Aaf29yZrY8M5afk+Ho3ZXlx9ep4/tXfv282bHV879sy+ov5oJ5O6731D2gm55cmNxKzKvd+DhisKdR/MnySkASEYcjYnCTdcw++fXRZsf+Pf51tGGdqfJVxBO1/r8SdfEXkvXXJ0d3R3lmbLS4Km738y9X32xW/5bib4Os//c2vP6X4x9IVq/Xzrdex9XfP2t6T7PZ678vebua7sv3fTC5sHBxPKIveT3f/+LK/omVzxb5onwW//CxxuP/YKyciSMRkV3ED0bEQxHxcN72RyLi0Yg4tk78P7782Lubj397ZfFPt9T/rSdK5374dk2lA63En/X/iWpqON+zke+/jTZwq+cPAAAA7gZpROyPJB1ZTqfpyEjtb/gPxd60PDe/8NSZufcvTNfeERiI3jQrN7b8PLj2PHQ8v60v8hN1+eP5c+MvSnuq+ZGpufJ0p4OHLrevyfjP/FHqdOuAbed9Lehexj90L+MfupfxD92rwfjf04l2ADuv0e//Rx1oB7DzzP+hexn/0L2Mf+hexj90pa281y/RzYlI74hmSGxTYu33xGnvAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHepfwIAAP//2qTlHA==") r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14da42, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80001d00c0d0) open(0x0, 0x0, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143142, 0x0) r3 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r3, 0x2007ffb) sendfile(r2, r3, 0x0, 0x1000000201005) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_user\x00', 0x275a, 0x0) write$binfmt_script(r4, &(0x7f00000003c0)=ANY=[], 0x7c774aac) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) 18:24:55 executing program 3: getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000400)=0x14) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='blkio.bfq.dequeue\x00', 0x0, 0x0) recvfrom$inet6(r2, &(0x7f0000000140)=""/160, 0xa0, 0x22, &(0x7f0000000200)={0xa, 0x4e20, 0x7, @private0={0xfc, 0x0, '\x00', 0x1}, 0xfffffffb}, 0x1c) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8) connect$inet6(r3, &(0x7f00000003c0)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x8, 0x10, 0xffffffffffffffff, 0x75591000) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000080)='batadv0\x00', 0x10) write(r3, &(0x7f0000000100)="fe4222cb15ad64a07de5a7133257dd55268f006da51b7a16", 0x18) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r3, 0x8982, &(0x7f0000000300)={0x1, 'veth1_virt_wifi\x00', {}, 0x9}) recvmmsg(r1, &(0x7f0000000280), 0x0, 0x2020, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000240)={@mcast2={0xff, 0x5}, 0x0, 0x0, 0xff}, 0x20) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000280)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @ipv4={'\x00', '\xff\xff', @multicast2}, @private2, 0x4, 0x1, 0x87, 0x800, 0x0, 0x0, r0}) ioctl$sock_SIOCGIFBR(r4, 0x8940, &(0x7f00000000c0)=@add_del={0x2, &(0x7f0000000080)='geneve1\x00'}) madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0) mmap(&(0x7f0000ffb000/0x5000)=nil, 0x5000, 0x1000003, 0x10, r3, 0xd6a0c000) mlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000) setsockopt$inet6_mreq(r2, 0x29, 0x15, &(0x7f0000000340)={@rand_addr=' \x01\x00', r0}, 0x14) setsockopt$inet6_int(r3, 0x29, 0x7d, &(0x7f0000000380)=0xffffff01, 0x4) 18:24:55 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 84) 18:24:55 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000400)=0x14) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='blkio.bfq.dequeue\x00', 0x0, 0x0) recvfrom$inet6(r2, &(0x7f0000000140)=""/160, 0xa0, 0x22, &(0x7f0000000200)={0xa, 0x4e20, 0x7, @private0={0xfc, 0x0, '\x00', 0x1}, 0xfffffffb}, 0x1c) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8) connect$inet6(r3, &(0x7f00000003c0)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x8, 0x10, 0xffffffffffffffff, 0x75591000) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000080)='batadv0\x00', 0x10) write(r3, &(0x7f0000000100)="fe4222cb15ad64a07de5a7133257dd55268f006da51b7a16", 0x18) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r3, 0x8982, &(0x7f0000000300)={0x1, 'veth1_virt_wifi\x00', {}, 0x9}) recvmmsg(r1, &(0x7f0000000280), 0x0, 0x2020, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000240)={@mcast2={0xff, 0x5}, 0x0, 0x0, 0xff}, 0x20) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000280)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @ipv4={'\x00', '\xff\xff', @multicast2}, @private2, 0x4, 0x1, 0x87, 0x800, 0x0, 0x0, r0}) ioctl$sock_SIOCGIFBR(r4, 0x8940, &(0x7f00000000c0)=@add_del={0x2, &(0x7f0000000080)='geneve1\x00'}) madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0) mmap(&(0x7f0000ffb000/0x5000)=nil, 0x5000, 0x1000003, 0x10, r3, 0xd6a0c000) mlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000) setsockopt$inet6_mreq(r2, 0x29, 0x15, &(0x7f0000000340)={@rand_addr=' \x01\x00', r0}, 0x14) setsockopt$inet6_int(r3, 0x29, 0x7d, &(0x7f0000000380)=0xffffff01, 0x4) 18:24:55 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 77) [ 2663.856327][T28012] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2663.864135][T28012] [ 2663.880970][T28021] loop1: detected capacity change from 0 to 16 [ 2663.885276][T28019] FAULT_INJECTION: forcing a failure. [ 2663.885276][T28019] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2663.894368][T28021] FAULT_INJECTION: forcing a failure. [ 2663.894368][T28021] name failslab, interval 1, probability 0, space 0, times 0 [ 2663.900358][T28019] CPU: 1 PID: 28019 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2663.900386][T28019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2663.900396][T28019] Call Trace: [ 2663.900401][T28019] [ 2663.900408][T28019] dump_stack_lvl+0x151/0x1b7 [ 2663.900431][T28019] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2663.900451][T28019] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2663.900470][T28019] dump_stack+0x15/0x17 [ 2663.900485][T28019] should_fail+0x3c0/0x510 [ 2663.900502][T28019] should_fail_alloc_page+0x58/0x70 [ 2663.900519][T28019] __alloc_pages+0x1de/0x7c0 [ 2663.900537][T28019] ? __count_vm_events+0x30/0x30 [ 2663.900554][T28019] ? __kasan_check_read+0x11/0x20 [ 2663.900569][T28019] ? __vm_enough_memory+0x118/0x310 [ 2663.900586][T28019] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2663.900605][T28019] ? shmem_swapin_page+0x15c0/0x15c0 [ 2663.900627][T28019] ? xas_start+0x33d/0x410 [ 2663.900644][T28019] ? xas_load+0x2c7/0x2e0 [ 2663.900661][T28019] ? pagecache_get_page+0xcc8/0xdb0 [ 2663.900678][T28019] ? page_cache_prev_miss+0x430/0x430 [ 2663.900694][T28019] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2663.900710][T28019] ? lru_cache_add+0x273/0x530 [ 2663.900728][T28019] shmem_getpage_gfp+0x1487/0x25f0 [ 2663.900750][T28019] ? shmem_getpage+0xa0/0xa0 [ 2663.900764][T28019] ? fault_in_safe_writeable+0x240/0x240 [ 2664.040652][T28019] ? __kasan_check_write+0x14/0x20 [ 2664.045596][T28019] ? shmem_write_end+0x786/0x8a0 [ 2664.050377][T28019] shmem_write_begin+0xc8/0x1b0 [ 2664.055059][T28019] generic_perform_write+0x2cd/0x5d0 [ 2664.060179][T28019] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2664.065820][T28019] ? file_remove_privs+0x690/0x690 [ 2664.070768][T28019] ? __kasan_check_write+0x14/0x20 [ 2664.075713][T28019] ? down_write+0xdd/0x140 [ 2664.079969][T28019] __generic_file_write_iter+0x25b/0x4b0 [ 2664.085438][T28019] generic_file_write_iter+0xaf/0x1c0 [ 2664.090645][T28019] vfs_write+0xc8d/0x1050 [ 2664.094813][T28019] ? file_end_write+0x1b0/0x1b0 [ 2664.099499][T28019] ? __fget_files+0x310/0x370 [ 2664.104015][T28019] ? __fdget_pos+0x1fe/0x310 [ 2664.108632][T28019] ? ksys_write+0x77/0x2c0 [ 2664.112877][T28019] ksys_write+0x198/0x2c0 [ 2664.117044][T28019] ? __ia32_sys_read+0x90/0x90 [ 2664.121642][T28019] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2664.127551][T28019] __x64_sys_write+0x7b/0x90 [ 2664.132061][T28019] do_syscall_64+0x44/0xd0 [ 2664.136488][T28019] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2664.142214][T28019] RIP: 0033:0x7fcbd55afe4f [ 2664.146471][T28019] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2664.165914][T28019] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2664.174156][T28019] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2664.181971][T28019] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2664.189781][T28019] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2664.197604][T28019] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 18:24:55 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000400)=0x14) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='blkio.bfq.dequeue\x00', 0x0, 0x0) recvfrom$inet6(r2, &(0x7f0000000140)=""/160, 0xa0, 0x22, &(0x7f0000000200)={0xa, 0x4e20, 0x7, @private0={0xfc, 0x0, '\x00', 0x1}, 0xfffffffb}, 0x1c) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8) connect$inet6(r3, &(0x7f00000003c0)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x8, 0x10, 0xffffffffffffffff, 0x75591000) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000080)='batadv0\x00', 0x10) write(r3, &(0x7f0000000100)="fe4222cb15ad64a07de5a7133257dd55268f006da51b7a16", 0x18) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r3, 0x8982, &(0x7f0000000300)={0x1, 'veth1_virt_wifi\x00', {}, 0x9}) recvmmsg(r1, &(0x7f0000000280), 0x0, 0x2020, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000240)={@mcast2={0xff, 0x5}, 0x0, 0x0, 0xff}, 0x20) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000280)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @ipv4={'\x00', '\xff\xff', @multicast2}, @private2, 0x4, 0x1, 0x87, 0x800, 0x0, 0x0, r0}) ioctl$sock_SIOCGIFBR(r4, 0x8940, &(0x7f00000000c0)=@add_del={0x2, &(0x7f0000000080)='geneve1\x00'}) madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0) mmap(&(0x7f0000ffb000/0x5000)=nil, 0x5000, 0x1000003, 0x10, r3, 0xd6a0c000) mlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000) setsockopt$inet6_mreq(r2, 0x29, 0x15, &(0x7f0000000340)={@rand_addr=' \x01\x00', r0}, 0x14) setsockopt$inet6_int(r3, 0x29, 0x7d, &(0x7f0000000380)=0xffffff01, 0x4) [ 2664.205493][T28019] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2664.213572][T28019] [ 2664.217952][T28021] CPU: 0 PID: 28021 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2664.228011][T28021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2664.237908][T28021] Call Trace: [ 2664.241037][T28021] [ 2664.243806][T28021] dump_stack_lvl+0x151/0x1b7 [ 2664.248321][T28021] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2664.253618][T28021] dump_stack+0x15/0x17 [ 2664.257614][T28021] should_fail+0x3c0/0x510 [ 2664.261901][T28021] ? mempool_free+0x310/0x310 [ 2664.266376][T28021] __should_failslab+0x9f/0xe0 [ 2664.270976][T28021] should_failslab+0x9/0x20 [ 2664.275316][T28021] kmem_cache_alloc+0x4f/0x2f0 [ 2664.279914][T28021] ? mempool_alloc_slab+0x1d/0x30 [ 2664.284774][T28021] ? mempool_free+0x310/0x310 [ 2664.289288][T28021] mempool_alloc_slab+0x1d/0x30 [ 2664.293974][T28021] mempool_alloc+0x149/0x580 [ 2664.298404][T28021] ? mempool_resize+0x8e0/0x8e0 [ 2664.303090][T28021] ? __kasan_check_write+0x14/0x20 [ 2664.308035][T28021] ? _raw_spin_lock+0xa3/0x1b0 [ 2664.312634][T28021] bio_alloc_bioset+0x12e/0x960 [ 2664.317324][T28021] submit_bh_wbc+0x1c6/0x6b0 [ 2664.321751][T28021] ? __kasan_check_write+0x14/0x20 [ 2664.326820][T28021] block_read_full_page+0x8a6/0xa70 [ 2664.331850][T28021] ? blkdev_fallocate+0x3e0/0x3e0 [ 2664.336704][T28021] ? block_is_partially_uptodate+0x270/0x270 [ 2664.342518][T28021] ? add_to_page_cache_locked+0x40/0x40 [ 2664.347900][T28021] blkdev_readpage+0x1c/0x20 [ 2664.352324][T28021] do_read_cache_page+0x68b/0xa70 [ 2664.357187][T28021] read_cache_page+0x4d/0x70 [ 2664.361611][T28021] erofs_fc_fill_super+0x1eb/0x1180 [ 2664.366647][T28021] ? sb_set_blocksize+0xb7/0xf0 [ 2664.371333][T28021] get_tree_bdev+0x441/0x680 [ 2664.375762][T28021] ? erofs_release_device_info+0x90/0x90 [ 2664.381231][T28021] erofs_fc_get_tree+0x1c/0x20 [ 2664.385827][T28021] vfs_get_tree+0x88/0x290 [ 2664.390080][T28021] do_new_mount+0x289/0xad0 [ 2664.394422][T28021] ? do_move_mount_old+0x160/0x160 [ 2664.399368][T28021] ? security_capable+0xb2/0xd0 [ 2664.404057][T28021] ? ns_capable+0x8a/0xf0 [ 2664.408227][T28021] path_mount+0x60b/0x1050 [ 2664.412477][T28021] __se_sys_mount+0x2d2/0x3c0 [ 2664.416988][T28021] ? __x64_sys_mount+0xd0/0xd0 [ 2664.421589][T28021] __x64_sys_mount+0xbf/0xd0 [ 2664.426016][T28021] do_syscall_64+0x44/0xd0 [ 2664.430277][T28021] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2664.435997][T28021] RIP: 0033:0x7fc55e52a5fa [ 2664.440254][T28021] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2664.459693][T28021] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2664.467939][T28021] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2664.475750][T28021] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2664.483563][T28021] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 [ 2664.491384][T28021] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2664.499187][T28021] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2664.507022][T28021] 18:24:56 executing program 3: getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000400)=0x14) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='blkio.bfq.dequeue\x00', 0x0, 0x0) recvfrom$inet6(r2, &(0x7f0000000140)=""/160, 0xa0, 0x22, &(0x7f0000000200)={0xa, 0x4e20, 0x7, @private0={0xfc, 0x0, '\x00', 0x1}, 0xfffffffb}, 0x1c) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8) connect$inet6(r3, &(0x7f00000003c0)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x8, 0x10, 0xffffffffffffffff, 0x75591000) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000080)='batadv0\x00', 0x10) write(r3, &(0x7f0000000100)="fe4222cb15ad64a07de5a7133257dd55268f006da51b7a16", 0x18) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r3, 0x8982, &(0x7f0000000300)={0x1, 'veth1_virt_wifi\x00', {}, 0x9}) recvmmsg(r1, &(0x7f0000000280), 0x0, 0x2020, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000240)={@mcast2={0xff, 0x5}, 0x0, 0x0, 0xff}, 0x20) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000280)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @ipv4={'\x00', '\xff\xff', @multicast2}, @private2, 0x4, 0x1, 0x87, 0x800, 0x0, 0x0, r0}) ioctl$sock_SIOCGIFBR(r4, 0x8940, &(0x7f00000000c0)=@add_del={0x2, &(0x7f0000000080)='geneve1\x00'}) madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0) mmap(&(0x7f0000ffb000/0x5000)=nil, 0x5000, 0x1000003, 0x10, r3, 0xd6a0c000) mlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000) setsockopt$inet6_mreq(r2, 0x29, 0x15, &(0x7f0000000340)={@rand_addr=' \x01\x00', r0}, 0x14) setsockopt$inet6_int(r3, 0x29, 0x7d, &(0x7f0000000380)=0xffffff01, 0x4) 18:24:56 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 88) 18:24:56 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 78) 18:24:56 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000400)=0x14) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='blkio.bfq.dequeue\x00', 0x0, 0x0) recvfrom$inet6(r2, &(0x7f0000000140)=""/160, 0xa0, 0x22, &(0x7f0000000200)={0xa, 0x4e20, 0x7, @private0={0xfc, 0x0, '\x00', 0x1}, 0xfffffffb}, 0x1c) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8) connect$inet6(r3, &(0x7f00000003c0)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x8, 0x10, 0xffffffffffffffff, 0x75591000) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000080)='batadv0\x00', 0x10) write(r3, &(0x7f0000000100)="fe4222cb15ad64a07de5a7133257dd55268f006da51b7a16", 0x18) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r3, 0x8982, &(0x7f0000000300)={0x1, 'veth1_virt_wifi\x00', {}, 0x9}) recvmmsg(r1, &(0x7f0000000280), 0x0, 0x2020, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000240)={@mcast2={0xff, 0x5}, 0x0, 0x0, 0xff}, 0x20) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000280)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @ipv4={'\x00', '\xff\xff', @multicast2}, @private2, 0x4, 0x1, 0x87, 0x800, 0x0, 0x0, r0}) ioctl$sock_SIOCGIFBR(r4, 0x8940, &(0x7f00000000c0)=@add_del={0x2, &(0x7f0000000080)='geneve1\x00'}) madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0) mmap(&(0x7f0000ffb000/0x5000)=nil, 0x5000, 0x1000003, 0x10, r3, 0xd6a0c000) mlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000) setsockopt$inet6_mreq(r2, 0x29, 0x15, &(0x7f0000000340)={@rand_addr=' \x01\x00', r0}, 0x14) setsockopt$inet6_int(r3, 0x29, 0x7d, &(0x7f0000000380)=0xffffff01, 0x4) [ 2664.531270][T28021] erofs: (device loop1): mounted with root inode @ nid 36. [ 2664.548974][T28029] FAULT_INJECTION: forcing a failure. [ 2664.548974][T28029] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2664.552064][T28034] FAULT_INJECTION: forcing a failure. [ 2664.552064][T28034] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2664.561911][T28029] CPU: 0 PID: 28029 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2664.584741][T28029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2664.594633][T28029] Call Trace: [ 2664.597759][T28029] [ 2664.600538][T28029] dump_stack_lvl+0x151/0x1b7 [ 2664.605052][T28029] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2664.610345][T28029] ? __kasan_check_read+0x11/0x20 [ 2664.615205][T28029] dump_stack+0x15/0x17 [ 2664.619200][T28029] should_fail+0x3c0/0x510 [ 2664.623452][T28029] should_fail_usercopy+0x1a/0x20 [ 2664.628311][T28029] copy_page_from_iter_atomic+0x433/0x11c0 [ 2664.633957][T28029] ? pipe_zero+0x4d0/0x4d0 [ 2664.638209][T28029] ? __kasan_check_write+0x14/0x20 [ 2664.643154][T28029] ? shmem_write_end+0x786/0x8a0 [ 2664.647932][T28029] generic_perform_write+0x343/0x5d0 [ 2664.653053][T28029] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2664.658693][T28029] ? file_remove_privs+0x690/0x690 [ 2664.663643][T28029] ? __kasan_check_write+0x14/0x20 [ 2664.668589][T28029] ? down_write+0xdd/0x140 [ 2664.672839][T28029] __generic_file_write_iter+0x25b/0x4b0 [ 2664.678309][T28029] generic_file_write_iter+0xaf/0x1c0 [ 2664.683520][T28029] vfs_write+0xc8d/0x1050 [ 2664.687685][T28029] ? file_end_write+0x1b0/0x1b0 [ 2664.692372][T28029] ? __fget_files+0x310/0x370 [ 2664.696890][T28029] ? __fdget_pos+0x1fe/0x310 [ 2664.701310][T28029] ? ksys_write+0x77/0x2c0 [ 2664.705564][T28029] ksys_write+0x198/0x2c0 [ 2664.709731][T28029] ? __ia32_sys_read+0x90/0x90 [ 2664.714331][T28029] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2664.720233][T28029] __x64_sys_write+0x7b/0x90 [ 2664.724660][T28029] do_syscall_64+0x44/0xd0 [ 2664.728913][T28029] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2664.734640][T28029] RIP: 0033:0x7fcbd55afe4f [ 2664.738897][T28029] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2664.758338][T28029] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2664.766598][T28029] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2664.774403][T28029] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2664.782212][T28029] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2664.790024][T28029] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2664.797920][T28029] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2664.805742][T28029] [ 2664.808722][T28034] CPU: 1 PID: 28034 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2664.818857][T28034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2664.828764][T28034] Call Trace: [ 2664.831876][T28034] [ 2664.834657][T28034] dump_stack_lvl+0x151/0x1b7 [ 2664.839169][T28034] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2664.844464][T28034] ? __kasan_check_read+0x11/0x20 [ 2664.849323][T28034] dump_stack+0x15/0x17 [ 2664.853314][T28034] should_fail+0x3c0/0x510 [ 2664.857580][T28034] should_fail_usercopy+0x1a/0x20 [ 2664.862431][T28034] copy_page_from_iter_atomic+0x433/0x11c0 [ 2664.868085][T28034] ? pipe_zero+0x4d0/0x4d0 [ 2664.872331][T28034] ? __kasan_check_write+0x14/0x20 [ 2664.877280][T28034] ? shmem_write_end+0x786/0x8a0 [ 2664.882052][T28034] generic_perform_write+0x343/0x5d0 [ 2664.887256][T28034] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2664.892898][T28034] ? file_remove_privs+0x690/0x690 [ 2664.897845][T28034] ? __kasan_check_write+0x14/0x20 [ 2664.902816][T28034] ? down_write+0xdd/0x140 [ 2664.907043][T28034] __generic_file_write_iter+0x25b/0x4b0 [ 2664.912513][T28034] generic_file_write_iter+0xaf/0x1c0 [ 2664.917723][T28034] vfs_write+0xc8d/0x1050 [ 2664.921888][T28034] ? file_end_write+0x1b0/0x1b0 [ 2664.926578][T28034] ? __fget_files+0x310/0x370 [ 2664.931097][T28034] ? __fdget_pos+0x1fe/0x310 [ 2664.935518][T28034] ? ksys_write+0x77/0x2c0 [ 2664.939770][T28034] ksys_write+0x198/0x2c0 [ 2664.943938][T28034] ? __ia32_sys_read+0x90/0x90 [ 2664.948555][T28034] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2664.954440][T28034] __x64_sys_write+0x7b/0x90 [ 2664.958872][T28034] do_syscall_64+0x44/0xd0 [ 2664.963117][T28034] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2664.968850][T28034] RIP: 0033:0x7fb257acee4f [ 2664.973104][T28034] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2664.992554][T28034] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2665.000789][T28034] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2665.008606][T28034] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2665.016520][T28034] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2665.024312][T28034] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 18:24:56 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000400)=0x14) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='blkio.bfq.dequeue\x00', 0x0, 0x0) recvfrom$inet6(r2, &(0x7f0000000140)=""/160, 0xa0, 0x22, &(0x7f0000000200)={0xa, 0x4e20, 0x7, @private0={0xfc, 0x0, '\x00', 0x1}, 0xfffffffb}, 0x1c) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8) connect$inet6(r3, &(0x7f00000003c0)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x8, 0x10, 0xffffffffffffffff, 