46f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63", @ANYRESHEX]) [ 1174.202422] hfsplus: creator requires a 4 character value [ 1174.217836] hfsplus: unable to parse mount options 09:31:42 executing program 1: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, 0x0) 09:31:42 executing program 3: syz_mount_image$hfsplus(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63"]) [ 1174.284725] hfsplus: creator requires a 4 character value [ 1174.286098] hfsplus: unable to find HFS+ superblock [ 1174.306092] hfsplus: unable to parse mount options [ 1174.315970] hfsplus: creator requires a 4 character value [ 1174.326332] hfsplus: unable to parse mount options 09:31:42 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) 09:31:42 executing program 4: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[]) 09:31:42 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x1, &(0x7f00000012c0)=[{&(0x7f00000001c0)="9176d792e37e11f7b9a28fd57c1f2ee1209d47003377ce90c41efa8ace44b0a0fc195bb9348106d63ef18c5ef82b06fda5df0b8e0db442", 0x37, 0x1}], 0x800002, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63", @ANYRESHEX, @ANYBLOB="2c6465636f6d706f7365ac657569643d", @ANYRESDEC, @ANYBLOB="2c646f6e745f686173682c736d61636b66737472616e736d7574653dffffffffffff2c636f6e746578743d73797361646d5f752c7375626a5f726f6c653d2829402d24262d3a5c262d2c736d61636b66736861743daaaaaaaaaa2c7375626a5f757365723d7b26292c646f6e745f686173682c00"]) 09:31:42 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63", @ANYRESHEX]) 09:31:42 executing program 1: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63", @ANYRESHEX, @ANYBLOB="2c6465636f6d706f7365ac657569643d", @ANYRESDEC]) 09:31:42 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) 09:31:42 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), 0x0, 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63"]) [ 1174.557413] hfsplus: unable to find HFS+ superblock [ 1174.566272] hfsplus: creator requires a 4 character value [ 1174.574677] hfsplus: unable to find HFS+ superblock [ 1174.576623] hfsplus: creator requires a 4 character value [ 1174.591747] hfsplus: unable to parse mount options [ 1174.596740] hfsplus: unable to parse mount options 09:31:42 executing program 4: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) 09:31:43 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x800002, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63", @ANYRESHEX, @ANYBLOB="2c6465636f6d706f7365ac657569643d", @ANYRESDEC, @ANYBLOB="2c646f6e745f686173682c736d61636b66737472616e736d7574653dffffffffffff2c636f6e746578743d73797361646d5f752c7375626a5f726f6c653d2829402d24262d3a5c262d2c736d61636b66736861743daaaaaaaaaa2c7375626a5f757365723d7b26292c646f6e745f686173682c00"]) 09:31:43 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) 09:31:43 executing program 0: syz_mount_image$hfsplus(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63", @ANYRESHEX]) [ 1174.715486] hfsplus: creator requires a 4 character value [ 1174.721354] hfsplus: unable to parse mount options [ 1174.737398] hfsplus: unable to find HFS+ superblock 09:31:43 executing program 1: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63", @ANYRESHEX, @ANYBLOB="2c6465636f6d706f7365ac657569643d"]) [ 1174.797657] hfsplus: unable to find HFS+ superblock 09:31:43 executing program 0: syz_mount_image$hfsplus(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63", @ANYRESHEX]) 09:31:43 executing program 4: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) [ 1174.850126] hfsplus: creator requires a 4 character value [ 1174.865561] hfsplus: unable to find HFS+ superblock [ 1174.883931] hfsplus: creator requires a 4 character value [ 1174.885454] hfsplus: unable to parse mount options [ 1174.890979] hfsplus: unable to parse mount options 09:31:43 executing program 0: syz_mount_image$hfsplus(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63", @ANYRESHEX]) 09:31:43 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), 0x0, 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63"]) 09:31:43 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB='creator=']) 09:31:43 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63", @ANYRESHEX, @ANYBLOB="2c6465636f6d706f7365ac657569643d", @ANYRESDEC, @ANYBLOB="2c646f6e745f686173682c736d61636b66737472616e736d7574653dffffffffffff2c636f6e746578743d73797361646d5f752c7375626a5f726f6c653d2829402d24262d3a5c262d2c736d61636b66736861743daaaaaaaaaa2c7375626a5f757365723d7b26292c646f6e745f686173682c00"]) 09:31:43 executing program 1: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63", @ANYRESHEX]) [ 1174.999310] hfsplus: unable to find HFS+ superblock [ 1175.036300] hfsplus: unable to parse mount options 09:31:43 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), 0x0, 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63", @ANYRESHEX]) 09:31:43 executing program 4: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) 09:31:43 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, 0x0) 09:31:43 executing program 1: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63"]) [ 1175.083506] hfsplus: creator requires a 4 character value [ 1175.089457] hfsplus: creator requires a 4 character value [ 1175.095016] hfsplus: unable to parse mount options [ 1175.100417] hfsplus: unable to parse mount options [ 1175.112613] hfsplus: unable to find HFS+ superblock 09:31:43 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), 0x0, 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63"]) 09:31:43 executing program 4: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c799"]) 09:31:43 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB='creator=']) [ 1175.203593] hfsplus: unable to parse mount options 09:31:43 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, 0x0) 09:31:43 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), 0x0, 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63", @ANYRESHEX]) 09:31:43 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB='creator=']) 09:31:43 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), 0x0, 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63", @ANYRESHEX]) 09:31:43 executing program 1: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[]) [ 1175.263471] hfsplus: creator requires a 4 character value [ 1175.269511] hfsplus: unable to parse mount options [ 1175.295235] hfsplus: unable to parse mount options [ 1175.298783] hfsplus: creator requires a 4 character value [ 1175.305919] hfsplus: unable to parse mount options 09:31:43 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63"]) 09:31:43 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) 09:31:43 executing program 4: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) 09:31:43 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63", @ANYRESHEX]) 09:31:43 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63"]) 09:31:43 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63", @ANYRESHEX]) [ 1175.423561] hfsplus: unable to find HFS+ superblock 09:31:43 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, 0x0) [ 1175.460041] hfsplus: unable to find HFS+ superblock [ 1175.463701] hfsplus: unable to find HFS+ superblock 09:31:43 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63"]) 09:31:43 executing program 1: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[]) 09:31:43 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) 09:31:43 executing program 4: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) 09:31:43 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, 0x0) 09:31:43 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63", @ANYRESHEX]) 09:31:43 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, 0x0) 09:31:43 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63", @ANYRESHEX, @ANYBLOB="2c6465636f6d706f7365ac657569643d", @ANYRESDEC]) [ 1175.598489] hfsplus: unable to find HFS+ superblock [ 1175.615755] hfsplus: unable to find HFS+ superblock 09:31:43 executing program 1: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[]) [ 1175.659405] hfsplus: unable to find HFS+ superblock 09:31:43 executing program 4: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) 09:31:43 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) 09:31:43 executing program 1: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) [ 1175.709220] hfsplus: unable to find HFS+ superblock 09:31:44 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, 0x0) [ 1175.782357] hfsplus: unable to find HFS+ superblock 09:31:44 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, 0x0) [ 1175.831390] hfsplus: unable to find HFS+ superblock [ 1175.836594] hfsplus: unable to find HFS+ superblock [ 1175.842090] hfsplus: creator requires a 4 character value [ 1175.851098] hfsplus: unable to parse mount options 09:31:44 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, 0x0) 09:31:44 executing program 1: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) 09:31:44 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7"]) 09:31:44 executing program 4: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB='creator=']) 09:31:44 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63", @ANYRESHEX, @ANYBLOB="2c6465636f6d706f7365ac657569643d"]) 09:31:44 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, 0x0) 09:31:44 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[]) [ 1175.993783] hfsplus: unable to find HFS+ superblock [ 1176.003784] hfsplus: creator requires a 4 character value [ 1176.004716] hfsplus: creator requires a 4 character value [ 1176.017050] hfsplus: unable to parse mount options [ 1176.022901] hfsplus: unable to parse mount options [ 1176.038002] hfsplus: unable to parse mount options 09:31:44 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) 09:31:44 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63", @ANYRESHEX]) 09:31:44 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63"]) 09:31:44 executing program 4: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB='creator=']) 09:31:44 executing program 1: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) [ 1176.155894] hfsplus: creator requires a 4 character value [ 1176.165121] hfsplus: unable to parse mount options [ 1176.194752] hfsplus: unable to find HFS+ superblock 09:31:44 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) [ 1176.204715] hfsplus: unable to parse mount options [ 1176.205364] hfsplus: creator requires a 4 character value [ 1176.217013] hfsplus: unable to find HFS+ superblock [ 1176.217639] hfsplus: unable to parse mount options [ 1176.228362] hfsplus: creator requires a 4 character value 09:31:44 executing program 4: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB='creator=']) 09:31:44 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) 09:31:44 executing program 1: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c799"]) 09:31:44 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[]) [ 1176.253927] hfsplus: unable to parse mount options [ 1176.265489] hfsplus: unable to find HFS+ superblock 09:31:44 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63"]) 09:31:44 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[]) [ 1176.351288] hfsplus: creator requires a 4 character value [ 1176.352188] hfsplus: creator requires a 4 character value [ 1176.364954] hfsplus: unable to parse mount options [ 1176.371103] hfsplus: unable to find HFS+ superblock [ 1176.371182] hfsplus: unable to parse mount options [ 1176.381557] hfsplus: unable to find HFS+ superblock 09:31:44 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) 09:31:44 executing program 1: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) [ 1176.398137] hfsplus: unable to parse mount options 09:31:44 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[]) 09:31:44 executing program 4: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) 09:31:44 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[]) 09:31:44 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[]) [ 1176.464661] hfsplus: unable to find HFS+ superblock [ 1176.478057] hfsplus: unable to find HFS+ superblock [ 1176.494228] hfsplus: unable to find HFS+ superblock 09:31:44 executing program 1: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) 09:31:44 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) [ 1176.585984] hfsplus: unable to find HFS+ superblock [ 1176.597546] hfsplus: unable to find HFS+ superblock [ 1176.597852] hfsplus: unable to find HFS+ superblock [ 1176.605523] hfsplus: unable to find HFS+ superblock [ 1176.614923] hfsplus: unable to find HFS+ superblock 09:31:44 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) 09:31:44 executing program 4: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) [ 1176.641195] hfsplus: unable to find HFS+ superblock 09:31:44 executing program 1: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) 09:31:44 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[]) 09:31:44 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[]) 09:31:44 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[]) [ 1176.735791] hfsplus: unable to find HFS+ superblock [ 1176.745933] hfsplus: unable to find HFS+ superblock [ 1176.755253] hfsplus: unable to find HFS+ superblock [ 1176.768726] hfsplus: unable to find HFS+ superblock [ 1176.775289] hfsplus: unable to find HFS+ superblock [ 1176.776872] hfsplus: unable to find HFS+ superblock 09:31:45 executing program 4: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) 09:31:45 executing program 1: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB='creator=']) 09:31:45 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[]) 09:31:45 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) 09:31:45 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) 09:31:45 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) 09:31:45 executing program 1: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB='creator=']) 09:31:45 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) [ 1176.886048] hfsplus: unable to parse mount options [ 1176.900904] hfsplus: unable to find HFS+ superblock [ 1176.907944] hfsplus: unable to find HFS+ superblock [ 1176.927609] hfsplus: unable to find HFS+ superblock 09:31:45 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) 09:31:45 executing program 4: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7"]) 09:31:45 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) 09:31:45 executing program 1: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB='creator=']) [ 1176.967774] hfsplus: unable to find HFS+ superblock [ 1176.976488] hfsplus: unable to find HFS+ superblock [ 1176.991051] hfsplus: unable to parse mount options 09:31:45 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) [ 1177.032571] hfsplus: creator requires a 4 character value [ 1177.058516] hfsplus: unable to parse mount options [ 1177.067175] hfsplus: unable to find HFS+ superblock [ 1177.077059] hfsplus: unable to find HFS+ superblock [ 1177.083125] hfsplus: unable to find HFS+ superblock 09:31:45 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) [ 1177.114796] hfsplus: unable to parse mount options [ 1177.132199] hfsplus: unable to find HFS+ superblock 09:31:45 executing program 4: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) 09:31:45 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) 09:31:45 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c799"]) 09:31:45 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63", @ANYRESHEX, @ANYBLOB="2c6465636f6d706f7365ac657569643d", @ANYRESDEC]) 09:31:45 executing program 1: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) [ 1177.155740] hfsplus: unable to find HFS+ superblock 09:31:45 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) [ 1177.221983] hfsplus: creator requires a 4 character value [ 1177.226144] hfsplus: creator requires a 4 character value [ 1177.232511] hfsplus: unable to find HFS+ superblock [ 1177.238393] hfsplus: unable to parse mount options [ 1177.252175] hfsplus: creator requires a 4 character value [ 1177.258229] hfsplus: unable to find HFS+ superblock [ 1177.261921] hfsplus: unable to parse mount options 09:31:45 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c799"]) [ 1177.268540] hfsplus: unable to find HFS+ superblock [ 1177.271337] hfsplus: unable to parse mount options 09:31:45 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c799"]) 09:31:45 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) 09:31:45 executing program 4: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) 09:31:45 executing program 1: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) 09:31:45 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, 0x0) [ 1177.380595] hfsplus: unable to find HFS+ superblock [ 1177.393892] hfsplus: creator requires a 4 character value [ 1177.401863] hfsplus: creator requires a 4 character value [ 1177.407732] hfsplus: unable to parse mount options [ 1177.414417] hfsplus: unable to find HFS+ superblock [ 1177.420720] hfsplus: unable to parse mount options [ 1177.430281] hfsplus: unable to find HFS+ superblock 09:31:45 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[]) 09:31:45 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) 09:31:45 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) 09:31:45 executing program 4: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) 09:31:45 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) 09:31:45 executing program 1: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) [ 1177.552480] hfsplus: unable to find HFS+ superblock [ 1177.554274] hfsplus: unable to find HFS+ superblock [ 1177.557651] hfsplus: unable to find HFS+ superblock [ 1177.568933] hfsplus: unable to find HFS+ superblock [ 1177.573621] hfsplus: unable to find HFS+ superblock [ 1177.596827] hfsplus: unable to find HFS+ superblock 09:31:45 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) 09:31:45 executing program 4: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) 09:31:45 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) 09:31:45 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) 09:31:45 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) 09:31:45 executing program 1: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7"]) [ 1177.687467] hfsplus: unable to find HFS+ superblock [ 1177.699668] hfsplus: unable to find HFS+ superblock [ 1177.700548] hfsplus: unable to find HFS+ superblock [ 1177.713810] hfsplus: creator requires a 4 character value [ 1177.717425] hfsplus: unable to find HFS+ superblock [ 1177.727492] hfsplus: unable to parse mount options 09:31:45 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB='creator=']) 09:31:45 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) [ 1177.734892] hfsplus: unable to find HFS+ superblock 09:31:46 executing program 1: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) 09:31:46 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7"]) 09:31:46 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) [ 1177.775111] hfsplus: unable to parse mount options 09:31:46 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB='creator=']) 09:31:46 executing program 4: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) [ 1177.832846] hfsplus: creator requires a 4 character value [ 1177.834625] hfsplus: unable to find HFS+ superblock [ 1177.842040] hfsplus: unable to parse mount options [ 1177.851056] hfsplus: creator requires a 4 character value [ 1177.858053] hfsplus: unable to parse mount options [ 1177.863364] hfsplus: unable to find HFS+ superblock 09:31:46 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) 09:31:46 executing program 1: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) [ 1177.894221] hfsplus: unable to parse mount options 09:31:46 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB='creator=']) 09:31:46 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB='creator=']) 09:31:46 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB='creator=']) [ 1177.932816] hfsplus: unable to find HFS+ superblock 09:31:46 executing program 4: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, 0x0) 09:31:46 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) [ 1177.982157] hfsplus: unable to parse mount options [ 1177.994526] hfsplus: unable to parse mount options [ 1177.998135] hfsplus: unable to find HFS+ superblock [ 1178.004910] hfsplus: unable to find HFS+ superblock [ 1178.022562] hfsplus: unable to parse mount options 09:31:46 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB='creator=']) 09:31:46 executing program 1: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) 09:31:46 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB='creator=']) [ 1178.073174] hfsplus: unable to find HFS+ superblock 09:31:46 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB='creator=']) [ 1178.097327] hfsplus: unable to find HFS+ superblock 09:31:46 executing program 4: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63"]) 09:31:46 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) 09:31:46 executing program 1: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) 09:31:46 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) 09:31:46 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB='creator=']) [ 1178.174150] hfsplus: unable to parse mount options [ 1178.181527] hfsplus: unable to parse mount options [ 1178.188543] hfsplus: unable to find HFS+ superblock [ 1178.206519] hfsplus: unable to parse mount options 09:31:46 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB='creator=']) 09:31:46 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, 0x0) [ 1178.252359] hfsplus: creator requires a 4 character value [ 1178.258291] hfsplus: unable to parse mount options [ 1178.284880] hfsplus: unable to find HFS+ superblock 09:31:46 executing program 4: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) 09:31:46 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) [ 1178.302788] hfsplus: unable to parse mount options [ 1178.311090] hfsplus: unable to find HFS+ superblock [ 1178.318466] hfsplus: unable to parse mount options 09:31:46 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) 09:31:46 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7"]) 09:31:46 executing program 1: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) 09:31:46 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x2, &(0x7f00000012c0)=[{&(0x7f00000001c0)="9176d792e37e11f7b9a28fd57c1f2ee1209d47003377ce90c41efa8ace44b0a0fc195bb9348106d63ef18c5ef82b06fda5df0b8e0db442", 0x37, 0x1}, {&(0x7f0000000200)="dc3fcebbceb76b787fbac314fddf4b8771796e44521f8a0a09923356bdafce15fd89402fa39568687c37482cf33f5b8ffaac929da6a64511abcd16be525c472a19fb8c5dfc8014c03bfe12c885328fae3c8bf3f828c97803c0cbd05ec843108516356dd045513f12d5345bcbebd5aea83c0928b79b22e87c1cadae2e84e02ae9204666255a3ff2843ac7c2d121fd20802d0c40fe1ff5b88a044f76af0d641dc0d9817d292555e41e14a8c26ec86b543827e481e4c358300ecb0cdc86209f8bcd421584e9e5a806952490478cbfc274ff7c93ae7682fb27739e60a275f5a1d48ac6d4663f88f94db76dd84b5b0805fb6326cd86a0d18f2d917e4a95ddca797f7966d9a14fcf744f18b643c7416a3859a39cdb4d30f7a1c4dc759544353bf7978b4fe4f0d29f6cb3d3021c052651468a9451be328efb5e7abd67a9bb19f675e893a7ee9302279cddc33b136d3453e6ed95377ddb0392cd5acaf5c55909b3822dacdadefec8ab28ea327b36f34be16b40836a5d07d378b4a40f1f951268d1c8e316e4a904ef2e79d2f47655d451c58eee7469ebc2e708761177acdc5d30481abe996b2bcb24e1778b40e445d5980b60430893f9de2f40a2129cb956ff15b6e5247166c565a6da6dde754056d823d713218394fa2548091813f4e96c292ac79e40fcf087cc2a2e24d6adc3a00cd5bf2a7b46bf6035ef17040dc70a6bace86227125ab21872b737e39b8cdbf6efc663ada1605727678fc9e0525399556c3440c33911db2e5125c3da20d6d32e37d40ab817c56d708238d2d2e38263c73affb01f8b3b354ed88d4730df8194a59a4778eea1ef904ccd9f9135511f5f4b4b57b139c9cad40539a9bbfd46d985b8d956e8ff099f25492251e83533f4c4af8db1fab0813e0caa8daa68e11c214767c105a82c58ddc27646aa96748b7dc28d1326ad0cb9076ff648be681d374d76bfa4e362d7c8fa245e24f3ee5a7a4b0cb5a39edc1be6593e00c923807fb5e7d11421eaea648d607a8f7c00c8c2e9fa22ee855d0402fc41cafb1f7f88fc9c4dbbab3d4b27e81f6e083186ec1fe7aedafd394f1a39dcea55c83d895a44fc22226fccda7553b75f3a3e34fd351067f16798b77d1066ef7ae476dc104d38d07676e3e0e22bf6b5c3b6a48aa5d421ea4dbe3675a32d76de43de9ad3af0b31208a505aaf234304ac82b108bbeea91c74c25ecb298364c1f76808c8319c9c13e14d0763268db5900bdd66a52236304b7fd9bc6fcaed154e808a5884161cc2bd9c093510c9d6def78445d3fc3f398908e39e83ca0381b77b90bfffcc55796e477437c7902fc1660d9ba1f0844af9db8cc3e72c12cfc858669084a3d82227cf1bd98df681ff0085091d9f50b646d342d8258fd47de37df2b3cd7a710a7e7fab7a9bb76050f73f4aecf276652d8ce227f59973492a19db8566e5818a9ad4566763aa27931fd2d25a7a7ce57e4ea66ccafd5798dc786ee1915a7728c6ffa3dbd7a3eedd31be71db552387720ede9c2519654bc45fe20d0aaaca37b1b43d71b4d3f9f898105e424b6357f125023ecfc2c7103fe794bc0797866a170635ca7a73258db8019e54bbefe7126258c02f30c1667d6534e65dcf5bce79ca1cb895f748f90a6b55adeba79ef8cd6645f7c8064eef94a01e6cfd4bc987fe82c07a21d4cc80bae8643229654af9a61c804f4c99f50aa398939713dc87739fd76576f6bdf4b5d8d39d6ce5ec26b0576f2fa9ecfb7310054ecd51a50fb0fb368b5bacfb43f03c23f546d63b3ee9261f0cab3ce851281620061879ed631ded57a5f9e65b754b4a442ce7e908cefd3e5d2fdfa5e9bec744c2def63348c370af7560d5247e17caed49b23f6af19a59ccf5e8d8a2557ca4a49a8ce9002043cedf571fc93d09fd1bad1502997f0a20593292e9a5bae5c45dd3baa8d3954aad5c84404246ed3fc82a07c333625660977ceb3dca51456ac7b0838d7e1f9956d2cb56d68c47cf9c3f7df936f3dc18c73ffa52833d80c1423acc6ae458298c238fd414d71044e0cb7812800f1ef1791b208fcd338133c936107ee9f57c462f5badca0cf10e254881e93608ecf09ff6bea092177f7c3e0b992cee3f35b28f0c37d3017430e2c8b3c009bd31ac0e84de1b7beda8807b5e58eb34cdf91fc17811d9bdf665b7de0c779261bf708a58cda9a9aec92b88f8967e315550d80d2c59fab8d02763cee1d2b8c7108de31d4fd4783349497acc15b18c6b5159a213d886bc4e6e8d0d996f59e221d5281e3f51ec39f75f8ebad1ce85f6c9ec241146894bc399e5a5bf171373408e3b2cc17ee23bf2681d08d70026c09594ac92275f5b0fdac54228d763669151e9459e53716bb0de0a3127eede499b256bc159e245fb53bf26d2e9c48934f1bd32f60ec5627c6988ce6ef22c06fc1383af8e3f22bff6b3ad80b3a6f9e53ab7fd44a9350ba2f61a9beb4b94dc6f49ce5478424fb36e21d7fcc5196e0be19b35d302e126f8aa8b5f7bb3d5cbcfdb76da91ba0ef852d1cb7a8129e403ec2a40f6802cb8b487e283f4a27624b69c82372e5811876c63081defe08531226902ee6f8c3b250b29abaa993ee6df817fd2fd8bbfb33b219232eba17a87e4447f0527c2acd05c8e7d9759aec2fb3795ac1a45ab41334aeb492458cad99c154ce560cbb4e16c1536693e2e725392962403eff6b85dfe5580ee9f741583b6d9cc7e37d64b3fad5e9adbda9fc601751f0f1dbf3b08e7ce8de938e05a6bd021d9117e0ea786a523866e6fe5de7b5ddf7f047bae2fefd68290cac86e3512b4362bf2336f4de9534bda960255214d1445fd9ee3c4378021c5f42cc38ac28f706db6a26a69b6186b94f53c86a74b399e3cc06bf148615c770ecf4b0a51d417830a88eaa3df1f56a509cc8e0771c34496a1b8b2366d5e092c90aba2aa0328b3504f4131a8aaa77faf42478f5853a814ae801848a1e640f909b8296440dc3bb7d012e854b2619ab14bc9706ccda1b6c9bcf6758cc4fa6480ade19d55ad3f106b887ff19d4c8a26bc3ea3f3ba75a1f20174886640d5def649e537bced449597282b24b9f9f2e4c2ae806e8c399e3e74ed49cdff539993e963b6900701adb4615c146f022da88d191e29bcf7ac2889cd936330af93e34c949e50914898b5f830a21443853f1b8f226f7d12ae5248aaa9287bd13e03f3592fe27dffde01f55e65fc12566ed401495588696663489e2e3ba099a195a480b404dc842cedd88181fa0a60702685f5263a1f8f6e1d95ae87bb5ce5f1fcb5f19ff3a2063448ee4efe2471c44a48b29771245c4dd6c6b744a01ec39e9ce41da0f179fcf8f191fafe7a2ba5d9c7ef242a3d1b14fcebde220fcb3cb66ba5deb82f293c2b6b5ac1c33e981c38f3a1f961b704f1e4ac669625373133b3e2ad368e1f84b97fcdc50f56c39391d387a5abcf42c34e82850a42e698ef2fd60f0aa538cbf0708262bc8f1f6b89dfee742d117e59c1559533121f8499076323574b05ae47ee395a5274a740d18054a730787d95f4ae01750a66c8b1d6e46b8334aa67882e12477f6dd3929cf1bdc02dde549ebd3bcaa46f8fdc9ab9dc9424667132668b943d523c57f74f9c28f99a0bc173b313b3283baaff0a9b5dbd60fd57e9df75a133241510a12038e603e39a6f9311e430243e8946eee0ca4b44704b38b6c1e92c77cef146214203894106308e31553e4f87570ae590ee2e18a249b4cae29a33e16d8c9a9323cb37e974e3e2bfc0f49081984e7fe23538e8c93401dcb3daab532fcf160e1e745808402860e5830323dfde38c60468c1155568aa6ca73f539fee4db683bc573aaf6f82c2d4a7ffe9f85e579a66a1bb4bd3285dc022529ce4e9b9d579bd410377d168cdc3a972eba349e952396daa77fe452e1de2c382c93096b85273eaf8e6acc7530d476e0c97a7eea4596df0c1c8edfa0c30da65aa09fadea83750242d5a0097dd476e3df138d6745f0e19ad5c7cf94ea37826f68dfd3c7106966047c68b3b47a35056ee02119b6e1f90305594922250728190ac0b1541d214d88954210746cce2bfa9a96c5e8f2496ea76cc575bac858aa1b87ca6ca30c6fabe038b338e117ec7af9a9c54143a081f2807a7ac2a014060e5702f40c8b0bda981208bf186167d2737c75972a1fd235eeba1f3725bf43b0f4ce146248420e7407fd0b2c2fc5a531054e3d511810743c3198bd297b84219d27e4efe8a12a5c7b08d80d7920d150c9667f5dc5b453ddd4b71da6ba2ee690df6a0fef75d5499dad708d6f3ec783c0e9bf1b07396096fdc66fb15c16d7ef1efaeecfc76451ca14d27704add7323847d1978b9ba541f360b5d01f8a6ba616d1f1b774ed1614884db23a6fc5208aef0a18f75f97b9dbd76b906fb4562bcd1f104f87934c17236bc02f74ea278d50266b5ec643e51d9ea69df8f4fa32ec3b1e4e086be54cd10de90f5b02b28c809af52fc21b39b5288683de3daade63e363299addb850f97f43df4afaa524d1cb74e4a392663c80a9ed3da95edcdc0aad1df67e1c96ba712912963e64fd5ba923a949df7c4505211d556d95e36c7d6db9753ea886bb29d979ff31b3a2431a52565ba847902466231be4b06354848dc00b9c746fed5cb69d28f35f1900d1a87e8891746714d1f00e47b607778b810cfda5bae8e9276455d58b2eaa95d291d7ed218a82d617170c0a3762e1500a4c2d7ec99bef6addad99b0c563809f0e1d7bf3aaa3133d5ecdf20c1bc04926d2d5d14a7c906f31fbe71397b44cd542f0b7ae53e486998451140e741581a25605c643f6340c3fc72e5c7cae95bd4c81217e073d089c348c228f4fc4506e652ef04c9d9844503fdf67448a92850c4d9447a3bf4adca72793cfe317312a98fac1340daa8e1afda9ebcbab710d420e0a5ee6d7721e1b218ac49a072151470214dfad1c5a211eee61a28997dcdf9db051cd31d3a530a6aa9d1b138064ef1abdafc3a622bd8524f67fae45f7276a3f96e08afb769d4ce86d0456d369d24dc748d58507cae0efa447d5255be2e6625689b47b8f889c392d7b6019ee65a1b6fd9ba2e6d76b4ef168a5bc100e0c06f4bb61bf5c58e259969faafca8c14d0b6f65293155461bc426128133e2976ebd67d1556df6a750450012006158f106fe4d085b3aabb2a203b52bc3a5846320eb72c5efa674cd0a642b287c54015ea9f811e0891df261310862e32f6e2633976c55d8e8ac27596011be23236a48c6c6dc347e6c67ee03fc09db17ebc7672b633f3e5486592a361e3537ee3158f8b21f908eabe8abf353e10a5e49296f83208f54025f30016fe25fa8eacc140e33cdc35cf556119e9f78004798a3c0456ac36479d432f9f8aa68db0488fa09aa02148277d1576d403f67d7714a5aeedb10fd8ddafb505d773a8253641488fe27517a611403b7b41fa7e80cf645ae5c23f6d5083f1ba63f4f4529e1cda55d00fd5c34742f12d96bd513e0e6b25533140ada0577ea2462c4424226fe8a5cb786e858b4976cf52de8dcf977b45dfabafae988bd56ec797bb2e11d3d8a9f354fbea9bcab7f2b22d5a73fb0c0ea893db707d721aef85acd7561282c1fdd24a305f65cccf425938826221f8f0d2aaa9e5e9265562fda5e907153bf5895b25fee61b170287b39e744c006ec6ee08a0469441df887552ebe263be879cd715b2e12ea8da582026043b460b46f01bc8ff7ed3afbe375784855d1f1a3b5d633275b143fcb64155deaa5946d2dcb2ca813691f86a3f575bd859fc9ef51cc2716d9e58c6be5a375281eef220d753d1456dc8482f2fa90b", 