0x75591000) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000080)='batadv0\x00', 0x10) write(r3, &(0x7f0000000100)="fe4222cb15ad64a07de5a7133257dd55268f006da51b7a16", 0x18) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r3, 0x8982, &(0x7f0000000300)={0x1, 'veth1_virt_wifi\x00', {}, 0x9}) recvmmsg(r1, &(0x7f0000000280), 0x0, 0x2020, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000240)={@mcast2={0xff, 0x5}, 0x0, 0x0, 0xff}, 0x20) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000280)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @ipv4={'\x00', '\xff\xff', @multicast2}, @private2, 0x4, 0x1, 0x87, 0x800, 0x0, 0x0, r0}) ioctl$sock_SIOCGIFBR(r4, 0x8940, &(0x7f00000000c0)=@add_del={0x2, &(0x7f0000000080)='geneve1\x00'}) madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0) mmap(&(0x7f0000ffb000/0x5000)=nil, 0x5000, 0x1000003, 0x10, r3, 0xd6a0c000) mlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000) setsockopt$inet6_mreq(r2, 0x29, 0x15, &(0x7f0000000340)={@rand_addr=' \x01\x00', r0}, 0x14) setsockopt$inet6_int(r3, 0x29, 0x7d, &(0x7f0000000380)=0xffffff01, 0x4) 18:24:56 executing program 3: getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000400)=0x14) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='blkio.bfq.dequeue\x00', 0x0, 0x0) recvfrom$inet6(r2, &(0x7f0000000140)=""/160, 0xa0, 0x22, &(0x7f0000000200)={0xa, 0x4e20, 0x7, @private0={0xfc, 0x0, '\x00', 0x1}, 0xfffffffb}, 0x1c) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8) connect$inet6(r3, &(0x7f00000003c0)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x8, 0x10, 0xffffffffffffffff, 0x75591000) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000080)='batadv0\x00', 0x10) write(r3, &(0x7f0000000100)="fe4222cb15ad64a07de5a7133257dd55268f006da51b7a16", 0x18) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r3, 0x8982, &(0x7f0000000300)={0x1, 'veth1_virt_wifi\x00', {}, 0x9}) recvmmsg(r1, &(0x7f0000000280), 0x0, 0x2020, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000240)={@mcast2={0xff, 0x5}, 0x0, 0x0, 0xff}, 0x20) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000280)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @ipv4={'\x00', '\xff\xff', @multicast2}, @private2, 0x4, 0x1, 0x87, 0x800, 0x0, 0x0, r0}) ioctl$sock_SIOCGIFBR(r4, 0x8940, &(0x7f00000000c0)=@add_del={0x2, &(0x7f0000000080)='geneve1\x00'}) madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0) mmap(&(0x7f0000ffb000/0x5000)=nil, 0x5000, 0x1000003, 0x10, r3, 0xd6a0c000) mlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000) setsockopt$inet6_mreq(r2, 0x29, 0x15, &(0x7f0000000340)={@rand_addr=' \x01\x00', r0}, 0x14) setsockopt$inet6_int(r3, 0x29, 0x7d, &(0x7f0000000380)=0xffffff01, 0x4) [ 2665.032556][T28034] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2665.040373][T28034] [ 2665.049295][T28029] loop4: detected capacity change from 0 to 512 [ 2665.070052][T28029] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 2665.074756][T28034] loop5: detected capacity change from 0 to 512 [ 2665.107125][T28044] loop2: detected capacity change from 0 to 512 [ 2665.115259][T28044] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 2665.132079][T28044] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2201: inode #15: comm syz-executor.2: corrupted in-inode xattr [ 2665.144516][T28044] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz-executor.2: couldn't read orphan inode 15 (err -117) [ 2665.157333][T28044] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 2665.171280][T28044] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3824: comm syz-executor.2: Allocating blocks 254-257 which overlap fs metadata [ 2665.188171][T28044] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3824: comm syz-executor.2: Allocating blocks 256-257 which overlap fs metadata 18:24:57 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 85) 18:24:57 executing program 2: syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x1e, &(0x7f0000000000)=ANY=[], 0x42, 0x42d, &(0x7f00000004c0)="$eJzs27tvHMUfAPDv7tnO+2f/QnjECWAICIuHXwmQggIQSBQgIUERSsd2IpNLjGIjkciCgFAoUSR6RInEX0AFDQIqJFroUaQIuUmgOrR3u35c7ozPPvsS7vORNpnZndPMd2fnbnbHG0DXGsr+SSL2R8RvEdFfy64tMFT779bS4tRfS4tTSVQqb/2ZVMvdXFqcKooWn9uXZ4bTiPTTJI40qHf+0uVzk+XyzMU8P7pw/r3R+UuXn5k9P3l25uzMhYmTJ08cH3/+uYln2xJnFtfNwQ/njh5+7Z1rb0ydunb6p2+SIv66ONpkaL2Dj7e5sk47sCqd9HSwIbSkFBFZd/VWx39/lGKl8/rj1U862jhgW1Uqlcqu5od3V4D/sCQ63QKgM4of+uz+t9h2aOpxR7jxUu0GKIv7Vr7VjvREmpfprbu/baehiDh15e8vsy225zkEAMAa32Xzn6cbzf/SuG9Vuf/laygDEfH/iDgYEfdExKGIuDeiWvb+iHigxfrrF0lun/+k1zcV2AZl878X8rWttfO/YvYXA6U8d6Aaf29yZrY8M5afk+Ho3ZXlx9ep4/tXfv282bHV879sy+ov5oJ5O6731D2gm55cmNxKzKvd+DhisKdR/MnySkASEYcjYnCTdcw++fXRZsf+Pf51tGGdqfJVxBO1/r8SdfEXkvXXJ0d3R3lmbLS4Km738y9X32xW/5bib4Os//c2vP6X4x9IVq/Xzrdex9XfP2t6T7PZ678vebua7sv3fTC5sHBxPKIveT3f/+LK/omVzxb5onwW//CxxuP/YKyciSMRkV3ED0bEQxHxcN72RyLi0Yg4tk78P7782Lubj397ZfFPt9T/rSdK5374dk2lA63En/X/iWpqON+zke+/jTZwq+cPAAAA7gZpROyPJB1ZTqfpyEjtb/gPxd60PDe/8NSZufcvTNfeERiI3jQrN7b8PLj2PHQ8v60v8hN1+eP5c+MvSnuq+ZGpufJ0p4OHLrevyfjP/FHqdOuAbed9Lehexj90L+MfupfxD92rwfjf04l2ADuv0e//Rx1oB7DzzP+hexn/0L2Mf+hexj90pa281y/RzYlI74hmSGxTYu33xGnvAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHepfwIAAP//2qTlHA==") r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14da42, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80001d00c0d0) open(0x0, 0x0, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143142, 0x0) r3 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r3, 0x2007ffb) sendfile(r2, r3, 0x0, 0x1000000201005) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_user\x00', 0x275a, 0x0) write$binfmt_script(r4, &(0x7f00000003c0)=ANY=[], 0x7c774aac) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) 18:24:57 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 79) 18:24:57 executing program 3: openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000240)={0x2, {0x4, 0x0, 0x0, 0x2ff, 0x100}}) syz_open_dev$tty20(0xc, 0x4, 0x0) 18:24:57 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000400)=0x14) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='blkio.bfq.dequeue\x00', 0x0, 0x0) recvfrom$inet6(r2, &(0x7f0000000140)=""/160, 0xa0, 0x22, &(0x7f0000000200)={0xa, 0x4e20, 0x7, @private0={0xfc, 0x0, '\x00', 0x1}, 0xfffffffb}, 0x1c) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8) connect$inet6(r3, &(0x7f00000003c0)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x8, 0x10, 0xffffffffffffffff, 0x75591000) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000080)='batadv0\x00', 0x10) write(r3, &(0x7f0000000100)="fe4222cb15ad64a07de5a7133257dd55268f006da51b7a16", 0x18) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r3, 0x8982, &(0x7f0000000300)={0x1, 'veth1_virt_wifi\x00', {}, 0x9}) recvmmsg(r1, &(0x7f0000000280), 0x0, 0x2020, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000240)={@mcast2={0xff, 0x5}, 0x0, 0x0, 0xff}, 0x20) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000280)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @ipv4={'\x00', '\xff\xff', @multicast2}, @private2, 0x4, 0x1, 0x87, 0x800, 0x0, 0x0, r0}) ioctl$sock_SIOCGIFBR(r4, 0x8940, &(0x7f00000000c0)=@add_del={0x2, &(0x7f0000000080)='geneve1\x00'}) madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0) mmap(&(0x7f0000ffb000/0x5000)=nil, 0x5000, 0x1000003, 0x10, r3, 0xd6a0c000) mlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000) setsockopt$inet6_mreq(r2, 0x29, 0x15, &(0x7f0000000340)={@rand_addr=' \x01\x00', r0}, 0x14) setsockopt$inet6_int(r3, 0x29, 0x7d, &(0x7f0000000380)=0xffffff01, 0x4) 18:24:57 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 89) [ 2665.203138][T28044] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3824: comm syz-executor.2: Allocating blocks 256-257 which overlap fs metadata [ 2665.220534][T28044] EXT4-fs (loop2): pa ffff888151257738: logic 10, phys. 254, len 3 [ 2665.228269][T28044] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4813: group 0, free 0, pa_free 3 [ 2665.279176][T28051] loop1: detected capacity change from 0 to 16 [ 2665.286027][T28051] FAULT_INJECTION: forcing a failure. [ 2665.286027][T28051] name failslab, interval 1, probability 0, space 0, times 0 [ 2665.302845][T28053] FAULT_INJECTION: forcing a failure. [ 2665.302845][T28053] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2665.302873][T28053] CPU: 1 PID: 28053 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2665.302892][T28053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2665.302901][T28053] Call Trace: [ 2665.302906][T28053] [ 2665.302911][T28053] dump_stack_lvl+0x151/0x1b7 [ 2665.302934][T28053] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2665.302952][T28053] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2665.302972][T28053] dump_stack+0x15/0x17 [ 2665.302987][T28053] should_fail+0x3c0/0x510 [ 2665.303003][T28053] should_fail_alloc_page+0x58/0x70 [ 2665.303021][T28053] __alloc_pages+0x1de/0x7c0 [ 2665.303038][T28053] ? __count_vm_events+0x30/0x30 [ 2665.303054][T28053] ? __kasan_check_read+0x11/0x20 [ 2665.303068][T28053] ? __vm_enough_memory+0x118/0x310 [ 2665.303086][T28053] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2665.303107][T28053] ? shmem_swapin_page+0x15c0/0x15c0 [ 2665.303129][T28053] ? xas_start+0x33d/0x410 [ 2665.303145][T28053] ? xas_load+0x2c7/0x2e0 [ 2665.303161][T28053] ? pagecache_get_page+0xcc8/0xdb0 [ 2665.303177][T28053] ? page_cache_prev_miss+0x430/0x430 [ 2665.303191][T28053] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2665.303208][T28053] ? lru_cache_add+0x273/0x530 [ 2665.303224][T28053] shmem_getpage_gfp+0x1487/0x25f0 [ 2665.303244][T28053] ? shmem_getpage+0xa0/0xa0 [ 2665.303259][T28053] ? fault_in_safe_writeable+0x240/0x240 [ 2665.303281][T28053] ? __kasan_check_write+0x14/0x20 [ 2665.303296][T28053] ? shmem_write_end+0x786/0x8a0 [ 2665.303311][T28053] shmem_write_begin+0xc8/0x1b0 [ 2665.303328][T28053] generic_perform_write+0x2cd/0x5d0 [ 2665.318206][T28054] FAULT_INJECTION: forcing a failure. [ 2665.318206][T28054] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2665.326394][T28053] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2665.326423][T28053] ? file_remove_privs+0x690/0x690 [ 2665.326440][T28053] ? __kasan_check_write+0x14/0x20 [ 2665.491867][T28053] ? down_write+0xdd/0x140 [ 2665.496083][T28053] __generic_file_write_iter+0x25b/0x4b0 [ 2665.501548][T28053] generic_file_write_iter+0xaf/0x1c0 [ 2665.506754][T28053] vfs_write+0xc8d/0x1050 [ 2665.510926][T28053] ? file_end_write+0x1b0/0x1b0 [ 2665.515611][T28053] ? __fget_files+0x310/0x370 [ 2665.520125][T28053] ? __fdget_pos+0x1fe/0x310 [ 2665.524547][T28053] ? ksys_write+0x77/0x2c0 [ 2665.528896][T28053] ksys_write+0x198/0x2c0 [ 2665.533064][T28053] ? __ia32_sys_read+0x90/0x90 [ 2665.537655][T28053] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2665.543736][T28053] __x64_sys_write+0x7b/0x90 [ 2665.548160][T28053] do_syscall_64+0x44/0xd0 [ 2665.552412][T28053] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2665.558226][T28053] RIP: 0033:0x7fb257acee4f [ 2665.562567][T28053] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2665.582190][T28053] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2665.590433][T28053] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2665.598239][T28053] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2665.606051][T28053] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2665.613867][T28053] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2665.621852][T28053] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2665.629667][T28053] [ 2665.632528][T28054] CPU: 0 PID: 28054 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2665.642658][T28054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2665.652490][T28054] Call Trace: [ 2665.655620][T28054] [ 2665.658393][T28054] dump_stack_lvl+0x151/0x1b7 [ 2665.662908][T28054] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2665.668202][T28054] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2665.673409][T28054] dump_stack+0x15/0x17 [ 2665.677408][T28054] should_fail+0x3c0/0x510 [ 2665.681658][T28054] should_fail_alloc_page+0x58/0x70 [ 2665.686688][T28054] __alloc_pages+0x1de/0x7c0 [ 2665.691118][T28054] ? __count_vm_events+0x30/0x30 [ 2665.695891][T28054] ? __kasan_check_read+0x11/0x20 [ 2665.700751][T28054] ? __vm_enough_memory+0x118/0x310 [ 2665.705788][T28054] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2665.711256][T28054] ? shmem_swapin_page+0x15c0/0x15c0 [ 2665.716377][T28054] ? xas_start+0x33d/0x410 [ 2665.720644][T28054] ? xas_load+0x2c7/0x2e0 [ 2665.724810][T28054] ? pagecache_get_page+0xcc8/0xdb0 [ 2665.729830][T28054] ? page_cache_prev_miss+0x430/0x430 [ 2665.735036][T28054] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2665.740511][T28054] ? lru_cache_add+0x273/0x530 [ 2665.745106][T28054] shmem_getpage_gfp+0x1487/0x25f0 [ 2665.750059][T28054] ? shmem_getpage+0xa0/0xa0 [ 2665.754478][T28054] ? fault_in_safe_writeable+0x240/0x240 [ 2665.759948][T28054] ? __kasan_check_write+0x14/0x20 [ 2665.764898][T28054] ? shmem_write_end+0x786/0x8a0 [ 2665.770000][T28054] shmem_write_begin+0xc8/0x1b0 [ 2665.774616][T28054] generic_perform_write+0x2cd/0x5d0 [ 2665.779742][T28054] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2665.785391][T28054] ? file_remove_privs+0x690/0x690 [ 2665.790345][T28054] ? __kasan_check_write+0x14/0x20 [ 2665.795276][T28054] ? down_write+0xdd/0x140 [ 2665.799540][T28054] __generic_file_write_iter+0x25b/0x4b0 [ 2665.805001][T28054] generic_file_write_iter+0xaf/0x1c0 [ 2665.810210][T28054] vfs_write+0xc8d/0x1050 [ 2665.814376][T28054] ? file_end_write+0x1b0/0x1b0 [ 2665.819059][T28054] ? __fget_files+0x310/0x370 [ 2665.823574][T28054] ? __fdget_pos+0x1fe/0x310 [ 2665.827999][T28054] ? ksys_write+0x77/0x2c0 [ 2665.832273][T28054] ksys_write+0x198/0x2c0 [ 2665.836417][T28054] ? __ia32_sys_read+0x90/0x90 [ 2665.841104][T28054] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2665.847009][T28054] __x64_sys_write+0x7b/0x90 [ 2665.851436][T28054] do_syscall_64+0x44/0xd0 [ 2665.855686][T28054] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2665.861416][T28054] RIP: 0033:0x7fcbd55afe4f [ 2665.865671][T28054] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2665.885111][T28054] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2665.893357][T28054] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2665.901169][T28054] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2665.908989][T28054] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2665.916887][T28054] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2665.924690][T28054] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 18:24:57 executing program 3: openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000240)={0x2, {0x4, 0x0, 0x0, 0x2ff, 0x100}}) syz_open_dev$tty20(0xc, 0x4, 0x0) 18:24:57 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000400)=0x14) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='blkio.bfq.dequeue\x00', 0x0, 0x0) recvfrom$inet6(r2, &(0x7f0000000140)=""/160, 0xa0, 0x22, &(0x7f0000000200)={0xa, 0x4e20, 0x7, @private0={0xfc, 0x0, '\x00', 0x1}, 0xfffffffb}, 0x1c) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8) connect$inet6(r3, &(0x7f00000003c0)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x8, 0x10, 0xffffffffffffffff, 0x75591000) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000080)='batadv0\x00', 0x10) write(r3, &(0x7f0000000100)="fe4222cb15ad64a07de5a7133257dd55268f006da51b7a16", 0x18) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r3, 0x8982, &(0x7f0000000300)={0x1, 'veth1_virt_wifi\x00', {}, 0x9}) recvmmsg(r1, &(0x7f0000000280), 0x0, 0x2020, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000240)={@mcast2={0xff, 0x5}, 0x0, 0x0, 0xff}, 0x20) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000280)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @ipv4={'\x00', '\xff\xff', @multicast2}, @private2, 0x4, 0x1, 0x87, 0x800, 0x0, 0x0, r0}) ioctl$sock_SIOCGIFBR(r4, 0x8940, &(0x7f00000000c0)=@add_del={0x2, &(0x7f0000000080)='geneve1\x00'}) madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0) mmap(&(0x7f0000ffb000/0x5000)=nil, 0x5000, 0x1000003, 0x10, r3, 0xd6a0c000) mlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000) setsockopt$inet6_mreq(r2, 0x29, 0x15, &(0x7f0000000340)={@rand_addr=' \x01\x00', r0}, 0x14) setsockopt$inet6_int(r3, 0x29, 0x7d, &(0x7f0000000380)=0xffffff01, 0x4) 18:24:57 executing program 0: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x4, &(0x7f00000002c0)={[{@numtail}, {@uni_xlateno}, {@utf8no}, {@shortname_mixed}, {@utf8no}, {@utf8no}, {@shortname_mixed}, {@rodir}, {@fat=@check_strict}, {@fat=@codepage={'codepage', 0x3d, '862'}}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'cp860'}}, {@shortname_win95}, {@shortname_winnt}, {@rodir}]}, 0x3, 0x234, &(0x7f0000000680)="$eJzs3MGLG1UcB/DfrtW2K+3mUAoK4kMv9TI0OXkQNEgLYkDRRlBBmLoTDRmTkAlbItLm5sGLf4cIXryIIB71sCD+CVJPe+mxB3Fkm7ZJl0WE2kbp53PJD9775r1HMg/mDcz+S19+MuhVWS+fxuaJjdh8JeZxcyMasRl3zOOFK9/88szb7773ervTufBWShfbl5qtlNLpZ394/7Ovn/tx+uQ7357+/njsNT7Yv9G6vnd276n9Py993K9Sv0rD0TTl6fJoNM1/Ghdpp18NspTeLIu8KlJ/WBWTu+2XyyL1ytF4PEv5cOfU1nhSVFXKh7M0KGZpOkrTySzlH+X9YcqyLJ3aCu5H96ubdR036rquj8+jrut1T4iHzO//aFvZ1E9ElJ/vdne7i89Fe7sX/SijiPOxHX/EwX/ktkV98bXOhfPplkZcLa/dzl/b7T52b74Z29E4Ot9c5NO9+cdjazXfiu04s8w3r8yzsz+f/P0g3zoy/0Sce34ln8V2/PphjKKMnTj4nuX4V5spvfpG51D+5K1+AAAAAADwf5Slu448v8+WHRrfRcSyfZFv9+LMb19c/yfPBw6drx+Lp4+td+0AAADwqKhmnw7ysiwmigdXvDh5+dx/YBqK+ynuXDEPYIiIjVj/Ag8V692XAACAf9/qTQgAAAAAAAAAAAAAAAAAAACwHg/jdWLrXiMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwN/5KwAA//8wWcbT") open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) 18:24:57 executing program 3: openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000240)={0x2, {0x4, 0x0, 0x0, 0x2ff, 0x100}}) syz_open_dev$tty20(0xc, 0x4, 0x0) [ 2665.932508][T28054] [ 2665.957581][T28051] CPU: 0 PID: 28051 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2665.967677][T28051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2665.967695][T28051] Call Trace: [ 2665.967700][T28051] [ 2665.967706][T28051] dump_stack_lvl+0x151/0x1b7 [ 2665.967729][T28051] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2665.967748][T28051] dump_stack+0x15/0x17 [ 2665.967762][T28051] should_fail+0x3c0/0x510 [ 2665.967780][T28051] __should_failslab+0x9f/0xe0 [ 2665.967797][T28051] should_failslab+0x9/0x20 [ 2665.967812][T28051] kmem_cache_alloc+0x4f/0x2f0 [ 2665.967829][T28051] ? create_task_io_context+0x2c/0x400 [ 2665.967845][T28051] create_task_io_context+0x2c/0x400 [ 2665.967862][T28051] submit_bio_checks+0xb47/0xf40 [ 2665.967878][T28051] ? __submit_bio+0x930/0x930 [ 2665.967893][T28051] ? __kasan_slab_alloc+0xc4/0xe0 [ 2665.967907][T28051] ? __kasan_slab_alloc+0xb2/0xe0 [ 2665.967922][T28051] ? blk_try_enter_queue+0x15c/0x340 [ 2665.967939][T28051] ? read_cache_page+0x4d/0x70 [ 2665.967953][T28051] ? erofs_fc_fill_super+0x1eb/0x1180 [ 2665.967970][T28051] __submit_bio+0x592/0x930 [ 2665.967983][T28051] ? do_syscall_64+0x44/0xd0 [ 2665.967997][T28051] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2665.968015][T28051] ? trace_raw_output_block_rq_remap+0x240/0x240 [ 2665.968031][T28051] submit_bio_noacct+0x89b/0xa80 [ 2665.968047][T28051] ? mempool_alloc_slab+0x1d/0x30 [ 2665.968062][T28051] ? mempool_free+0x310/0x310 [ 2665.968076][T28051] ? mempool_alloc_slab+0x1d/0x30 [ 2665.968089][T28051] ? blk_put_request+0x20/0x20 18:24:57 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 80) 18:24:57 executing program 3: openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000240)={0x2, {0x4, 0x0, 0x0, 0x2ff, 0x100}}) syz_open_dev$tty20(0xc, 0x4, 0x0) [ 2666.104742][T28051] ? memset+0x35/0x40 [ 2666.104770][T28051] ? fscrypt_set_bio_crypt_ctx+0x173/0x500 [ 2666.104788][T28051] ? mempool_resize+0x8e0/0x8e0 [ 2666.104803][T28051] ? __kasan_check_read+0x11/0x20 [ 2666.123747][T28051] submit_bio+0x2d7/0x560 [ 2666.127910][T28051] ? submit_bio_noacct+0xa80/0xa80 [ 2666.132852][T28051] ? bio_add_page+0x2cc/0x450 [ 2666.137372][T28051] ? guard_bio_eod+0xf3/0x140 [ 2666.141884][T28051] submit_bh_wbc+0x5cf/0x6b0 [ 2666.141911][T28051] block_read_full_page+0x8a6/0xa70 [ 2666.141928][T28051] ? blkdev_fallocate+0x3e0/0x3e0 [ 2666.141943][T28051] ? block_is_partially_uptodate+0x270/0x270 [ 2666.162029][T28051] ? add_to_page_cache_locked+0x40/0x40 [ 2666.167396][T28051] blkdev_readpage+0x1c/0x20 [ 2666.171824][T28051] do_read_cache_page+0x68b/0xa70 [ 2666.176681][T28051] read_cache_page+0x4d/0x70 [ 2666.181118][T28051] erofs_fc_fill_super+0x1eb/0x1180 [ 2666.186146][T28051] ? sb_set_blocksize+0xb7/0xf0 [ 2666.190829][T28051] get_tree_bdev+0x441/0x680 [ 2666.195262][T28051] ? erofs_release_device_info+0x90/0x90 [ 2666.200741][T28051] erofs_fc_get_tree+0x1c/0x20 [ 2666.205326][T28051] vfs_get_tree+0x88/0x290 [ 2666.209579][T28051] do_new_mount+0x289/0xad0 [ 2666.213920][T28051] ? do_move_mount_old+0x160/0x160 [ 2666.218868][T28051] ? security_capable+0xb2/0xd0 [ 2666.223556][T28051] ? ns_capable+0x8a/0xf0 [ 2666.227722][T28051] path_mount+0x60b/0x1050 [ 2666.231976][T28051] __se_sys_mount+0x2d2/0x3c0 [ 2666.236488][T28051] ? __x64_sys_mount+0xd0/0xd0 [ 2666.241090][T28051] __x64_sys_mount+0xbf/0xd0 [ 2666.245513][T28051] do_syscall_64+0x44/0xd0 [ 2666.249767][T28051] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2666.255501][T28051] RIP: 0033:0x7fc55e52a5fa [ 