0x1000, 0xa8a}], 0x800002, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7993ca35c39b740e434bd446630272c63", @ANYRESHEX, @ANYBLOB="2c6465636f6d706f7365ac657569643d", @ANYRESDEC, @ANYBLOB="2c646f6e745f686173682c736d61636b66737472616e736d7574653dffffffffffff2c636f6e746578743d73797361646d5f752c7375626a5f726f6c653d2829402d24262d3a5c262d2c736d61636b66736861743daaaaaaaaaa2c7375626a5f757365723d7b26292c646f6e745f686173682c00"]) [ 1178.388462] hfsplus: unable to find HFS+ superblock 09:31:46 executing program 4: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c799"]) 09:31:46 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) 09:31:46 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) 09:31:46 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) [ 1178.462845] hfsplus: unable to find HFS+ superblock [ 1178.470744] hfsplus: creator requires a 4 character value [ 1178.476636] hfsplus: unable to parse mount options [ 1178.483065] hfsplus: unable to find HFS+ superblock [ 1178.488404] hfsplus: unable to find HFS+ superblock 09:31:46 executing program 1: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7"]) [ 1178.556850] hfsplus: creator requires a 4 character value [ 1178.566257] hfsplus: unable to find HFS+ superblock [ 1178.576717] hfsplus: creator requires a 4 character value [ 1178.587517] hfsplus: unable to parse mount options [ 1178.594785] hfsplus: unable to find HFS+ superblock 09:31:46 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) 09:31:46 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) [ 1178.602872] hfsplus: creator requires a 4 character value [ 1178.610414] hfsplus: unable to parse mount options [ 1178.614296] hfsplus: unable to parse mount options 09:31:46 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) 09:31:46 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, 0x0) [ 1178.657485] hfsplus: creator requires a 4 character value [ 1178.674045] hfsplus: unable to parse mount options [ 1178.701565] hfsplus: unable to find HFS+ superblock 09:31:46 executing program 1: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) 09:31:46 executing program 4: r0 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) ioctl$VFIO_SET_IOMMU(r0, 0x3b66, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000040)={0xffffffffffffffff, 0x3, 0x1, 0x8, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5}, 0x20) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) mkdirat$cgroup(r1, &(0x7f0000000080)='syz1\x00', 0x1ff) ioctl$VFIO_IOMMU_UNMAP_DMA(r1, 0x3b72, &(0x7f0000000540)={0x8d, 0x0, 0x3f, 0xfffffffffffffffa, "e2b94d7cf5abcf0d002fb8afd57d5e7641cd3db3ad18310d1241183eace515117deaeb67a79eb92cab5fbb33f160063eac72fa96b8b4f69ef6e89b0078e3074b7d60daaf641a86f7589b95091d5c096ffb815b3893e28139e80889ad904c454184cb98cf5616b0665b9f3b295e40702e12bccafc7e"}) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000280), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_GET(r3, &(0x7f0000000240)={&(0x7f0000000500), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x38, r2, 0xb09, 0x0, 0x2, {}, [@L2TP_ATTR_DEBUG={0x8}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x2}, @L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x5}, @L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x1}]}, 0x38}}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_DEL_PMK(r4, &(0x7f00000004c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x2c, 0x0, 0x4, 0x70bd28, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4011) sendmsg$L2TP_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0), 0xc, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="00042abd7000ffdbdf250000000008001800000000000c000f0006000000000000000800170002324c12946bfc9bdd05095d85c52b49f478002d5219c1ed872e80dacf397705276574e245285d39724ac9af41c946721267f6ed2de562713d1789ae6f04764f953b1ebbfddb3bd79bca062830310f0000e27f8b59713a8a97387305ee4d6490760cce553ca8d7340f30976f7a79cf327e1187c4bfbe6a87ad9c6ce576491a6d06874122686e96e07d31246b9391e2e9e2bcf9c8078c4af5fe6ef1b5440b09cafa1d47957358aee4732fc5eac788ecf6794cb92f1b2df580b9af1eff7c7397bbea7acbc221a1e9b90fb837a16e41b8e431fed032", @ANYRES32=r1, @ANYBLOB="080009000300000005001200f2000000"], 0x40}, 0x1, 0x0, 0x0, 0x20004000}, 0x4000000) r5 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000600)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0) ioctl$SNAPSHOT_FREE(r5, 0x3305) 09:31:46 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7"]) 09:31:47 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4c7"]) 09:31:47 executing program 2: syz_mount_image$xfs(0x0, &(0x7f0000000040)='./file0\x00', 0x40, 0x4, &(0x7f0000000180)=[{&(0x7f0000000080)="932610569468bb9f0d181cd8f57bb1b0f5afe958d19bc38e724634a2ec94cdf48d5f085feeaf9d9e387c5406ee1aca4da26b2c0c6d9a1b9a3d048bbf124ecef7e633a4c0224844e33e8a8c02648730", 0x4f, 0x7}, {&(0x7f0000000380)="8eed194ad8ebd5620e9171fa4e3be35b4d1ea44d902ccbb50659abd426e2fd4a1f70f1698c24d165172aa48b90700aca7e9614459e3984321ee14d111113d957c57bfc5af7a5610095187088facb148b175b8f7e73edd548d36cedd9299df8b26dee08e7dd4cb3a23597b90262cc609b37367f06139e9aae3e84fae5db1ac157c6d8740479a6edca32ba40144f3dceefad1bd5f2f0cdc41a2f230aa806c3379771c1bf6a5d5a4e500f917de1ce916a001a51a69b7dfd87090d3442c3e32798357fda71b548ea92f08749f24f34aa2a43cfe616473b66f7a86d97c5b6370b29a1a09c91312c9f0ea41a4bc26a53f46e2e8ce820a9556e243f0f7488fb7eafc4d5e11ebf3131f7ae8d3d70a033f4123306a52617a13edc828f56f624434718ce0db57a7e611af085cc92e48b73714745b8a49e709dba222e38097d7cd0d44825a1a61dcdad1bc3027ff94e0fc1682b7de5bfe39a9af3d9db854f2696cd2c9b99e610180420295524438d2327299445468484cbc716b0e8760dabe29b262b697cf5fd1b578a4a89db46da1d57e56527146bd8756d883270d0eef454d5112125afc9f8c57baeef727b7493152f425e6ece4292844a3a2d8a685163ad4004e462d54a7954920a57f49fa3e9b1ed13d06075329e0be5b5c86ac39e973770ba5ba1e80d1381c063b29fbd19bed6cac9fc2823023b1bc76c4f9185ef0bd7de3469ffced1e0ebb4fa875fcd008ea39b985113188075ef37db0a2773603e331f8a8cc5adf694176d4c432b714f84e4562da335c76cacedf7d367080b4f1a344fb87fdfe26052e2a3fc5dcd71fc2ff0b12090f7916a85e5a75aaf7f4b321822ce32296b130cd2d82e7285c83be917c121e5080ff6e705b565954cf50a2a9c39f84d0c929065f47635543b824e8d374f6e2b963633fa8b1261f6c3cebbfa28272e69f83f7ed9e7d5cf642e9371660765ddd0dc36b0c6248844ef9cc4bb4ee181ef58e057213c309a6c2886e12c9de91dafa2d145fe0d80f85ba5a9f1a2dd27e396c92e92b73b0a13105e5cb534f558d74cbff72a919629e874b13177b9ed3cc97fd18c33bf94c4fa8624c69ee2948088b8adc5d400e822878631f70f68da34d1677ec0e948975be7a480c59d17faaa31825334b6097dddab5ea8b23bd3dee7499b8e38cdd768083d1e247275ac259bdc9fa2aced0e6e49738cf86a810d8071b7eb2fcf55cc72894417d8515e0d88a2b855c3445d71b833ea7a6d4f075892e03c0468fdd71dac6184167f86d2c19c0f28ac6a95514a34046514f07669ba580bb4204374bcd8d91759bf7cbac54eb54938e8979476243ebd816fc33d0919c18c9d320a6b761dc0de29a86e44c108487108ab839d26dca608f8b01c10fdefd8808443db0c4d3afc28d882a52f85387cfb7fc9fbf043fe90b1779b42cf2da4294a2ee86de4a7f3895ca5976323acec4d036b0cde405b7651180e34b4af2fef4641c18d9d0f9b1e793db592de2696b2518b22e437de351ce6a3409d6cea883baf321aebdef51dc41cff9d0f1147705592b5b21298b65cd01283d0aa6eb5f864b8fd791008a27abfee5afd6d145737829c240c503d43e7d54261c01f2100c4bf4cbbc142e289f25406cfa037be98c057dd763669a89ec543ca9a58577d889121dbd15ee02c4977b29d17a76171bde866e949bcd4b03a05265dbebfb36ffb05f866d7186a1202a783f717ebf4f58b79f23182ae833b1a625d227644bef5634feba4826955b7162d8bd01c3d4ceb9e5f8a2728efb0da123f48c60e89ce4674eb7f60a42ae9c13a6f1ce66580dbc9d64094ab8e28fec5a4956d1812a1943328dffbcdcff2c3ec356198a7ec8436bb95dccdd863f1645ee20ea89e71985a3bcfc974da3522eb13ca967126f9b39efa211f7e94867edae20887b3ee05734e4088015e915c34839fcc76f0940d0af5710c988de540b626d6dca263e276e02f6523c012b76d8b8b10278b7f30290641e4be17be697d3e157699927031b12e49e9fa6c9f3f2711c5a276762d4c08b87ccaf335b7bdb770008d1a57e6fb11a4a0cbf3ca69d8a134eca4060778afa1d59804ce098e9a1e2ddbaf70745fb7e1915844fde40bd36d87168012380ebfa78cc444c724ecfacd2fd4ea0861629036312dc35559b795db48322497ea19601fce06880bc2a0c8998dc17d385faeda67d54319d3ef012149c1326a3bc1564c41ba0fd8f430286dd67a7661121107a0a09da147b884b44d5ca7cd70ab1d0ad176f43e89c00845705afe1ddc56c826229e95f66e27c648c9c36fecbf89fc1110939dd772ed754e61fd6812c3fb42c809a342bea5a0fcdfcfa6ce533672fa1ca19708bf55fcd5119ed952c36a4643722270c6722c6dfac7f084681c0b935eaf6fcfc03f915a4fff55f13aa97bfe4689b11cb32732c357edb436c879a308d94640f97fb8f80376678de5f1722f8bdb4ada70c1f798c98d554a5c601064a1c47a2f571850f10555c1820ad730b5465502a817fe0a4cd6e900be59ae5b1d62bbfe7a3897a2ebabbc420052aff96d2abd48d71fd23d028e042878e0039fc425bc56c5c65ccbcf93c62184cfccfc4ccc99e4cc9000b07328e0d5aad72c318c8e9ee224ddec8940a643acdd3c0d81dfaff4e3195b453ab2744069ea9a43c0584b73ae8ca2795fccafbb71d7f1c1349054f71423b227d0ff51e9421d54c155482593eab48edafe54816dd442c00b2c36441b998d3af1448f1f70b046c0c5658d00b7696cd50fc0944beb8f4d6f5e4b2592474cb5e31d01c893b8e15b8975d976f2eedb96bc122434cb503d2e6a5c9f56456cbbbd2128e4dbb8162ed418700299ba0a0c73e0b2a5b6b087f6d38872d7a9f712f52c5da1024a5da494e894cf79a62b73a10b6194c9fe818da6b72e593c767548b6101ed86396b61494e3353e54ff75a26de9adb8d70b0b1c9e47a6bcb30f38847337571fa1c8b49e998e0be64d0e84db588b595445789714dba2daab173aeef12f18550ab0de995ed887256f3118cac85403e761ce4675150802775bc0f8b8fa4e1662e69332bcb1dcbb98232b7051aa4356dec200c53079561998cb2268592d338b512f21b6d936bb31ea8d7bd8534fed1082787b049764e10a44dea1bc5627d90801cc7ee85a94b452bd5b1dd521a458df52bb90ef3de11adec49c39d4b8baf87fd87bb7c430aa1fe3fcbe921151610d52c5e07ee0b1c9b40826dcda49dc2d2d7d3a52de13b077787a3ba47d6a07a681c5ec9d335c995df986233d4b77edb425bebe89c78c556f42dd7fa8fc444fbb89b08fd6d1660c1da279d5a76edfdbbf7cdeaaa550a0996166fba8b62055d4b3b4cb50a710a61d7621a3653b9b93648783708a64a11b6298d2345135c879f5ed6b67b0f8f65b9adc5e2a371fdc5cd612a073d625645c4a9d8ee9051620e5b50ebf14732db626f9dd35ab88956ff80a3676d4568e3529a605242d45c958b1073c511178da6fc8fa8513f83e6c6d2bcc37684856bc2af044004f7b4d0536ed2f05b47c8261982da4cc6ca614f1eb72cc36c70a0722bbe2d880ff6fa01ae45e68a36e8659d6cf383204eddfef29f4d72deaef4744096f9d51611075cd8c6adb004699028cfbe72aff40c5e7d987c910b2535b65e3ed66c6157ab983fbfcb43d66c94ae1d0e2bd93dc929dac391ffe42b00a79aad873b2897d3af1bbead84029eae7325d91505b01289034ee6d7f5f1767cadf126d52f16e4ab25fb573dfe1c6070592e505536222a8094f018e8dab3dc2acfd8a40138eac702fbf94698b1e51fe44fb4e2cad317079e9e534a5b926586a2846163314f66bc5926c4092d5a3f4d363c1d0289b07cd3d81a8fed95c0446a33655a71c28b90926d20c3867708537f4213a4faa24039f064d02c6d60dfdefe77d1c1663159455de818704c93f623d1c108ca6cc08e8eb5c2e99973ac3833e8b9c2ec0b57b8da96fee35d76d6a0148261bfb71c0c00e0602326b55536f48c003da4e9bcf0be441bfb4928242f65cebb40a33ae2073dca4a82f597d2034d16df85f48235c87a7ed3dfb76996bcc314fa4be5d3e8a5754645332421897c5211d5617646db070630c79a10b7093ebea67bee98fcbb0a0af8bcb443882f3be57cf7b2cc3506ecddfb892ebe6cfa98bd2fbf94b5c8c60117a9bc912a8953bd76bfa107b23a6f47d4ecad1dfe48deac60efb0b1ff396be44ba13e1e636d27c2d69077b57d44b34c9b7696510b6f934a2d6f9330e9e06a0128454e585fd445843cc5b49959510750f814e3d943608dcf7f3b3fda7928f441a3c8d33132d109a39386d7393e4e33501318ef0805cdf6192748a7bddada69b2544872e82e67443db96ce7f8e64512eebb1530751adb95a8a5c78c6b856d0fc6838880e2b5aa6742e6829217c143ad1db56b524a89ff9980593391066e5a1f92cc0daf12adb65c360a35e3a9306a248f9f5a5c663a710a401a02264ef1af168979a624d3e88e4f75dfb9dbb1a4e72b91667c40584c8337ea7fcbe98c60d93332b60bb4b2f971feea8ce820672f53500139bf8d6bbce936d7c0155e143d8b4f6507e775a05ce520d4ade75c5eb3160e9b0b305c5409ca9b25ef4710d0e3cd99e96ec6072b5124486e0e098a63098df192fbef583a51966cf7695cba045e3c1bea67ffb3723c8dcc1034f5ddb43bec6a43a850120a054bfe53d2d0bd035630d7e3ccf6f0f987f353b65d817c1d085cacf552f6a5a3bbb4ee4c8128aefbade0e76328ab7a00a1784c6587944f6e2cfbae691bd1609963023e6d66b853aad22e143b9c6b2e4be40d9bc1b431ed53f279b1d86d52fc8270249d0c4a8c9793505c6625700f8d731b9fb7fecc2a4fcb38ae9fc4dd95917dfc0cbdb5349b0a7eec86fe696ba0ff45e02e8685014f41de0e96a1bda199eb7c1c903ec1ff8724163b1808d5477ee2a18d365588f9a576d45b089245a5cf7186575623df8b19c5e55b6e101993b7f4afec28f68092d6f9dd05eaba77d4e7e4b5884bcd058dbd9e402bdf9f194cb88082c3b553e3a70a546c3ecd73e0c7050da1cb1b2a3d0fe5b7ccfda7c0a5f4e66e85673d1ec4f45a963a48097d635a63480c691b4d8115f0b2660d625dc53a915f0577f1392b1245c1f84ca531ef780c84cd713f47bba0b77eb887213d4221ef12a36a6ca5c1e43df181e9057e37547b733409da16b31a6bffc83e6c2c1610e03b1af9b462466932857dd8634b114aa084984eb1486db65885c5384875135d5e785718634fa447d6a2cbc29994a3c4bdfb793589bedfb8a255b0282e296dbb50ac993278c638f7e32064705fa7a82f93d52d2297867f9b1fe4787371920bfbda935a14a6dc038956db7adc770f8685e41041232413664c7c635ab6492d7083999aee37873649edbe14cda38be0d8c8ca143d6bfa9d13f9052e91f78e327bd84cb56a96ebefd8145c446ae30c42dbe6513a784ff252fe0c053b7a07e1f2ec39618e9920a1894b8aa053cbf3ff0559b482dba09be4f8a277cc5a2034589f99df2b8ec15b4d5f8cb18e7bbaa4e164d5a243e917ff68b078a2a14157c2b0f94b2e45750b276d90744496790814db518f0cc683f6dfd800f36f182e236ecfc663ccb4b126108b26c00205b6a2c0d6a180f4cdf7db5946c0b66c9b7184f9d6c5311ee2f9df76d14b6311a6064829d9f696b0b7d32ccdcf8510c59f8670b0d68517b7ad06f0ccda865299daeb1d1713366f919d489f66d25c109e83c5c7f1cad07b27752a006fb9a924b58e4a71e16806cf0a6f15b78e665935c111c45fe5ac5", 0x1000, 0x1}, {&(0x7f0000000100)="17386b97fd9899a89c3d84b59c31cc0cabb6af1ea419fd8f315d693daf116a14672e5d505e24164b259d7c41e1716e4edb7070918e08f9b9318520", 0x3b, 0xff}, {&(0x7f0000000140), 0x0, 0x5}], 0x1, &(0x7f0000000200)={[{@biosize={'biosize', 0x3d, 0x4}}], [{@pcr={'pcr', 0x3d, 0x14}}]}) [ 1178.722236] hfsplus: unable to find HFS+ superblock [ 1178.730794] hfsplus: unable to find HFS+ superblock 09:31:47 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) [ 1178.792154] hfsplus: unable to find HFS+ superblock 09:31:47 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x6, 0x9}) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x400000, 0x0) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r0, 0x330f, 0x0) 09:31:47 executing program 1: r0 = socket(0x25, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) r2 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) sendmsg$SEG6_CMD_SETHMAC(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r2, 0x8, 0x70bd29, 0x25dfdbfd, {}, [@SEG6_ATTR_SECRET={0x18, 0x4, [0x0, 0x20000, 0x7fff, 0xf07d, 0x7fff]}, @SEG6_ATTR_HMACKEYID={0x8}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24000084}, 0x4) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_MODIFY(r3, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, 0x0, 0x300, 0x70bd27, 0x25dfdbfe, {}, [@L2TP_ATTR_MTU={0x6, 0x1c, 0xb3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24004040}, 0xef7025e09927e17b) 09:31:47 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, r1, 0x2, 0x70bd2c, 0x25dfdbff, {}, [@NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x28}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}, 0x30}, 0x1, 0x0, 0x0, 0x4}, 0x4010) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, 0x0) 09:31:47 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x6, 0x9}) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x400000, 0x0) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r0, 0x330f, 0x0) 09:31:47 executing program 1: r0 = socket(0x25, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) r2 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) sendmsg$SEG6_CMD_SETHMAC(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r2, 0x8, 0x70bd29, 0x25dfdbfd, {}, [@SEG6_ATTR_SECRET={0x18, 0x4, [0x0, 0x20000, 0x7fff, 0xf07d, 0x7fff]}, @SEG6_ATTR_HMACKEYID={0x8}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24000084}, 0x4) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_MODIFY(r3, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, 0x0, 0x300, 0x70bd27, 0x25dfdbfe, {}, [@L2TP_ATTR_MTU={0x6, 0x1c, 0xb3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24004040}, 0xef7025e09927e17b) [ 1178.826861] hfsplus: creator requires a 4 character value [ 1178.832012] hfsplus: creator requires a 4 character value [ 1178.846988] hfsplus: unable to parse mount options [ 1178.851514] hfsplus: unable to parse mount options [ 1178.858154] hfsplus: unable to find HFS+ superblock 09:31:47 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) 09:31:47 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) 09:31:47 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) 09:31:47 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x6, 0x9}) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x400000, 0x0) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r0, 0x330f, 0x0) 09:31:47 executing program 1: r0 = socket(0x25, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) r2 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) sendmsg$SEG6_CMD_SETHMAC(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r2, 0x8, 0x70bd29, 0x25dfdbfd, {}, [@SEG6_ATTR_SECRET={0x18, 0x4, [0x0, 0x20000, 0x7fff, 0xf07d, 0x7fff]}, @SEG6_ATTR_HMACKEYID={0x8}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24000084}, 0x4) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_MODIFY(r3, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, 0x0, 0x300, 0x70bd27, 0x25dfdbfe, {}, [@L2TP_ATTR_MTU={0x6, 0x1c, 0xb3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24004040}, 0xef7025e09927e17b) 09:31:47 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) [ 1179.032791] hfsplus: creator requires a 4 character value [ 1179.042005] hfsplus: unable to find HFS+ superblock [ 1179.048188] hfsplus: creator requires a 4 character value [ 1179.055210] hfsplus: unable to parse mount options [ 1179.072614] hfsplus: unable to parse mount options 09:31:47 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x6, 0x9}) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x400000, 0x0) 09:31:47 executing program 1: r0 = socket(0x25, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) r2 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) sendmsg$SEG6_CMD_SETHMAC(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r2, 0x8, 0x70bd29, 0x25dfdbfd, {}, [@SEG6_ATTR_SECRET={0x18, 0x4, [0x0, 0x20000, 0x7fff, 0xf07d, 0x7fff]}, @SEG6_ATTR_HMACKEYID={0x8}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24000084}, 0x4) socket$nl_generic(0x10, 0x3, 0x10) 09:31:47 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) 09:31:47 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x6, 0x9}) [ 1179.080660] hfsplus: unable to find HFS+ superblock 09:31:47 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) 09:31:47 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) 09:31:47 executing program 3: openat$vfio(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/snat_reroute\x00', 0x2, 0x0) r0 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000040), 0x1a5080, 0x0) ioctl$VFIO_SET_IOMMU(r0, 0x3b66, 0x5) 09:31:47 executing program 1: r0 = socket(0x25, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) r2 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) sendmsg$SEG6_CMD_SETHMAC(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r2, 0x8, 0x70bd29, 0x25dfdbfd, {}, [@SEG6_ATTR_SECRET={0x18, 0x4, [0x0, 0x20000, 0x7fff, 0xf07d, 0x7fff]}, @SEG6_ATTR_HMACKEYID={0x8}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24000084}, 0x4) 09:31:47 executing program 4: ioctl$SNAPSHOT_SET_SWAP_AREA(0xffffffffffffffff, 0x400c330d, &(0x7f0000000000)={0x6, 0x9}) 09:31:47 executing program 3: openat$vfio(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/snat_reroute\x00', 0x2, 0x0) r0 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000040), 0x1a5080, 0x0) ioctl$VFIO_SET_IOMMU(r0, 0x3b66, 0x5) [ 1179.201581] hfsplus: unable to find HFS+ superblock [ 1179.214907] hfsplus: unable to find HFS+ superblock 09:31:47 executing program 1: r0 = socket(0x25, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) 09:31:47 executing program 4: ioctl$SNAPSHOT_SET_SWAP_AREA(0xffffffffffffffff, 0x400c330d, &(0x7f0000000000)={0x6, 0x9}) 09:31:47 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) [ 1179.246751] hfsplus: unable to find HFS+ superblock 09:31:47 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) 09:31:47 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) write$snapshot(r1, &(0x7f0000000040)="8712fca834c9ce6541d06b56a74f222d9f36294a842a9353f225c0c02feb3cd1eff96ed8b01da7c54187116e93ae12da08f7945fcbb9f31a7a33e22986cdd7ffaec95ff9601ac788e71a6b89d616db73e80dfe78c248b7c52d949ff84fec7e49255ff841dd144314448c55", 0x6b) ioctl$SNAPSHOT_SET_SWAP_AREA(0xffffffffffffffff, 0x400c330d, &(0x7f00000000c0)={0x1}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) 09:31:47 executing program 4: ioctl$SNAPSHOT_SET_SWAP_AREA(0xffffffffffffffff, 0x400c330d, &(0x7f0000000000)={0x6, 0x9}) 09:31:47 executing program 2: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, 0x0) 09:31:47 executing program 3: socket(0x25, 0x1, 0x0) socket$inet_sctp(0x2, 0x5, 0x84) r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) recvfrom$netrom(r0, &(0x7f0000000000), 0x0, 0x43, 0x0, 0x0) [ 1179.328386] hfsplus: unable to find HFS+ superblock 09:31:47 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) 09:31:47 executing program 1: r0 = socket(0x25, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) 09:31:47 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x6, 0x9}) 09:31:47 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x6, 0x9}) 09:31:47 executing program 2: socket(0x25, 0x1, 0x0) socket$inet_sctp(0x2, 0x5, 0x84) r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) recvfrom$netrom(r0, &(0x7f0000000000), 0x0, 0x43, 0x0, 0x0) [ 1179.406932] hfsplus: unable to find HFS+ superblock [ 1179.416792] hfsplus: unable to find HFS+ superblock 09:31:47 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 1) 09:31:47 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 1) 09:31:47 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751"]) 09:31:47 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) 09:31:47 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 1) 09:31:47 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x6, 0x9}) [ 1179.540601] FAULT_INJECTION: forcing a failure. [ 1179.540601] name failslab, interval 1, probability 0, space 0, times 0 [ 1179.566021] FAULT_INJECTION: forcing a failure. [ 1179.566021] name failslab, interval 1, probability 0, space 0, times 0 [ 1179.595773] hfsplus: unable to find HFS+ superblock [ 1179.598978] FAULT_INJECTION: forcing a failure. [ 1179.598978] name failslab, interval 1, probability 0, space 0, times 0 [ 1179.605220] CPU: 0 PID: 28037 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1179.619902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1179.629252] Call Trace: [ 1179.631839] dump_stack+0x1b2/0x281 [ 1179.635467] should_fail.cold+0x10a/0x149 [ 1179.639614] should_failslab+0xd6/0x130 [ 1179.643573] __kmalloc+0x2c1/0x400 [ 1179.647107] ? SyS_memfd_create+0xbc/0x3c0 [ 1179.651341] SyS_memfd_create+0xbc/0x3c0 [ 1179.655396] ? shmem_fcntl+0x120/0x120 [ 1179.659282] ? __do_page_fault+0x159/0xad0 [ 1179.663514] ? do_syscall_64+0x4c/0x640 [ 1179.667474] ? shmem_fcntl+0x120/0x120 [ 1179.671352] do_syscall_64+0x1d5/0x640 [ 1179.675237] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1179.680411] RIP: 0033:0x7f322b2fb0e9 [ 1179.684106] RSP: 002b:00007f3229c6ff28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f 09:31:47 executing program 4: openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(0xffffffffffffffff, 0x400c330d, &(0x7f0000000000)={0x6, 0x9}) 09:31:47 executing program 4: openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(0xffffffffffffffff, 0x400c330d, &(0x7f0000000000)={0x6, 0x9}) 09:31:47 executing program 4: openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(0xffffffffffffffff, 0x400c330d, &(0x7f0000000000)={0x6, 0x9}) [ 1179.691802] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f322b2fb0e9 [ 1179.699064] RDX: 00007f3229c6ffe0 RSI: 0000000000000000 RDI: 00007f322b3541ee [ 1179.706332] RBP: 0000000000000000 R08: 00007f3229c6ffd8 R09: 00007f3229c701d0 [ 1179.713599] R10: 00007f3229c6ffdc R11: 0000000000000246 R12: 0000000020000140 [ 1179.720911] R13: 0000000020000180 R14: 0000000000000000 R15: 0000000020001340 [ 1179.728191] CPU: 1 PID: 28049 Comm: syz-executor.2 Not tainted 4.14.277-syzkaller #0 [ 1179.736087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1179.745440] Call Trace: [ 1179.748032] dump_stack+0x1b2/0x281 [ 1179.751665] should_fail.cold+0x10a/0x149 [ 1179.755824] should_failslab+0xd6/0x130 [ 1179.759811] __kmalloc+0x2c1/0x400 [ 1179.763348] ? SyS_memfd_create+0xbc/0x3c0 [ 1179.767607] SyS_memfd_create+0xbc/0x3c0 [ 1179.771676] ? shmem_fcntl+0x120/0x120 [ 1179.775569] ? __do_page_fault+0x159/0xad0 [ 1179.779807] ? do_syscall_64+0x4c/0x640 [ 1179.783775] ? shmem_fcntl+0x120/0x120 [ 1179.787667] do_syscall_64+0x1d5/0x640 [ 1179.791559] entry_SYSCALL_64_after_hwframe+0x46/0xbb 09:31:48 executing program 1: syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) [ 1179.796746] RIP: 0033:0x7f4bdce420e9 [ 1179.800444] RSP: 002b:00007f4bdb7b6f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1179.808234] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f4bdce420e9 [ 1179.815497] RDX: 00007f4bdb7b6fe0 RSI: 0000000000000000 RDI: 00007f4bdce9b1ee [ 1179.822864] RBP: 0000000000000000 R08: 00007f4bdb7b6fd8 R09: 00007f4bdb7b71d0 [ 1179.830141] R10: 00007f4bdb7b6fdc R11: 0000000000000246 R12: 0000000020000140 [ 1179.837411] R13: 0000000020000180 R14: 0000000000000000 R15: 0000000020001340 09:31:48 executing program 1: syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) 09:31:48 executing program 1: syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) [ 1179.892004] CPU: 0 PID: 28039 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1179.899912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1179.909266] Call Trace: [ 1179.911859] dump_stack+0x1b2/0x281 [ 1179.915495] should_fail.cold+0x10a/0x149 [ 1179.919739] should_failslab+0xd6/0x130 [ 1179.923722] __kmalloc+0x2c1/0x400 [ 1179.927263] ? SyS_memfd_create+0xbc/0x3c0 [ 1179.931500] SyS_memfd_create+0xbc/0x3c0 [ 1179.935667] ? shmem_fcntl+0x120/0x120 [ 1179.939536] ? __do_page_fault+0x159/0xad0 [ 1179.943748] ? do_syscall_64+0x4c/0x640 [ 1179.947713] ? shmem_fcntl+0x120/0x120 [ 1179.951589] do_syscall_64+0x1d5/0x640 [ 1179.955470] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1179.960751] RIP: 0033:0x7f463664d0e9 [ 1179.964457] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1179.972152] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f463664d0e9 [ 1179.979396] RDX: 00007f4634fc1fe0 RSI: 0000000000000000 RDI: 00007f46366a61ee 09:31:48 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 2) 09:31:48 executing program 1: r0 = socket(0x0, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) 09:31:48 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 2) 09:31:48 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 1) 09:31:48 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, 0x0) 09:31:48 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 2) [ 1179.986641] RBP: 0000000000000000 R08: 00007f4634fc1fd8 R09: 00007f4634fc21d0 [ 1179.993884] R10: 00007f4634fc1fdc R11: 0000000000000246 R12: 0000000020000140 [ 1180.001135] R13: 0000000020000180 R14: 0000000000000000 R15: 0000000020001340 [ 1180.083362] FAULT_INJECTION: forcing a failure. [ 1180.083362] name failslab, interval 1, probability 0, space 0, times 0 [ 1180.095283] FAULT_INJECTION: forcing a failure. [ 1180.095283] name failslab, interval 1, probability 0, space 0, times 0 [ 1180.119450] CPU: 1 PID: 28075 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1180.124930] FAULT_INJECTION: forcing a failure. [ 1180.124930] name failslab, interval 1, probability 0, space 0, times 0 [ 1180.127353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1180.127358] Call Trace: [ 1180.127377] dump_stack+0x1b2/0x281 [ 1180.127397] should_fail.cold+0x10a/0x149 [ 1180.158330] should_failslab+0xd6/0x130 [ 1180.162311] kmem_cache_alloc+0x28e/0x3c0 [ 1180.166477] __d_alloc+0x2a/0xa20 [ 1180.168493] FAULT_INJECTION: forcing a failure. [ 1180.168493] name failslab, interval 1, probability 0, space 0, times 0 [ 1180.169943] ? lock_downgrade+0x740/0x740 [ 1180.169958] __shmem_file_setup.part.0+0xcb/0x3c0 [ 1180.169972] ? shmem_create+0x30/0x30 [ 1180.194520] ? __alloc_fd+0x1be/0x490 [ 1180.198340] SyS_memfd_create+0x1fc/0x3c0 [ 1180.202497] ? shmem_fcntl+0x120/0x120 [ 1180.206392] ? __do_page_fault+0x159/0xad0 [ 1180.210640] ? do_syscall_64+0x4c/0x640 [ 1180.214711] ? shmem_fcntl+0x120/0x120 [ 1180.218604] do_syscall_64+0x1d5/0x640 [ 1180.222505] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1180.227697] RIP: 0033:0x7f322b2fb0e9 09:31:48 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, 0x0) [ 1180.231406] RSP: 002b:00007f3229c6ff28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1180.239116] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f322b2fb0e9 [ 1180.246389] RDX: 00007f3229c6ffe0 RSI: 0000000000000000 RDI: 00007f322b3541ee [ 1180.253659] RBP: 0000000000000000 R08: 00007f3229c6ffd8 R09: 00007f3229c701d0 [ 1180.260933] R10: 00007f3229c6ffdc R11: 0000000000000246 R12: 0000000020000140 [ 1180.268201] R13: 0000000020000180 R14: 0000000000000000 R15: 0000000020001340 [ 1180.282623] CPU: 0 PID: 28074 Comm: syz-executor.2 Not tainted 4.14.277-syzkaller #0 [ 1180.290613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1180.299974] Call Trace: [ 1180.302566] dump_stack+0x1b2/0x281 [ 1180.306193] should_fail.cold+0x10a/0x149 [ 1180.310346] should_failslab+0xd6/0x130 [ 1180.314330] kmem_cache_alloc+0x28e/0x3c0 [ 1180.318481] __d_alloc+0x2a/0xa20 [ 1180.321951] ? lock_downgrade+0x740/0x740 [ 1180.326125] __shmem_file_setup.part.0+0xcb/0x3c0 [ 1180.330963] ? shmem_create+0x30/0x30 [ 1180.334763] ? __alloc_fd+0x1be/0x490 [ 1180.338565] SyS_memfd_create+0x1fc/0x3c0 [ 1180.342705] ? shmem_fcntl+0x120/0x120 [ 1180.346581] ? __do_page_fault+0x159/0xad0 [ 1180.350798] ? do_syscall_64+0x4c/0x640 [ 1180.354754] ? shmem_fcntl+0x120/0x120 [ 1180.358625] do_syscall_64+0x1d5/0x640 [ 1180.362501] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1180.367677] RIP: 0033:0x7f4bdce420e9 [ 1180.371370] RSP: 002b:00007f4bdb7b6f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1180.379059] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f4bdce420e9 [ 1180.386309] RDX: 00007f4bdb7b6fe0 RSI: 0000000000000000 RDI: 00007f4bdce9b1ee [ 1180.393578] RBP: 0000000000000000 R08: 00007f4bdb7b6fd8 R09: 00007f4bdb7b71d0 [ 1180.400830] R10: 00007f4bdb7b6fdc R11: 0000000000000246 R12: 0000000020000140 [ 1180.408082] R13: 0000000020000180 R14: 0000000000000000 R15: 0000000020001340 [ 1180.415349] CPU: 1 PID: 28076 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1180.423409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1180.432759] Call Trace: [ 