2666.259749][T28051] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2666.270032][T28068] FAULT_INJECTION: forcing a failure. [ 2666.270032][T28068] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2666.279192][T28051] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2666.279217][T28051] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2666.279227][T28051] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2666.279237][T28051] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 [ 2666.323718][T28051] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2666.331528][T28051] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2666.339345][T28051] [ 2666.342207][T28068] CPU: 1 PID: 28068 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2666.352296][T28068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2666.362178][T28068] Call Trace: [ 2666.365302][T28068] [ 2666.368076][T28068] dump_stack_lvl+0x151/0x1b7 [ 2666.372592][T28068] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2666.377882][T28068] ? __kasan_check_read+0x11/0x20 [ 2666.382741][T28068] dump_stack+0x15/0x17 [ 2666.386735][T28068] should_fail+0x3c0/0x510 [ 2666.390989][T28068] should_fail_usercopy+0x1a/0x20 [ 2666.395851][T28068] copy_page_from_iter_atomic+0x433/0x11c0 [ 2666.401492][T28068] ? pipe_zero+0x4d0/0x4d0 [ 2666.405744][T28068] ? __kasan_check_write+0x14/0x20 [ 2666.410693][T28068] ? shmem_write_end+0x786/0x8a0 [ 2666.415467][T28068] generic_perform_write+0x343/0x5d0 [ 2666.420588][T28068] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2666.426228][T28068] ? file_remove_privs+0x690/0x690 [ 2666.431180][T28068] ? __kasan_check_write+0x14/0x20 [ 2666.436126][T28068] ? down_write+0xdd/0x140 [ 2666.440378][T28068] __generic_file_write_iter+0x25b/0x4b0 [ 2666.445844][T28068] generic_file_write_iter+0xaf/0x1c0 [ 2666.451052][T28068] vfs_write+0xc8d/0x1050 [ 2666.455232][T28068] ? file_end_write+0x1b0/0x1b0 [ 2666.459908][T28068] ? __fget_files+0x310/0x370 [ 2666.464424][T28068] ? __fdget_pos+0x1fe/0x310 [ 2666.468848][T28068] ? ksys_write+0x77/0x2c0 [ 2666.473102][T28068] ksys_write+0x198/0x2c0 [ 2666.477269][T28068] ? __ia32_sys_read+0x90/0x90 [ 2666.481869][T28068] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2666.487773][T28068] __x64_sys_write+0x7b/0x90 [ 2666.492199][T28068] do_syscall_64+0x44/0xd0 [ 2666.496449][T28068] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2666.502181][T28068] RIP: 0033:0x7fcbd55afe4f [ 2666.506431][T28068] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2666.525883][T28068] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2666.534122][T28068] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2666.541938][T28068] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2666.549746][T28068] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 18:24:58 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 86) [ 2666.557560][T28068] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2666.565369][T28068] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2666.573185][T28068] [ 2666.576893][T28051] erofs: (device loop1): mounted with root inode @ nid 36. [ 2666.579749][T28068] loop4: detected capacity change from 0 to 512 [ 2666.586690][T28071] loop2: detected capacity change from 0 to 512 [ 2666.605409][T28071] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 2666.637257][T28068] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 2666.659278][T28071] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2201: inode #15: comm syz-executor.2: corrupted in-inode xattr [ 2666.673385][T28075] loop1: detected capacity change from 0 to 16 [ 2666.673774][T28071] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz-executor.2: couldn't read orphan inode 15 (err -117) [ 2666.687623][T28075] FAULT_INJECTION: forcing a failure. [ 2666.687623][T28075] name failslab, interval 1, probability 0, space 0, times 0 [ 2666.691895][T28071] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 2666.703764][T28075] CPU: 1 PID: 28075 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2666.703785][T28075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2666.703795][T28075] Call Trace: [ 2666.737263][T28075] [ 2666.740035][T28075] dump_stack_lvl+0x151/0x1b7 [ 2666.744551][T28075] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2666.749848][T28075] dump_stack+0x15/0x17 [ 2666.753837][T28075] should_fail+0x3c0/0x510 [ 2666.758092][T28075] ? loop_queue_rq+0x3d8/0xb40 [ 2666.762689][T28075] __should_failslab+0x9f/0xe0 [ 2666.767295][T28075] should_failslab+0x9/0x20 [ 2666.771629][T28075] kmem_cache_alloc_trace+0x4a/0x310 [ 2666.776752][T28075] ? cgroup_get_e_css+0x2b9/0x470 [ 2666.781617][T28075] loop_queue_rq+0x3d8/0xb40 [ 2666.786042][T28075] __blk_mq_issue_directly+0x216/0xab0 [ 2666.791339][T28075] ? __blk_mq_run_hw_queue+0x170/0x170 [ 2666.796631][T28075] ? __kasan_check_write+0x14/0x20 [ 2666.801586][T28075] __blk_mq_try_issue_directly+0x297/0x310 [ 2666.807224][T28075] blk_mq_try_issue_directly+0xe3/0x360 [ 2666.812602][T28075] blk_mq_submit_bio+0xd68/0x1c80 [ 2666.817467][T28075] ? blk_cgroup_bio_start+0x258/0x310 [ 2666.822671][T28075] ? blk_mq_try_issue_list_directly+0x500/0x500 [ 2666.828759][T28075] ? __kasan_slab_alloc+0xc4/0xe0 [ 2666.833614][T28075] ? blk_try_enter_queue+0x15c/0x340 [ 2666.838724][T28075] ? read_cache_page+0x4d/0x70 [ 2666.843326][T28075] ? erofs_fc_fill_super+0x1eb/0x1180 [ 2666.848538][T28075] __submit_bio+0x844/0x930 [ 2666.852878][T28075] ? do_syscall_64+0x44/0xd0 [ 2666.857311][T28075] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2666.863208][T28075] ? trace_raw_output_block_rq_remap+0x240/0x240 [ 2666.869371][T28075] submit_bio_noacct+0x89b/0xa80 [ 2666.874143][T28075] ? mempool_alloc_slab+0x1d/0x30 [ 2666.879001][T28075] ? mempool_free+0x310/0x310 [ 2666.883516][T28075] ? mempool_alloc_slab+0x1d/0x30 [ 2666.888377][T28075] ? blk_put_request+0x20/0x20 [ 2666.892985][T28075] ? memset+0x35/0x40 [ 2666.896804][T28075] ? fscrypt_set_bio_crypt_ctx+0x173/0x500 [ 2666.902448][T28075] ? mempool_resize+0x8e0/0x8e0 [ 2666.907126][T28075] ? __kasan_check_read+0x11/0x20 [ 2666.911984][T28075] submit_bio+0x2d7/0x560 [ 2666.916151][T28075] ? submit_bio_noacct+0xa80/0xa80 [ 2666.921101][T28075] ? bio_add_page+0x2cc/0x450 [ 2666.925615][T28075] ? guard_bio_eod+0xf3/0x140 [ 2666.930126][T28075] submit_bh_wbc+0x5cf/0x6b0 [ 2666.934556][T28075] block_read_full_page+0x8a6/0xa70 [ 2666.939590][T28075] ? blkdev_fallocate+0x3e0/0x3e0 [ 2666.944450][T28075] ? block_is_partially_uptodate+0x270/0x270 [ 2666.950267][T28075] ? add_to_page_cache_locked+0x40/0x40 [ 2666.955650][T28075] blkdev_readpage+0x1c/0x20 [ 2666.960075][T28075] do_read_cache_page+0x68b/0xa70 [ 2666.964933][T28075] read_cache_page+0x4d/0x70 [ 2666.969361][T28075] erofs_fc_fill_super+0x1eb/0x1180 [ 2666.974396][T28075] ? sb_set_blocksize+0xb7/0xf0 [ 2666.979081][T28075] get_tree_bdev+0x441/0x680 [ 2666.983512][T28075] ? erofs_release_device_info+0x90/0x90 [ 2666.989064][T28075] erofs_fc_get_tree+0x1c/0x20 [ 2666.993666][T28075] vfs_get_tree+0x88/0x290 [ 2666.997925][T28075] do_new_mount+0x289/0xad0 [ 2667.002348][T28075] ? do_move_mount_old+0x160/0x160 [ 2667.007295][T28075] ? security_capable+0xb2/0xd0 [ 2667.011980][T28075] ? ns_capable+0x8a/0xf0 [ 2667.016162][T28075] path_mount+0x60b/0x1050 [ 2667.020922][T28075] __se_sys_mount+0x2d2/0x3c0 [ 2667.025444][T28075] ? __x64_sys_mount+0xd0/0xd0 [ 2667.030040][T28075] __x64_sys_mount+0xbf/0xd0 [ 2667.034458][T28075] do_syscall_64+0x44/0xd0 [ 2667.038719][T28075] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2667.044442][T28075] RIP: 0033:0x7fc55e52a5fa [ 2667.048694][T28075] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2667.068142][T28075] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2667.076384][T28075] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2667.084282][T28075] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2667.092097][T28075] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 [ 2667.099903][T28075] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2667.107720][T28075] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2667.115539][T28075] [ 2667.131208][T28075] erofs: (device loop1): mounted with root inode @ nid 36. [ 2667.151160][T28071] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3824: comm syz-executor.2: Allocating blocks 256-257 which overlap fs metadata 18:24:59 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 87) 18:24:59 executing program 0: mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x103) r0 = open(&(0x7f0000000300)='./file0\x00', 0x0, 0x0) r1 = creat(&(0x7f0000000180)='./file0\x00', 0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000005c0), 0x0, 0x0) r3 = io_uring_setup(0x5fd1, &(0x7f0000000140)) dup2(r2, r3) read$FUSE(r0, &(0x7f0000002380)={0x2020}, 0x2020) write$FUSE_BMAP(r1, &(0x7f0000000000)={0xc}, 0xfffffdef) 18:24:59 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 90) 18:24:59 executing program 3: mremap(&(0x7f0000e3a000/0x1000)=nil, 0x1000, 0x7ffffffff000, 0x3, &(0x7f0000f95000/0x3000)=nil) 18:24:59 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 81) [ 2667.210751][T28071] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3824: comm syz-executor.2: Allocating blocks 256-257 which overlap fs metadata [ 2667.225716][T28071] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3824: comm syz-executor.2: Allocating blocks 256-257 which overlap fs metadata [ 2667.244111][T28071] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3824: comm syz-executor.2: Allocating blocks 256-257 which overlap fs metadata 18:24:59 executing program 2: r0 = socket(0x1e, 0x4, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000080)={'wg1\x00'}) [ 2667.272520][T28079] loop1: detected capacity change from 0 to 16 [ 2667.275426][T28086] FAULT_INJECTION: forcing a failure. [ 2667.275426][T28086] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2667.279990][T28085] FAULT_INJECTION: forcing a failure. [ 2667.279990][T28085] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2667.291399][T28086] CPU: 0 PID: 28086 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2667.291428][T28086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2667.291438][T28086] Call Trace: [ 2667.291443][T28086] [ 2667.291450][T28086] dump_stack_lvl+0x151/0x1b7 [ 2667.334851][T28086] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2667.340146][T28086] ? __kasan_check_read+0x11/0x20 [ 2667.344999][T28086] dump_stack+0x15/0x17 [ 2667.348993][T28086] should_fail+0x3c0/0x510 [ 2667.353247][T28086] should_fail_usercopy+0x1a/0x20 [ 2667.358109][T28086] copy_page_from_iter_atomic+0x433/0x11c0 [ 2667.363754][T28086] ? pipe_zero+0x4d0/0x4d0 [ 2667.368001][T28086] ? __kasan_check_write+0x14/0x20 18:24:59 executing program 3: mremap(&(0x7f0000e3a000/0x1000)=nil, 0x1000, 0x7ffffffff000, 0x3, &(0x7f0000f95000/0x3000)=nil) [ 2667.372966][T28086] ? shmem_write_end+0x786/0x8a0 [ 2667.377811][T28086] generic_perform_write+0x343/0x5d0 [ 2667.382952][T28086] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2667.388575][T28086] ? file_remove_privs+0x690/0x690 [ 2667.392034][T28079] FAULT_INJECTION: forcing a failure. [ 2667.392034][T28079] name failslab, interval 1, probability 0, space 0, times 0 [ 2667.393530][T28086] ? __kasan_check_write+0x14/0x20 [ 2667.393552][T28086] ? down_write+0xdd/0x140 [ 2667.415224][T28086] __generic_file_write_iter+0x25b/0x4b0 [ 2667.420690][T28086] generic_file_write_iter+0xaf/0x1c0 [ 2667.425910][T28086] vfs_write+0xc8d/0x1050 [ 2667.430060][T28086] ? file_end_write+0x1b0/0x1b0 [ 2667.435007][T28086] ? __fget_files+0x310/0x370 [ 2667.439520][T28086] ? __fdget_pos+0x1fe/0x310 [ 2667.443944][T28086] ? ksys_write+0x77/0x2c0 [ 2667.448200][T28086] ksys_write+0x198/0x2c0 [ 2667.453148][T28086] ? __ia32_sys_read+0x90/0x90 [ 2667.457749][T28086] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2667.464055][T28086] __x64_sys_write+0x7b/0x90 [ 2667.468510][T28086] do_syscall_64+0x44/0xd0 [ 2667.472765][T28086] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2667.478607][T28086] RIP: 0033:0x7fb257acee4f [ 2667.482835][T28086] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2667.502300][T28086] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2667.510610][T28086] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2667.518421][T28086] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2667.526232][T28086] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2667.534131][T28086] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2667.541943][T28086] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2667.549755][T28086] [ 2667.555126][T28085] CPU: 0 PID: 28085 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2667.565189][T28085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2667.575082][T28085] Call Trace: [ 2667.578486][T28085] [ 2667.581243][T28085] dump_stack_lvl+0x151/0x1b7 [ 2667.585756][T28085] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2667.591053][T28085] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2667.596260][T28085] dump_stack+0x15/0x17 [ 2667.599247][T28086] loop5: detected capacity change from 0 to 512 [ 2667.600249][T28085] should_fail+0x3c0/0x510 [ 2667.600270][T28085] should_fail_alloc_page+0x58/0x70 [ 2667.615622][T28085] __alloc_pages+0x1de/0x7c0 [ 2667.620130][T28085] ? __count_vm_events+0x30/0x30 [ 2667.624901][T28085] ? __kasan_check_read+0x11/0x20 [ 2667.629758][T28085] ? __vm_enough_memory+0x118/0x310 [ 2667.634793][T28085] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2667.640263][T28085] ? shmem_swapin_page+0x15c0/0x15c0 [ 2667.645388][T28085] ? xas_start+0x33d/0x410 [ 2667.649635][T28085] ? xas_load+0x2c7/0x2e0 [ 2667.653903][T28085] ? pagecache_get_page+0xcc8/0xdb0 [ 2667.658924][T28085] ? page_cache_prev_miss+0x430/0x430 [ 2667.664221][T28085] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2667.669598][T28085] ? lru_cache_add+0x273/0x530 [ 2667.674201][T28085] shmem_getpage_gfp+0x1487/0x25f0 [ 2667.679242][T28085] ? shmem_getpage+0xa0/0xa0 [ 2667.683671][T28085] ? fault_in_safe_writeable+0x240/0x240 [ 2667.689130][T28085] ? __kasan_check_write+0x14/0x20 [ 2667.694076][T28085] ? shmem_write_end+0x786/0x8a0 [ 2667.698850][T28085] shmem_write_begin+0xc8/0x1b0 [ 2667.703628][T28085] generic_perform_write+0x2cd/0x5d0 [ 2667.708761][T28085] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2667.714389][T28085] ? file_remove_privs+0x690/0x690 [ 2667.719337][T28085] ? __kasan_check_write+0x14/0x20 [ 2667.724283][T28085] ? down_write+0xdd/0x140 [ 2667.728538][T28085] __generic_file_write_iter+0x25b/0x4b0 [ 2667.734008][T28085] generic_file_write_iter+0xaf/0x1c0 [ 2667.739216][T28085] vfs_write+0xc8d/0x1050 [ 2667.743382][T28085] ? file_end_write+0x1b0/0x1b0 [ 2667.748069][T28085] ? __fget_files+0x310/0x370 [ 2667.752585][T28085] ? __fdget_pos+0x1fe/0x310 [ 2667.757011][T28085] ? ksys_write+0x77/0x2c0 [ 2667.761262][T28085] ksys_write+0x198/0x2c0 [ 2667.765427][T28085] ? __ia32_sys_read+0x90/0x90 [ 2667.770027][T28085] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2667.775934][T28085] __x64_sys_write+0x7b/0x90 [ 2667.780357][T28085] do_syscall_64+0x44/0xd0 [ 2667.784695][T28085] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2667.790425][T28085] RIP: 0033:0x7fcbd55afe4f [ 2667.794682][T28085] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2667.814207][T28085] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2667.822540][T28085] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2667.830350][T28085] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2667.838165][T28085] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2667.845977][T28085] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2667.853790][T28085] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2667.861607][T28085] [ 2667.865043][T28079] CPU: 0 PID: 28079 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2667.875101][T28079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2667.884998][T28079] Call Trace: [ 2667.888113][T28079] [ 2667.890894][T28079] dump_stack_lvl+0x151/0x1b7 [ 2667.895404][T28079] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2667.900706][T28079] ? find_inode+0x424/0x4d0 [ 2667.905041][T28079] dump_stack+0x15/0x17 [ 2667.909036][T28079] should_fail+0x3c0/0x510 [ 2667.913288][T28079] ? erofs_getattr+0x120/0x120 [ 2667.917885][T28079] __should_failslab+0x9f/0xe0 [ 2667.922486][T28079] should_failslab+0x9/0x20 [ 2667.926826][T28079] kmem_cache_alloc+0x4f/0x2f0 [ 2667.931427][T28079] ? erofs_alloc_inode+0x1b/0x50 [ 2667.936288][T28079] ? _erofs_info+0x190/0x190 [ 2667.940716][T28079] ? erofs_getattr+0x120/0x120 [ 2667.945314][T28079] ? erofs_ilookup_test_actor+0x70/0x70 [ 2667.950695][T28079] erofs_alloc_inode+0x1b/0x50 [ 2667.955298][T28079] ? _erofs_info+0x190/0x190 [ 2667.959721][T28079] iget5_locked+0xba/0x280 [ 2667.963976][T28079] ? erofs_ilookup_test_actor+0x70/0x70 [ 2667.969365][T28079] erofs_iget+0xae/0x1b0 18:24:59 executing program 3: mremap(&(0x7f0000e3a000/0x1000)=nil, 0x1000, 0x7ffffffff000, 0x3, &(0x7f0000f95000/0x3000)=nil) 18:24:59 executing program 3: mremap(&(0x7f0000e3a000/0x1000)=nil, 0x1000, 0x7ffffffff000, 0x3, &(0x7f0000f95000/0x3000)=nil) [ 2667.973440][T28079] ? erofs_inode_init_once+0x20/0x20 [ 2667.978557][T28079] erofs_fc_fill_super+0x7a7/0x1180 [ 2667.983594][T28079] get_tree_bdev+0x441/0x680 [ 2667.988022][T28079] ? erofs_release_device_info+0x90/0x90 [ 2667.993489][T28079] erofs_fc_get_tree+0x1c/0x20 [ 2667.998091][T28079] vfs_get_tree+0x88/0x290 [ 2668.002343][T28079] do_new_mount+0x289/0xad0 [ 2668.006685][T28079] ? do_move_mount_old+0x160/0x160 [ 2668.011627][T28079] ? security_capable+0xb2/0xd0 [ 2668.016337][T28079] ? ns_capable+0x8a/0xf0 [ 2668.020488][T28079] path_mount+0x60b/0x1050 [ 2668.024828][T28079] __se_sys_mount+0x2d2/0x3c0 [ 2668.029339][T28079] ? __x64_sys_mount+0xd0/0xd0 [ 2668.033940][T28079] __x64_sys_mount+0xbf/0xd0 [ 2668.038364][T28079] do_syscall_64+0x44/0xd0 [ 2668.042615][T28079] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2668.048347][T28079] RIP: 0033:0x7fc55e52a5fa [ 2668.052598][T28079] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 18:24:59 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r0, &(0x7f0000000140)={'syz1'}, 0x4) splice(r0, &(0x7f0000000000), r2, 0x0, 0x10000000000003, 0x0) read(r1, &(0x7f0000000380)=""/240, 0xf0) 18:24:59 executing program 3: unshare(0x6c060000) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000200), 0x4) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000300)=0x208) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c) epoll_create(0x4) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000180), 0x4) sendto$inet6(r0, 0x0, 0x1e, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) r1 = socket$netlink(0x10, 0x3, 0xe) sendto$inet6(r0, 0x0, 0x0, 0x8014, &(0x7f0000000a00)={0xa, 0x4e20, 0x6, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7fffffff}, 0x1c) socketpair(0x2a, 0x6, 0xffff, &(0x7f00000006c0)={0xffffffffffffffff}) sendmsg$NL802154_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="080029bd7000fedbdf250500000008000300", @ANYRES32=0x0], 0x1c}}, 0x40000d1) syz_genetlink_get_family_id$net_dm(&(0x7f0000000b80), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f00000003c0), 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x3c, 0x0, 0x100, 0x70bd26, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2b452f92c9e5c45e}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x3c}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000005c0)={'wlan1\x00', 0x0}) sendmsg$nl_route_sched(r2, 0x0, 0x8) sendmsg$NL80211_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000580), 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x28, 0x0, 0x0, 0x70bd26, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x0, 0x2b}}}}}, 0x28}}, 0x1) sendto$inet6(r0, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d87f0046090011006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433ae1402c698d71f0a300eb587011465404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf4538eb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6afda4662d2a12f6d", 0xfffffffffffffda7, 0x44045, 0x0, 0x0) 18:25:00 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 82) [ 2668.072044][T28079] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2668.080291][T28079] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2668.088101][T28079] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2668.095911][T28079] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 [ 2668.103725][T28079] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2668.111541][T28079] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2668.119379][T28079] 18:25:00 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 88) 18:25:00 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 91) 18:25:00 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r0, &(0x7f0000000140)={'syz1'}, 0x4) splice(r0, &(0x7f0000000000), r2, 0x0, 0x10000000000003, 0x0) read(r1, &(0x7f0000000380)=""/240, 0xf0) 18:25:00 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r0, &(0x7f0000000140)={'syz1'}, 0x4) splice(r0, &(0x7f0000000000), r2, 0x0, 0x10000000000003, 0x0) read(r1, &(0x7f0000000380)=""/240, 0xf0) 18:25:00 executing program 3: syz_io_uring_setup(0x6b35, &(0x7f0000000180), &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), 0x0) syz_io_uring_setup(0x5ab2, &(0x7f0000000040), &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) [ 2668.183115][T28100] loop1: detected capacity change from 0 to 16 [ 2668.202093][T28100] FAULT_INJECTION: forcing a failure. [ 2668.202093][T28100] name failslab, interval 1, probability 0, space 0, times 0 [ 2668.217243][T28106] FAULT_INJECTION: forcing a failure. [ 2668.217243][T28106] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2668.230214][T28106] CPU: 0 PID: 28106 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2668.240273][T28106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2668.250339][T28106] Call Trace: [ 2668.253462][T28106] [ 2668.256244][T28106] dump_stack_lvl+0x151/0x1b7 [ 2668.260755][T28106] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2668.266052][T28106] ? __kasan_check_read+0x11/0x20 [ 2668.270911][T28106] dump_stack+0x15/0x17 [ 2668.274904][T28106] should_fail+0x3c0/0x510 18:25:00 executing program 3: syz_io_uring_setup(0x6b35, &(0x7f0000000180), &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), 0x0) syz_io_uring_setup(0x5ab2, &(0x7f0000000040), &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) [ 2668.279186][T28106] should_fail_usercopy+0x1a/0x20 [ 2668.284023][T28106] copy_page_from_iter_atomic+0x433/0x11c0 [ 2668.289661][T28106] ? pipe_zero+0x4d0/0x4d0 [ 2668.294049][T28106] ? __kasan_check_write+0x14/0x20 [ 2668.298993][T28106] ? shmem_write_end+0x786/0x8a0 [ 2668.303776][T28106] generic_perform_write+0x343/0x5d0 [ 2668.308895][T28106] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2668.314536][T28106] ? file_remove_privs+0x690/0x690 [ 2668.319572][T28106] ? __kasan_check_write+0x14/0x20 [ 2668.324516][T28106] ? down_write+0xdd/0x140 [ 2668.328772][T28106] __generic_file_write_iter+0x25b/0x4b0 [ 2668.334239][T28106] generic_file_write_iter+0xaf/0x1c0 [ 2668.339527][T28106] vfs_write+0xc8d/0x1050 [ 2668.343705][T28106] ? file_end_write+0x1b0/0x1b0 [ 2668.348384][T28106] ? __fget_files+0x310/0x370 [ 2668.352897][T28106] ? __fdget_pos+0x1fe/0x310 [ 2668.357365][T28106] ? ksys_write+0x77/0x2c0 [ 2668.361577][T28106] ksys_write+0x198/0x2c0 [ 2668.365743][T28106] ? __ia32_sys_read+0x90/0x90 [ 2668.370346][T28106] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2668.376250][T28106] __x64_sys_write+0x7b/0x90 [ 2668.380670][T28106] do_syscall_64+0x44/0xd0 [ 2668.385019][T28106] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2668.390744][T28106] RIP: 0033:0x7fcbd55afe4f [ 2668.395031][T28106] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2668.414440][T28106] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2668.422686][T28106] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2668.430524][T28106] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2668.438309][T28106] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2668.446123][T28106] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2668.453943][T28106] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2668.461749][T28106] [ 2668.464791][T28100] CPU: 1 PID: 28100 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2668.474848][T28100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2668.484753][T28100] Call Trace: [ 2668.487871][T28100] [ 2668.490644][T28100] dump_stack_lvl+0x151/0x1b7 [ 2668.495162][T28100] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2668.500459][T28100] ? find_inode+0x424/0x4d0 [ 2668.504798][T28100] dump_stack+0x15/0x17 [ 2668.508788][T28100] should_fail+0x3c0/0x510 [ 2668.513040][T28100] ? erofs_getattr+0x120/0x120 [ 2668.517637][T28100] __should_failslab+0x9f/0xe0 [ 2668.522254][T28100] should_failslab+0x9/0x20 [ 2668.526579][T28100] kmem_cache_alloc+0x4f/0x2f0 [ 2668.531180][T28100] ? erofs_alloc_inode+0x1b/0x50 [ 2668.535954][T28100] ? _erofs_info+0x190/0x190 [ 2668.540383][T28100] ? erofs_getattr+0x120/0x120 [ 2668.544982][T28100] ? erofs_ilookup_test_actor+0x70/0x70 [ 2668.550364][T28100] erofs_alloc_inode+0x1b/0x50 [ 2668.554973][T28100] ? _erofs_info+0x190/0x190 [ 2668.559392][T28100] iget5_locked+0xba/0x280 [ 2668.563643][T28100] ? erofs_ilookup_test_actor+0x70/0x70 [ 2668.569025][T28100] erofs_iget+0xae/0x1b0 [ 2668.573102][T28100] ? erofs_inode_init_once+0x20/0x20 [ 2668.578226][T28100] erofs_fc_fill_super+0x7a7/0x1180 [ 2668.583265][T28100] get_tree_bdev+0x441/0x680 [ 2668.587689][T28100] ? erofs_release_device_info+0x90/0x90 [ 2668.593156][T28100] erofs_fc_get_tree+0x1c/0x20 [ 2668.597757][T28100] vfs_get_tree+0x88/0x290 [ 2668.602009][T28100] do_new_mount+0x289/0xad0 [ 2668.606348][T28100] ? do_move_mount_old+0x160/0x160 [ 2668.611295][T28100] ? security_capable+0xb2/0xd0 [ 2668.615984][T28100] ? ns_capable+0x8a/0xf0 [ 2668.620149][T28100] path_mount+0x60b/0x1050 [ 2668.624491][T28100] __se_sys_mount+0x2d2/0x3c0 [ 2668.629007][T28100] ? __x64_sys_mount+0xd0/0xd0 [ 2668.633604][T28100] __x64_sys_mount+0xbf/0xd0 [ 2668.638032][T28100] do_syscall_64+0x44/0xd0 [ 2668.642288][T28100] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2668.648011][T28100] RIP: 0033:0x7fc55e52a5fa [ 2668.652269][T28100] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2668.671710][T28100] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 18:25:00 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r0, &(0x7f0000000140)={'syz1'}, 0x4) splice(r0, &(0x7f0000000000), r2, 0x0, 0x10000000000003, 0x0) read(r1, &(0x7f0000000380)=""/240, 0xf0) 18:25:00 executing program 3: syz_io_uring_setup(0x6b35, &(0x7f0000000180), &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), 0x0) syz_io_uring_setup(0x5ab2, &(0x7f0000000040), &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) [ 2668.679962][T28100] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2668.687769][T28100] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2668.695578][T28100] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 [ 2668.703390][T28100] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2668.711204][T28100] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2668.719020][T28100] [ 2668.726976][T28116] FAULT_INJECTION: forcing a failure. 18:25:00 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r0, &(0x7f0000000140)={'syz1'}, 0x4) splice(r0, &(0x7f0000000000), r2, 0x0, 0x10000000000003, 0x0) read(r1, &(0x7f0000000380)=""/240, 0xf0) 18:25:00 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r0, &(0x7f0000000140)={'syz1'}, 0x4) splice(r0, &(0x7f0000000000), r2, 0x0, 0x10000000000003, 0x0) read(r1, &(0x7f0000000380)=""/240, 0xf0) [ 2668.726976][T28116] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2668.740851][T28106] loop4: detected capacity change from 0 to 512 [ 2668.774119][T28116] CPU: 1 PID: 28116 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2668.784204][T28116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2668.794095][T28116] Call Trace: [ 2668.797222][T28116] [ 2668.799997][T28116] dump_stack_lvl+0x151/0x1b7 [ 2668.804518][T28116] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2668.809801][T28116] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2668.815008][T28116] dump_stack+0x15/0x17 [ 2668.819002][T28116] should_fail+0x3c0/0x510 [ 2668.823255][T28116] should_fail_alloc_page+0x58/0x70 [ 2668.828292][T28116] __alloc_pages+0x1de/0x7c0 [ 2668.832716][T28116] ? __count_vm_events+0x30/0x30 [ 2668.837488][T28116] ? __kasan_check_read+0x11/0x20 [ 2668.842351][T28116] ? __vm_enough_memory+0x118/0x310 [ 2668.847385][T28116] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2668.852852][T28116] ? shmem_swapin_page+0x15c0/0x15c0 [ 2668.857975][T28116] ? xas_start+0x33d/0x410 [ 2668.862256][T28116] ? xas_load+0x2c7/0x2e0 [ 2668.866482][T28116] ? pagecache_get_page+0xcc8/0xdb0 [ 2668.871516][T28116] ? page_cache_prev_miss+0x430/0x430 [ 2668.876721][T28116] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2668.882107][T28116] ? lru_cache_add+0x273/0x530 [ 2668.886705][T28116] shmem_getpage_gfp+0x1487/0x25f0 [ 2668.891654][T28116] ? shmem_getpage+0xa0/0xa0 [ 2668.896076][T28116] ? fault_in_safe_writeable+0x240/0x240 [ 2668.901545][T28116] ? __kasan_check_write+0x14/0x20 [ 2668.906492][T28116] ? shmem_write_end+0x786/0x8a0 [ 2668.911274][T28116] shmem_write_begin+0xc8/0x1b0 [ 2668.915954][T28116] generic_perform_write+0x2cd/0x5d0 [ 2668.921085][T28116] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2668.926718][T28116] ? file_remove_privs+0x690/0x690 [ 2668.931665][T28116] ? __kasan_check_write+0x14/0x20 [ 2668.936612][T28116] ? down_write+0xdd/0x140 [ 2668.940875][T28116] __generic_file_write_iter+0x25b/0x4b0 [ 2668.946336][T28116] generic_file_write_iter+0xaf/0x1c0 [ 2668.951543][T28116] vfs_write+0xc8d/0x1050 [ 2668.955710][T28116] ? file_end_write+0x1b0/0x1b0 [ 2668.960397][T28116] ? __fget_files+0x310/0x370 [ 2668.964911][T28116] ? __fdget_pos+0x1fe/0x310 [ 2668.969335][T28116] ? ksys_write+0x77/0x2c0 [ 2668.973590][T28116] ksys_write+0x198/0x2c0 [ 2668.977759][T28116] ? __ia32_sys_read+0x90/0x90 [ 2668.982356][T28116] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2668.988260][T28116] __x64_sys_write+0x7b/0x90 [ 2668.992685][T28116] do_syscall_64+0x44/0xd0 [ 2668.996939][T28116] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2669.002667][T28116] RIP: 0033:0x7fb257acee4f [ 2669.006922][T28116] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2669.026363][T28116] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 18:25:00 executing program 3: syz_io_uring_setup(0x6b35, &(0x7f0000000180), &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), 0x0) syz_io_uring_setup(0x5ab2, &(0x7f0000000040), &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) [ 2669.034784][T28116] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2669.042597][T28116] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2669.050408][T28116] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2669.058220][T28116] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2669.066118][T28116] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2669.073940][T28116] 18:25:00 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 83) 18:25:00 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 89) 18:25:00 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r0, &(0x7f0000000140)={'syz1'}, 0x4) splice(r0, &(0x7f0000000000), r2, 0x0, 0x10000000000003, 0x0) read(r1, &(0x7f0000000380)=""/240, 0xf0) 18:25:00 executing program 2: mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0) writev(r1, &(0x7f00000001c0)=[{&(0x7f0000000180)='0', 0x1}], 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r2 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000140), 0x12) r3 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0xfffffffffffffffb) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e) sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000003c0)=0xae) mount$bind(&(0x7f0000000900)='./file0\x00', &(0x7f0000000ac0)='./file0\x00', &(0x7f0000000b00), 0x8, 0x0) r7 = getpid() sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x2) fallocate(r5, 0x28, 0x3a, 0x778) newfstatat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x100) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000000580)={0x2, 0x5, 0xaa, &(0x7f0000000780)=""/170}) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000680)=[{{&(0x7f0000000300)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f00000005c0)=[{&(0x7f0000000400)="d5593aac8678973b44e52aefccf45aa952ca4e4d710950c2fbf3b9a6d94262ed51dddc11e9c9ebb03752593d9d451f41793cbbbe85a12c74d094c451f9ec248d4b4ac6ff99a9f369", 0x48}, {&(0x7f0000000500)="43ef61b0080002bfc60d643e361f192a3e9d5fc2a195e77c7f7f358f4af87c16d9c4c5b662275dac011173f0a3dff6bd10800a8795cc87e07f8b38a0ef3b5721341375a49f25cafadb31e66344a7f6be591f0df69466a9f4a078", 0x5a}, {&(0x7f0000000c80)="ab4c8730affc5223b3c4a8018bf502e20d79e20dcfdce2251531eadde924a8e852f98b3a7b1bfa975dbd73982357e27118a18731b95549d05a7010f85491cabf69ae6f397f6285b4730abaa028ef5d4204bd80bcf2f700c58a3e157f5dbf8850b7258290e574614a972fed998886720205d334107594f9524a77279b67600fb1ab908707f4aded535d4de803ebd5d7fdd299", 0x92}], 0x3, &(0x7f0000001740)=ANY=[@ANYBLOB="200000070000000000001001a71dd05fc09ec3af6bffefed39448ed4a30bce1d1de691c4a6785e5c9566b0cda7c1f2", @ANYRES32=r0, @ANYBLOB="d112ba32b8ac66128b4025cded9ac28f12b464122100051138a0868571fceb961b5a777fdd3f329685504485c0c78d51744271ff857675b8eeec731e1646a9b83b02a229ab91e37fa4ad7dbd52461f1aa0ce292f4daf25a89c15439417bb9b21dc7b3b77e7a981be2a90ac3aafab3ee7b8e801ae63f3c791e582bf0328f09eb032ba5022429ffd8744d7cd51e6e4bf063e59fd76f5ca78ab12879e3431e8f2ced748fa47954b2e80893fdba483d992cb8a26b66a7776504abb95a9b423a25ad6e964cd77842f368afeea46d03da177c58032d8c69dd2e9bd448edac15655404be278810c99df49335e2a1bd79acd3fffc75cca38dbd5f334b8daa7d1b16a836851520f257b5dee4ca452b0693ef6cde99bba856d04d30ae584f5067574d4a7c1b6bd0e725ac575b8cd21ec058f7ad73d68248ab949c9f7a4aa7bd4c25c8ed2b827b41f371d79209531b377ac305de9fcf066a136f5c1e8b68a9d8346c628dfd766de5c3c84e14d366490a5fb68617f9614dc1c12c152b108e9820a204fed53aaf09370fbaad7632f8ca404e85b24aea61382728f27cd5928c6e0d016c2492d2ce795aeefc822e8af109016f76a59b0c381ce6371085599cc4726fa991cb0d842ad1cd203f2a7264d9cde486e5d252e50d8cb72465992fe136d230078ba1b8a9b6e6984d151d74d04b7dbeb9734ee79982e54912393cb989f7d2e858ce79321d1c987c679a8145556ba6c4db18c529272c69456cda6384fe54c6adcef7ebe538c71eb72abef94b87e46cf8d36620e5d2d33b9c3e2a66a3b0ab21f6b642d2be1384d19d01a4050bda491fed922aa5f7aa7902587b87e72248de2ed2fea5d3ba1ba0faa9859e25bd374f6b06b71e089b8f28bcbf07d3d8af385d6ea1617f853f89af08c5cf951f3e837592e07cae7dd3ec7ec6193f5721f90521c00c31a2e05dceaa9b5ab1e200b4dfed6449e225de163cdfb11c4fc9eeecb85c454242db3067b8c3ebd454a1a8a13c35cf460a9445b97902aaeca35f6ba390bd05ce2705efbd6600b29eeb5e6561942ea3a74e65c7a21c9f46ce0799bca825f8c560f1d8027bc51e1299c266ec24b22df59d20865795fabf880f13deff95f10eb63217053e7297bd7930bdafcddc24dcf933a1a90f684d4bf49b10f7dd852fd0d2190e38ca35a40a6b5c55dc1f09e9934cdf706316d2aa9941752abf03385767f39d08a8c2dc8cbf9a04a02156cbec9df92566ee02a253d7595179d2ded41586afc25e045874a6fb0993d4a42b342c0a7c3f0a691cf9160be7b45a5c3499793b22df06359b996667c0c98b06f92b4c20593adf3781802cd504beba1df09c1d89b5a8a654b3db9caac574e49deeb242f166a4f8d8f329c8f695acf069dcc93fd466714b097980687249baa750d5ae9c6b0d4453e940da1e9e37eb915823f7fe023bb5137308aa7095fa35ba99c847993efa24d7a7631eb3e1f459aa47c088e9248d9f2efb83dbb0cc8ca83e3e51646fbef34d17e968237014749da656dfaf03070d00bf5351b92f23e431b03e7cbdd09d8f9b8c5d2053c889437d958285a8f1cc7b959de99523ef3305b90fbc0458a3fe3ccea5ddc1ea08e60506df13a65520a33bc81d52c34b79629e7400732e66c8727f73388efa2b57e28737be4b57ebdf4e013271ed17307de7a8e9686f681ee29928c509ac3d360268b03c41722941f96af347e0a2f1ad21177e9a5cefdb37eb78807cb6bef042f44969cd48bd3d171fa1a2c8147e088cc8d1cc55421fa8504ec2b4d31fb8dd65ff2e8b8901c949eac06c773ee734370f74b9e8f9cda20d03d5525c2ddae199358a21a23a0f997670a3ee714d00080f1bd29fb6590b52f8fccea86a983374a50cee6bb9300799d1e221658d1a430796ce2422b36ffc0bb863ddb6be5b7676f57e5865e1ebdb7cd6a2a6a60e81639ec8f561eb1305e481a737c6e759ac2bf57f9fe3673229980f41f5676a3043d3e44059a77226b2b6acefdb2229d6dd712cbb10876e0dbf6bee085e379a8b8dbbf2c49e35b34edd03dd45318f1c2d819588bfb1d9cf6cc3a86b97cf76d626216dcc88b9f5ac7d605da84e15dff2906a25e35545747a68f87d2bb3e0be8b4aee710f33a73e0ddd4e7173e169219bd0bd2131672e88b08626b176a9219b61a1bb08bb5233ddcff816800af4860b19a7467678c453e48968a307ce3e1a8d9afb02829ebd25e04fa686c7fe5bb9720a837a15f321d812684ca6b2d81c38d12519b5a1bcf50d7f38165080ed387e5d3ea9d0f383e1b55c5c0e54b82003b676196bc1de7f11661442abac75a3b47fd1a0cad628d6ad7ce76644bd5da50a906c54868897bfc1305c701f7057e963a1b45aa7583d3c07b07e2c1fcd19864bf2d23f2a8630c2e5da347bafbdede8abd8fbc72617daec569d177920d46f9976470e0aa1cb6b3abcaef4df786c7facc44bbda3a4dbff3fb681affab34c8403fd6ec90bcaadbcf92eceb802fe797b9b827c633e0e737d6b3a8b89b5359b89d96fb0b732ce429a4871e51621a9fe8619959bbab426ab6745e1649c9dfc3998b94cedf10e6187f96815e57b6313c582d2f629830e17a1b172d1b16f4a1cef4405157b5b24d2a7e82e7ffaa9decd8ec66b385afb85f8397e7f12f43c0ab12819cac7f8dac47d91153a93667f4545dbf6c523e908c24746b367b49b97c67cbb35ec24686e52fdcaee27e2801c9dbf400056a1d948c6fcc9fd4cbcbfac05a0270a39db95173164ea6fd40a3bd3318c0bc8d1fa29b9809a910d26413e4026578b2ac48b527efa4899a6a3d1b8783a8f056616c14d3e57a6ddb0eacaa00636f9007bb1922ba5fdf778c03f995e03c6bd69f973ef2f889fe93bda7809b63cb5c26a6773e9ca16fecbba664209603ed8924968cf1aeedcd4b463db5a0a4bb472f5425a2dd90c71e0d59467ffffd71119fe59e1d6cf1ce08168876b4ebd9a6fe46b80e146c3b4a4ddfc88b0e51a0fbf4c888e63356e37073bd203d95f4d08bb30057f056f8cc3cc9d4100f4c0a2e0b4241141230e50d312820ae419d99e87efd7e85d9a34dfa18403c4c9d5609d94eb3e4d44a991a59672f1dd03ce1ff004f8594472282c8f72fe627c9e76f25a2bf7b256310442a828c3c102687e41996697e186442bcc886043155269002e9c5570fbd2dd2eef446cf349c071605410c92ebcf7dcba60a72d91b4e04e8d822b271025a750f9ef6346764d5634a4d7f0178a1393c6f04566c16ea3261a0eb0524e21dc73b043035cd5814d069696bcdf10d96fbcf1e2ef1618e98ea02f9e87f90f1b3cef64ef2e6996b016ccd4d41e81afd1c466826ddf458828bb3f25809a1d659d5e6dd72c73c326f2a34179f3eb70a3c4f4e81267c2f61579c58e7c4c4b44633a552e8b989b0b4787f348b846d6354f7ea06db9fa6ffc41d17409f45c2fcf09eb03ad7b30905e62bf9ba5864ca7220cdef82d9159bf0d00bb4599b5323e0aa9e3b5d80add50877b08f6abfb0d99e68626a8ea7ffbdc3b82ed316227a311a808bbedbd8d095fb581228a6c05d0b4ca242bfda708c95357a2cff114bea952d43d66ddfcf8335c39eff48e8edd9b3a41c72cc04cb18ac5748a77eb37b608bf13d359162f5c98ea6f1041f94433405feea2748967ae74ce55cbdfd9d6bd3a7875475b68751308a42c4460905c510a69280f36144d5b26815a1f94b78f8d147d7c85668f2e5ff64d0ece2811f709ad8a404a1b6fc8c54b164dda15be6db7bbfd4baf8c674e40e172b1c2fa3e2959c65686f8d62f9788a961a77d386d97a0a846bd46597d0a4f80c98cecd34a0b754309ba2efe46949ec1f4550330bc14666b56b6d159678680c6b7f6143c9d5973148f36b5e9e934ed7a6a24541859f790bba08a9aba47fa0d7e5caf5e04e8157bf1319997e0a43b57b1e9013994e74431767e59a552693250aa7ee9ca949d04d2cea957cc86bb402524b2df3842711d05cfe566398982f150f422ee384b8a53a5f79215abb4ef5a5b29214aa235a4625451ecb56f9e4766868dc93b5915904b47015b41a3f443452f83bfd1bdf940eee9d325803824ed65373a99c7d05ceaec3465149506a8fa562e956d0e7d715e3c05c9ffc872269f100bd897fbcf172c4504648b1e250f3959213ff78bab519a5dc7d1bf55a225b59486b713085783f5427bcf39e68f0abfff682ec651b598026f8c0f607f578d5c1dc102851b47b682261841dc0a8bd63179ee53bcdd7fe9bb09a5ce58e2611b1864cd7885a1bc5761024e66f0f0094b17f1e47d7a9e70c20eec71abb04b749b8e1f6be8104bb0c53a6d80e8987b28ad700a8c0fa77fa5103e523700c9434b826eb62d75bc3de82eee6c2a9fb67b9ce263f2ed2d3fb5cb69bda1f6c7afaac189726c53aadea26d3ca1aa33191c00d15d45502fd9e56bfb4a2a5ef499e588a871f14b788bcd9fd64c882e7a1414fcbcf871aefffcaf244fcb8490e4e378e7ee1cd856ff09048d5066c5917c55b8924cfb8e3d94da3e63cba8edd98f8ce9c2699d744c61d55c3bfc3bbdeb6820f9be9bc66310cb0811229d0f138256e94bbf5d1e390ff5a52d9489c79f1c1d064faa9ab7462158d7406f30f62439d2059d8b86e314825b51058fd7ae1304cffc4551c890b2911e3f2ff2ea19ef11ba9524374976456782be0a5771bacd843f7b55ef39bb301ce1604d138c7ce9a0d8e7af79d4902400c14405cbbc3269a176c6478f2d24b74c3087aa105632267f27db1a5125d4dc716149cc8dbab38f29a32851378b65c4da2e4cac08375470e320a162c1634a9f95fa9ec3a000985efd1d9df1a21f53c226602b6af5e247598dfe6f8a5e763ff9c29312eae77fda1f3a98870914accd6733801043a6c2f4c919e3590b1830845214cb5e0597796be434eaeace8dc6acd2a3c011a71a354d2a97ce9db131e3792baa5b54dfe18f87fb47f76b7e4268577457a552b39b15e7f394d60cdec1d129d751f9e0d31f765d4b28ae5d23c29ab04c35b242eca0d1620bdae68f41f7777e35495821377786ef5c5ad0e48bb3420975bd86591fbfff742a59839feabd7c95d8f12f668b84ca0e92f1e2b4f23b40060a12648e2175a5774c1f6fdfa8b8aa359974c4b6395667b74464e618cb139c3dd6c0fedbd84d4fc99ff0c56373d5d3098520c23e886cdd71c201dbb92c9b6ee3452ba5a21e78b03efa860de6d13d248e19efac2c694314d0b3841db4db1730da22e6ffc2d8a6512d8c05f24831daae2f39caee6ec2b0d364af0c330f69ec6585d481fea0ba00e1a3bad8cec073670fc7e84b2f8da17d56bd6ba4bbe38a6e3a65282b96fa792fbd0428e03b60536c5f30be6360a9d00401db797fea8eaf1bcd6f576c2c38549eb86436daa5882f8d500f0cae0b0e7ed8ec9f5d640be04dedbdea9ef0516943d4869a71b3442ca3e8d18b196b62b3fd99878e80375fd33a7574c2b721c87fc5bc8aee3864f78040792e548855736a1df913b88c1c1bb52161495cd6b7a3e4b9137056c90f0a1a501499e1a5697ef93349f81d4dcf7c2b42bd91031666810f4214d9b722aaf98b22f12b92f4166fbb6dcabb29d0614c45760e61ebca4a77464cbf854b5feb5f3805f0fc0d4b9420bc408369d0472f3e537fbd4062f958078a770a155447cfbd95c0dd26f52bcf20c240caa930a0c876c07282bad1ee58769a7393c4b03b6a043631f09e2437bb4e81e1e909cc4eb16734850039c6743e83a4509308daf56cc8f596efa01f7412ba31dfcdfaac9911b57415e63a22b2ccbfb218a41607272bf1cd223166e98", @ANYRES32, @ANYRES64=r5, @ANYRES64=r8, @ANYRES32, @ANYRES16=0x0, @ANYRES32=0x0, @ANYBLOB="4fab9553e5f1059ab939d900000000f9e3f41eb57ef8df6cab8016c9ce3ac08f2b0d92f94dba06ed2f665ecc68b69b8d7550710201d9751fa4e825662732f3a8c5bb3c2a7bedfc8388942a7f84f543f5aae98830850e4837672e09de8f6c3c564ba157c5ae0bfdb213740eb6cf157d944311652a7a2a0fa845e931e945ad06149c51b866526ed983323e256a5a8c4356ac469305f66e9df5000000000000000000000000000000c1d63289a178db75c9a2d26001ce0240bb81314d1a368163f7129a285a24d978b85fa2515ab901ee3894ad56b3dff70f0cd5b0ce7b279c1861fedef1ce614f9cedd497ee19c6c1de651c70330b2a606f21bae83b885a292e528a56d24037802b4c9ad1eb373147667455a8013d368417b5d4d5a4c158ffbf43248bc6731792"], 0x40, 0x800}}], 0x1, 0x2000c805) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup.cpu/syz1\x00', 0x1ff) r9 = getpid() sched_setscheduler(r9, 0x1, &(0x7f0000001700)=0x4) process_vm_writev(r9, &(0x7f0000000240)=[{&(0x7f00000000c0)=""/57, 0x39}, {&(0x7f0000000480)=""/65, 0x41}], 0x2, &(0x7f0000000a40)=[{&(0x7f0000000b40)=""/53, 0x35}, {&(0x7f0000000640)=""/16, 0x10}, {&(0x7f00000006c0)=""/34, 0x22}, {&(0x7f0000000700)=""/91, 0x5b}, {&(0x7f0000000b80)=""/203, 0xcb}, {&(0x7f0000000880)=""/121, 0x79}], 0x6, 0x0) 18:25:00 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000033000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, &(0x7f0000000040)="baa000ec3e3e3e0f2b75ee65f30f008f6300a6aff4660f3a62227d0f20e06635000040000f22e0260f0350000f01cf", 0x2f}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x3, 0x0, 0x0, 0x20, 0x0, 0x0, 0x20004c8]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000000c0), 0xc, 0x0}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000390200010027bd7000fbdb"], 0x44}}, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000280)={0xc, 0x8001}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.io_merged\x00', 0x275a, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:25:00 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 92) 18:25:00 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000012100000000000000c04850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000001c0)='module_request\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_DEL_PMKSA(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x1c, 0x0, 0xb1c8bde1c61eeefc, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), r1) syz_genetlink_get_family_id$team(&(0x7f0000000080), r1) [ 2669.082189][T28106] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 2669.139282][T28137] FAULT_INJECTION: forcing a failure. [ 2669.139282][T28137] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2669.140239][T28140] loop1: detected capacity change from 0 to 16 [ 2669.152194][T28137] CPU: 1 PID: 28137 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2669.168287][T28137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2669.178188][T28137] Call Trace: [ 2669.181304][T28137] [ 2669.184087][T28137] dump_stack_lvl+0x151/0x1b7 [ 2669.188598][T28137] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2669.193893][T28137] ? __kasan_check_read+0x11/0x20 [ 2669.198767][T28137] dump_stack+0x15/0x17 [ 2669.200616][T28140] FAULT_INJECTION: forcing a failure. [ 2669.200616][T28140] name failslab, interval 1, probability 0, space 0, times 0 [ 2669.202760][T28137] should_fail+0x3c0/0x510 [ 2669.219412][T28137] should_fail_usercopy+0x1a/0x20 [ 2669.224273][T28137] copy_page_from_iter_atomic+0x433/0x11c0 [ 2669.229924][T28137] ? pipe_zero+0x4d0/0x4d0 [ 2669.234429][T28137] ? __kasan_check_write+0x14/0x20 [ 2669.239377][T28137] ? shmem_write_end+0x786/0x8a0 [ 2669.244149][T28137] generic_perform_write+0x343/0x5d0 [ 2669.249271][T28137] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2669.254914][T28137] ? file_remove_privs+0x690/0x690 [ 2669.259861][T28137] ? __kasan_check_write+0x14/0x20 [ 2669.264808][T28137] ? down_write+0xdd/0x140 [ 2669.269058][T28137] __generic_file_write_iter+0x25b/0x4b0 [ 2669.274530][T28137] generic_file_write_iter+0xaf/0x1c0 [ 2669.279737][T28137] vfs_write+0xc8d/0x1050 [ 2669.283992][T28137] ? file_end_write+0x1b0/0x1b0 [ 2669.288681][T28137] ? __fget_files+0x310/0x370 [ 2669.293191][T28137] ? __fdget_pos+0x1fe/0x310 [ 2669.297620][T28137] ? ksys_write+0x77/0x2c0 [ 2669.301873][T28137] ksys_write+0x198/0x2c0 [ 2669.306039][T28137] ? __ia32_sys_read+0x90/0x90 [ 2669.310635][T28137] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2669.316543][T28137] __x64_sys_write+0x7b/0x90 [ 2669.321092][T28137] do_syscall_64+0x44/0xd0 [ 2669.325349][T28137] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2669.331075][T28137] RIP: 0033:0x7fb257acee4f [ 2669.335329][T28137] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2669.354769][T28137] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2669.363014][T28137] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2669.370829][T28137] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2669.378642][T28137] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2669.386452][T28137] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2669.394264][T28137] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2669.402085][T28137] [ 2669.407567][T28140] CPU: 0 PID: 28140 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2669.412445][T28137] loop5: detected capacity change from 0 to 512 [ 2669.417634][T28140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2669.417646][T28140] Call Trace: [ 2669.417656][T28140] [ 2669.417661][T28140] dump_stack_lvl+0x151/0x1b7 [ 2669.444027][T28140] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2669.449320][T28140] dump_stack+0x15/0x17 [ 2669.453303][T28140] should_fail+0x3c0/0x510 [ 2669.457566][T28140] __should_failslab+0x9f/0xe0 [ 2669.462162][T28140] should_failslab+0x9/0x20 [ 2669.466496][T28140] kmem_cache_alloc+0x4f/0x2f0 [ 2669.471106][T28140] ? from_kuid_munged+0x7b0/0x7b0 [ 2669.475966][T28140] ? security_inode_alloc+0x29/0x140 [ 2669.481168][T28140] security_inode_alloc+0x29/0x140 [ 2669.486211][T28140] inode_init_always+0x717/0x960 [ 2669.490984][T28140] ? erofs_getattr+0x120/0x120 [ 2669.495586][T28140] ? erofs_ilookup_test_actor+0x70/0x70 [ 2669.501052][T28140] iget5_locked+0xe5/0x280 [ 2669.505305][T28140] ? erofs_ilookup_test_actor+0x70/0x70 [ 2669.510695][T28140] erofs_iget+0xae/0x1b0 [ 2669.514767][T28140] ? erofs_inode_init_once+0x20/0x20 [ 2669.519889][T28140] erofs_fc_fill_super+0x7a7/0x1180 [ 2669.525106][T28140] get_tree_bdev+0x441/0x680 [ 2669.529520][T28140] ? erofs_release_device_info+0x90/0x90 [ 2669.534991][T28140] erofs_fc_get_tree+0x1c/0x20 [ 2669.539589][T28140] vfs_get_tree+0x88/0x290 [ 2669.543843][T28140] do_new_mount+0x289/0xad0 [ 2669.548185][T28140] ? do_move_mount_old+0x160/0x160 [ 2669.553134][T28140] ? security_capable+0xb2/0xd0 [ 2669.557817][T28140] ? ns_capable+0x8a/0xf0 [ 2669.561986][T28140] path_mount+0x60b/0x1050 [ 2669.566238][T28140] __se_sys_mount+0x2d2/0x3c0 [ 2669.570763][T28140] ? __x64_sys_mount+0xd0/0xd0 [ 2669.575355][T28140] __x64_sys_mount+0xbf/0xd0 [ 2669.579778][T28140] do_syscall_64+0x44/0xd0 [ 2669.584031][T28140] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2669.589760][T28140] RIP: 0033:0x7fc55e52a5fa [ 2669.594014][T28140] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2669.613462][T28140] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2669.621701][T28140] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2669.629515][T28140] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 18:25:01 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 93) [ 2669.637325][T28140] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 [ 2669.645139][T28140] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2669.652951][T28140] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2669.660765][T28140] [ 2669.667621][T28147] FAULT_INJECTION: forcing a failure. [ 2669.667621][T28147] name fail_page_alloc, interval 1, probability 0, space 0, times 0 18:25:01 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000012100000000000000c04850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000001c0)='module_request\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_DEL_PMKSA(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x1c, 0x0, 0xb1c8bde1c61eeefc, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), r1) syz_genetlink_get_family_id$team(&(0x7f0000000080), r1) [ 2669.726811][T28147] CPU: 0 PID: 28147 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2669.736894][T28147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2669.738831][T28150] FAULT_INJECTION: forcing a failure. [ 2669.738831][T28150] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2669.746786][T28147] Call Trace: [ 2669.746797][T28147] [ 2669.746804][T28147] dump_stack_lvl+0x151/0x1b7 [ 2669.746828][T28147] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2669.775517][T28147] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2669.780756][T28147] dump_stack+0x15/0x17 [ 2669.784720][T28147] should_fail+0x3c0/0x510 [ 2669.788968][T28147] should_fail_alloc_page+0x58/0x70 [ 2669.794005][T28147] __alloc_pages+0x1de/0x7c0 [ 2669.798434][T28147] ? __count_vm_events+0x30/0x30 [ 2669.803205][T28147] ? __kasan_check_read+0x11/0x20 [ 2669.808068][T28147] ? __vm_enough_memory+0x118/0x310 [ 2669.813108][T28147] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2669.818658][T28147] ? shmem_swapin_page+0x15c0/0x15c0 [ 2669.823777][T28147] ? xas_start+0x33d/0x410 [ 2669.828028][T28147] ? xas_load+0x2c7/0x2e0 [ 2669.832196][T28147] ? pagecache_get_page+0xcc8/0xdb0 [ 2669.837233][T28147] ? page_cache_prev_miss+0x430/0x430 [ 2669.842438][T28147] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2669.847834][T28147] ? lru_cache_add+0x273/0x530 [ 2669.852420][T28147] shmem_getpage_gfp+0x1487/0x25f0 [ 2669.857373][T28147] ? shmem_getpage+0xa0/0xa0 [ 2669.861794][T28147] ? fault_in_safe_writeable+0x240/0x240 [ 2669.867262][T28147] ? __kasan_check_write+0x14/0x20 [ 2669.872214][T28147] ? shmem_write_end+0x786/0x8a0 [ 2669.876983][T28147] shmem_write_begin+0xc8/0x1b0 [ 2669.881671][T28147] generic_perform_write+0x2cd/0x5d0 [ 2669.886792][T28147] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2669.892433][T28147] ? file_remove_privs+0x690/0x690 [ 2669.897482][T28147] ? __kasan_check_write+0x14/0x20 [ 2669.902427][T28147] ? down_write+0xdd/0x140 [ 2669.906698][T28147] __generic_file_write_iter+0x25b/0x4b0 [ 2669.912158][T28147] generic_file_write_iter+0xaf/0x1c0 [ 2669.917358][T28147] vfs_write+0xc8d/0x1050 [ 2669.921624][T28147] ? file_end_write+0x1b0/0x1b0 [ 2669.926306][T28147] ? __fget_files+0x310/0x370 [ 2669.930827][T28147] ? __fdget_pos+0x1fe/0x310 [ 2669.935244][T28147] ? ksys_write+0x77/0x2c0 [ 2669.939503][T28147] ksys_write+0x198/0x2c0 [ 2669.944011][T28147] ? __ia32_sys_read+0x90/0x90 [ 2669.948616][T28147] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2669.954517][T28147] __x64_sys_write+0x7b/0x90 [ 2669.958941][T28147] do_syscall_64+0x44/0xd0 [ 2669.963201][T28147] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2669.968924][T28147] RIP: 0033:0x7fcbd55afe4f [ 2669.973179][T28147] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2669.992622][T28147] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2670.000867][T28147] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2670.008677][T28147] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2670.016490][T28147] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2670.024303][T28147] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2670.032115][T28147] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2670.039931][T28147] [ 2670.042789][T28150] CPU: 1 PID: 28150 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2670.052863][T28150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2670.062756][T28150] Call Trace: [ 2670.065882][T28150] [ 2670.068658][T28150] dump_stack_lvl+0x151/0x1b7 [ 2670.073173][T28150] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2670.078467][T28150] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2670.083673][T28150] dump_stack+0x15/0x17 [ 2670.087665][T28150] should_fail+0x3c0/0x510 [ 2670.091933][T28150] should_fail_alloc_page+0x58/0x70 [ 2670.096952][T28150] __alloc_pages+0x1de/0x7c0 [ 2670.101393][T28150] ? __count_vm_events+0x30/0x30 [ 2670.106166][T28150] ? __kasan_check_read+0x11/0x20 [ 2670.111018][T28150] ? __vm_enough_memory+0x118/0x310 [ 2670.116056][T28150] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2670.121611][T28150] ? shmem_swapin_page+0x15c0/0x15c0 [ 2670.126730][T28150] ? xas_start+0x33d/0x410 [ 2670.130984][T28150] ? xas_load+0x2c7/0x2e0 [ 2670.135151][T28150] ? pagecache_get_page+0xcc8/0xdb0 [ 2670.140188][T28150] ? page_cache_prev_miss+0x430/0x430 [ 2670.145393][T28150] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2670.150770][T28150] ? lru_cache_add+0x273/0x530 [ 2670.155371][T28150] shmem_getpage_gfp+0x1487/0x25f0 [ 2670.160320][T28150] ? shmem_getpage+0xa0/0xa0 [ 2670.164760][T28150] ? fault_in_safe_writeable+0x240/0x240 [ 2670.170212][T28150] ? __kasan_check_write+0x14/0x20 [ 2670.175163][T28150] ? shmem_write_end+0x786/0x8a0 [ 2670.179946][T28150] shmem_write_begin+0xc8/0x1b0 [ 2670.184625][T28150] generic_perform_write+0x2cd/0x5d0 [ 2670.189752][T28150] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2670.195384][T28150] ? file_remove_privs+0x690/0x690 [ 2670.200333][T28150] ? __kasan_check_write+0x14/0x20 [ 2670.205280][T28150] ? down_write+0xdd/0x140 [ 2670.209624][T28150] __generic_file_write_iter+0x25b/0x4b0 [ 2670.215091][T28150] generic_file_write_iter+0xaf/0x1c0 [ 2670.220297][T28150] vfs_write+0xc8d/0x1050 [ 2670.224497][T28150] ? file_end_write+0x1b0/0x1b0 [ 2670.229322][T28150] ? __fget_files+0x310/0x370 [ 2670.233838][T28150] ? __fdget_pos+0x1fe/0x310 [ 2670.238264][T28150] ? ksys_write+0x77/0x2c0 [ 2670.242516][T28150] ksys_write+0x198/0x2c0 [ 2670.246683][T28150] ? __ia32_sys_read+0x90/0x90 [ 2670.251286][T28150] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2670.257204][T28150] __x64_sys_write+0x7b/0x90 [ 2670.261613][T28150] do_syscall_64+0x44/0xd0 [ 2670.265863][T28150] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2670.271592][T28150] RIP: 0033:0x7fb257acee4f [ 2670.275849][T28150] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2670.295294][T28150] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2670.303538][T28150] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2670.311354][T28150] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2670.319165][T28150] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 18:25:02 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 84) 18:25:02 executing program 2: syz_mount_image$exfat(&(0x7f0000000000), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[], 0xff, 0x14d6, &(0x7f0000002ac0)="$eJzs3AuUztX6OPD97L2/jGnS2yS37Gc/X9402CZJckmSS5IkIbknJE2SJEkMuSUhCblOksuYkFwGk8b9fsk9NDmSJMktt7D/a6pz/M7p/Jbf//zP7/ivNc9nrb1mP/N9n+fde541872sNe+P3YbXbFKrWkMiEv8K9dcJ/P4lWQgRI4QYJIS4SQgRCCHKxZeLzz6eR0Hyv/Qm7H9Jo9TrvQJ2PXH/czbuf87G/c/ZuP85G/c/Z+P+52zc/5yN+89YjpZW6GYeOXfw8/+cjM//ORv3P2fj/uds3P+cjfufs3H/czbuf87G/c/ZuP+M5Wj/HzyD5nEdB2OMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wx9h9w3l+lhRB/nV/vdTHGGGOMMcYYY+zfx+e+3itgjDHGGGOMMcbY/z4QUiihRSByidwiRuQRseIGESduFHnFTSIibhbx4haRT9wq8osCoqAoJAqL20QRYQQKK0iEoqgolkeI20VxcYdIECVESVFKOFFaJIo7RRlxlygr7hblxD2ivLhXVBAVRSVRWdwnqoj7RVXxgKgmHhTVRQ1RU9QSD4na4mFRRzwi6opHRT3xmKgvHhcNxBOioWgkGosnRRPxlGgqmonmooVoKVqJ1v9S/uuip3hD9BK9RbLoI/qKN0U/0V8MEAPFIPGWGCzeFkPEO2KoGCaGi3fFCPGeGCneF6PEaDFGfCDGinFivJggJopJIkV8KCaLj8QU8bGYKqaJ6WKGSBUzRZr4RMwSs8Uc8amYKz4T88R8sUAsFOlikVgslogM8blYKr4QmWKZWC5WiJVilVgt1oi1Yp1YLzaIjWKT2Cy2iK3iS7FNbBc7xE6xS+wWe8RXYq/YJ/aLr0WW+Ob/Mv/cP+R3BwECJEjQoCEX5IIYiIFYiIU4iIO8kBciEIF4iId8kA/yQ34oCAWhMBSGIlAEEBAICIpCUYhCFIpDcUiABCgJJcGBg0RIhDJwF5SFslAOykF5KA8VoCJUhMpQGapAFagKVaEaVIPqUB1qQk14CB6Ch6EO1IG6UBfqQT2oD/WhATSAhtAQGkNjaAJNoCk0hebQHFpCS2gNraENtIG20BbaQ3voAB2gI3SEJEiCTtAJOkNn6AJdoCt0hW7QDbrDa/AavA6vwxvwBvSG6rIP9IW+0A/6wQAYCAPhLRgMb8Pb8A4MhWEwHN6Fd+E9GAlnYRSMhjEwBqrIcTAeJgDJSZACKTAZJsMUmAJTYRpMgxmQCjMhDdJgFsyG2fApzIXP4DOYD/NhIaRDOiyGJZABGbAUzkEmLIPlsAJWwipYCWtgLayB9bAB1sMm2ARbYAt8CV/CdtgOO2En7Ibd8BV8BftgHwyFLMiCA3AADsJBOASH4DAchiNwBI7CUTgGx+A4HIcTcBJOwUk4A2fgLJyD83AeLsJFuASX4Apcyf7ll9m01DKXzCVjZIyMlbEyTsbJvDKvjMiIjJfxMp/MJ/PL/LKgLCgLy8KyiCwiUaIkGcqisqiMyqgsLovLBJkgS8qS0kknE2WiLCPLyLKyrCwn75Hl5b2ygqwo27nKsrKsItu7qvIBWU1Wk9VlDVlT1pK1ZG1ZW9aRdWRdWVfWk/Vkffm4bCD7wABoJLM700QOg6ZyODSXLWRL2Uq+B0/LNnIktJXtZHv5rBwNo6CjbOOS5AuykxwPneVLcgK8LLvKSdBNviq7y9dkD/m67Cnbul6yt5wKfWRfOQP6yf5ygBwoZ0ENmd2xmvIdOVQOk8Plu3IhvCdHyvflKDlajpEfyLFynBwvJ8iJcpJMkR/KyfIjOUV+LKfKaXK6nCFT5UyZJj+Rs+RsOUd+KufKz+Q8OV8ukAtlulwkF8slMkN+LpfKL2SmXCaXyxVypVwlV8s1cq1cJ9fLDXKj3CQ3yy1yq/xSbpPb5Q65U+6Su+Ue+ZXcK/fJ/fJrmSW/kQfkX+RB+a08JL+Th+X38oj8QR6VP8pj8id5XP4sT8iT8pQ8Lc/IX+RZeU6elxfkRfmrvCQvyyvSS6FASaWUVoHKpXKrGJVHxaobVJy6UeVVN6mIulnFq1tUPnWryq8KqIKqkCqsblNFlFGorCIVqqKqmIqq21VxdYdKUCVUSVVKOVVaJao7VRl1lyqr7lbl1D2qvLpXVVAVVSVVWd2nqqj7VVX1gKqmHlTVVQ1VU9VSD6na6mFVRz2i6qpHVT31mKqvHlcN1BOqoWqkGqsnVRP1lGqqmqnmqoVqqVqp1upp1UY9o9qqdqq9elZ1UM+pjup5laReUJ3Ui6qzekl1US+rruoV1U29qrqr11QPdVldUV71Ur1Vsuqj+qo3VT/VXw1QA9Ug9ZYarN5WQ9Q7aqgapoard9UI9Z4aqd5Xo9RoNUZ9oMaqcWq8mqAmqkkqRX2oJquP1BT1sZqqpqnpaoZKVTPVgD8qzfkf5H/0T/KH/PbuW9RW9aXaprarHWqn2qV2qz1qj9qr9qr9ar/KUlnqgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqvj6oQ6qS6o0+qM+kWdVefUOXVBXVQX1aU/fgZCg5Zaaa0DnUvn1jE6j47VN+g4faPOq2/SEX2zjte36Hz6Vp1fF9AFdSFdWN+mi2ijUVtNOtRFdTEd1bfr4voOnaBL6JK6lHa6tE7Ud/4/519rfa11a91Gt9FtdVvdXrfXHXQH3VF31Ek6SXfSnXRn3Vl30V10V91Vd9PddHfdXffQPXRP3VP30r10sk7WffWbup/urwfogXqQfksP1oP1ED1ED9VD9XA9XI/QI/RIPVKP0qP0GD1Gj9Vj9Xg9Xk/UE3WKTtGT9WQ9RU/RU/VUPV1P16k6VafpND1Lz9Jz9Bw9V8/V8/Q8vUAv0Ok6XS/Wi3WGztBL9VKdqZfpZXqFXqFX6VV6jV6j1+l1eoPeoDfpTTpTb9Vb9Ta9Te/QO/QuvUvv0Xv0Xr1X79f7dZbO0gf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9Al9Sp/SZ/QZfVaf1ef1eX1RX9SX9CV9RV/JvuwLZCADHeggV5AriAligtggNogL4oK8Qd4gEkSC+CA+yBfcGuQPCgQFg0JB4eC2oEhgAgxsQEEYFA2KBdHg9qB4cEeQEJQISgalAheUDhKDO4MywV1B2eDuoFxwT1A+uDeoEFQMKgWVg/uCKsH9QdXggaBa8GBQPagR1AxqBQ8FtYOHgzrBI0Hd4NGgXvBYUD94PGgQPBE0DBoFjYMngybBU0HToFnQPGgRtAxaBa3/rfW9P1vgGdfL9DbJpo/pa940/Ux/M8AMNIPMW2awedsMMe+YoWaYGW7eNSPMe2aked+MMqPNGPOBGWvGmfFmgploJpkU86GZbD4yU8zHZqqZZqabGSbVzDRp5hMzy8w2c8ynZq75zMwz880Cs9Ckm0VmsVliMsznZqn5wmSaZWa5WWFWmlVmtVlj1pp1Zr3ZYDaaTWaz2WK2mi/NNrPd7DA7zS6z2+wxX5m9Zp/Zb742WeYbc8D8xRw035pD5jtz2HxvjpgfzFHzozlmfjLHzc/mhDlpTpnT5oz5xZw158x5c8FcNL+aS+ayuWJ89sV99ukdNWrMhbkwBmMwFmMxDuMwL+bFCEYwHuMxH+bD/JgfC2JBLIyFsQgWwWyEhEWxKEYxisWxOCZgApbEkujQYSImYhksg2WxLJbDclgey2MFrICVsBLeh/fh/Xg/PoAP4IP4INbAGlgLa2FtrI11sA7WxbpYD+thfayPDbABNsSG2BgbYxNsgk2xKTbH5tgSW2JrbI1tsA22xbbYHttjB+yAHbEjJmESdsJO2Bk7Yxfsgl2xK3bDbtgdu2MP7IE9sSf2wl6YjMnYF/tiP+yHA3AADsJBOBgH4xAcgkNxKA7H4TgCR+BIHImjcDSOwQ9wLI7D8TgBJ+IkTMEUnIyTcQpOwak4FafjdEzFVEzDNJyFs3AOzsG5OBfn4TxcgAswHdNxMS7GDMzApbgUMzETl+NyXIkrcTWuxrW4FtfjetyIG3EzbsatuBW34TbcgTtwF+7CPbgH9+Je3I/7MQuz8AAewIN4EA/hITyMh/EIHsGjeBSP4TE8jsfxBJ7AU3gKz+AZPItn8Tyex4v4K17Cy3gFPcbYPDbW3mDj7I02r73J/mNc0Bayhe1ttog1Nr8t8HcxWmsTbAlb0payzpa2ifbOP8UVbEVbyVa299kq9n5b9U9xbfuwrWMfsXXto7aWfejv4nr2MVvfPmUb2Ga2oW1hG9tWtol9yja1zWxz28K2tK1sB/uc7Wift0n2BdvJvvineLFdYtfadXa93WD32n32vL1gj9of7UX7q+1le9tB9i072L5th9h37FA77E/xGPuBHWvH2fF2gp1oJ/0pnm5n2FQ706bZT+wsO/tPcbpdZOfaDDvPzrcL7MLf4uw1ZdjP7VL7hc20y+xyu8KutKvsarvmb2tdYTfZzXaL3WO/stvsdrvD7rS77O7f4ux97Ldf2yz7jT1if7AH7bf2kD1mD9vvf4uz93fM/mSP25/tCXvSnrKn7Rn7iz1rz/22/+y9n7aX7RXrrSAgSYo0BZSLclMM5aFYuoHi6EbKSzdRhG6meLqF8tGtlJ8KUEEqRIXpNipChpAsEYVUlIpRlG6n4nQHJVAJKkmlyFFpSqQ7qQzdRWXpbipH91B5upcqUEWqRJXpPqpC91NVeoCq0YNUnWpQTapFD1Ftepjq0CNUlx6levQY1afHqQE9QQ2pETWmJ6kJPUVNqRk1pxbUklpRa3qa2tAz1JbaUXt6ljrQc9SRnqckeoE60YvUmV6iLvQydaVXqBu9St3pNepBr1NPeoN6UW9Kpj7Ul96kftSfBtBAGkRv0WB6m4bQOzSUhtFwepdG0Hs0kt6nUTSaxtAHNJbG0XiaQBNpEqXQhzSZPqIp9DFNpWk0nWZQKs2kNPqEZtFsmkOf0lz6jObRfFpACymdFtFiWkIZ9DktpS8ok5bRclpBK2kVraY1tJbW0XraQBtpE22mLbSVvqRttJ120E7aRbtpD31Fe2kf7aevKYu+oQP0FzpI39Ih+o4O0/d0hH6go/QjHaOf6Dj9TCfoJJ2i03SGfqGzdI7O0wW6SL/SJbpMV8iTCCGUoQp1GIS5wtxhTJgnjA1vCOPCG8O84U1hJLw5jA9vCfOFt4b5wwJhwbBQWDi8LSwSmhBDG1IYhkXDYmE0vD0sHt4RJoQlwpJhqdCFpcPE8M6wTHhXWDa8OywX3hOWD+8NK4QVw0ph5fC+sEp4f1g1fCCsFj4YVg9rhDXDWuFDYe3w4bBO+EhYN3w0LBs+FtYPHw8bhE+EDcNGYePwybBJ+FTYNGwWNg9bhC3DVmHr8OmwTfhM2DZsF7YPnw07hM+FHcPnw6TwhbBT+OI1jyeHfcK+4Zvhm6H3j6gF0YXR9Oii6OLokmhG9PPo0ugX0czosujy6Iroyuiq6Oromuja6Lro+uiG6Mbopujm6Jao97VyCwdOOuW0C1wul9vFuDwu1t3g4tyNLq+7yUXczS7e3eLyuVtdflfAFXSFXGGX648nc9aRC11RV8xF3e2uuLvDJbgSrqQr5Zwr7RJdK9fatXZt3DOurWvn2rtn3bPuOfece949715wndyLrrN7yXVxL7uu7hX3invVdXevuR7uddfTveF6ud4u2SW7vq6v6+f6uQFugBvkBrnBbrAb4oa4oW6oG+6GuxFuhBvpRrpRbpQb48a4sW6sG+/Gu4luoktxKW6ym+ymuCluqpvqprvpLtWlujSX5ma5WW6Om+PmurlunpvnFrgFLt2lu8VusctwGW6pW+oyXaZb7pa7lW6lW+1Wu7VurVvv1ruNbqPb7Da7rW6r2+a2uR1uh9vldrk9bo/b6/a6/W6/y3JZ7oA74A66g+6Q+84ddt+7I+4Hd9T96I65n9xx97M74U66U+60O+N+cWfdOXfeXXAX3a/ukrvsrjjvUiIfRiZHPopMiXwcmRqZFpkemRFJjcyMpEU+icyKzI7MiXwamRv5LDIvMj+yILIwkh5ZFFkcWRLJiHweWRr5IpIZWRZZHlkRWRlZFfH+tm2hL+qL+ai/3Rf3d/gEX8KX9KW886V9or/Tl/F3+bL+bl/O3+PL+3t9BV/RV/LNfHPfwrf0rXxr/7Rv45/xbX07394/6zv453xH/7xP8i/4Tv5F39m/5Lv4l31X/4rv5l/13f1rvod/3ff0b/hevrdP9n18X/+m7+f7+wF+oB/k3/KD/dt+iH/HD/XD/HD/rh/h3/Mj/ft+lB/tx/gP/Fg/zo/3E/xEP8mn+A/9ZP+Rn+I/9lP9ND/dz/CpfqZP85/4WX62n+M/9XP9Z36en+8X+IU+3S/yi/0Sn+E/90v9Fz7TL/PL/Qq/0q/yq/0av9av8+v9Br/Rb/Kb/Ra/1X/pt/ntfoff6Xf53X6P/8rv9fv8fv+1z/Lf+AP+L/6g/9Yf8t/5w/57f8T/4I/6H/0x/5M/7n/2J/xJf8qf9mf8L/6sP+fP+wv+ov/VX/KX/RX+nzXGGGOMsf8RdY3jff7J9+QfI1tfIcSN2wsd/seaG/P/Pu8v93aKCCFe6N2t0V9Ho0bJycl/vDZTiaDYfCFE5Gr+b/c/f8TLRHvxnEgS7USZf7q+/rIS0DXqR+8RIva/5MSIq/HV+nf9N/WbLbpm/flCJBS7mpNHXI2v1i/739Tf3eEa9fN8myJE2/+SEyeuxlfrJ4pnxIsi6e9eyRhjjDHGGGOM/a6/vNj9Wve32ffnhXWev+XkFtnx7/Nr3Z8zxhhjjDHGGGPs+nv5tR7PP52U1K4LT3jCE578bXK9/zIxxhhjjDHG/t2uXvRf75UwxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGM513/i48Su9x4ZY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yx6+3/BAAA//9A82bR") rename(&(0x7f0000000080)='./file2\x00', &(0x7f0000000100)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 18:25:02 executing program 3: r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980)}}], 0x400000000000172, 0x4000000) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x24008000) 18:25:02 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 90) [ 2670.326972][T28150] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2670.334782][T28150] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2670.342607][T28150] [ 