1180.435353] dump_stack+0x1b2/0x281 [ 1180.438993] should_fail.cold+0x10a/0x149 [ 1180.443152] should_failslab+0xd6/0x130 [ 1180.447135] kmem_cache_alloc+0x28e/0x3c0 [ 1180.451296] __d_alloc+0x2a/0xa20 [ 1180.454754] ? lock_downgrade+0x740/0x740 [ 1180.458912] __shmem_file_setup.part.0+0xcb/0x3c0 [ 1180.463767] ? shmem_create+0x30/0x30 [ 1180.467667] ? __alloc_fd+0x1be/0x490 [ 1180.471483] SyS_memfd_create+0x1fc/0x3c0 [ 1180.475650] ? shmem_fcntl+0x120/0x120 [ 1180.479566] ? __do_page_fault+0x159/0xad0 [ 1180.483805] ? do_syscall_64+0x4c/0x640 [ 1180.487784] ? shmem_fcntl+0x120/0x120 [ 1180.491683] do_syscall_64+0x1d5/0x640 [ 1180.495587] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1180.500780] RIP: 0033:0x7f463664d0e9 [ 1180.504500] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1180.512220] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f463664d0e9 [ 1180.519497] RDX: 00007f4634fc1fe0 RSI: 0000000000000000 RDI: 00007f46366a61ee [ 1180.526769] RBP: 0000000000000000 R08: 00007f4634fc1fd8 R09: 00007f4634fc21d0 09:31:48 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, 0x0) [ 1180.534037] R10: 00007f4634fc1fdc R11: 0000000000000246 R12: 0000000020000140 [ 1180.541306] R13: 0000000020000180 R14: 0000000000000000 R15: 0000000020001340 [ 1180.552629] CPU: 0 PID: 28080 Comm: syz-executor.5 Not tainted 4.14.277-syzkaller #0 [ 1180.560538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1180.569889] Call Trace: [ 1180.572479] dump_stack+0x1b2/0x281 [ 1180.576116] should_fail.cold+0x10a/0x149 [ 1180.580270] should_failslab+0xd6/0x130 09:31:48 executing program 1: r0 = socket(0x0, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) 09:31:48 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 3) 09:31:48 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 3) [ 1180.584253] __kmalloc+0x2c1/0x400 [ 1180.587796] ? SyS_memfd_create+0xbc/0x3c0 [ 1180.592041] SyS_memfd_create+0xbc/0x3c0 [ 1180.596115] ? shmem_fcntl+0x120/0x120 [ 1180.600022] ? __do_page_fault+0x159/0xad0 [ 1180.604264] ? do_syscall_64+0x4c/0x640 [ 1180.608245] ? shmem_fcntl+0x120/0x120 [ 1180.612142] do_syscall_64+0x1d5/0x640 [ 1180.616041] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1180.621235] RIP: 0033:0x7fe04b9950e9 [ 1180.624939] RSP: 002b:00007fe04a309f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f 09:31:48 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) [ 1180.632743] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007fe04b9950e9 [ 1180.636030] FAULT_INJECTION: forcing a failure. [ 1180.636030] name failslab, interval 1, probability 0, space 0, times 0 [ 1180.640012] RDX: 00007fe04a309fe0 RSI: 0000000000000000 RDI: 00007fe04b9ee1ee [ 1180.640018] RBP: 0000000000000000 R08: 00007fe04a309fd8 R09: 00007fe04a30a1d0 [ 1180.640024] R10: 00007fe04a309fdc R11: 0000000000000246 R12: 0000000020000140 [ 1180.640030] R13: 0000000020000180 R14: 0000000000000000 R15: 0000000020001340 [ 1180.697089] FAULT_INJECTION: forcing a failure. [ 1180.697089] name failslab, interval 1, probability 0, space 0, times 0 [ 1180.712767] CPU: 1 PID: 28095 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1180.720676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1180.730029] Call Trace: [ 1180.732624] dump_stack+0x1b2/0x281 [ 1180.736259] should_fail.cold+0x10a/0x149 [ 1180.740416] should_failslab+0xd6/0x130 [ 1180.744401] kmem_cache_alloc+0x28e/0x3c0 [ 1180.748555] ? shmem_destroy_callback+0xa0/0xa0 [ 1180.753231] shmem_alloc_inode+0x18/0x40 [ 1180.757298] ? shmem_destroy_callback+0xa0/0xa0 [ 1180.761974] alloc_inode+0x5d/0x170 [ 1180.765615] new_inode+0x1d/0xf0 [ 1180.769024] shmem_get_inode+0x8b/0x890 [ 1180.773014] __shmem_file_setup.part.0+0x104/0x3c0 [ 1180.777961] ? shmem_create+0x30/0x30 [ 1180.781770] ? __alloc_fd+0x1be/0x490 [ 1180.785587] SyS_memfd_create+0x1fc/0x3c0 [ 1180.789738] ? shmem_fcntl+0x120/0x120 [ 1180.793640] ? __do_page_fault+0x159/0xad0 [ 1180.797878] ? do_syscall_64+0x4c/0x640 [ 1180.801863] ? shmem_fcntl+0x120/0x120 [ 1180.805758] do_syscall_64+0x1d5/0x640 [ 1180.809658] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1180.814845] RIP: 0033:0x7f463664d0e9 [ 1180.818553] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1180.826264] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f463664d0e9 [ 1180.833536] RDX: 00007f4634fc1fe0 RSI: 0000000000000000 RDI: 00007f46366a61ee 09:31:49 executing program 1: r0 = socket(0x0, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) [ 1180.840811] RBP: 0000000000000000 R08: 00007f4634fc1fd8 R09: 00007f4634fc21d0 [ 1180.848080] R10: 00007f4634fc1fdc R11: 0000000000000246 R12: 0000000020000140 [ 1180.855350] R13: 0000000020000180 R14: 0000000000000000 R15: 0000000020001340 [ 1180.916536] CPU: 1 PID: 28091 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1180.924450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1180.933805] Call Trace: [ 1180.936399] dump_stack+0x1b2/0x281 [ 1180.940050] should_fail.cold+0x10a/0x149 [ 1180.944210] should_failslab+0xd6/0x130 [ 1180.948198] kmem_cache_alloc+0x28e/0x3c0 [ 1180.952356] ? shmem_destroy_callback+0xa0/0xa0 [ 1180.957070] shmem_alloc_inode+0x18/0x40 [ 1180.961141] ? shmem_destroy_callback+0xa0/0xa0 [ 1180.965814] alloc_inode+0x5d/0x170 [ 1180.969447] new_inode+0x1d/0xf0 [ 1180.972820] shmem_get_inode+0x8b/0x890 [ 1180.976802] __shmem_file_setup.part.0+0x104/0x3c0 [ 1180.981742] ? shmem_create+0x30/0x30 [ 1180.985543] ? __alloc_fd+0x1be/0x490 [ 1180.989357] SyS_memfd_create+0x1fc/0x3c0 [ 1180.993508] ? shmem_fcntl+0x120/0x120 [ 1180.997400] ? __do_page_fault+0x159/0xad0 [ 1181.001638] ? do_syscall_64+0x4c/0x640 [ 1181.005617] ? shmem_fcntl+0x120/0x120 [ 1181.009511] do_syscall_64+0x1d5/0x640 09:31:49 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) [ 1181.013412] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1181.018600] RIP: 0033:0x7f322b2fb0e9 [ 1181.022306] RSP: 002b:00007f3229c6ff28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1181.030022] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f322b2fb0e9 [ 1181.037297] RDX: 00007f3229c6ffe0 RSI: 0000000000000000 RDI: 00007f322b3541ee [ 1181.044573] RBP: 0000000000000000 R08: 00007f3229c6ffd8 R09: 00007f3229c701d0 [ 1181.051843] R10: 00007f3229c6ffdc R11: 0000000000000246 R12: 0000000020000140 [ 1181.059111] R13: 0000000020000180 R14: 0000000000000000 R15: 0000000020001340 09:31:49 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4dcd0aeba72384a4a4127b1bf232bab954f9a68a76a7d6adca9d474e3319ab1e47867caf608ec62cd494aac77ebe8379c7f3c397af031ffdb85bd225b862a6a249ae747d6a5fee6269c35bb7d97d6"]) r0 = fanotify_init(0x0, 0x0) fanotify_mark(r0, 0x80, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='blkio.bfq.time_recursive\x00', 0x0, 0x0) fanotify_mark(r0, 0x4, 0x8, r1, &(0x7f00000000c0)='./file0\x00') 09:31:49 executing program 1: r0 = socket(0x25, 0x0, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) 09:31:49 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 4) 09:31:49 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 4) 09:31:49 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r0, 0x0, 0x0) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cpuset.memory_pressure\x00', 0x0, 0x0) sendmsg$L2TP_CMD_TUNNEL_MODIFY(r2, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x2c, 0x0, 0x100, 0x70bd2c, 0x25dfdbfe, {}, [@L2TP_ATTR_VLAN_ID={0x6}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @private=0xa010102}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8014}, 0x880) sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x50, r1, 0x100, 0x70bd29, 0x25dfdbfb, {}, [@SEG6_ATTR_DSTLEN={0x8}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x2}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x8f}, @SEG6_ATTR_SECRET={0xc, 0x4, [0x7ff, 0x9]}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x3}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x7}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x4}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000}, 0x20004010) 09:31:49 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) 09:31:49 executing program 1: r0 = socket(0x25, 0x0, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) [ 1181.240949] FAULT_INJECTION: forcing a failure. [ 1181.240949] name failslab, interval 1, probability 0, space 0, times 0 [ 1181.263481] FAULT_INJECTION: forcing a failure. [ 1181.263481] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1181.275314] CPU: 0 PID: 28114 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1181.283192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1181.292542] Call Trace: [ 1181.295138] dump_stack+0x1b2/0x281 [ 1181.298775] should_fail.cold+0x10a/0x149 [ 1181.302922] ? is_bpf_text_address+0xb8/0x150 [ 1181.307514] __alloc_pages_nodemask+0x22c/0x2720 [ 1181.312274] ? unwind_get_return_address+0x51/0x90 [ 1181.317208] ? __save_stack_trace+0xa0/0x160 [ 1181.321630] ? __lock_acquire+0x5fc/0x3f20 [ 1181.325874] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1181.330721] ? __shmem_file_setup.part.0+0xcb/0x3c0 [ 1181.335742] ? SyS_memfd_create+0x1fc/0x3c0 09:31:49 executing program 1: r0 = socket(0x25, 0x0, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) [ 1181.340067] ? do_syscall_64+0x1d5/0x640 [ 1181.344139] ? entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1181.349633] ? depot_save_stack+0x10d/0x3f0 [ 1181.353964] ? trace_hardirqs_on+0x10/0x10 [ 1181.358204] ? __lock_acquire+0x5fc/0x3f20 [ 1181.362451] cache_grow_begin+0x91/0x700 [ 1181.366518] ? fs_reclaim_release+0xd0/0x110 [ 1181.370934] ? check_preemption_disabled+0x35/0x240 [ 1181.375957] cache_alloc_refill+0x273/0x350 [ 1181.380291] kmem_cache_alloc+0x333/0x3c0 [ 1181.384455] ? shmem_destroy_callback+0xa0/0xa0 09:31:49 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(0x0, r0) [ 1181.389137] shmem_alloc_inode+0x18/0x40 [ 1181.393205] ? shmem_destroy_callback+0xa0/0xa0 [ 1181.397879] alloc_inode+0x5d/0x170 [ 1181.401512] new_inode+0x1d/0xf0 [ 1181.404883] shmem_get_inode+0x8b/0x890 [ 1181.408899] __shmem_file_setup.part.0+0x104/0x3c0 [ 1181.413832] ? shmem_create+0x30/0x30 [ 1181.417631] ? __alloc_fd+0x1be/0x490 [ 1181.421439] SyS_memfd_create+0x1fc/0x3c0 [ 1181.425602] ? shmem_fcntl+0x120/0x120 [ 1181.429496] ? __do_page_fault+0x159/0xad0 [ 1181.433736] ? do_syscall_64+0x4c/0x640 [ 1181.437710] ? shmem_fcntl+0x120/0x120 [ 1181.441599] do_syscall_64+0x1d5/0x640 [ 1181.445493] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1181.445502] RIP: 0033:0x7f463664d0e9 [ 1181.445509] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1181.445519] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f463664d0e9 [ 1181.469478] RDX: 00007f4634fc1fe0 RSI: 0000000000000000 RDI: 00007f46366a61ee [ 1181.476752] RBP: 0000000000000000 R08: 00007f4634fc1fd8 R09: 00007f4634fc21d0 [ 1181.484022] R10: 00007f4634fc1fdc R11: 0000000000000246 R12: 0000000020000140 09:31:49 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)) 09:31:49 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(0x0, r0) [ 1181.491291] R13: 0000000020000180 R14: 0000000000000000 R15: 0000000020001340 [ 1181.511591] hfsplus: creator requires a 4 character value [ 1181.517154] hfsplus: unable to parse mount options [ 1181.542458] CPU: 0 PID: 28113 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1181.550370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1181.553066] hfsplus: creator requires a 4 character value [ 1181.559736] Call Trace: [ 1181.559759] dump_stack+0x1b2/0x281 [ 1181.559775] should_fail.cold+0x10a/0x149 [ 1181.559791] should_failslab+0xd6/0x130 [ 1181.579601] kmem_cache_alloc+0x28e/0x3c0 [ 1181.583763] get_empty_filp+0x86/0x3f0 [ 1181.587658] alloc_file+0x23/0x440 [ 1181.591208] __shmem_file_setup.part.0+0x198/0x3c0 [ 1181.596151] ? shmem_create+0x30/0x30 [ 1181.599959] ? __alloc_fd+0x1be/0x490 [ 1181.603775] SyS_memfd_create+0x1fc/0x3c0 [ 1181.607943] ? shmem_fcntl+0x120/0x120 [ 1181.611836] ? __do_page_fault+0x159/0xad0 [ 1181.616074] ? do_syscall_64+0x4c/0x640 [ 1181.616382] hfsplus: unable to parse mount options [ 1181.620055] ? shmem_fcntl+0x120/0x120 [ 1181.620070] do_syscall_64+0x1d5/0x640 [ 1181.620088] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1181.620097] RIP: 0033:0x7f322b2fb0e9 09:31:49 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)) [ 1181.620102] RSP: 002b:00007f3229c6ff28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1181.620112] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f322b2fb0e9 [ 1181.620117] RDX: 00007f3229c6ffe0 RSI: 0000000000000000 RDI: 00007f322b3541ee [ 1181.620121] RBP: 0000000000000000 R08: 00007f3229c6ffd8 R09: 00007f3229c701d0 [ 1181.620136] R10: 00007f3229c6ffdc R11: 0000000000000246 R12: 0000000020000140 [ 1181.620141] R13: 0000000020000180 R14: 0000000000000000 R15: 0000000020001340 [ 1181.649690] hfsplus: creator requires a 4 character value [ 1181.679865] hfsplus: unable to parse mount options 09:31:50 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4dcd0aeba72384a4a4127b1bf232bab954f9a68a76a7d6adca9d474e3319ab1e47867caf608ec62cd494aac77ebe8379c7f3c397af031ffdb85bd225b862a6a249ae747d6a5fee6269c35bb7d97d6"]) r0 = fanotify_init(0x0, 0x0) fanotify_mark(r0, 0x80, 0x0, 0xffffffffffffffff, 0x0) (async) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='blkio.bfq.time_recursive\x00', 0x0, 0x0) fanotify_mark(r0, 0x4, 0x8, r1, &(0x7f00000000c0)='./file0\x00') 09:31:50 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r0, 0x0, 0x0) (async) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) (async) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cpuset.memory_pressure\x00', 0x0, 0x0) sendmsg$L2TP_CMD_TUNNEL_MODIFY(r2, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x2c, 0x0, 0x100, 0x70bd2c, 0x25dfdbfe, {}, [@L2TP_ATTR_VLAN_ID={0x6}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @private=0xa010102}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8014}, 0x880) sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x50, r1, 0x100, 0x70bd29, 0x25dfdbfb, {}, [@SEG6_ATTR_DSTLEN={0x8}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x2}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x8f}, @SEG6_ATTR_SECRET={0xc, 0x4, [0x7ff, 0x9]}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x3}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x7}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x4}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000}, 0x20004010) 09:31:50 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 5) 09:31:50 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)) 09:31:50 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(0x0, r0) 09:31:50 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 5) 09:31:50 executing program 1: socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) 09:31:50 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) [ 1181.864923] FAULT_INJECTION: forcing a failure. [ 1181.864923] name failslab, interval 1, probability 0, space 0, times 0 [ 1181.873343] hfsplus: creator requires a 4 character value [ 1181.899881] FAULT_INJECTION: forcing a failure. [ 1181.899881] name failslab, interval 1, probability 0, space 0, times 0 [ 1181.939404] CPU: 0 PID: 28152 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1181.947310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1181.949309] hfsplus: creator requires a 4 character value [ 1181.956663] Call Trace: [ 1181.964772] dump_stack+0x1b2/0x281 [ 1181.968412] should_fail.cold+0x10a/0x149 [ 1181.968964] hfsplus: unable to parse mount options [ 1181.972645] should_failslab+0xd6/0x130 [ 1181.972660] kmem_cache_alloc+0x28e/0x3c0 [ 1181.972675] get_empty_filp+0x86/0x3f0 [ 1181.972683] alloc_file+0x23/0x440 [ 1181.972696] __shmem_file_setup.part.0+0x198/0x3c0 [ 1181.998231] ? shmem_create+0x30/0x30 [ 1182.002039] ? __alloc_fd+0x1be/0x490 [ 1182.004879] hfsplus: unable to parse mount options [ 1182.005851] SyS_memfd_create+0x1fc/0x3c0 [ 1182.005864] ? shmem_fcntl+0x120/0x120 [ 1182.005874] ? __do_page_fault+0x159/0xad0 [ 1182.005885] ? do_syscall_64+0x4c/0x640 [ 1182.027123] ? shmem_fcntl+0x120/0x120 [ 1182.031020] do_syscall_64+0x1d5/0x640 [ 1182.034917] entry_SYSCALL_64_after_hwframe+0x46/0xbb 09:31:50 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4dcd0aeba72384a4a4127b1bf232bab954f9a68a76a7d6adca9d474e3319ab1e47867caf608ec62cd494aac77ebe8379c7f3c397af031ffdb85bd225b862a6a249ae747d6a5fee6269c35bb7d97d6"]) (async) r0 = fanotify_init(0x0, 0x0) fanotify_mark(r0, 0x80, 0x0, 0xffffffffffffffff, 0x0) (async, rerun: 64) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='blkio.bfq.time_recursive\x00', 0x0, 0x0) (rerun: 64) fanotify_mark(r0, 0x4, 0x8, r1, &(0x7f00000000c0)='./file0\x00') [ 1182.040117] RIP: 0033:0x7f322b2fb0e9 [ 1182.043914] RSP: 002b:00007f3229c6ff28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1182.051622] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f322b2fb0e9 [ 1182.058998] RDX: 00007f3229c6ffe0 RSI: 0000000000000000 RDI: 00007f322b3541ee [ 1182.066270] RBP: 0000000000000000 R08: 00007f3229c6ffd8 R09: 00007f3229c701d0 [ 1182.073539] R10: 00007f3229c6ffdc R11: 0000000000000246 R12: 0000000020000140 [ 1182.080806] R13: 0000000020000180 R14: 0000000000000000 R15: 0000000020001340 [ 1182.091512] CPU: 1 PID: 28160 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1182.099584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1182.109020] Call Trace: [ 1182.111591] dump_stack+0x1b2/0x281 [ 1182.115197] should_fail.cold+0x10a/0x149 [ 1182.119330] should_failslab+0xd6/0x130 [ 1182.123387] kmem_cache_alloc_trace+0x29a/0x3d0 [ 1182.128036] apparmor_file_alloc_security+0x129/0x800 [ 1182.133206] security_file_alloc+0x66/0xa0 [ 1182.137418] ? selinux_is_enabled+0x5/0x50 [ 1182.141635] get_empty_filp+0x16b/0x3f0 [ 1182.145587] alloc_file+0x23/0x440 [ 1182.149195] __shmem_file_setup.part.0+0x198/0x3c0 [ 1182.154194] ? shmem_create+0x30/0x30 [ 1182.157972] ? __alloc_fd+0x1be/0x490 [ 1182.161752] SyS_memfd_create+0x1fc/0x3c0 [ 1182.165878] ? shmem_fcntl+0x120/0x120 [ 1182.169755] ? __do_page_fault+0x159/0xad0 [ 1182.173986] ? do_syscall_64+0x4c/0x640 [ 1182.177938] ? shmem_fcntl+0x120/0x120 [ 1182.181802] do_syscall_64+0x1d5/0x640 [ 1182.185678] entry_SYSCALL_64_after_hwframe+0x46/0xbb 09:31:50 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 6) 09:31:50 executing program 4: r0 = socket(0x0, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) [ 1182.190869] RIP: 0033:0x7f463664d0e9 [ 1182.194561] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 1182.202250] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f463664d0e9 [ 1182.209591] RDX: 00007f4634fc1fe0 RSI: 0000000000000000 RDI: 00007f46366a61ee [ 1182.216838] RBP: 0000000000000000 R08: 00007f4634fc1fd8 R09: 00007f4634fc21d0 [ 1182.224109] R10: 00007f4634fc1fdc R11: 0000000000000246 R12: 0000000020000140 [ 1182.231361] R13: 0000000020000180 R14: 0000000000000000 R15: 0000000020001340 09:31:50 executing program 1: socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) 09:31:50 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r0, 0x0, 0x0) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cpuset.memory_pressure\x00', 0x0, 0x0) sendmsg$L2TP_CMD_TUNNEL_MODIFY(r2, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x2c, 0x0, 0x100, 0x70bd2c, 0x25dfdbfe, {}, [@L2TP_ATTR_VLAN_ID={0x6}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @private=0xa010102}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8014}, 0x880) sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x50, r1, 0x100, 0x70bd29, 0x25dfdbfb, {}, [@SEG6_ATTR_DSTLEN={0x8}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x2}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x8f}, @SEG6_ATTR_SECRET={0xc, 0x4, [0x7ff, 0x9]}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x3}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x7}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x4}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000}, 0x20004010) 09:31:50 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (fail_nth: 1) [ 1182.272375] hfsplus: creator requires a 4 character value [ 1182.283560] hfsplus: unable to parse mount options 09:31:50 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 6) 09:31:50 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="637265ca624b357c52a52c617c6f723dd7ceb951d4"]) [ 1182.316651] FAULT_INJECTION: forcing a failure. [ 1182.316651] name failslab, interval 1, probability 0, space 0, times 0 [ 1182.347531] CPU: 1 PID: 28187 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1182.355431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1182.360167] FAULT_INJECTION: forcing a failure. [ 1182.360167] name failslab, interval 1, probability 0, space 0, times 0 [ 1182.364781] Call Trace: [ 1182.364800] dump_stack+0x1b2/0x281 [ 1182.364816] should_fail.cold+0x10a/0x149 [ 1182.364835] should_failslab+0xd6/0x130 [ 1182.390282] kmem_cache_alloc+0x28e/0x3c0 [ 1182.394440] getname_flags+0xc8/0x550 [ 1182.398250] do_sys_open+0x1ce/0x410 [ 1182.401968] ? filp_open+0x60/0x60 [ 1182.405515] ? do_syscall_64+0x4c/0x640 [ 1182.409489] ? SyS_open+0x30/0x30 [ 1182.412938] do_syscall_64+0x1d5/0x640 [ 1182.416831] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1182.422010] RIP: 0033:0x7f322b2ae004 [ 1182.425706] RSP: 002b:00007f3229c6feb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1182.433405] RAX: ffffffffffffffda RBX: 00007f322b344a20 RCX: 00007f322b2ae004 [ 1182.440675] RDX: 0000000000000002 RSI: 00007f3229c6ffe0 RDI: 00000000ffffff9c [ 1182.448123] RBP: 00007f3229c6ffe0 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1182.455561] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 09:31:50 executing program 1: socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) [ 1182.462834] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1182.482827] hfsplus: creator requires a 4 character value [ 1182.487927] CPU: 0 PID: 28194 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1182.493957] hfsplus: unable to parse mount options [ 1182.496256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1182.496261] Call Trace: [ 1182.496278] dump_stack+0x1b2/0x281 09:31:50 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 7) [ 1182.496293] should_fail.cold+0x10a/0x149 [ 1182.496306] should_failslab+0xd6/0x130 [ 1182.507476] hfsplus: unable to parse mount options [ 1182.510570] kmem_cache_alloc+0x28e/0x3c0 [ 1182.510584] getname_flags+0xc8/0x550 [ 1182.510596] do_sys_open+0x1ce/0x410 [ 1182.510605] ? filp_open+0x60/0x60 [ 1182.510617] ? do_syscall_64+0x4c/0x640 [ 1182.510629] ? SyS_open+0x30/0x30 [ 1182.533810] FAULT_INJECTION: forcing a failure. [ 1182.533810] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1182.535078] do_syscall_64+0x1d5/0x640 [ 1182.569085] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1182.574267] RIP: 0033:0x7f4636600004 [ 1182.577963] RSP: 002b:00007f4634fc1eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1182.585650] RAX: ffffffffffffffda RBX: 00007f4636696a20 RCX: 00007f4636600004 [ 1182.592993] RDX: 0000000000000002 RSI: 00007f4634fc1fe0 RDI: 00000000ffffff9c [ 1182.600244] RBP: 00007f4634fc1fe0 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1182.607496] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1182.614747] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1182.622015] CPU: 1 PID: 28212 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1182.630065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1182.639423] Call Trace: [ 1182.642015] dump_stack+0x1b2/0x281 [ 1182.645656] should_fail.cold+0x10a/0x149 [ 1182.649821] __alloc_pages_nodemask+0x22c/0x2720 [ 1182.654584] ? static_obj+0x50/0x50 [ 1182.658216] ? trace_hardirqs_on+0x10/0x10 [ 1182.662458] ? __lock_acquire+0x5fc/0x3f20 [ 1182.666707] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1182.671556] ? __lock_acquire+0x5fc/0x3f20 [ 1182.675793] ? simple_xattr_get+0xe5/0x160 [ 1182.680036] ? fsnotify+0x974/0x11b0 [ 1182.683753] ? shmem_setattr+0x241/0xbf0 [ 1182.687821] ? __fsnotify_inode_delete+0x20/0x20 [ 1182.692583] cache_grow_begin+0x91/0x700 [ 1182.696651] ? fs_reclaim_release+0xd0/0x110 [ 1182.701063] ? check_preemption_disabled+0x35/0x240 [ 1182.706088] cache_alloc_refill+0x273/0x350 [ 1182.710419] kmem_cache_alloc+0x333/0x3c0 [ 1182.714573] getname_flags+0xc8/0x550 [ 1182.718379] do_sys_open+0x1ce/0x410 [ 1182.722112] ? filp_open+0x60/0x60 [ 1182.725661] ? do_syscall_64+0x4c/0x640 [ 1182.729643] ? SyS_open+0x30/0x30 [ 1182.733103] do_syscall_64+0x1d5/0x640 [ 1182.737009] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1182.742321] RIP: 0033:0x7f322b2ae004 [ 1182.746031] RSP: 002b:00007f3229c6feb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1182.753746] RAX: ffffffffffffffda RBX: 00007f322b344a20 RCX: 00007f322b2ae004 [ 1182.761109] RDX: 0000000000000002 RSI: 00007f3229c6ffe0 RDI: 00000000ffffff9c 09:31:50 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (fail_nth: 1) 09:31:51 executing program 4: openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) write$P9_RLERROR(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="0900000007020000002392a53082c02919b1f55c06d285977621665d8aa9bae0554d37c7d4d1b588f005a43160845e875454511310bbeb5d2054782e3a468fb202e23e8534f110f5ad9c6ab18078d648c86cd4857b74"], 0x9) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x14, r4, 0x1}, 0x14}}, 0x0) sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x28, r4, 0x400, 0x70bd27, 0x25dfdbff, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'veth0_to_hsr\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x800a0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r5, 0x0, 0x0) r6 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_PMK(r6, &(0x7f00000004c0)={&(0x7f0000000300), 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x64, 0x0, 0x100, 0x70bd25, 0x25dfdbff, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0xfffffffa, 0x5a}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x64}, 0x1, 0x0, 0x0, 0x40000080}, 0x20000000) syz_genetlink_get_family_id$smc(&(0x7f00000001c0), r5) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0xfffffffffffffffd, 0x9}) 09:31:51 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 7) [ 1182.768383] RBP: 00007f3229c6ffe0 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1182.775655] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1182.782926] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1182.832451] FAULT_INJECTION: forcing a failure. [ 1182.832451] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1182.844276] CPU: 1 PID: 28224 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1182.852174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1182.861959] Call Trace: [ 1182.864553] dump_stack+0x1b2/0x281 [ 1182.868201] should_fail.cold+0x10a/0x149 [ 1182.872361] __alloc_pages_nodemask+0x22c/0x2720 [ 1182.877126] ? static_obj+0x50/0x50 [ 1182.880774] ? trace_hardirqs_on+0x10/0x10 [ 1182.885016] ? __lock_acquire+0x5fc/0x3f20 [ 1182.889266] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1182.894125] ? __lock_acquire+0x5fc/0x3f20 [ 1182.898429] ? simple_xattr_get+0xe5/0x160 [ 1182.902916] ? fsnotify+0x974/0x11b0 [ 1182.906638] ? shmem_setattr+0x241/0xbf0 [ 1182.910715] ? __fsnotify_inode_delete+0x20/0x20 [ 1182.915483] cache_grow_begin+0x91/0x700 [ 1182.919551] ? fs_reclaim_release+0xd0/0x110 [ 1182.923973] ? check_preemption_disabled+0x35/0x240 [ 1182.929012] cache_alloc_refill+0x273/0x350 [ 1182.933349] kmem_cache_alloc+0x333/0x3c0 [ 1182.937508] getname_flags+0xc8/0x550 [ 1182.941329] do_sys_open+0x1ce/0x410 [ 1182.945154] ? filp_open+0x60/0x60 [ 1182.948963] ? do_syscall_64+0x4c/0x640 [ 1182.952948] ? SyS_open+0x30/0x30 [ 1182.956410] do_syscall_64+0x1d5/0x640 [ 1182.960320] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1182.965514] RIP: 0033:0x7f4636600004 [ 1182.969224] RSP: 002b:00007f4634fc1eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 09:31:51 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="637265ca624b357c52a52c617c6f723dd7ceb951d4"]) 09:31:51 executing program 4: openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async, rerun: 64) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async, rerun: 64) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) (async, rerun: 32) write$P9_RLERROR(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="0900000007020000002392a53082c02919b1f55c06d285977621665d8aa9bae0554d37c7d4d1b588f005a43160845e875454511310bbeb5d2054782e3a468fb202e23e8534f110f5ad9c6ab18078d648c86cd4857b74"], 0x9) (rerun: 32) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0) (async, rerun: 64) r3 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x14, r4, 0x1}, 0x14}}, 0x0) (async) sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x28, r4, 0x400, 0x70bd27, 0x25dfdbff, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'veth0_to_hsr\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x800a0) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r5, 0x0, 0x0) (async) r6 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_PMK(r6, &(0x7f00000004c0)={&(0x7f0000000300), 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x64, 0x0, 0x100, 0x70bd25, 0x25dfdbff, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0xfffffffa, 0x5a}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x64}, 0x1, 0x0, 0x0, 0x40000080}, 0x20000000) (async) syz_genetlink_get_family_id$smc(&(0x7f00000001c0), r5) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0xfffffffffffffffd, 0x9}) [ 1182.976938] RAX: ffffffffffffffda RBX: 00007f4636696a20 RCX: 00007f4636600004 [ 1182.984220] RDX: 0000000000000002 RSI: 00007f4634fc1fe0 RDI: 00000000ffffff9c [ 1182.991587] RBP: 00007f4634fc1fe0 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1182.998862] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1183.006136] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1183.027942] hfsplus: creator requires a 4 character value 09:31:51 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$SMC_PNETID_DEL(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x14, r1, 0x1}, 0x14}}, 0x0) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000000)=ANY=[@ANYRESHEX]) 09:31:51 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="637265ca624b357c52a52c617c6f723dd7ceb951d4"]) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="637265ca624b357c52a52c617c6f723dd7ceb951d4"]) (async) [ 1183.032603] FAULT_INJECTION: forcing a failure. [ 1183.032603] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1183.037537] hfsplus: unable to parse mount options [ 1183.053055] hfsplus: unable to parse mount options [ 1183.093649] CPU: 0 PID: 28223 Comm: syz-executor.1 Not tainted 4.14.277-syzkaller #0 [ 1183.101564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1183.110912] Call Trace: [ 1183.113485] dump_stack+0x1b2/0x281 [ 1183.117094] should_fail.cold+0x10a/0x149 [ 1183.121221] __alloc_pages_nodemask+0x22c/0x2720 [ 1183.125962] ? _kstrtoull+0x1f2/0x450 [ 1183.129741] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1183.134565] ? get_pid_task+0x91/0x130 [ 1183.138433] ? __lock_acquire+0x5fc/0x3f20 09:31:51 executing program 4: openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) write$P9_RLERROR(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="0900000007020000002392a53082c02919b1f55c06d285977621665d8aa9bae0554d37c7d4d1b588f005a43160845e875454511310bbeb5d2054782e3a468fb202e23e8534f110f5ad9c6ab18078d648c86cd4857b74"], 0x9) (async) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x14, r4, 0x1}, 0x14}}, 0x0) (async) sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x28, r4, 0x400, 0x70bd27, 0x25dfdbff, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'veth0_to_hsr\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x800a0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) (async) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r5, 0x0, 0x0) r6 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0) (async) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_PMK(r6, &(0x7f00000004c0)={&(0x7f0000000300), 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x64, 0x0, 0x100, 0x70bd25, 0x25dfdbff, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0xfffffffa, 0x5a}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x64}, 0x1, 0x0, 0x0, 0x40000080}, 0x20000000) (async) syz_genetlink_get_family_id$smc(&(0x7f00000001c0), r5) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0xfffffffffffffffd, 0x9}) [ 1183.143192] alloc_pages_vma+0xd2/0x6d0 [ 1183.147253] __handle_mm_fault+0x25fa/0x4620 [ 1183.151657] ? vm_insert_page+0x7c0/0x7c0 [ 1183.155793] ? lock_downgrade+0x740/0x740 [ 1183.159919] ? vfs_write+0x35d/0x4d0 [ 1183.163615] ? mark_held_locks+0xa6/0xf0 [ 1183.167660] handle_mm_fault+0x455/0x9c0 [ 1183.171712] __do_page_fault+0x549/0xad0 [ 1183.175755] ? spurious_fault+0x640/0x640 [ 1183.179882] ? do_page_fault+0x60/0x500 [ 1183.184012] ? page_fault+0x2f/0x50 [ 1183.187635] page_fault+0x45/0x50 [ 1183.191081] RIP: 6951e140:0x3 09:31:51 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 8) 09:31:51 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (fail_nth: 2) [ 1183.194237] RSP: 6951e0f0:0000000000000000 EFLAGS: 7fc16951e0a8 [ 1183.214092] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 1183.235201] hfsplus: unable to parse mount options [ 1183.254829] hfsplus: creator requires a 4 character value [ 1183.265810] hfsplus: unable to parse mount options [ 1183.274280] FAULT_INJECTION: forcing a failure. [ 1183.274280] name failslab, interval 1, probability 0, space 0, times 0 [ 1183.287673] hfsplus: unable to parse mount options [ 1183.295730] CPU: 1 PID: 28257 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1183.303636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1183.312997] Call Trace: [ 1183.315601] dump_stack+0x1b2/0x281 [ 1183.319240] should_fail.cold+0x10a/0x149 [ 1183.323402] should_failslab+0xd6/0x130 [ 1183.327389] kmem_cache_alloc+0x28e/0x3c0 [ 1183.331548] get_empty_filp+0x86/0x3f0 [ 1183.335451] path_openat+0x84/0x2970 [ 1183.339962] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1183.344906] ? path_lookupat+0x780/0x780 [ 1183.348980] ? trace_hardirqs_on+0x10/0x10 [ 1183.353229] ? fsnotify+0x974/0x11b0 [ 1183.356956] ? shmem_setattr+0x241/0xbf0 [ 1183.361041] do_filp_open+0x179/0x3c0 [ 1183.364859] ? may_open_dev+0xe0/0xe0 [ 1183.369285] ? __alloc_fd+0x1be/0x490 [ 1183.373098] ? lock_downgrade+0x740/0x740 [ 1183.377271] ? do_raw_spin_unlock+0x164/0x220 [ 1183.381780] ? _raw_spin_unlock+0x29/0x40 [ 1183.385933] ? __alloc_fd+0x1be/0x490 [ 1183.389747] do_sys_open+0x296/0x410 [ 1183.393470] ? filp_open+0x60/0x60 [ 1183.397027] ? do_syscall_64+0x4c/0x640 [ 1183.401009] ? SyS_open+0x30/0x30 [ 1183.404472] do_syscall_64+0x1d5/0x640 [ 1183.408368] entry_SYSCALL_64_after_hwframe+0x46/0xbb 09:31:51 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x2, 0x8}) openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0) 09:31:51 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$SMC_PNETID_DEL(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x14, r1, 0x1}, 0x14}}, 0x0) (async) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000000)=ANY=[@ANYRESHEX]) 09:31:51 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r0, 0x0, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000000000), r0) r1 = socket(0x25, 0x1, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r2, 0x0, 0x0) sendmsg$SEG6_CMD_SETHMAC(r2, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x34, 0x0, 0x4, 0x70bd25, 0x25dfdbfd, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0xb1c}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x101}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x5}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x40) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r1) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000380), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_MAX_FRAME_RETRIES(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x5c, r3, 0x0, 0x70bd2d, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0xe8}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x5}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x25}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x3f}]}, 0x5c}, 0x1, 0x0, 0x0, 0xc0}, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$SEG6_CMD_DUMPHMAC(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="e7b2f160b9fcdd44000000c9c616e84b3916b0d18c82c63f7158494f929a984afa3be5a89f4d7b75dfc9cead8d4b056a5ac73aff9934ddc5b8fcc9d94800d49386002e6a5c0a92d9ead6b640c4e5af0e5cc9924a7c7eb980a415b6e761c48c905901f19c1c42f66ff2cc", @ANYRES16=r6, @ANYBLOB="db"], 0x44}}, 0x0) sendmsg$SEG6_CMD_SET_TUNSRC(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x5c, r6, 0x404, 0x70bd2d, 0x25dfdbfb, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0xca}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x200}, @SEG6_ATTR_SECRET={0x14, 0x4, [0x7, 0x9, 0x4, 0x3ff]}, @SEG6_ATTR_SECRET={0x14, 0x4, [0x9b, 0x20, 0x0, 0xfffffffa]}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x3f}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x6}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4840}, 0x40000) 09:31:51 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 9) [ 1183.413559] RIP: 0033:0x7f322b2ae004 [ 1183.417267] RSP: 002b:00007f3229c6feb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1183.425150] RAX: ffffffffffffffda RBX: 00007f322b344a20 RCX: 00007f322b2ae004 [ 1183.432419] RDX: 0000000000000002 RSI: 00007f3229c6ffe0 RDI: 00000000ffffff9c [ 1183.439869] RBP: 00007f3229c6ffe0 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1183.447148] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1183.454428] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 09:31:51 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 8) 09:31:51 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x2, 0x8}) (async) openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0) 09:31:51 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r0, 0x0, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000000000), r0) r1 = socket(0x25, 0x1, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r2, 0x0, 0x0) sendmsg$SEG6_CMD_SETHMAC(r2, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x34, 0x0, 0x4, 0x70bd25, 0x25dfdbfd, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0xb1c}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x101}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x5}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x40) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r1) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000380), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_MAX_FRAME_RETRIES(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x5c, r3, 0x0, 0x70bd2d, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0xe8}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x5}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x25}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x3f}]}, 0x5c}, 0x1, 0x0, 0x0, 0xc0}, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$SEG6_CMD_DUMPHMAC(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="e7b2f160b9fcdd44000000c9c616e84b3916b0d18c82c63f7158494f929a984afa3be5a89f4d7b75dfc9cead8d4b056a5ac73aff9934ddc5b8fcc9d94800d49386002e6a5c0a92d9ead6b640c4e5af0e5cc9924a7c7eb980a415b6e761c48c905901f19c1c42f66ff2cc", @ANYRES16=r6, @ANYBLOB="db"], 0x44}}, 0x0) sendmsg$SEG6_CMD_SET_TUNSRC(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x5c, r6, 0x404, 0x70bd2d, 0x25dfdbfb, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0xca}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x200}, @SEG6_ATTR_SECRET={0x14, 0x4, [0x7, 0x9, 0x4, 0x3ff]}, @SEG6_ATTR_SECRET={0x14, 0x4, [0x9b, 0x20, 0x0, 0xfffffffa]}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x3f}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x6}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4840}, 0x40000) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$SMC_PNETID_DEL(r0, 0x0, 0x0) (async) syz_genetlink_get_family_id$smc(&(0x7f0000000000), r0) (async) socket(0x25, 0x1, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$SMC_PNETID_DEL(r2, 0x0, 0x0) (async) sendmsg$SEG6_CMD_SETHMAC(r2, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x34, 0x0, 0x4, 0x70bd25, 0x25dfdbfd, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0xb1c}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x101}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x5}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x40) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r1) (async) syz_genetlink_get_family_id$nl802154(&(0x7f0000000380), 0xffffffffffffffff) (async) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan0\x00'}) (async) sendmsg$NL802154_CMD_SET_MAX_FRAME_RETRIES(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x5c, r3, 0x0, 0x70bd2d, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0xe8}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x5}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x25}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x3f}]}, 0x5c}, 0x1, 0x0, 0x0, 0xc0}, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) (async) sendmsg$SEG6_CMD_DUMPHMAC(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="e7b2f160b9fcdd44000000c9c616e84b3916b0d18c82c63f7158494f929a984afa3be5a89f4d7b75dfc9cead8d4b056a5ac73aff9934ddc5b8fcc9d94800d49386002e6a5c0a92d9ead6b640c4e5af0e5cc9924a7c7eb980a415b6e761c48c905901f19c1c42f66ff2cc", @ANYRES16=r6, @ANYBLOB="db"], 0x44}}, 0x0) (async) sendmsg$SEG6_CMD_SET_TUNSRC(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x5c, r6, 0x404, 0x70bd2d, 0x25dfdbfb, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0xca}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x200}, @SEG6_ATTR_SECRET={0x14, 0x4, [0x7, 0x9, 0x4, 0x3ff]}, @SEG6_ATTR_SECRET={0x14, 0x4, [0x9b, 0x20, 0x0, 0xfffffffa]}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x3f}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x6}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4840}, 0x40000) (async) 09:31:51 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$SMC_PNETID_DEL(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x14, r1, 0x1}, 0x14}}, 0x0) (async) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000000)=ANY=[@ANYRESHEX]) [ 1183.505405] hfsplus: unable to parse mount options [ 1183.524542] hfsplus: unable to parse mount options [ 1183.526663] FAULT_INJECTION: forcing a failure. [ 1183.526663] name failslab, interval 1, probability 0, space 0, times 0 [ 1183.579376] FAULT_INJECTION: forcing a failure. [ 1183.579376] name failslab, interval 1, probability 0, space 0, times 0 [ 1183.586287] CPU: 1 PID: 28286 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1183.599692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1183.609134] Call Trace: [ 1183.611741] dump_stack+0x1b2/0x281 [ 1183.615394] should_fail.cold+0x10a/0x149 [ 1183.619557] should_failslab+0xd6/0x130 [ 1183.623633] kmem_cache_alloc+0x28e/0x3c0 [ 1183.627975] get_empty_filp+0x86/0x3f0 [ 1183.631872] path_openat+0x84/0x2970 [ 1183.635597] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1183.640449] ? path_lookupat+0x780/0x780 [ 1183.644605] ? trace_hardirqs_on+0x10/0x10 [ 1183.648844] ? fsnotify+0x974/0x11b0 [ 1183.652580] ? shmem_setattr+0x241/0xbf0 [ 1183.656668] do_filp_open+0x179/0x3c0 [ 1183.660588] ? may_open_dev+0xe0/0xe0 [ 1183.664398] ? __alloc_fd+0x1be/0x490 [ 1183.668212] ? lock_downgrade+0x740/0x740 [ 1183.672371] ? do_raw_spin_unlock+0x164/0x220 [ 1183.677051] ? _raw_spin_unlock+0x29/0x40 [ 1183.681207] ? __alloc_fd+0x1be/0x490 [ 1183.685019] do_sys_open+0x296/0x410 [ 1183.688742] ? filp_open+0x60/0x60 [ 1183.692291] ? do_syscall_64+0x4c/0x640 [ 1183.696273] ? SyS_open+0x30/0x30 [ 1183.699737] do_syscall_64+0x1d5/0x640 [ 1183.703656] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1183.708861] RIP: 0033:0x7f4636600004 [ 1183.712577] RSP: 002b:00007f4634fc1eb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1183.720289] RAX: ffffffffffffffda RBX: 00007f4636696a20 RCX: 00007f4636600004 09:31:52 executing program 2: getsockopt$netrom_NETROM_N2(0xffffffffffffffff, 0x103, 0x3, &(0x7f0000000000)=0x4, &(0x7f0000000040)=0x4) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) 09:31:52 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x2, 0x8}) openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x2, 0x8}) (async) openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0) (async) [ 1183.727565] RDX: 0000000000000002 RSI: 00007f4634fc1fe0 RDI: 00000000ffffff9c [ 1183.734917] RBP: 00007f4634fc1fe0 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1183.742193] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1183.749470] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1183.765033] hfsplus: unable to parse mount options [ 1183.792040] CPU: 0 PID: 28292 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1183.799944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1183.809290] Call Trace: [ 1183.809308] dump_stack+0x1b2/0x281 [ 1183.809323] should_fail.cold+0x10a/0x149 [ 1183.809337] should_failslab+0xd6/0x130 [ 1183.809348] kmem_cache_alloc_trace+0x29a/0x3d0 [ 1183.809361] apparmor_file_alloc_security+0x129/0x800 [ 1183.809374] security_file_alloc+0x66/0xa0 [ 1183.826124] FAULT_INJECTION: forcing a failure. [ 1183.826124] name failslab, interval 1, probability 0, space 0, times 0 [ 1183.828408] ? selinux_is_enabled+0x5/0x50 [ 1183.828423] get_empty_filp+0x16b/0x3f0 [ 1183.828433] path_openat+0x84/0x2970 [ 1183.828449] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1183.828460] ? path_lookupat+0x780/0x780 [ 1183.828469] ? trace_hardirqs_on+0x10/0x10 [ 1183.828479] ? fsnotify+0x974/0x11b0 [ 1183.828491] ? shmem_setattr+0x241/0xbf0 [ 1183.881803] do_filp_open+0x179/0x3c0 [ 1183.885606] ? may_open_dev+0xe0/0xe0 [ 1183.889398] ? __alloc_fd+0x1be/0x490 [ 1183.893189] ? lock_downgrade+0x740/0x740 [ 