2670.407484][T28157] loop2: detected capacity change from 0 to 256 [ 2670.424597][T28158] FAULT_INJECTION: forcing a failure. [ 2670.424597][T28158] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2670.437524][T28158] CPU: 0 PID: 28158 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2670.447536][T28158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2670.457424][T28158] Call Trace: [ 2670.460548][T28158] [ 2670.462470][T28157] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf5cbb909, utbl_chksum : 0xe619d30d) [ 2670.463323][T28158] dump_stack_lvl+0x151/0x1b7 [ 2670.479830][T28158] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2670.485126][T28158] ? __kasan_check_read+0x11/0x20 [ 2670.486503][ T30] kauditd_printk_skb: 19 callbacks suppressed 18:25:02 executing program 2: syz_mount_image$exfat(&(0x7f0000000000), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[], 0xff, 0x14d6, &(0x7f0000002ac0)="$eJzs3AuUztX6OPD97L2/jGnS2yS37Gc/X9402CZJckmSS5IkIbknJE2SJEkMuSUhCblOksuYkFwGk8b9fsk9NDmSJMktt7D/a6pz/M7p/Jbf//zP7/ivNc9nrb1mP/N9n+fde541872sNe+P3YbXbFKrWkMiEv8K9dcJ/P4lWQgRI4QYJIS4SQgRCCHKxZeLzz6eR0Hyv/Qm7H9Jo9TrvQJ2PXH/czbuf87G/c/ZuP85G/c/Z+P+52zc/5yN+89YjpZW6GYeOXfw8/+cjM//ORv3P2fj/uds3P+cjfufs3H/czbuf87G/c/ZuP+M5Wj/HzyD5nEdB2OMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wx9h9w3l+lhRB/nV/vdTHGGGOMMcYYY+zfx+e+3itgjDHGGGOMMcbY/z4QUiihRSByidwiRuQRseIGESduFHnFTSIibhbx4haRT9wq8osCoqAoJAqL20QRYQQKK0iEoqgolkeI20VxcYdIECVESVFKOFFaJIo7RRlxlygr7hblxD2ivLhXVBAVRSVRWdwnqoj7RVXxgKgmHhTVRQ1RU9QSD4na4mFRRzwi6opHRT3xmKgvHhcNxBOioWgkGosnRRPxlGgqmonmooVoKVqJ1v9S/uuip3hD9BK9RbLoI/qKN0U/0V8MEAPFIPGWGCzeFkPEO2KoGCaGi3fFCPGeGCneF6PEaDFGfCDGinFivJggJopJIkV8KCaLj8QU8bGYKqaJ6WKGSBUzRZr4RMwSs8Uc8amYKz4T88R8sUAsFOlikVgslogM8blYKr4QmWKZWC5WiJVilVgt1oi1Yp1YLzaIjWKT2Cy2iK3iS7FNbBc7xE6xS+wWe8RXYq/YJ/aLr0WW+Ob/Mv/cP+R3BwECJEjQoCEX5IIYiIFYiIU4iIO8kBciEIF4iId8kA/yQ34oCAWhMBSGIlAEEBAICIpCUYhCFIpDcUiABCgJJcGBg0RIhDJwF5SFslAOykF5KA8VoCJUhMpQGapAFagKVaEaVIPqUB1qQk14CB6Ch6EO1IG6UBfqQT2oD/WhATSAhtAQGkNjaAJNoCk0hebQHFpCS2gNraENtIG20BbaQ3voAB2gI3SEJEiCTtAJOkNn6AJdoCt0hW7QDbrDa/AavA6vwxvwBvSG6rIP9IW+0A/6wQAYCAPhLRgMb8Pb8A4MhWEwHN6Fd+E9GAlnYRSMhjEwBqrIcTAeJgDJSZACKTAZJsMUmAJTYRpMgxmQCjMhDdJgFsyG2fApzIXP4DOYD/NhIaRDOiyGJZABGbAUzkEmLIPlsAJWwipYCWtgLayB9bAB1sMm2ARbYAt8CV/CdtgOO2En7Ibd8BV8BftgHwyFLMiCA3AADsJBOASH4DAchiNwBI7CUTgGx+A4HIcTcBJOwUk4A2fgLJyD83AeLsJFuASX4Apcyf7ll9m01DKXzCVjZIyMlbEyTsbJvDKvjMiIjJfxMp/MJ/PL/LKgLCgLy8KyiCwiUaIkGcqisqiMyqgsLovLBJkgS8qS0kknE2WiLCPLyLKyrCwn75Hl5b2ygqwo27nKsrKsItu7qvIBWU1Wk9VlDVlT1pK1ZG1ZW9aRdWRdWVfWk/Vkffm4bCD7wABoJLM700QOg6ZyODSXLWRL2Uq+B0/LNnIktJXtZHv5rBwNo6CjbOOS5AuykxwPneVLcgK8LLvKSdBNviq7y9dkD/m67Cnbul6yt5wKfWRfOQP6yf5ygBwoZ0ENmd2xmvIdOVQOk8Plu3IhvCdHyvflKDlajpEfyLFynBwvJ8iJcpJMkR/KyfIjOUV+LKfKaXK6nCFT5UyZJj+Rs+RsOUd+KufKz+Q8OV8ukAtlulwkF8slMkN+LpfKL2SmXCaXyxVypVwlV8s1cq1cJ9fLDXKj3CQ3yy1yq/xSbpPb5Q65U+6Su+Ue+ZXcK/fJ/fJrmSW/kQfkX+RB+a08JL+Th+X38oj8QR6VP8pj8id5XP4sT8iT8pQ8Lc/IX+RZeU6elxfkRfmrvCQvyyvSS6FASaWUVoHKpXKrGJVHxaobVJy6UeVVN6mIulnFq1tUPnWryq8KqIKqkCqsblNFlFGorCIVqqKqmIqq21VxdYdKUCVUSVVKOVVaJao7VRl1lyqr7lbl1D2qvLpXVVAVVSVVWd2nqqj7VVX1gKqmHlTVVQ1VU9VSD6na6mFVRz2i6qpHVT31mKqvHlcN1BOqoWqkGqsnVRP1lGqqmqnmqoVqqVqp1upp1UY9o9qqdqq9elZ1UM+pjup5laReUJ3Ui6qzekl1US+rruoV1U29qrqr11QPdVldUV71Ur1Vsuqj+qo3VT/VXw1QA9Ug9ZYarN5WQ9Q7aqgapoard9UI9Z4aqd5Xo9RoNUZ9oMaqcWq8mqAmqkkqRX2oJquP1BT1sZqqpqnpaoZKVTPVgD8qzfkf5H/0T/KH/PbuW9RW9aXaprarHWqn2qV2qz1qj9qr9qr9ar/KUlnqgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqvj6oQ6qS6o0+qM+kWdVefUOXVBXVQX1aU/fgZCg5Zaaa0DnUvn1jE6j47VN+g4faPOq2/SEX2zjte36Hz6Vp1fF9AFdSFdWN+mi2ijUVtNOtRFdTEd1bfr4voOnaBL6JK6lHa6tE7Ud/4/519rfa11a91Gt9FtdVvdXrfXHXQH3VF31Ek6SXfSnXRn3Vl30V10V91Vd9PddHfdXffQPXRP3VP30r10sk7WffWbup/urwfogXqQfksP1oP1ED1ED9VD9XA9XI/QI/RIPVKP0qP0GD1Gj9Vj9Xg9Xk/UE3WKTtGT9WQ9RU/RU/VUPV1P16k6VafpND1Lz9Jz9Bw9V8/V8/Q8vUAv0Ok6XS/Wi3WGztBL9VKdqZfpZXqFXqFX6VV6jV6j1+l1eoPeoDfpTTpTb9Vb9Ta9Te/QO/QuvUvv0Xv0Xr1X79f7dZbO0gf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9Al9Sp/SZ/QZfVaf1ef1eX1RX9SX9CV9RV/JvuwLZCADHeggV5AriAligtggNogL4oK8Qd4gEkSC+CA+yBfcGuQPCgQFg0JB4eC2oEhgAgxsQEEYFA2KBdHg9qB4cEeQEJQISgalAheUDhKDO4MywV1B2eDuoFxwT1A+uDeoEFQMKgWVg/uCKsH9QdXggaBa8GBQPagR1AxqBQ8FtYOHgzrBI0Hd4NGgXvBYUD94PGgQPBE0DBoFjYMngybBU0HToFnQPGgRtAxaBa3/rfW9P1vgGdfL9DbJpo/pa940/Ux/M8AMNIPMW2awedsMMe+YoWaYGW7eNSPMe2aked+MMqPNGPOBGWvGmfFmgploJpkU86GZbD4yU8zHZqqZZqabGSbVzDRp5hMzy8w2c8ynZq75zMwz880Cs9Ckm0VmsVliMsznZqn5wmSaZWa5WWFWmlVmtVlj1pp1Zr3ZYDaaTWaz2WK2mi/NNrPd7DA7zS6z2+wxX5m9Zp/Zb742WeYbc8D8xRw035pD5jtz2HxvjpgfzFHzozlmfjLHzc/mhDlpTpnT5oz5xZw158x5c8FcNL+aS+ayuWJ89sV99ukdNWrMhbkwBmMwFmMxDuMwL+bFCEYwHuMxH+bD/JgfC2JBLIyFsQgWwWyEhEWxKEYxisWxOCZgApbEkujQYSImYhksg2WxLJbDclgey2MFrICVsBLeh/fh/Xg/PoAP4IP4INbAGlgLa2FtrI11sA7WxbpYD+thfayPDbABNsSG2BgbYxNsgk2xKTbH5tgSW2JrbI1tsA22xbbYHttjB+yAHbEjJmESdsJO2Bk7Yxfsgl2xK3bDbtgdu2MP7IE9sSf2wl6YjMnYF/tiP+yHA3AADsJBOBgH4xAcgkNxKA7H4TgCR+BIHImjcDSOwQ9wLI7D8TgBJ+IkTMEUnIyTcQpOwak4FafjdEzFVEzDNJyFs3AOzsG5OBfn4TxcgAswHdNxMS7GDMzApbgUMzETl+NyXIkrcTWuxrW4FtfjetyIG3EzbsatuBW34TbcgTtwF+7CPbgH9+Je3I/7MQuz8AAewIN4EA/hITyMh/EIHsGjeBSP4TE8jsfxBJ7AU3gKz+AZPItn8Tyex4v4K17Cy3gFPcbYPDbW3mDj7I02r73J/mNc0Bayhe1ttog1Nr8t8HcxWmsTbAlb0payzpa2ifbOP8UVbEVbyVa299kq9n5b9U9xbfuwrWMfsXXto7aWfejv4nr2MVvfPmUb2Ga2oW1hG9tWtol9yja1zWxz28K2tK1sB/uc7Wift0n2BdvJvvineLFdYtfadXa93WD32n32vL1gj9of7UX7q+1le9tB9i072L5th9h37FA77E/xGPuBHWvH2fF2gp1oJ/0pnm5n2FQ706bZT+wsO/tPcbpdZOfaDDvPzrcL7MLf4uw1ZdjP7VL7hc20y+xyu8KutKvsarvmb2tdYTfZzXaL3WO/stvsdrvD7rS77O7f4ux97Ldf2yz7jT1if7AH7bf2kD1mD9vvf4uz93fM/mSP25/tCXvSnrKn7Rn7iz1rz/22/+y9n7aX7RXrrSAgSYo0BZSLclMM5aFYuoHi6EbKSzdRhG6meLqF8tGtlJ8KUEEqRIXpNipChpAsEYVUlIpRlG6n4nQHJVAJKkmlyFFpSqQ7qQzdRWXpbipH91B5upcqUEWqRJXpPqpC91NVeoCq0YNUnWpQTapFD1Ftepjq0CNUlx6levQY1afHqQE9QQ2pETWmJ6kJPUVNqRk1pxbUklpRa3qa2tAz1JbaUXt6ljrQc9SRnqckeoE60YvUmV6iLvQydaVXqBu9St3pNepBr1NPeoN6UW9Kpj7Ul96kftSfBtBAGkRv0WB6m4bQOzSUhtFwepdG0Hs0kt6nUTSaxtAHNJbG0XiaQBNpEqXQhzSZPqIp9DFNpWk0nWZQKs2kNPqEZtFsmkOf0lz6jObRfFpACymdFtFiWkIZ9DktpS8ok5bRclpBK2kVraY1tJbW0XraQBtpE22mLbSVvqRttJ120E7aRbtpD31Fe2kf7aevKYu+oQP0FzpI39Ih+o4O0/d0hH6go/QjHaOf6Dj9TCfoJJ2i03SGfqGzdI7O0wW6SL/SJbpMV8iTCCGUoQp1GIS5wtxhTJgnjA1vCOPCG8O84U1hJLw5jA9vCfOFt4b5wwJhwbBQWDi8LSwSmhBDG1IYhkXDYmE0vD0sHt4RJoQlwpJhqdCFpcPE8M6wTHhXWDa8OywX3hOWD+8NK4QVw0ph5fC+sEp4f1g1fCCsFj4YVg9rhDXDWuFDYe3w4bBO+EhYN3w0LBs+FtYPHw8bhE+EDcNGYePwybBJ+FTYNGwWNg9bhC3DVmHr8OmwTfhM2DZsF7YPnw07hM+FHcPnw6TwhbBT+OI1jyeHfcK+4Zvhm6H3j6gF0YXR9Oii6OLokmhG9PPo0ugX0czosujy6Iroyuiq6Oromuja6Lro+uiG6Mbopujm6Jao97VyCwdOOuW0C1wul9vFuDwu1t3g4tyNLq+7yUXczS7e3eLyuVtdflfAFXSFXGGX648nc9aRC11RV8xF3e2uuLvDJbgSrqQr5Zwr7RJdK9fatXZt3DOurWvn2rtn3bPuOfece949715wndyLrrN7yXVxL7uu7hX3invVdXevuR7uddfTveF6ud4u2SW7vq6v6+f6uQFugBvkBrnBbrAb4oa4oW6oG+6GuxFuhBvpRrpRbpQb48a4sW6sG+/Gu4luoktxKW6ym+ymuCluqpvqprvpLtWlujSX5ma5WW6Om+PmurlunpvnFrgFLt2lu8VusctwGW6pW+oyXaZb7pa7lW6lW+1Wu7VurVvv1ruNbqPb7Da7rW6r2+a2uR1uh9vldrk9bo/b6/a6/W6/y3JZ7oA74A66g+6Q+84ddt+7I+4Hd9T96I65n9xx97M74U66U+60O+N+cWfdOXfeXXAX3a/ukrvsrjjvUiIfRiZHPopMiXwcmRqZFpkemRFJjcyMpEU+icyKzI7MiXwamRv5LDIvMj+yILIwkh5ZFFkcWRLJiHweWRr5IpIZWRZZHlkRWRlZFfH+tm2hL+qL+ai/3Rf3d/gEX8KX9KW886V9or/Tl/F3+bL+bl/O3+PL+3t9BV/RV/LNfHPfwrf0rXxr/7Rv45/xbX07394/6zv453xH/7xP8i/4Tv5F39m/5Lv4l31X/4rv5l/13f1rvod/3ff0b/hevrdP9n18X/+m7+f7+wF+oB/k3/KD/dt+iH/HD/XD/HD/rh/h3/Mj/ft+lB/tx/gP/Fg/zo/3E/xEP8mn+A/9ZP+Rn+I/9lP9ND/dz/CpfqZP85/4WX62n+M/9XP9Z36en+8X+IU+3S/yi/0Sn+E/90v9Fz7TL/PL/Qq/0q/yq/0av9av8+v9Br/Rb/Kb/Ra/1X/pt/ntfoff6Xf53X6P/8rv9fv8fv+1z/Lf+AP+L/6g/9Yf8t/5w/57f8T/4I/6H/0x/5M/7n/2J/xJf8qf9mf8L/6sP+fP+wv+ov/VX/KX/RX+nzXGGGOMsf8RdY3jff7J9+QfI1tfIcSN2wsd/seaG/P/Pu8v93aKCCFe6N2t0V9Ho0bJycl/vDZTiaDYfCFE5Gr+b/c/f8TLRHvxnEgS7USZf7q+/rIS0DXqR+8RIva/5MSIq/HV+nf9N/WbLbpm/flCJBS7mpNHXI2v1i/739Tf3eEa9fN8myJE2/+SEyeuxlfrJ4pnxIsi6e9eyRhjjDHGGGOM/a6/vNj9Wve32ffnhXWev+XkFtnx7/Nr3Z8zxhhjjDHGGGPs+nv5tR7PP52U1K4LT3jCE578bXK9/zIxxhhjjDHG/t2uXvRf75UwxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGM513/i48Su9x4ZY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yx6+3/BAAA//9A82bR") rename(&(0x7f0000000080)='./file2\x00', &(0x7f0000000100)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 18:25:02 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000012100000000000000c04850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000001c0)='module_request\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_DEL_PMKSA(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x1c, 0x0, 0xb1c8bde1c61eeefc, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), r1) syz_genetlink_get_family_id$team(&(0x7f0000000080), r1) 18:25:02 executing program 3: r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980)}}], 0x400000000000172, 0x4000000) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x24008000) [ 2670.486514][ T30] audit: type=1400 audit(1673979902.319:825): avc: denied { rename } for pid=28155 comm="syz-executor.2" name="file2" dev="loop2" ino=1049382 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 2670.489979][T28158] dump_stack+0x15/0x17 [ 2670.490001][T28158] should_fail+0x3c0/0x510 [ 2670.490016][T28158] should_fail_usercopy+0x1a/0x20 [ 2670.490028][T28158] copy_page_from_iter_atomic+0x433/0x11c0 [ 2670.490045][T28158] ? pipe_zero+0x4d0/0x4d0 [ 2670.490059][T28158] ? __kasan_check_write+0x14/0x20 [ 2670.546665][T28158] ? shmem_write_end+0x786/0x8a0 [ 2670.551436][T28158] generic_perform_write+0x343/0x5d0 [ 2670.556563][T28158] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2670.562204][T28158] ? file_remove_privs+0x690/0x690 [ 2670.567150][T28158] ? __kasan_check_write+0x14/0x20 [ 2670.572095][T28158] ? down_write+0xdd/0x140 [ 2670.576349][T28158] __generic_file_write_iter+0x25b/0x4b0 [ 2670.581816][T28158] generic_file_write_iter+0xaf/0x1c0 [ 2670.587025][T28158] vfs_write+0xc8d/0x1050 [ 2670.591187][T28158] ? file_end_write+0x1b0/0x1b0 [ 2670.595874][T28158] ? __fget_files+0x310/0x370 [ 2670.600387][T28158] ? __fdget_pos+0x1fe/0x310 [ 2670.604823][T28158] ? ksys_write+0x77/0x2c0 [ 2670.609066][T28158] ksys_write+0x198/0x2c0 [ 2670.613406][T28158] ? __ia32_sys_read+0x90/0x90 [ 2670.618008][T28158] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2670.623922][T28158] __x64_sys_write+0x7b/0x90 [ 2670.628339][T28158] do_syscall_64+0x44/0xd0 [ 2670.632589][T28158] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2670.638323][T28158] RIP: 0033:0x7fcbd55afe4f [ 2670.642573][T28158] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2670.662103][T28158] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2670.670349][T28158] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2670.678160][T28158] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2670.685972][T28158] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2670.693790][T28158] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 18:25:02 executing program 3: r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980)}}], 0x400000000000172, 0x4000000) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x24008000) [ 2670.701594][T28158] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2670.709417][T28158] [ 2670.720097][T28166] loop1: detected capacity change from 0 to 16 [ 2670.730609][T28166] FAULT_INJECTION: forcing a failure. [ 2670.730609][T28166] name failslab, interval 1, probability 0, space 0, times 0 [ 2670.745305][T28166] CPU: 0 PID: 28166 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2670.755366][T28166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2670.765263][T28166] Call Trace: [ 2670.768387][T28166] [ 2670.771166][T28166] dump_stack_lvl+0x151/0x1b7 [ 2670.775679][T28166] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2670.780975][T28166] dump_stack+0x15/0x17 [ 2670.784964][T28166] should_fail+0x3c0/0x510 [ 2670.789218][T28166] __should_failslab+0x9f/0xe0 [ 2670.793823][T28166] should_failslab+0x9/0x20 [ 2670.798160][T28166] kmem_cache_alloc+0x4f/0x2f0 [ 2670.802760][T28166] ? from_kuid_munged+0x7b0/0x7b0 [ 2670.807629][T28166] ? security_inode_alloc+0x29/0x140 [ 2670.812746][T28166] security_inode_alloc+0x29/0x140 [ 2670.817689][T28166] inode_init_always+0x717/0x960 [ 2670.822464][T28166] ? erofs_getattr+0x120/0x120 [ 2670.827063][T28166] ? erofs_ilookup_test_actor+0x70/0x70 [ 2670.832446][T28166] iget5_locked+0xe5/0x280 [ 2670.836698][T28166] ? erofs_ilookup_test_actor+0x70/0x70 [ 2670.842080][T28166] erofs_iget+0xae/0x1b0 [ 2670.846159][T28166] ? erofs_inode_init_once+0x20/0x20 [ 2670.851287][T28166] erofs_fc_fill_super+0x7a7/0x1180 [ 2670.856328][T28166] get_tree_bdev+0x441/0x680 [ 2670.860749][T28166] ? erofs_release_device_info+0x90/0x90 [ 2670.866209][T28166] erofs_fc_get_tree+0x1c/0x20 [ 2670.870811][T28166] vfs_get_tree+0x88/0x290 [ 2670.875061][T28166] do_new_mount+0x289/0xad0 [ 2670.879398][T28166] ? do_move_mount_old+0x160/0x160 [ 2670.884345][T28166] ? security_capable+0xb2/0xd0 [ 2670.889035][T28166] ? ns_capable+0x8a/0xf0 [ 2670.893200][T28166] path_mount+0x60b/0x1050 [ 2670.897460][T28166] __se_sys_mount+0x2d2/0x3c0 [ 2670.901968][T28166] ? __x64_sys_mount+0xd0/0xd0 [ 2670.906566][T28166] __x64_sys_mount+0xbf/0xd0 [ 2670.911166][T28166] do_syscall_64+0x44/0xd0 [ 2670.915421][T28166] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2670.921151][T28166] RIP: 0033:0x7fc55e52a5fa [ 2670.925491][T28166] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2670.945066][T28166] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 18:25:02 executing program 3: r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980)}}], 0x400000000000172, 0x4000000) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x24008000) [ 2670.953292][T28166] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2670.961099][T28166] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2670.968913][T28166] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 [ 2670.976724][T28166] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2670.984533][T28166] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2670.992355][T28166] [ 2670.997029][T28170] loop2: detected capacity change from 0 to 256 18:25:02 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 94) [ 2671.012249][T28170] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf5cbb909, utbl_chksum : 0xe619d30d) [ 2671.026056][T28158] loop4: detected capacity change from 0 to 512 [ 2671.043854][T28174] FAULT_INJECTION: forcing a failure. [ 2671.043854][T28174] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2671.056777][T28174] CPU: 0 PID: 28174 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2671.066777][T28174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2671.076674][T28174] Call Trace: [ 2671.079798][T28174] [ 2671.082573][T28174] dump_stack_lvl+0x151/0x1b7 [ 2671.087091][T28174] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2671.092396][T28174] ? __kasan_check_read+0x11/0x20 [ 2671.097246][T28174] dump_stack+0x15/0x17 [ 2671.101240][T28174] should_fail+0x3c0/0x510 [ 2671.105489][T28174] should_fail_usercopy+0x1a/0x20 [ 2671.110350][T28174] copy_page_from_iter_atomic+0x433/0x11c0 [ 2671.116012][T28174] ? pipe_zero+0x4d0/0x4d0 [ 2671.120246][T28174] ? __kasan_check_write+0x14/0x20 [ 2671.125194][T28174] ? shmem_write_end+0x786/0x8a0 [ 2671.129967][T28174] generic_perform_write+0x343/0x5d0 [ 2671.135090][T28174] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2671.140732][T28174] ? file_remove_privs+0x690/0x690 [ 2671.145691][T28174] ? __kasan_check_write+0x14/0x20 [ 2671.150634][T28174] ? down_write+0xdd/0x140 [ 2671.154879][T28174] __generic_file_write_iter+0x25b/0x4b0 18:25:03 executing program 2: syz_mount_image$exfat(&(0x7f0000000000), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[], 0xff, 0x14d6, &(0x7f0000002ac0)="$eJzs3AuUztX6OPD97L2/jGnS2yS37Gc/X9402CZJckmSS5IkIbknJE2SJEkMuSUhCblOksuYkFwGk8b9fsk9NDmSJMktt7D/a6pz/M7p/Jbf//zP7/ivNc9nrb1mP/N9n+fde541872sNe+P3YbXbFKrWkMiEv8K9dcJ/P4lWQgRI4QYJIS4SQgRCCHKxZeLzz6eR0Hyv/Qm7H9Jo9TrvQJ2PXH/czbuf87G/c/ZuP85G/c/Z+P+52zc/5yN+89YjpZW6GYeOXfw8/+cjM//ORv3P2fj/uds3P+cjfufs3H/czbuf87G/c/ZuP+M5Wj/HzyD5nEdB2OMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wx9h9w3l+lhRB/nV/vdTHGGGOMMcYYY+zfx+e+3itgjDHGGGOMMcbY/z4QUiihRSByidwiRuQRseIGESduFHnFTSIibhbx4haRT9wq8osCoqAoJAqL20QRYQQKK0iEoqgolkeI20VxcYdIECVESVFKOFFaJIo7RRlxlygr7hblxD2ivLhXVBAVRSVRWdwnqoj7RVXxgKgmHhTVRQ1RU9QSD4na4mFRRzwi6opHRT3xmKgvHhcNxBOioWgkGosnRRPxlGgqmonmooVoKVqJ1v9S/uuip3hD9BK9RbLoI/qKN0U/0V8MEAPFIPGWGCzeFkPEO2KoGCaGi3fFCPGeGCneF6PEaDFGfCDGinFivJggJopJIkV8KCaLj8QU8bGYKqaJ6WKGSBUzRZr4RMwSs8Uc8amYKz4T88R8sUAsFOlikVgslogM8blYKr4QmWKZWC5WiJVilVgt1oi1Yp1YLzaIjWKT2Cy2iK3iS7FNbBc7xE6xS+wWe8RXYq/YJ/aLr0WW+Ob/Mv/cP+R3BwECJEjQoCEX5IIYiIFYiIU4iIO8kBciEIF4iId8kA/yQ34oCAWhMBSGIlAEEBAICIpCUYhCFIpDcUiABCgJJcGBg0RIhDJwF5SFslAOykF5KA8VoCJUhMpQGapAFagKVaEaVIPqUB1qQk14CB6Ch6EO1IG6UBfqQT2oD/WhATSAhtAQGkNjaAJNoCk0hebQHFpCS2gNraENtIG20BbaQ3voAB2gI3SEJEiCTtAJOkNn6AJdoCt0hW7QDbrDa/AavA6vwxvwBvSG6rIP9IW+0A/6wQAYCAPhLRgMb8Pb8A4MhWEwHN6Fd+E9GAlnYRSMhjEwBqrIcTAeJgDJSZACKTAZJsMUmAJTYRpMgxmQCjMhDdJgFsyG2fApzIXP4DOYD/NhIaRDOiyGJZABGbAUzkEmLIPlsAJWwipYCWtgLayB9bAB1sMm2ARbYAt8CV/CdtgOO2En7Ibd8BV8BftgHwyFLMiCA3AADsJBOASH4DAchiNwBI7CUTgGx+A4HIcTcBJOwUk4A2fgLJyD83AeLsJFuASX4Apcyf7ll9m01DKXzCVjZIyMlbEyTsbJvDKvjMiIjJfxMp/MJ/PL/LKgLCgLy8KyiCwiUaIkGcqisqiMyqgsLovLBJkgS8qS0kknE2WiLCPLyLKyrCwn75Hl5b2ygqwo27nKsrKsItu7qvIBWU1Wk9VlDVlT1pK1ZG1ZW9aRdWRdWVfWk/Vkffm4bCD7wABoJLM700QOg6ZyODSXLWRL2Uq+B0/LNnIktJXtZHv5rBwNo6CjbOOS5AuykxwPneVLcgK8LLvKSdBNviq7y9dkD/m67Cnbul6yt5wKfWRfOQP6yf5ygBwoZ0ENmd2xmvIdOVQOk8Plu3IhvCdHyvflKDlajpEfyLFynBwvJ8iJcpJMkR/KyfIjOUV+LKfKaXK6nCFT5UyZJj+Rs+RsOUd+KufKz+Q8OV8ukAtlulwkF8slMkN+LpfKL2SmXCaXyxVypVwlV8s1cq1cJ9fLDXKj3CQ3yy1yq/xSbpPb5Q65U+6Su+Ue+ZXcK/fJ/fJrmSW/kQfkX+RB+a08JL+Th+X38oj8QR6VP8pj8id5XP4sT8iT8pQ8Lc/IX+RZeU6elxfkRfmrvCQvyyvSS6FASaWUVoHKpXKrGJVHxaobVJy6UeVVN6mIulnFq1tUPnWryq8KqIKqkCqsblNFlFGorCIVqqKqmIqq21VxdYdKUCVUSVVKOVVaJao7VRl1lyqr7lbl1D2qvLpXVVAVVSVVWd2nqqj7VVX1gKqmHlTVVQ1VU9VSD6na6mFVRz2i6qpHVT31mKqvHlcN1BOqoWqkGqsnVRP1lGqqmqnmqoVqqVqp1upp1UY9o9qqdqq9elZ1UM+pjup5laReUJ3Ui6qzekl1US+rruoV1U29qrqr11QPdVldUV71Ur1Vsuqj+qo3VT/VXw1QA9Ug9ZYarN5WQ9Q7aqgapoard9UI9Z4aqd5Xo9RoNUZ9oMaqcWq8mqAmqkkqRX2oJquP1BT1sZqqpqnpaoZKVTPVgD8qzfkf5H/0T/KH/PbuW9RW9aXaprarHWqn2qV2qz1qj9qr9qr9ar/KUlnqgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqvj6oQ6qS6o0+qM+kWdVefUOXVBXVQX1aU/fgZCg5Zaaa0DnUvn1jE6j47VN+g4faPOq2/SEX2zjte36Hz6Vp1fF9AFdSFdWN+mi2ijUVtNOtRFdTEd1bfr4voOnaBL6JK6lHa6tE7Ud/4/519rfa11a91Gt9FtdVvdXrfXHXQH3VF31Ek6SXfSnXRn3Vl30V10V91Vd9PddHfdXffQPXRP3VP30r10sk7WffWbup/urwfogXqQfksP1oP1ED1ED9VD9XA9XI/QI/RIPVKP0qP0GD1Gj9Vj9Xg9Xk/UE3WKTtGT9WQ9RU/RU/VUPV1P16k6VafpND1Lz9Jz9Bw9V8/V8/Q8vUAv0Ok6XS/Wi3WGztBL9VKdqZfpZXqFXqFX6VV6jV6j1+l1eoPeoDfpTTpTb9Vb9Ta9Te/QO/QuvUvv0Xv0Xr1X79f7dZbO0gf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9Al9Sp/SZ/QZfVaf1ef1eX1RX9SX9CV9RV/JvuwLZCADHeggV5AriAligtggNogL4oK8Qd4gEkSC+CA+yBfcGuQPCgQFg0JB4eC2oEhgAgxsQEEYFA2KBdHg9qB4cEeQEJQISgalAheUDhKDO4MywV1B2eDuoFxwT1A+uDeoEFQMKgWVg/uCKsH9QdXggaBa8GBQPagR1AxqBQ8FtYOHgzrBI0Hd4NGgXvBYUD94PGgQPBE0DBoFjYMngybBU0HToFnQPGgRtAxaBa3/rfW9P1vgGdfL9DbJpo/pa940/Ux/M8AMNIPMW2awedsMMe+YoWaYGW7eNSPMe2aked+MMqPNGPOBGWvGmfFmgploJpkU86GZbD4yU8zHZqqZZqabGSbVzDRp5hMzy8w2c8ynZq75zMwz880Cs9Ckm0VmsVliMsznZqn5wmSaZWa5WWFWmlVmtVlj1pp1Zr3ZYDaaTWaz2WK2mi/NNrPd7DA7zS6z2+wxX5m9Zp/Zb742WeYbc8D8xRw035pD5jtz2HxvjpgfzFHzozlmfjLHzc/mhDlpTpnT5oz5xZw158x5c8FcNL+aS+ayuWJ89sV99ukdNWrMhbkwBmMwFmMxDuMwL+bFCEYwHuMxH+bD/JgfC2JBLIyFsQgWwWyEhEWxKEYxisWxOCZgApbEkujQYSImYhksg2WxLJbDclgey2MFrICVsBLeh/fh/Xg/PoAP4IP4INbAGlgLa2FtrI11sA7WxbpYD+thfayPDbABNsSG2BgbYxNsgk2xKTbH5tgSW2JrbI1tsA22xbbYHttjB+yAHbEjJmESdsJO2Bk7Yxfsgl2xK3bDbtgdu2MP7IE9sSf2wl6YjMnYF/tiP+yHA3AADsJBOBgH4xAcgkNxKA7H4TgCR+BIHImjcDSOwQ9wLI7D8TgBJ+IkTMEUnIyTcQpOwak4FafjdEzFVEzDNJyFs3AOzsG5OBfn4TxcgAswHdNxMS7GDMzApbgUMzETl+NyXIkrcTWuxrW4FtfjetyIG3EzbsatuBW34TbcgTtwF+7CPbgH9+Je3I/7MQuz8AAewIN4EA/hITyMh/EIHsGjeBSP4TE8jsfxBJ7AU3gKz+AZPItn8Tyex4v4K17Cy3gFPcbYPDbW3mDj7I02r73J/mNc0Bayhe1ttog1Nr8t8HcxWmsTbAlb0payzpa2ifbOP8UVbEVbyVa299kq9n5b9U9xbfuwrWMfsXXto7aWfejv4nr2MVvfPmUb2Ga2oW1hG9tWtol9yja1zWxz28K2tK1sB/uc7Wift0n2BdvJvvineLFdYtfadXa93WD32n32vL1gj9of7UX7q+1le9tB9i072L5th9h37FA77E/xGPuBHWvH2fF2gp1oJ/0pnm5n2FQ706bZT+wsO/tPcbpdZOfaDDvPzrcL7MLf4uw1ZdjP7VL7hc20y+xyu8KutKvsarvmb2tdYTfZzXaL3WO/stvsdrvD7rS77O7f4ux97Ldf2yz7jT1if7AH7bf2kD1mD9vvf4uz93fM/mSP25/tCXvSnrKn7Rn7iz1rz/22/+y9n7aX7RXrrSAgSYo0BZSLclMM5aFYuoHi6EbKSzdRhG6meLqF8tGtlJ8KUEEqRIXpNipChpAsEYVUlIpRlG6n4nQHJVAJKkmlyFFpSqQ7qQzdRWXpbipH91B5upcqUEWqRJXpPqpC91NVeoCq0YNUnWpQTapFD1Ftepjq0CNUlx6levQY1afHqQE9QQ2pETWmJ6kJPUVNqRk1pxbUklpRa3qa2tAz1JbaUXt6ljrQc9SRnqckeoE60YvUmV6iLvQydaVXqBu9St3pNepBr1NPeoN6UW9Kpj7Ul96kftSfBtBAGkRv0WB6m4bQOzSUhtFwepdG0Hs0kt6nUTSaxtAHNJbG0XiaQBNpEqXQhzSZPqIp9DFNpWk0nWZQKs2kNPqEZtFsmkOf0lz6jObRfFpACymdFtFiWkIZ9DktpS8ok5bRclpBK2kVraY1tJbW0XraQBtpE22mLbSVvqRttJ120E7aRbtpD31Fe2kf7aevKYu+oQP0FzpI39Ih+o4O0/d0hH6go/QjHaOf6Dj9TCfoJJ2i03SGfqGzdI7O0wW6SL/SJbpMV8iTCCGUoQp1GIS5wtxhTJgnjA1vCOPCG8O84U1hJLw5jA9vCfOFt4b5wwJhwbBQWDi8LSwSmhBDG1IYhkXDYmE0vD0sHt4RJoQlwpJhqdCFpcPE8M6wTHhXWDa8OywX3hOWD+8NK4QVw0ph5fC+sEp4f1g1fCCsFj4YVg9rhDXDWuFDYe3w4bBO+EhYN3w0LBs+FtYPHw8bhE+EDcNGYePwybBJ+FTYNGwWNg9bhC3DVmHr8OmwTfhM2DZsF7YPnw07hM+FHcPnw6TwhbBT+OI1jyeHfcK+4Zvhm6H3j6gF0YXR9Oii6OLokmhG9PPo0ugX0czosujy6Iroyuiq6Oromuja6Lro+uiG6Mbopujm6Jao97VyCwdOOuW0C1wul9vFuDwu1t3g4tyNLq+7yUXczS7e3eLyuVtdflfAFXSFXGGX648nc9aRC11RV8xF3e2uuLvDJbgSrqQr5Zwr7RJdK9fatXZt3DOurWvn2rtn3bPuOfece949715wndyLrrN7yXVxL7uu7hX3invVdXevuR7uddfTveF6ud4u2SW7vq6v6+f6uQFugBvkBrnBbrAb4oa4oW6oG+6GuxFuhBvpRrpRbpQb48a4sW6sG+/Gu4luoktxKW6ym+ymuCluqpvqprvpLtWlujSX5ma5WW6Om+PmurlunpvnFrgFLt2lu8VusctwGW6pW+oyXaZb7pa7lW6lW+1Wu7VurVvv1ruNbqPb7Da7rW6r2+a2uR1uh9vldrk9bo/b6/a6/W6/y3JZ7oA74A66g+6Q+84ddt+7I+4Hd9T96I65n9xx97M74U66U+60O+N+cWfdOXfeXXAX3a/ukrvsrjjvUiIfRiZHPopMiXwcmRqZFpkemRFJjcyMpEU+icyKzI7MiXwamRv5LDIvMj+yILIwkh5ZFFkcWRLJiHweWRr5IpIZWRZZHlkRWRlZFfH+tm2hL+qL+ai/3Rf3d/gEX8KX9KW886V9or/Tl/F3+bL+bl/O3+PL+3t9BV/RV/LNfHPfwrf0rXxr/7Rv45/xbX07394/6zv453xH/7xP8i/4Tv5F39m/5Lv4l31X/4rv5l/13f1rvod/3ff0b/hevrdP9n18X/+m7+f7+wF+oB/k3/KD/dt+iH/HD/XD/HD/rh/h3/Mj/ft+lB/tx/gP/Fg/zo/3E/xEP8mn+A/9ZP+Rn+I/9lP9ND/dz/CpfqZP85/4WX62n+M/9XP9Z36en+8X+IU+3S/yi/0Sn+E/90v9Fz7TL/PL/Qq/0q/yq/0av9av8+v9Br/Rb/Kb/Ra/1X/pt/ntfoff6Xf53X6P/8rv9fv8fv+1z/Lf+AP+L/6g/9Yf8t/5w/57f8T/4I/6H/0x/5M/7n/2J/xJf8qf9mf8L/6sP+fP+wv+ov/VX/KX/RX+nzXGGGOMsf8RdY3jff7J9+QfI1tfIcSN2wsd/seaG/P/Pu8v93aKCCFe6N2t0V9Ho0bJycl/vDZTiaDYfCFE5Gr+b/c/f8TLRHvxnEgS7USZf7q+/rIS0DXqR+8RIva/5MSIq/HV+nf9N/WbLbpm/flCJBS7mpNHXI2v1i/739Tf3eEa9fN8myJE2/+SEyeuxlfrJ4pnxIsi6e9eyRhjjDHGGGOM/a6/vNj9Wve32ffnhXWev+XkFtnx7/Nr3Z8zxhhjjDHGGGPs+nv5tR7PP52U1K4LT3jCE578bXK9/zIxxhhjjDHG/t2uXvRf75UwxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGM513/i48Su9x4ZY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yx6+3/BAAA//9A82bR") rename(&(0x7f0000000080)='./file2\x00', &(0x7f0000000100)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') [ 2671.160350][T28174] generic_file_write_iter+0xaf/0x1c0 [ 2671.165554][T28174] vfs_write+0xc8d/0x1050 [ 2671.169727][T28174] ? file_end_write+0x1b0/0x1b0 [ 2671.174419][T28174] ? __fget_files+0x310/0x370 [ 2671.178928][T28174] ? __fdget_pos+0x1fe/0x310 [ 2671.183351][T28174] ? ksys_write+0x77/0x2c0 [ 2671.187603][T28174] ksys_write+0x198/0x2c0 [ 2671.191768][T28174] ? __ia32_sys_read+0x90/0x90 [ 2671.196369][T28174] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2671.202273][T28174] __x64_sys_write+0x7b/0x90 [ 2671.206702][T28174] do_syscall_64+0x44/0xd0 [ 2671.210961][T28174] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2671.216680][T28174] RIP: 0033:0x7fb257acee4f [ 2671.220933][T28174] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2671.240375][T28174] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2671.248616][T28174] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f 18:25:03 executing program 3: r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980)}}], 0x400000000000172, 0x4000000) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x24008000) [ 2671.256426][T28174] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2671.264246][T28174] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2671.272055][T28174] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2671.279863][T28174] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2671.287685][T28174] [ 2671.296899][T28174] loop5: detected capacity change from 0 to 512 [ 2671.299985][T28158] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. 18:25:03 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 85) 18:25:03 executing program 1: syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17c, &(0x7f0000000240)="$eJzsmM9K60AUxr9Jelvu5XK5W90oWLAuTJOpihsXXYhbwX8ILiw2lmpqpc3Cdif0EXwB38BH8AGkr6B1pYsuXUokybQdi1oXKojfb3HmO5OTycwJfIGAEPJjue083KQuOm0TwF+kkVLzd+agxtDq79uytTO28u8My9ePV05reD0BIAje//wEgMu8CV/lQfD87rQa12H09QYMzCi9BQFL6V0Y2FTahcC20gearob1lrVf9lxrr+oVQ2GHwQmDDENueH/dU4Gitj+hXa83mocFz3NrnyhG9a+bN7Ck7U9/X73e2Fr/HBhwlM5BYE3pRaR6vYlbop1/PDFY3/zi81NQUHw3MfCn4FxgWvOnhOYfWb9ynK03mrPlSqHkltwjKXML9pxtz8tsZERxfMP/fkf+9Edb/9crtUmRxEnB92tOHPu5jONLjpuM/M9AZirOhZrTib4H/8VkOGRMlRNCCCGEEEIIIYQQQsiHMwER/QUdgVyNqp8CAAD//3Dcd4A=") (fail_nth: 91) 18:25:03 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 95) 18:25:03 executing program 3: r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980)}}], 0x400000000000172, 0x4000000) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x24008000) 18:25:03 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000012100000000000000c04850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000001c0)='module_request\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_DEL_PMKSA(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x1c, 0x0, 0xb1c8bde1c61eeefc, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), r1) syz_genetlink_get_family_id$team(&(0x7f0000000080), r1) 18:25:03 executing program 3: r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980)}}], 0x400000000000172, 0x4000000) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x24008000) [ 2671.352327][T28180] loop2: detected capacity change from 0 to 256 [ 2671.365037][T28184] loop1: detected capacity change from 0 to 16 [ 2671.372438][T28180] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf5cbb909, utbl_chksum : 0xe619d30d) [ 2671.395503][T28189] FAULT_INJECTION: forcing a failure. 18:25:03 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x1c}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000405a01060000000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3000000024000b0f000000001000000000000000", @ANYRES32=r4, @ANYBLOB="00000000ffffffff000000000c000100696e6772657373"], 0x30}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=@newtfilter={0x58, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0xc}}, [@filter_kind_options=@f_u32={{0x8}, {0x2c, 0x2, [@TCA_U32_INDEV={0x14, 0x8, 'syzkaller0\x00'}, @TCA_U32_SEL={0x14}]}}]}, 0x58}}, 0x0) 18:25:03 executing program 2: syz_mount_image$exfat(&(0x7f0000000000), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[], 0xff, 0x14d6, &(0x7f0000002ac0)="$eJzs3AuUztX6OPD97L2/jGnS2yS37Gc/X9402CZJckmSS5IkIbknJE2SJEkMuSUhCblOksuYkFwGk8b9fsk9NDmSJMktt7D/a6pz/M7p/Jbf//zP7/ivNc9nrb1mP/N9n+fde541872sNe+P3YbXbFKrWkMiEv8K9dcJ/P4lWQgRI4QYJIS4SQgRCCHKxZeLzz6eR0Hyv/Qm7H9Jo9TrvQJ2PXH/czbuf87G/c/ZuP85G/c/Z+P+52zc/5yN+89YjpZW6GYeOXfw8/+cjM//ORv3P2fj/uds3P+cjfufs3H/czbuf87G/c/ZuP+M5Wj/HzyD5nEdB2OMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wx9h9w3l+lhRB/nV/vdTHGGGOMMcYYY+zfx+e+3itgjDHGGGOMMcbY/z4QUiihRSByidwiRuQRseIGESduFHnFTSIibhbx4haRT9wq8osCoqAoJAqL20QRYQQKK0iEoqgolkeI20VxcYdIECVESVFKOFFaJIo7RRlxlygr7hblxD2ivLhXVBAVRSVRWdwnqoj7RVXxgKgmHhTVRQ1RU9QSD4na4mFRRzwi6opHRT3xmKgvHhcNxBOioWgkGosnRRPxlGgqmonmooVoKVqJ1v9S/uuip3hD9BK9RbLoI/qKN0U/0V8MEAPFIPGWGCzeFkPEO2KoGCaGi3fFCPGeGCneF6PEaDFGfCDGinFivJggJopJIkV8KCaLj8QU8bGYKqaJ6WKGSBUzRZr4RMwSs8Uc8amYKz4T88R8sUAsFOlikVgslogM8blYKr4QmWKZWC5WiJVilVgt1oi1Yp1YLzaIjWKT2Cy2iK3iS7FNbBc7xE6xS+wWe8RXYq/YJ/aLr0WW+Ob/Mv/cP+R3BwECJEjQoCEX5IIYiIFYiIU4iIO8kBciEIF4iId8kA/yQ34oCAWhMBSGIlAEEBAICIpCUYhCFIpDcUiABCgJJcGBg0RIhDJwF5SFslAOykF5KA8VoCJUhMpQGapAFagKVaEaVIPqUB1qQk14CB6Ch6EO1IG6UBfqQT2oD/WhATSAhtAQGkNjaAJNoCk0hebQHFpCS2gNraENtIG20BbaQ3voAB2gI3SEJEiCTtAJOkNn6AJdoCt0hW7QDbrDa/AavA6vwxvwBvSG6rIP9IW+0A/6wQAYCAPhLRgMb8Pb8A4MhWEwHN6Fd+E9GAlnYRSMhjEwBqrIcTAeJgDJSZACKTAZJsMUmAJTYRpMgxmQCjMhDdJgFsyG2fApzIXP4DOYD/NhIaRDOiyGJZABGbAUzkEmLIPlsAJWwipYCWtgLayB9bAB1sMm2ARbYAt8CV/CdtgOO2En7Ibd8BV8BftgHwyFLMiCA3AADsJBOASH4DAchiNwBI7CUTgGx+A4HIcTcBJOwUk4A2fgLJyD83AeLsJFuASX4Apcyf7ll9m01DKXzCVjZIyMlbEyTsbJvDKvjMiIjJfxMp/MJ/PL/LKgLCgLy8KyiCwiUaIkGcqisqiMyqgsLovLBJkgS8qS0kknE2WiLCPLyLKyrCwn75Hl5b2ygqwo27nKsrKsItu7qvIBWU1Wk9VlDVlT1pK1ZG1ZW9aRdWRdWVfWk/Vkffm4bCD7wABoJLM700QOg6ZyODSXLWRL2Uq+B0/LNnIktJXtZHv5rBwNo6CjbOOS5AuykxwPneVLcgK8LLvKSdBNviq7y9dkD/m67Cnbul6yt5wKfWRfOQP6yf5ygBwoZ0ENmd2xmvIdOVQOk8Plu3IhvCdHyvflKDlajpEfyLFynBwvJ8iJcpJMkR/KyfIjOUV+LKfKaXK6nCFT5UyZJj+Rs+RsOUd+KufKz+Q8OV8ukAtlulwkF8slMkN+LpfKL2SmXCaXyxVypVwlV8s1cq1cJ9fLDXKj3CQ3yy1yq/xSbpPb5Q65U+6Su+Ue+ZXcK/fJ/fJrmSW/kQfkX+RB+a08JL+Th+X38oj8QR6VP8pj8id5XP4sT8iT8pQ8Lc/IX+RZeU6elxfkRfmrvCQvyyvSS6FASaWUVoHKpXKrGJVHxaobVJy6UeVVN6mIulnFq1tUPnWryq8KqIKqkCqsblNFlFGorCIVqqKqmIqq21VxdYdKUCVUSVVKOVVaJao7VRl1lyqr7lbl1D2qvLpXVVAVVSVVWd2nqqj7VVX1gKqmHlTVVQ1VU9VSD6na6mFVRz2i6qpHVT31mKqvHlcN1BOqoWqkGqsnVRP1lGqqmqnmqoVqqVqp1upp1UY9o9qqdqq9elZ1UM+pjup5laReUJ3Ui6qzekl1US+rruoV1U29qrqr11QPdVldUV71Ur1Vsuqj+qo3VT/VXw1QA9Ug9ZYarN5WQ9Q7aqgapoard9UI9Z4aqd5Xo9RoNUZ9oMaqcWq8mqAmqkkqRX2oJquP1BT1sZqqpqnpaoZKVTPVgD8qzfkf5H/0T/KH/PbuW9RW9aXaprarHWqn2qV2qz1qj9qr9qr9ar/KUlnqgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqvj6oQ6qS6o0+qM+kWdVefUOXVBXVQX1aU/fgZCg5Zaaa0DnUvn1jE6j47VN+g4faPOq2/SEX2zjte36Hz6Vp1fF9AFdSFdWN+mi2ijUVtNOtRFdTEd1bfr4voOnaBL6JK6lHa6tE7Ud/4/519rfa11a91Gt9FtdVvdXrfXHXQH3VF31Ek6SXfSnXRn3Vl30V10V91Vd9PddHfdXffQPXRP3VP30r10sk7WffWbup/urwfogXqQfksP1oP1ED1ED9VD9XA9XI/QI/RIPVKP0qP0GD1Gj9Vj9Xg9Xk/UE3WKTtGT9WQ9RU/RU/VUPV1P16k6VafpND1Lz9Jz9Bw9V8/V8/Q8vUAv0Ok6XS/Wi3WGztBL9VKdqZfpZXqFXqFX6VV6jV6j1+l1eoPeoDfpTTpTb9Vb9Ta9Te/QO/QuvUvv0Xv0Xr1X79f7dZbO0gf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9Al9Sp/SZ/QZfVaf1ef1eX1RX9SX9CV9RV/JvuwLZCADHeggV5AriAligtggNogL4oK8Qd4gEkSC+CA+yBfcGuQPCgQFg0JB4eC2oEhgAgxsQEEYFA2KBdHg9qB4cEeQEJQISgalAheUDhKDO4MywV1B2eDuoFxwT1A+uDeoEFQMKgWVg/uCKsH9QdXggaBa8GBQPagR1AxqBQ8FtYOHgzrBI0Hd4NGgXvBYUD94PGgQPBE0DBoFjYMngybBU0HToFnQPGgRtAxaBa3/rfW9P1vgGdfL9DbJpo/pa940/Ux/M8AMNIPMW2awedsMMe+YoWaYGW7eNSPMe2aked+MMqPNGPOBGWvGmfFmgploJpkU86GZbD4yU8zHZqqZZqabGSbVzDRp5hMzy8w2c8ynZq75zMwz880Cs9Ckm0VmsVliMsznZqn5wmSaZWa5WWFWmlVmtVlj1pp1Zr3ZYDaaTWaz2WK2mi/NNrPd7DA7zS6z2+wxX5m9Zp/Zb742WeYbc8D8xRw035pD5jtz2HxvjpgfzFHzozlmfjLHzc/mhDlpTpnT5oz5xZw158x5c8FcNL+aS+ayuWJ89sV99ukdNWrMhbkwBmMwFmMxDuMwL+bFCEYwHuMxH+bD/JgfC2JBLIyFsQgWwWyEhEWxKEYxisWxOCZgApbEkujQYSImYhksg2WxLJbDclgey2MFrICVsBLeh/fh/Xg/PoAP4IP4INbAGlgLa2FtrI11sA7WxbpYD+thfayPDbABNsSG2BgbYxNsgk2xKTbH5tgSW2JrbI1tsA22xbbYHttjB+yAHbEjJmESdsJO2Bk7Yxfsgl2xK3bDbtgdu2MP7IE9sSf2wl6YjMnYF/tiP+yHA3AADsJBOBgH4xAcgkNxKA7H4TgCR+BIHImjcDSOwQ9wLI7D8TgBJ+IkTMEUnIyTcQpOwak4FafjdEzFVEzDNJyFs3AOzsG5OBfn4TxcgAswHdNxMS7GDMzApbgUMzETl+NyXIkrcTWuxrW4FtfjetyIG3EzbsatuBW34TbcgTtwF+7CPbgH9+Je3I/7MQuz8AAewIN4EA/hITyMh/EIHsGjeBSP4TE8jsfxBJ7AU3gKz+AZPItn8Tyex4v4K17Cy3gFPcbYPDbW3mDj7I02r73J/mNc0Bayhe1ttog1Nr8t8HcxWmsTbAlb0payzpa2ifbOP8UVbEVbyVa299kq9n5b9U9xbfuwrWMfsXXto7aWfejv4nr2MVvfPmUb2Ga2oW1hG9tWtol9yja1zWxz28K2tK1sB/uc7Wift0n2BdvJvvineLFdYtfadXa93WD32n32vL1gj9of7UX7q+1le9tB9i072L5th9h37FA77E/xGPuBHWvH2fF2gp1oJ/0pnm5n2FQ706bZT+wsO/tPcbpdZOfaDDvPzrcL7MLf4uw1ZdjP7VL7hc20y+xyu8KutKvsarvmb2tdYTfZzXaL3WO/stvsdrvD7rS77O7f4ux97Ldf2yz7jT1if7AH7bf2kD1mD9vvf4uz93fM/mSP25/tCXvSnrKn7Rn7iz1rz/22/+y9n7aX7RXrrSAgSYo0BZSLclMM5aFYuoHi6EbKSzdRhG6meLqF8tGtlJ8KUEEqRIXpNipChpAsEYVUlIpRlG6n4nQHJVAJKkmlyFFpSqQ7qQzdRWXpbipH91B5upcqUEWqRJXpPqpC91NVeoCq0YNUnWpQTapFD1Ftepjq0CNUlx6levQY1afHqQE9QQ2pETWmJ6kJPUVNqRk1pxbUklpRa3qa2tAz1JbaUXt6ljrQc9SRnqckeoE60YvUmV6iLvQydaVXqBu9St3pNepBr1NPeoN6UW9Kpj7Ul96kftSfBtBAGkRv0WB6m4bQOzSUhtFwepdG0Hs0kt6nUTSaxtAHNJbG0XiaQBNpEqXQhzSZPqIp9DFNpWk0nWZQKs2kNPqEZtFsmkOf0lz6jObRfFpACymdFtFiWkIZ9DktpS8ok5bRclpBK2kVraY1tJbW0XraQBtpE22mLbSVvqRttJ120E7aRbtpD31Fe2kf7aevKYu+oQP0FzpI39Ih+o4O0/d0hH6go/QjHaOf6Dj9TCfoJJ2i03SGfqGzdI7O0wW6SL/SJbpMV8iTCCGUoQp1GIS5wtxhTJgnjA1vCOPCG8O84U1hJLw5jA9vCfOFt4b5wwJhwbBQWDi8LSwSmhBDG1IYhkXDYmE0vD0sHt4RJoQlwpJhqdCFpcPE8M6wTHhXWDa8OywX3hOWD+8NK4QVw0ph5fC+sEp4f1g1fCCsFj4YVg9rhDXDWuFDYe3w4bBO+EhYN3w0LBs+FtYPHw8bhE+EDcNGYePwybBJ+FTYNGwWNg9bhC3DVmHr8OmwTfhM2DZsF7YPnw07hM+FHcPnw6TwhbBT+OI1jyeHfcK+4Zvhm6H3j6gF0YXR9Oii6OLokmhG9PPo0ugX0czosujy6Iroyuiq6Oromuja6Lro+uiG6Mbopujm6Jao97VyCwdOOuW0C1wul9vFuDwu1t3g4tyNLq+7yUXczS7e3eLyuVtdflfAFXSFXGGX648nc9aRC11RV8xF3e2uuLvDJbgSrqQr5Zwr7RJdK9fatXZt3DOurWvn2rtn3bPuOfece949715wndyLrrN7yXVxL7uu7hX3invVdXevuR7uddfTveF6ud4u2SW7vq6v6+f6uQFugBvkBrnBbrAb4oa4oW6oG+6GuxFuhBvpRrpRbpQb48a4sW6sG+/Gu4luoktxKW6ym+ymuCluqpvqprvpLtWlujSX5ma5WW6Om+PmurlunpvnFrgFLt2lu8VusctwGW6pW+oyXaZb7pa7lW6lW+1Wu7VurVvv1ruNbqPb7Da7rW6r2+a2uR1uh9vldrk9bo/b6/a6/W6/y3JZ7oA74A66g+6Q+84ddt+7I+4Hd9T96I65n9xx97M74U66U+60O+N+cWfdOXfeXXAX3a/ukrvsrjjvUiIfRiZHPopMiXwcmRqZFpkemRFJjcyMpEU+icyKzI7MiXwamRv5LDIvMj+yILIwkh5ZFFkcWRLJiHweWRr5IpIZWRZZHlkRWRlZFfH+tm2hL+qL+ai/3Rf3d/gEX8KX9KW886V9or/Tl/F3+bL+bl/O3+PL+3t9BV/RV/LNfHPfwrf0rXxr/7Rv45/xbX07394/6zv453xH/7xP8i/4Tv5F39m/5Lv4l31X/4rv5l/13f1rvod/3ff0b/hevrdP9n18X/+m7+f7+wF+oB/k3/KD/dt+iH/HD/XD/HD/rh/h3/Mj/ft+lB/tx/gP/Fg/zo/3E/xEP8mn+A/9ZP+Rn+I/9lP9ND/dz/CpfqZP85/4WX62n+M/9XP9Z36en+8X+IU+3S/yi/0Sn+E/90v9Fz7TL/PL/Qq/0q/yq/0av9av8+v9Br/Rb/Kb/Ra/1X/pt/ntfoff6Xf53X6P/8rv9fv8fv+1z/Lf+AP+L/6g/9Yf8t/5w/57f8T/4I/6H/0x/5M/7n/2J/xJf8qf9mf8L/6sP+fP+wv+ov/VX/KX/RX+nzXGGGOMsf8RdY3jff7J9+QfI1tfIcSN2wsd/seaG/P/Pu8v93aKCCFe6N2t0V9Ho0bJycl/vDZTiaDYfCFE5Gr+b/c/f8TLRHvxnEgS7USZf7q+/rIS0DXqR+8RIva/5MSIq/HV+nf9N/WbLbpm/flCJBS7mpNHXI2v1i/739Tf3eEa9fN8myJE2/+SEyeuxlfrJ4pnxIsi6e9eyRhjjDHGGGOM/a6/vNj9Wve32ffnhXWev+XkFtnx7/Nr3Z8zxhhjjDHGGGPs+nv5tR7PP52U1K4LT3jCE578bXK9/zIxxhhjjDHG/t2uXvRf75UwxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGM513/i48Su9x4ZY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yx6+3/BAAA//9A82bR") rename(&(0x7f0000000080)='./file2\x00', &(0x7f0000000100)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') [ 2671.395503][T28189] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2671.410612][T28184] FAULT_INJECTION: forcing a failure. [ 2671.410612][T28184] name failslab, interval 1, probability 0, space 0, times 0 [ 2671.429901][T28189] CPU: 0 PID: 28189 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2671.433782][T28195] FAULT_INJECTION: forcing a failure. [ 2671.433782][T28195] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2671.439980][T28189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2671.439996][T28189] Call Trace: [ 2671.440002][T28189] [ 2671.440009][T28189] dump_stack_lvl+0x151/0x1b7 [ 2671.440031][T28189] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2671.440048][T28189] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2671.483914][T28189] dump_stack+0x15/0x17 [ 2671.487898][T28189] should_fail+0x3c0/0x510 [ 2671.492151][T28189] should_fail_alloc_page+0x58/0x70 [ 2671.497360][T28189] __alloc_pages+0x1de/0x7c0 [ 2671.501785][T28189] ? __count_vm_events+0x30/0x30 [ 2671.506562][T28189] ? __kasan_check_read+0x11/0x20 [ 2671.511427][T28189] ? __vm_enough_memory+0x118/0x310 [ 2671.516461][T28189] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2671.521920][T28189] ? shmem_swapin_page+0x15c0/0x15c0 [ 2671.527044][T28189] ? xas_start+0x33d/0x410 [ 2671.531380][T28189] ? xas_load+0x2c7/0x2e0 [ 2671.535557][T28189] ? pagecache_get_page+0xcc8/0xdb0 [ 2671.540582][T28189] ? page_cache_prev_miss+0x430/0x430 [ 2671.545791][T28189] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2671.551174][T28189] ? lru_cache_add+0x273/0x530 [ 2671.555771][T28189] shmem_getpage_gfp+0x1487/0x25f0 [ 2671.560718][T28189] ? shmem_getpage+0xa0/0xa0 [ 2671.565145][T28189] ? fault_in_safe_writeable+0x240/0x240 [ 2671.570629][T28189] ? __kasan_check_write+0x14/0x20 [ 2671.575652][T28189] ? shmem_write_end+0x786/0x8a0 [ 2671.580421][T28189] shmem_write_begin+0xc8/0x1b0 [ 2671.585108][T28189] generic_perform_write+0x2cd/0x5d0 [ 2671.590232][T28189] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2671.595871][T28189] ? file_remove_privs+0x690/0x690 [ 2671.600905][T28189] ? __kasan_check_write+0x14/0x20 [ 2671.605865][T28189] ? down_write+0xdd/0x140 [ 2671.610105][T28189] __generic_file_write_iter+0x25b/0x4b0 [ 2671.615582][T28189] generic_file_write_iter+0xaf/0x1c0 [ 2671.620870][T28189] vfs_write+0xc8d/0x1050 [ 2671.625039][T28189] ? file_end_write+0x1b0/0x1b0 [ 2671.629722][T28189] ? __fget_files+0x310/0x370 [ 2671.634238][T28189] ? __fdget_pos+0x1fe/0x310 [ 2671.638661][T28189] ? ksys_write+0x77/0x2c0 [ 2671.642915][T28189] ksys_write+0x198/0x2c0 [ 2671.647085][T28189] ? __ia32_sys_read+0x90/0x90 [ 2671.651681][T28189] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2671.657583][T28189] __x64_sys_write+0x7b/0x90 [ 2671.662013][T28189] do_syscall_64+0x44/0xd0 [ 2671.666264][T28189] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2671.671992][T28189] RIP: 0033:0x7fb257acee4f [ 2671.676245][T28189] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2671.695693][T28189] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2671.703937][T28189] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2671.711749][T28189] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2671.719644][T28189] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2671.727457][T28189] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2671.735267][T28189] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2671.743085][T28189] [ 2671.745945][T28195] CPU: 1 PID: 28195 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2671.756103][T28195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2671.765992][T28195] Call Trace: [ 2671.769119][T28195] [ 2671.771896][T28195] dump_stack_lvl+0x151/0x1b7 [ 2671.776413][T28195] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2671.781793][T28195] ? avc_has_perm_noaudit+0x2ec/0x450 [ 2671.786997][T28195] dump_stack+0x15/0x17 [ 2671.790989][T28195] should_fail+0x3c0/0x510 [ 2671.795243][T28195] should_fail_alloc_page+0x58/0x70 [ 2671.800277][T28195] __alloc_pages+0x1de/0x7c0 [ 2671.805053][T28195] ? __count_vm_events+0x30/0x30 [ 2671.809831][T28195] ? __kasan_check_read+0x11/0x20 [ 2671.814687][T28195] ? __vm_enough_memory+0x118/0x310 [ 2671.819731][T28195] shmem_alloc_and_acct_page+0x4a0/0xa20 [ 2671.825272][T28195] ? shmem_swapin_page+0x15c0/0x15c0 [ 2671.830400][T28195] ? xas_start+0x33d/0x410 [ 2671.834660][T28195] ? xas_load+0x2c7/0x2e0 [ 2671.838824][T28195] ? pagecache_get_page+0xcc8/0xdb0 [ 2671.843854][T28195] ? page_cache_prev_miss+0x430/0x430 [ 2671.849060][T28195] ? _raw_spin_lock_irqsave+0x210/0x210 [ 2671.854445][T28195] ? lru_cache_add+0x273/0x530 [ 2671.859043][T28195] shmem_getpage_gfp+0x1487/0x25f0 [ 2671.863992][T28195] ? shmem_getpage+0xa0/0xa0 [ 2671.868415][T28195] ? fault_in_safe_writeable+0x240/0x240 [ 2671.873885][T28195] ? __kasan_check_write+0x14/0x20 [ 2671.878830][T28195] ? shmem_write_end+0x786/0x8a0 [ 2671.883607][T28195] shmem_write_begin+0xc8/0x1b0 [ 2671.888293][T28195] generic_perform_write+0x2cd/0x5d0 [ 2671.893414][T28195] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2671.899059][T28195] ? file_remove_privs+0x690/0x690 [ 2671.904006][T28195] ? __kasan_check_write+0x14/0x20 [ 2671.908950][T28195] ? down_write+0xdd/0x140 [ 2671.913295][T28195] __generic_file_write_iter+0x25b/0x4b0 [ 2671.918763][T28195] generic_file_write_iter+0xaf/0x1c0 [ 2671.923967][T28195] vfs_write+0xc8d/0x1050 [ 2671.928144][T28195] ? file_end_write+0x1b0/0x1b0 [ 2671.932823][T28195] ? __fget_files+0x310/0x370 [ 2671.937338][T28195] ? __fdget_pos+0x1fe/0x310 [ 2671.941761][T28195] ? ksys_write+0x77/0x2c0 [ 2671.946012][T28195] ksys_write+0x198/0x2c0 [ 2671.950182][T28195] ? __ia32_sys_read+0x90/0x90 [ 2671.954781][T28195] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2671.960690][T28195] __x64_sys_write+0x7b/0x90 [ 2671.965113][T28195] do_syscall_64+0x44/0xd0 [ 2671.969375][T28195] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2671.975095][T28195] RIP: 0033:0x7fcbd55afe4f [ 2671.979346][T28195] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2671.998788][T28195] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2672.007032][T28195] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2672.014864][T28195] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2672.022668][T28195] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2672.030470][T28195] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2672.038283][T28195] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2672.046096][T28195] [ 2672.048994][T28184] CPU: 0 PID: 28184 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2672.059029][T28184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2672.068925][T28184] Call Trace: [ 2672.072058][T28184] [ 2672.074844][T28184] dump_stack_lvl+0x151/0x1b7 [ 2672.079344][T28184] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2672.084637][T28184] dump_stack+0x15/0x17 [ 2672.088627][T28184] should_fail+0x3c0/0x510 [ 2672.092879][T28184] __should_failslab+0x9f/0xe0 [ 2672.097480][T28184] should_failslab+0x9/0x20 [ 2672.101832][T28184] kmem_cache_alloc+0x4f/0x2f0 [ 2672.106446][T28184] ? from_kuid_munged+0x7b0/0x7b0 [ 2672.111280][T28184] ? security_inode_alloc+0x29/0x140 [ 2672.116402][T28184] security_inode_alloc+0x29/0x140 [ 2672.121349][T28184] inode_init_always+0x717/0x960 [ 2672.126122][T28184] ? _erofs_info+0x190/0x190 [ 2672.130551][T28184] new_inode_pseudo+0x93/0x220 [ 2672.135167][T28184] new_inode+0x28/0x1c0 [ 2672.139148][T28184] ? _raw_spin_unlock+0x4d/0x70 [ 2672.143832][T28184] ? erofs_shrinker_register+0xfb/0x110 [ 2672.149215][T28184] erofs_fc_fill_super+0x867/0x1180 [ 2672.154250][T28184] get_tree_bdev+0x441/0x680 [ 2672.158673][T28184] ? erofs_release_device_info+0x90/0x90 [ 2672.164153][T28184] erofs_fc_get_tree+0x1c/0x20 [ 2672.168744][T28184] vfs_get_tree+0x88/0x290 [ 2672.172995][T28184] do_new_mount+0x289/0xad0 [ 2672.177335][T28184] ? do_move_mount_old+0x160/0x160 [ 2672.182283][T28184] ? security_capable+0xb2/0xd0 [ 2672.186978][T28184] ? ns_capable+0x8a/0xf0 [ 2672.191144][T28184] path_mount+0x60b/0x1050 [ 2672.195391][T28184] __se_sys_mount+0x2d2/0x3c0 [ 2672.199902][T28184] ? __x64_sys_mount+0xd0/0xd0 [ 2672.204592][T28184] __x64_sys_mount+0xbf/0xd0 [ 2672.209016][T28184] do_syscall_64+0x44/0xd0 [ 2672.213449][T28184] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2672.219173][T28184] RIP: 0033:0x7fc55e52a5fa [ 2672.223427][T28184] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2672.242869][T28184] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2672.251115][T28184] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2672.258927][T28184] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2672.266746][T28184] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 [ 2672.274557][T28184] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2672.282365][T28184] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2672.290180][T28184] [ 2672.294370][T28184] ------------[ cut here ]------------ 18:25:04 executing program 0: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0x50, &(0x7f00000001c0)={[{@utf8no}, {@rodir}, {@utf8}, {@uni_xlateno}, {@uni_xlate}, {@fat=@fmask={'fmask', 0x3d, 0x9}}, {@shortname_winnt}, {@uni_xlateno}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'utf8'}}, {@shortname_lower}, {@rodir}]}, 0x81, 0x21c, &(0x7f0000000340)="$eJzs3b9qU1EcB/BfbGpLQdNBKIrDFRen0FYchRapIAYUJYPiYLEtSlMLBgI6tG6+hL6Cjj6Ag7r6AiJIdbRbB+FKvCWpMdoIJje0n8+SL7nne8+5kD8kkJO7p9dWl9brK9vbWzE+XojiXMzFTiEm40iMROZpAAAHyU6axrc0k/daAIDB6Pb+X4hCvosCAPqqh8//7+5EXB/wsgCAPvL9PwAcPjdv3b46X6ks3EiS8Yi1Z41qo5rdZsfnV+JB1IrNWIrvEWlLli9fqSxMJ01fJqO6trnb32xUR/b0YzlmohST3fszSebX/mhM7PY/TsRyzEYpTnTvz3btH41zZ/fMX45SfLgX61GLpWh22/2NmSS5dK3S0R/7OQ4AAAAAAAAAAAAAAAAAAAAAAPqhnLR03b+nXP7T8azf2l9ner/9gTr35ynGqWK+1w4AAAAAAAAAAAAAAAAAAADDov74yepirbb86G/h4fuXb/Yb81tIxyJ6G3zxeMS/nPn/hGNnPj8f+KQHJrzdun/yfH3qQr+mGO3tkTkM4dVwLKMjpGn2BG/dM/VibvH1xqevvZ4n71cmAAAAAAAAAAAAAAAAAAA4fNo/+s17JQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQn/b///cv5H2NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwIwAA//88JarT") mkdir(&(0x7f0000000000)='./file0\x00', 0x0) 18:25:04 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0xf, 0x4, 0x4, 0x10000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x48) 18:25:04 executing program 0: syz_io_uring_setup(0x253d, &(0x7f0000000080), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000140), 0x0) syz_io_uring_setup(0x6b, &(0x7f0000000280), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000300), &(0x7f0000000340)) 18:25:04 executing program 5: syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x226, &(0x7f0000000300)="$eJzs3b2KE1EYBuDPdX/CNm4tFgM2VkG9g0FWEAeEyBRaObDa7Iow24xWuQnxHrwQL2irdJFkhvwZbTSeTfI8EM4LL4HvNEmKczLvHny8vPh0/eHrj2/R62VxEDGMUcTZJHXudOvBNB/HomEAANtmMKjy1DOwWXWdV0cRcfJLU35PMhAAAAAAAAAAAAB/zfl/ANg/zv/vvrrOq9Pu99sy5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdEbj8b3xH16p5wMA/j3f/wCwf16/efsyL4rzQZb1Im6GTdmU7dr2z18U54+zqbP5u26aprw765+0fbbcH8Vp1z9d2x/Ho4dtP+mevSpW+pO42Pz2AQAAAAAAAAAAAAAAAAAA4FboZzNr7/f3+7/r27Tw/wAr9/cP4/7hf9sGAAAAAAAAAAAAAAAAAAAAbLXrz18uq6ur97UgCMIspP5kAgAAAAAAAAAAAAAAAACA/TO/9Jt6EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/78/82F1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbDzwAAAP//cHNiFg==") (fail_nth: 96) 18:25:04 executing program 4: syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3db, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH61TetGbaxVwYWCBsRN06ZqwYO5iAdvevSy5BfFbVO6K5i04A/EoyB69VDEi+DJP0CPevXmVS9SCCL+ASuzmUnXdDftdrNuzH4+MOG9ebO878zLm5e8mbcBjKxyRHwYEZMRsRYRpXx/km/x2s6WHff3X7eWsy2JZvOtP5NWeZaPts9kprMfacRcGpF+EvF0h3rrm1vvVmu11Rt5fr5x9fp8fXPrxStXq+ur66vXXrr08uLC5YuXzh/cuT47Pbv5xfU3Ln+29Wlpffmbc1m8J/Oy9vM4KOUo716TvQ7wtA6Fk8MOgIeSRsRYRIy3+n8pxlqpHaX44J2hBgcADESz2RzbkwcAjrzEmA8AI6b4v794tjeI52AcXttLEXGsU/uP7z4Jmhjg871yRCz+dPz7bIsBPYcFAAAAGGU/LkXEK53mf9J4pu24UxHxSL4+YCYiHo2IxyLi8T7rL+/J3zv/k97pswr2sb0U8WrH+d+0OGRmLM+darX9RLJ2pbZ6Pv99mIuJqSy/sE8dN7/9/dduZe3zf9mW1V/MBeZx3Bmf+vdnVqqNaj/nzF3bH0U8Nd6p/ZPd+d8kIk73Ucdvn9e/61Z2//ZnkJq3I57r2P/vrlxK9l2fNd+6HcwXN4UObv8w+3O3+rX/cGX9/8T+7T+TtK/Xq/dex9df3Wp0K3vY+/9k8nYrwMl83/vVRuPGQsRk8ua9+y/0HvNRVVyP4npl7T93rvP4X9zzsws6GxFPRMSZiHgyIs72UOeZs7/c7Fam/w9X1v4rPfX/3hOV51//uFv9D9b/F1vBzOV7/P13fw/aQMOOEwAAAAAAAICDkbbWdidpZTedppXKznd4n44TaW2j3nhhbeO9ays7a8BnYiItXvUqtb0PupC/F1zkL+zJX8zfGf5y6ngrX1neqK0M++QBYERNdxn/M39MDTs6AGBgjg07AADgP2f8B4DRY/wHgNFj/AeA0WP8B4DRY/wHgJHSz/f6S0hIHNXEsO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2//BAAA//8Q3dmN") (fail_nth: 86) [ 2672.299910][T28184] kobject: '(null)' (ffff8881442bd8e8): is not initialized, yet kobject_put() is being called. [ 2672.313270][T28184] WARNING: CPU: 1 PID: 28184 at lib/kobject.c:752 kobject_put+0x7f/0x240 [ 2672.340835][T28202] loop2: detected capacity change from 0 to 256 [ 2672.359397][T28204] FAULT_INJECTION: forcing a failure. [ 2672.359397][T28204] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2672.372300][T28204] CPU: 1 PID: 28204 Comm: syz-executor.5 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2672.382322][T28204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2672.392221][T28204] Call Trace: [ 2672.395342][T28204] [ 2672.398117][T28204] dump_stack_lvl+0x151/0x1b7 [ 2672.402631][T28204] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2672.407928][T28204] ? __kasan_check_read+0x11/0x20 [ 2672.412789][T28204] dump_stack+0x15/0x17 [ 2672.416777][T28204] should_fail+0x3c0/0x510 [ 2672.421033][T28204] should_fail_usercopy+0x1a/0x20 [ 2672.425892][T28204] copy_page_from_iter_atomic+0x433/0x11c0 [ 2672.431537][T28204] ? pipe_zero+0x4d0/0x4d0 [ 2672.435790][T28204] ? __kasan_check_write+0x14/0x20 [ 2672.440741][T28204] ? shmem_write_end+0x786/0x8a0 [ 2672.445513][T28204] generic_perform_write+0x343/0x5d0 [ 2672.450635][T28204] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2672.456274][T28204] ? file_remove_privs+0x690/0x690 [ 2672.461221][T28204] ? __kasan_check_write+0x14/0x20 [ 2672.466169][T28204] ? down_write+0xdd/0x140 [ 2672.467486][T28184] Modules linked in: [ 2672.470423][T28204] __generic_file_write_iter+0x25b/0x4b0 [ 2672.470446][T28204] generic_file_write_iter+0xaf/0x1c0 [ 2672.478742][T28184] [ 2672.479644][T28204] vfs_write+0xc8d/0x1050 [ 2672.491176][T28204] ? file_end_write+0x1b0/0x1b0 [ 2672.495591][T28184] CPU: 0 PID: 28184 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2672.495849][T28204] ? __fget_files+0x310/0x370 [ 2672.510438][T28204] ? __fdget_pos+0x1fe/0x310 [ 2672.514947][T28204] ? ksys_write+0x77/0x2c0 [ 2672.519204][T28204] ksys_write+0x198/0x2c0 [ 2672.523126][T28184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2672.523366][T28204] ? __ia32_sys_read+0x90/0x90 [ 2672.537863][T28204] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2672.543774][T28204] __x64_sys_write+0x7b/0x90 [ 2672.548220][T28204] do_syscall_64+0x44/0xd0 [ 2672.550457][T28184] RIP: 0010:kobject_put+0x7f/0x240 [ 2672.552446][T28204] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2672.561693][T28184] Code: 4c 89 f0 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 65 e1 2d ff 49 8b 36 48 c7 c7 20 00 89 85 4c 89 f2 31 c0 e8 e1 ee bc fe <0f> 0b eb 0f e8 78 7c eb fe e9 58 01 00 00 e8 6e 7c eb fe 4d 8d 6e [ 2672.563118][T28204] RIP: 0033:0x7fb257acee4f [ 2672.563134][T28204] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2672.606272][T28204] RSP: 002b:00007fb25688ff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 2672.614594][T28204] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fb257acee4f [ 2672.617960][T28184] RSP: 0018:ffffc90001a67a58 EFLAGS: 00010246 [ 2672.622410][T28204] RDX: 0000000000040000 RSI: 00007fb24e470000 RDI: 0000000000000004 [ 2672.622423][T28204] RBP: 00007fb24e470000 R08: 0000000000000000 R09: 0000000000000220 [ 2672.622433][T28204] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2672.622442][T28204] R13: 00007fb25688ffdc R14: 00007fb25688ffe0 R15: 0000000020000302 [ 2672.635992][T28184] [ 2672.636122][T28204] [ 2672.657929][T28184] RAX: 2d6d483e0b5aa300 RBX: 0000000000000000 RCX: 0000000000040000 [ 2672.661323][T28204] loop5: detected capacity change from 0 to 512 [ 2672.664488][T28202] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf5cbb909, utbl_chksum : 0xe619d30d) [ 2672.665995][T28209] FAULT_INJECTION: forcing a failure. [ 2672.665995][T28209] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2672.678904][T28184] RDX: ffffc90002511000 RSI: 000000000000d2e5 RDI: 000000000000d2e6 [ 2672.690392][T28209] CPU: 1 PID: 28209 Comm: syz-executor.4 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2672.721016][T28209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2672.730908][T28209] Call Trace: [ 2672.734034][T28209] [ 2672.736809][T28209] dump_stack_lvl+0x151/0x1b7 [ 2672.738091][T28184] RBP: ffffc90001a67a88 R08: ffffffff81584ba9 R09: ffffed103ee265e8 [ 2672.741319][T28209] ? bfq_pos_tree_add_move+0x43e/0x43e [ 2672.741339][T28209] ? __kasan_check_read+0x11/0x20 [ 2672.759380][T28209] dump_stack+0x15/0x17 [ 2672.760038][T28184] R10: ffffed103ee265e8 R11: 1ffff1103ee265e7 R12: ffff8881442bd800 [ 2672.763365][T28209] should_fail+0x3c0/0x510 [ 2672.763384][T28209] should_fail_usercopy+0x1a/0x20 [ 2672.780380][T28209] copy_page_from_iter_atomic+0x433/0x11c0 [ 2672.782984][T28184] R13: dffffc0000000000 R14: ffff8881442bd8e8 R15: dffffc0000000000 [ 2672.786019][T28209] ? pipe_zero+0x4d0/0x4d0 [ 2672.798086][T28209] ? __kasan_check_write+0x14/0x20 [ 2672.803038][T28209] ? shmem_write_end+0x786/0x8a0 [ 2672.804567][T28184] FS: 00007fc55d29c700(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 2672.807810][T28209] generic_perform_write+0x343/0x5d0 [ 2672.821700][T28209] ? grab_cache_page_write_begin+0xa0/0xa0 [ 2672.827348][T28209] ? file_remove_privs+0x690/0x690 [ 2672.829449][T28184] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2672.832307][T28209] ? __kasan_check_write+0x14/0x20 [ 2672.843660][T28209] ? down_write+0xdd/0x140 [ 2672.847308][T28184] CR2: 0000555555e87728 CR3: 00000001614b3000 CR4: 00000000003506b0 [ 2672.847912][T28209] __generic_file_write_iter+0x25b/0x4b0 [ 2672.861198][T28209] generic_file_write_iter+0xaf/0x1c0 [ 2672.864331][T28184] Call Trace: [ 2672.866399][T28209] vfs_write+0xc8d/0x1050 [ 2672.873777][T28209] ? file_end_write+0x1b0/0x1b0 [ 2672.875000][T28184] [ 2672.878461][T28209] ? __fget_files+0x310/0x370 [ 2672.885760][T28209] ? __fdget_pos+0x1fe/0x310 [ 2672.887702][T28184] ? kobject_put+0x88/0x240 [ 2672.890186][T28209] ? ksys_write+0x77/0x2c0 [ 2672.890203][T28209] ksys_write+0x198/0x2c0 [ 2672.890217][T28209] ? __ia32_sys_read+0x90/0x90 [ 2672.907542][T28209] ? switch_fpu_return+0xe/0x10 [ 2672.908567][T28184] erofs_unregister_sysfs+0x4f/0x70 [ 2672.912226][T28209] __x64_sys_write+0x7b/0x90 [ 2672.912240][T28209] do_syscall_64+0x44/0xd0 [ 2672.917288][T28184] ? erofs_free_inode+0xb0/0xb0 [ 2672.921686][T28209] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2672.921703][T28209] RIP: 0033:0x7fcbd55afe4f [ 2672.925963][T28184] erofs_put_super+0x46/0xa0 [ 2672.930629][T28209] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 2672.930644][T28209] RSP: 002b:00007fcbd4370f10 EFLAGS: 00000293 [ 2672.938546][T28184] ? erofs_free_inode+0xb0/0xb0 [ 2672.940608][T28209] ORIG_RAX: 0000000000000001 [ 2672.940617][T28209] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fcbd55afe4f [ 2672.945064][T28184] generic_shutdown_super+0x157/0x2e0 [ 2672.964478][T28209] RDX: 0000000000040000 RSI: 00007fcbcbf51000 RDI: 0000000000000004 [ 2672.964490][T28209] RBP: 00007fcbcbf51000 R08: 0000000000000000 R09: 00000000000003d5 [ 2672.964500][T28209] R10: 0000000000040000 R11: 0000000000000293 R12: 0000000000000000 [ 2672.996774][T28184] kill_block_super+0x80/0xe0 [ 2673.000414][T28209] R13: 00007fcbd4370fdc R14: 00007fcbd4370fe0 R15: 00000000200004c2 [ 2673.000430][T28209] [ 2673.002563][T28209] loop4: detected capacity change from 0 to 512 [ 2673.039806][T28184] erofs_kill_sb+0x66/0x130 [ 2673.045778][T28184] deactivate_locked_super+0xb0/0x100 [ 2673.046003][T28209] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 2673.063113][T28184] get_tree_bdev+0x45d/0x680 [ 2673.067535][T28184] ? erofs_release_device_info+0x90/0x90 [ 2673.073227][T28184] erofs_fc_get_tree+0x1c/0x20 [ 2673.077817][T28184] vfs_get_tree+0x88/0x290 [ 2673.082333][T28184] do_new_mount+0x289/0xad0 [ 2673.086670][T28184] ? do_move_mount_old+0x160/0x160 [ 2673.092371][T28184] ? security_capable+0xb2/0xd0 [ 2673.097232][T28184] ? ns_capable+0x8a/0xf0 [ 2673.101623][T28184] path_mount+0x60b/0x1050 [ 2673.105863][T28184] __se_sys_mount+0x2d2/0x3c0 [ 2673.110647][T28184] ? __x64_sys_mount+0xd0/0xd0 [ 2673.115233][T28184] __x64_sys_mount+0xbf/0xd0 [ 2673.120070][T28184] do_syscall_64+0x44/0xd0 [ 2673.124307][T28184] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2673.130496][T28184] RIP: 0033:0x7fc55e52a5fa [ 2673.134726][T28184] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2673.154538][T28184] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2673.163710][T28184] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2673.171707][T28184] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2673.179678][T28184] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 [ 2673.187464][T28184] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2673.195505][T28184] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2673.203497][T28184] [ 2673.206327][T28184] ---[ end trace f85137516f11b00f ]--- [ 2673.211877][T28184] ------------[ cut here ]------------ [ 2673.217139][T28184] refcount_t: underflow; use-after-free. [ 2673.222922][T28184] WARNING: CPU: 1 PID: 28184 at lib/refcount.c:28 refcount_warn_saturate+0x165/0x1b0 [ 2673.232475][T28184] Modules linked in: [ 2673.236185][T28184] CPU: 1 PID: 28184 Comm: syz-executor.1 Tainted: G W 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2673.247910][T28184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2673.257981][T28184] RIP: 0010:refcount_warn_saturate+0x165/0x1b0 [ 2673.264138][T28184] Code: c7 40 60 87 85 31 c0 e8 39 2f e0 fe 0f 0b eb 83 e8 d0 bc 0e ff c6 05 1f 3b 9f 04 01 48 c7 c7 a0 60 87 85 31 c0 e8 1b 2f e0 fe <0f> 0b e9 62 ff ff ff e8 af bc 0e ff c6 05 ff 3a 9f 04 01 48 c7 c7 [ 2673.283835][T28184] RSP: 0018:ffffc90001a67a38 EFLAGS: 00010246 [ 2673.289962][T28184] RAX: 2d6d483e0b5aa300 RBX: 0000000000000003 RCX: 0000000000040000 [ 2673.297752][T28184] RDX: ffffc90002511000 RSI: 000000000003ffff RDI: 0000000000040000 [ 2673.305822][T28184] RBP: ffffc90001a67a48 R08: ffffffff81584ba9 R09: ffffed103ee265e8 [ 2673.313814][T28184] R10: ffffed103ee265e8 R11: 1ffff1103ee265e7 R12: ffff8881442bd800 [ 2673.321930][T28184] R13: ffff8881442bd920 R14: 0000000000000003 R15: dffffc0000000000 [ 2673.329937][T28184] FS: 00007fc55d29c700(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 2673.338856][T28184] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2673.345257][T28184] CR2: 0000555556225768 CR3: 00000001614b3000 CR4: 00000000003506a0 [ 2673.353313][T28184] Call Trace: [ 2673.356405][T28184] [ 2673.359401][T28184] kobject_put+0x206/0x240 [ 2673.363639][T28184] ? kobject_put+0x88/0x240 [ 2673.367973][T28184] erofs_unregister_sysfs+0x4f/0x70 [ 2673.373950][T28184] ? erofs_free_inode+0xb0/0xb0 [ 2673.378817][T28184] erofs_put_super+0x46/0xa0 [ 2673.383332][T28184] ? erofs_free_inode+0xb0/0xb0 [ 2673.387909][T28184] generic_shutdown_super+0x157/0x2e0 [ 2673.393408][T28184] kill_block_super+0x80/0xe0 [ 2673.397906][T28184] erofs_kill_sb+0x66/0x130 [ 2673.403018][T28184] deactivate_locked_super+0xb0/0x100 [ 2673.408212][T28184] get_tree_bdev+0x45d/0x680 [ 2673.412884][T28184] ? erofs_release_device_info+0x90/0x90 [ 2673.418334][T28184] erofs_fc_get_tree+0x1c/0x20 [ 2673.423147][T28184] vfs_get_tree+0x88/0x290 [ 2673.427382][T28184] do_new_mount+0x289/0xad0 [ 2673.431993][T28184] ? do_move_mount_old+0x160/0x160 [ 2673.436917][T28184] ? security_capable+0xb2/0xd0 [ 2673.441929][T28184] ? ns_capable+0x8a/0xf0 [ 2673.446163][T28184] path_mount+0x60b/0x1050 [ 2673.450664][T28184] __se_sys_mount+0x2d2/0x3c0 [ 2673.455155][T28184] ? __x64_sys_mount+0xd0/0xd0 [ 2673.459973][T28184] __x64_sys_mount+0xbf/0xd0 [ 2673.464380][T28184] do_syscall_64+0x44/0xd0 [ 2673.468835][T28184] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2673.474544][T28184] RIP: 0033:0x7fc55e52a5fa [ 2673.479021][T28184] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2673.498732][T28184] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2673.506963][T28184] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2673.515022][T28184] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2673.522984][T28184] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 [ 2673.531059][T28184] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2673.539011][T28184] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2673.546802][T28184] [ 2673.549880][T28184] ---[ end trace f85137516f11b010 ]--- [ 2673.555143][T28184] list_add corruption. prev is NULL. [ 2673.560318][T28184] ------------[ cut here ]------------ [ 2673.565555][T28184] kernel BUG at lib/list_debug.c:24! [ 2673.570680][T28184] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 2673.576578][T28184] CPU: 1 PID: 28184 Comm: syz-executor.1 Tainted: G W 5.15.78-syzkaller-00911-gc73b4619ad86 #0 [ 2673.588037][T28184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 2673.597931][T28184] RIP: 0010:__list_add_valid+0xbc/0x100 [ 2673.603313][T28184] Code: c0 74 ed 48 c7 c7 60 a3 87 85 4c 89 fe 4c 89 e2 4c 89 f1 31 c0 e8 0f 95 5b 02 0f 0b 48 c7 c7 60 a1 87 85 31 c0 e8 ff 94 5b 02 <0f> 0b 48 c7 c7 00 a2 87 85 31 c0 e8 ef 94 5b 02 0f 0b 48 c7 c7 60 [ 2673.623197][T28184] RSP: 0018:ffffc90001a678e0 EFLAGS: 00010046 [ 2673.629266][T28184] RAX: 0000000000000022 RBX: 1ffff9200034cf3d RCX: 2d6d483e0b5aa300 [ 2673.637075][T28184] RDX: ffffc90002511000 RSI: 000000000003ffff RDI: 0000000000040000 [ 2673.644896][T28184] RBP: ffffc90001a67908 R08: ffffffff81584ba9 R09: ffffed103ee24e93 [ 2673.652700][T28184] R10: ffffed103ee24e93 R11: 1ffff1103ee24e92 R12: ffffc90001a679e8 [ 2673.660514][T28184] R13: 1ffff11028857b2c R14: ffffc90001a679e0 R15: ffff8881442bd960 [ 2673.668324][T28184] FS: 00007fc55d29c700(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 2673.677091][T28184] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2673.683514][T28184] CR2: 0000555556225768 CR3: 00000001614b3000 CR4: 00000000003506a0 [ 2673.691330][T28184] Call Trace: [ 2673.694456][T28184] [ 2673.697230][T28184] __prepare_to_swait+0xad/0x140 [ 2673.702012][T28184] wait_for_common+0x257/0x430 [ 2673.706611][T28184] ? exc_invalid_op+0x1b/0x50 [ 2673.711118][T28184] ? wait_for_completion+0x20/0x20 [ 2673.716067][T28184] ? refcount_warn_saturate+0x167/0x1b0 [ 2673.721447][T28184] ? refcount_warn_saturate+0x165/0x1b0 [ 2673.726827][T28184] wait_for_completion+0x18/0x20 [ 2673.731604][T28184] erofs_unregister_sysfs+0x5e/0x70 [ 2673.736635][T28184] ? erofs_free_inode+0xb0/0xb0 [ 2673.741412][T28184] erofs_put_super+0x46/0xa0 [ 2673.745836][T28184] ? erofs_free_inode+0xb0/0xb0 [ 2673.750525][T28184] generic_shutdown_super+0x157/0x2e0 [ 2673.755732][T28184] kill_block_super+0x80/0xe0 [ 2673.760245][T28184] erofs_kill_sb+0x66/0x130 [ 2673.764586][T28184] deactivate_locked_super+0xb0/0x100 [ 2673.769792][T28184] get_tree_bdev+0x45d/0x680 [ 2673.774220][T28184] ? erofs_release_device_info+0x90/0x90 [ 2673.779780][T28184] erofs_fc_get_tree+0x1c/0x20 [ 2673.784389][T28184] vfs_get_tree+0x88/0x290 [ 2673.788634][T28184] do_new_mount+0x289/0xad0 [ 2673.792973][T28184] ? do_move_mount_old+0x160/0x160 [ 2673.797916][T28184] ? security_capable+0xb2/0xd0 [ 2673.802603][T28184] ? ns_capable+0x8a/0xf0 [ 2673.806870][T28184] path_mount+0x60b/0x1050 [ 2673.811109][T28184] __se_sys_mount+0x2d2/0x3c0 [ 2673.815622][T28184] ? __x64_sys_mount+0xd0/0xd0 [ 2673.820226][T28184] __x64_sys_mount+0xbf/0xd0 [ 2673.824650][T28184] do_syscall_64+0x44/0xd0 [ 2673.828901][T28184] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2673.834670][T28184] RIP: 0033:0x7fc55e52a5fa [ 2673.838891][T28184] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 2673.858330][T28184] RSP: 002b:00007fc55d29bf88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 2673.866576][T28184] RAX: ffffffffffffffda RBX: 000000000000017c RCX: 00007fc55e52a5fa [ 2673.874387][T28184] RDX: 0000000020000180 RSI: 00000000200001c0 RDI: 00007fc55d29bfe0 [ 2673.882197][T28184] RBP: 00007fc55d29c020 R08: 00007fc55d29c020 R09: 0000000000000000 [ 2673.890011][T28184] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000180 [ 2673.897831][T28184] R13: 00000000200001c0 R14: 00007fc55d29bfe0 R15: 0000000020000200 [ 2673.905645][T28184] [ 2673.908589][T28184] Modules linked in: [ 2673.912323][T28184] ---[ end trace f85137516f11b011 ]--- [ 2673.917622][T28184] RIP: 0010:__list_add_valid+0xbc/0x100 [ 2673.922997][T28184] Code: c0 74 ed 48 c7 c7 60 a3 87 85 4c 89 fe 4c 89 e2 4c 89 f1 31 c0 e8 0f 95 5b 02 0f 0b 48 c7 c7 60 a1 87 85 31 c0 e8 ff 94 5b 02 <0f> 0b 48 c7 c7 00 a2 87 85 31 c0 e8 ef 94 5b 02 0f 0b 48 c7 c7 60 [ 2673.942437][T28184] RSP: 0018:ffffc90001a678e0 EFLAGS: 00010046 [ 2673.948339][T28184] RAX: 0000000000000022 RBX: 1ffff9200034cf3d RCX: 2d6d483e0b5aa300 [ 2673.956151][T28184] RDX: ffffc90002511000 RSI: 000000000003ffff RDI: 0000000000040000 [ 2673.963969][T28184] RBP: ffffc90001a67908 R08: ffffffff81584ba9 R09: ffffed103ee24e93 [ 2673.971774][T28184] R10: ffffed103ee24e93 R11: 1ffff1103ee24e92 R12: ffffc90001a679e8 [ 2673.979595][T28184] R13: 1ffff11028857b2c R14: ffffc90001a679e0 R15: ffff8881442bd960 [ 2673.987401][T28184] FS: 00007fc55d29c700(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 2673.996267][T28184] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2674.002771][T28184] CR2: 0000555556225768 CR3: 00000001614b3000 CR4: 00000000003506a0 [ 2674.010579][T28184] Kernel panic - not syncing: Fatal exception [ 2674.016624][T28184] Kernel Offset: disabled [ 2674.020736][T28184] Rebooting in 86400 seconds..