1183.897331] ? do_raw_spin_unlock+0x164/0x220 [ 1183.901823] ? _raw_spin_unlock+0x29/0x40 [ 1183.905963] ? __alloc_fd+0x1be/0x490 [ 1183.909769] do_sys_open+0x296/0x410 [ 1183.913475] ? filp_open+0x60/0x60 [ 1183.917019] ? do_syscall_64+0x4c/0x640 [ 1183.920993] ? SyS_open+0x30/0x30 [ 1183.924444] do_syscall_64+0x1d5/0x640 [ 1183.928330] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1183.933512] RIP: 0033:0x7f322b2ae004 09:31:52 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 9) 09:31:52 executing program 4: r0 = syz_genetlink_get_family_id$l2tp(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$L2TP_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x38, r0, 0x100, 0x70bd2d, 0x25dfdbfc, {}, [@L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x2}, @L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x7}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @mcast2}]}, 0x38}, 0x1, 0x0, 0x0, 0x44094}, 0x4000010) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) 09:31:52 executing program 4: r0 = syz_genetlink_get_family_id$l2tp(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$L2TP_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x38, r0, 0x100, 0x70bd2d, 0x25dfdbfc, {}, [@L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x2}, @L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x7}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @mcast2}]}, 0x38}, 0x1, 0x0, 0x0, 0x44094}, 0x4000010) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) 09:31:52 executing program 4: r0 = syz_genetlink_get_family_id$l2tp(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$L2TP_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x38, r0, 0x100, 0x70bd2d, 0x25dfdbfc, {}, [@L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x2}, @L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x7}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @mcast2}]}, 0x38}, 0x1, 0x0, 0x0, 0x44094}, 0x4000010) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) 09:31:52 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) ioctl$SNAPSHOT_GET_IMAGE_SIZE(r0, 0x8008330e, &(0x7f00000000c0)) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) r2 = syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) ioctl$SNAPSHOT_GET_IMAGE_SIZE(r1, 0x8008330e, &(0x7f0000000080)) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r3, 0x0, 0x0) sendmsg$SMC_PNETID_FLUSH(r3, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x3001000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x74, r2, 0x100, 0x70bd25, 0x25dfdbff, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'wg1\x00'}]}, 0x74}, 0x1, 0x0, 0x0, 0x1}, 0x5001) [ 1183.937216] RSP: 002b:00007f3229c6feb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1183.945089] RAX: ffffffffffffffda RBX: 00007f322b344a20 RCX: 00007f322b2ae004 [ 1183.952358] RDX: 0000000000000002 RSI: 00007f3229c6ffe0 RDI: 00000000ffffff9c [ 1183.959627] RBP: 00007f3229c6ffe0 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1183.966897] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 1183.974171] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1183.981560] CPU: 1 PID: 28321 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1183.989487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1183.998838] Call Trace: [ 1184.001426] dump_stack+0x1b2/0x281 [ 1184.005064] should_fail.cold+0x10a/0x149 [ 1184.009347] should_failslab+0xd6/0x130 [ 1184.013327] kmem_cache_alloc_trace+0x29a/0x3d0 [ 1184.018000] ? loop_get_status64+0x100/0x100 [ 1184.022408] __kthread_create_on_node+0xbe/0x3a0 [ 1184.027169] ? kthread_park+0x130/0x130 [ 1184.031161] ? loop_get_status64+0x100/0x100 [ 1184.035576] kthread_create_on_node+0xa8/0xd0 [ 1184.040077] ? __kthread_create_on_node+0x3a0/0x3a0 [ 1184.045098] ? __lockdep_init_map+0x100/0x560 [ 1184.049598] ? __lockdep_init_map+0x100/0x560 [ 1184.054096] lo_ioctl+0xcd9/0x1cd0 [ 1184.057639] ? loop_set_status64+0xe0/0xe0 [ 1184.061873] blkdev_ioctl+0x540/0x1830 [ 1184.065766] ? blkpg_ioctl+0x8d0/0x8d0 [ 1184.069674] ? trace_hardirqs_on+0x10/0x10 [ 1184.073910] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1184.079025] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1184.084044] block_ioctl+0xd9/0x120 [ 1184.087669] ? blkdev_fallocate+0x3a0/0x3a0 [ 1184.091985] do_vfs_ioctl+0x75a/0xff0 [ 1184.095764] ? lock_acquire+0x170/0x3f0 [ 1184.099728] ? ioctl_preallocate+0x1a0/0x1a0 [ 1184.104135] ? __fget+0x265/0x3e0 [ 1184.107565] ? do_vfs_ioctl+0xff0/0xff0 [ 1184.111517] ? security_file_ioctl+0x83/0xb0 [ 1184.115903] SyS_ioctl+0x7f/0xb0 [ 1184.119251] ? do_vfs_ioctl+0xff0/0xff0 [ 1184.123212] do_syscall_64+0x1d5/0x640 [ 1184.127079] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1184.132258] RIP: 0033:0x7f463664cea7 [ 1184.135946] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 09:31:52 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 10) 09:31:52 executing program 5: read$snapshot(0xffffffffffffffff, &(0x7f0000000000)=""/120, 0x78) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63720000006f723dd7ce6751d4"]) syz_init_net_socket$netrom(0x6, 0x5, 0x0) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000280)={0xffffffffffffffff, 0x20, &(0x7f0000000100)={&(0x7f0000000080)=""/116, 0x74, 0x0, &(0x7f00000001c0)=""/139, 0x8b}}, 0x10) 09:31:52 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async, rerun: 64) ioctl$SNAPSHOT_GET_IMAGE_SIZE(r0, 0x8008330e, &(0x7f00000000c0)) (async, rerun: 64) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) r2 = syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) (async, rerun: 32) ioctl$SNAPSHOT_GET_IMAGE_SIZE(r1, 0x8008330e, &(0x7f0000000080)) (async, rerun: 32) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r3, 0x0, 0x0) sendmsg$SMC_PNETID_FLUSH(r3, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x3001000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x74, r2, 0x100, 0x70bd25, 0x25dfdbff, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'wg1\x00'}]}, 0x74}, 0x1, 0x0, 0x0, 0x1}, 0x5001) 09:31:52 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r0, 0x0, 0x0) (async) syz_genetlink_get_family_id$smc(&(0x7f0000000000), r0) (async) r1 = socket(0x25, 0x1, 0x0) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r2, 0x0, 0x0) (async) sendmsg$SEG6_CMD_SETHMAC(r2, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x34, 0x0, 0x4, 0x70bd25, 0x25dfdbfd, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0xb1c}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x101}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x5}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x40) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r1) (async) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000380), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_MAX_FRAME_RETRIES(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x5c, r3, 0x0, 0x70bd2d, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0xe8}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x5}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x25}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x3f}]}, 0x5c}, 0x1, 0x0, 0x0, 0xc0}, 0x10) (async, rerun: 32) r5 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) r6 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$SEG6_CMD_DUMPHMAC(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="e7b2f160b9fcdd44000000c9c616e84b3916b0d18c82c63f7158494f929a984afa3be5a89f4d7b75dfc9cead8d4b056a5ac73aff9934ddc5b8fcc9d94800d49386002e6a5c0a92d9ead6b640c4e5af0e5cc9924a7c7eb980a415b6e761c48c905901f19c1c42f66ff2cc", @ANYRES16=r6, @ANYBLOB="db"], 0x44}}, 0x0) (async) sendmsg$SEG6_CMD_SET_TUNSRC(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x5c, r6, 0x404, 0x70bd2d, 0x25dfdbfb, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0xca}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x200}, @SEG6_ATTR_SECRET={0x14, 0x4, [0x7, 0x9, 0x4, 0x3ff]}, @SEG6_ATTR_SECRET={0x14, 0x4, [0x9b, 0x20, 0x0, 0xfffffffa]}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x3f}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x6}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4840}, 0x40000) [ 1184.143632] RAX: ffffffffffffffda RBX: 00007f4636696a20 RCX: 00007f463664cea7 [ 1184.150881] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1184.158134] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1184.165388] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1184.172636] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 09:31:52 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 10) [ 1184.220542] hfsplus: creator requires a 4 character value [ 1184.226107] hfsplus: unable to parse mount options [ 1184.267639] FAULT_INJECTION: forcing a failure. [ 1184.267639] name failslab, interval 1, probability 0, space 0, times 0 [ 1184.305278] FAULT_INJECTION: forcing a failure. [ 1184.305278] name failslab, interval 1, probability 0, space 0, times 0 [ 1184.311433] hfsplus: unable to parse mount options [ 1184.322515] CPU: 0 PID: 28354 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1184.330411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1184.339761] Call Trace: [ 1184.342345] dump_stack+0x1b2/0x281 [ 1184.345970] should_fail.cold+0x10a/0x149 [ 1184.350119] should_failslab+0xd6/0x130 [ 1184.354084] kmem_cache_alloc_trace+0x29a/0x3d0 [ 1184.358742] ? loop_get_status64+0x100/0x100 [ 1184.363139] __kthread_create_on_node+0xbe/0x3a0 [ 1184.367886] ? kthread_park+0x130/0x130 [ 1184.371872] ? loop_get_status64+0x100/0x100 [ 1184.376290] kthread_create_on_node+0xa8/0xd0 [ 1184.380794] ? __kthread_create_on_node+0x3a0/0x3a0 [ 1184.385811] ? __lockdep_init_map+0x100/0x560 [ 1184.390308] ? __lockdep_init_map+0x100/0x560 [ 1184.394805] lo_ioctl+0xcd9/0x1cd0 [ 1184.398345] ? loop_set_status64+0xe0/0xe0 [ 1184.402568] blkdev_ioctl+0x540/0x1830 [ 1184.406435] ? blkpg_ioctl+0x8d0/0x8d0 [ 1184.410301] ? trace_hardirqs_on+0x10/0x10 [ 1184.414518] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1184.419606] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1184.424608] block_ioctl+0xd9/0x120 [ 1184.428220] ? blkdev_fallocate+0x3a0/0x3a0 [ 1184.432523] do_vfs_ioctl+0x75a/0xff0 [ 1184.436309] ? lock_acquire+0x170/0x3f0 [ 1184.440299] ? ioctl_preallocate+0x1a0/0x1a0 [ 1184.444692] ? __fget+0x265/0x3e0 [ 1184.448128] ? do_vfs_ioctl+0xff0/0xff0 [ 1184.452086] ? security_file_ioctl+0x83/0xb0 [ 1184.456476] SyS_ioctl+0x7f/0xb0 [ 1184.459827] ? do_vfs_ioctl+0xff0/0xff0 [ 1184.463786] do_syscall_64+0x1d5/0x640 [ 1184.467752] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1184.472924] RIP: 0033:0x7f463664cea7 [ 1184.476616] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1184.484308] RAX: ffffffffffffffda RBX: 00007f4636696a20 RCX: 00007f463664cea7 [ 1184.491562] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1184.498820] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1184.506074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1184.513323] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1184.520596] CPU: 1 PID: 28342 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1184.528480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1184.537841] Call Trace: [ 1184.540437] dump_stack+0x1b2/0x281 [ 1184.544076] should_fail.cold+0x10a/0x149 [ 1184.548234] should_failslab+0xd6/0x130 [ 1184.552308] kmem_cache_alloc_trace+0x29a/0x3d0 [ 1184.556988] ? loop_get_status64+0x100/0x100 [ 1184.561405] __kthread_create_on_node+0xbe/0x3a0 [ 1184.566160] ? kthread_park+0x130/0x130 [ 1184.570144] ? loop_get_status64+0x100/0x100 [ 1184.574567] kthread_create_on_node+0xa8/0xd0 [ 1184.579075] ? __kthread_create_on_node+0x3a0/0x3a0 [ 1184.584104] ? __lockdep_init_map+0x100/0x560 [ 1184.588631] ? __lockdep_init_map+0x100/0x560 [ 1184.593144] lo_ioctl+0xcd9/0x1cd0 [ 1184.596691] ? loop_set_status64+0xe0/0xe0 [ 1184.600934] blkdev_ioctl+0x540/0x1830 [ 1184.604838] ? blkpg_ioctl+0x8d0/0x8d0 [ 1184.608728] ? trace_hardirqs_on+0x10/0x10 [ 1184.612979] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1184.618102] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1184.623128] block_ioctl+0xd9/0x120 [ 1184.626847] ? blkdev_fallocate+0x3a0/0x3a0 [ 1184.631176] do_vfs_ioctl+0x75a/0xff0 [ 1184.634986] ? lock_acquire+0x170/0x3f0 [ 1184.638969] ? ioctl_preallocate+0x1a0/0x1a0 [ 1184.643382] ? __fget+0x265/0x3e0 [ 1184.646843] ? do_vfs_ioctl+0xff0/0xff0 [ 1184.650826] ? security_file_ioctl+0x83/0xb0 [ 1184.655271] SyS_ioctl+0x7f/0xb0 [ 1184.658642] ? do_vfs_ioctl+0xff0/0xff0 [ 1184.662625] do_syscall_64+0x1d5/0x640 [ 1184.666522] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1184.671714] RIP: 0033:0x7f322b2faea7 [ 1184.675429] RSP: 002b:00007f3229c6ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1184.683289] RAX: ffffffffffffffda RBX: 00007f322b344a20 RCX: 00007f322b2faea7 [ 1184.690573] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1184.697845] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1184.705130] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1184.712436] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 09:31:52 executing program 2: getsockopt$netrom_NETROM_N2(0xffffffffffffffff, 0x103, 0x3, &(0x7f0000000000)=0x4, &(0x7f0000000040)=0x4) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) getsockopt$netrom_NETROM_N2(0xffffffffffffffff, 0x103, 0x3, &(0x7f0000000000)=0x4, &(0x7f0000000040)=0x4) (async) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (async) 09:31:52 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) ioctl$SNAPSHOT_GET_IMAGE_SIZE(r0, 0x8008330e, &(0x7f00000000c0)) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) r2 = syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) ioctl$SNAPSHOT_GET_IMAGE_SIZE(r1, 0x8008330e, &(0x7f0000000080)) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r3, 0x0, 0x0) sendmsg$SMC_PNETID_FLUSH(r3, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x3001000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x74, r2, 0x100, 0x70bd25, 0x25dfdbff, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'wg1\x00'}]}, 0x74}, 0x1, 0x0, 0x0, 0x1}, 0x5001) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) ioctl$SNAPSHOT_GET_IMAGE_SIZE(r0, 0x8008330e, &(0x7f00000000c0)) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) (async) ioctl$SNAPSHOT_GET_IMAGE_SIZE(r1, 0x8008330e, &(0x7f0000000080)) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$SMC_PNETID_DEL(r3, 0x0, 0x0) (async) sendmsg$SMC_PNETID_FLUSH(r3, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x3001000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x74, r2, 0x100, 0x70bd25, 0x25dfdbff, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'wg1\x00'}]}, 0x74}, 0x1, 0x0, 0x0, 0x1}, 0x5001) (async) 09:31:52 executing program 1: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) accept$netrom(r0, 0x0, 0x0) recvfrom$netrom(r0, &(0x7f0000000080)=""/249, 0xf9, 0x1, 0x0, 0x0) r1 = socket(0x26, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r1) 09:31:52 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 11) 09:31:52 executing program 5: read$snapshot(0xffffffffffffffff, &(0x7f0000000000)=""/120, 0x78) (async) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63720000006f723dd7ce6751d4"]) (async) syz_init_net_socket$netrom(0x6, 0x5, 0x0) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000280)={0xffffffffffffffff, 0x20, &(0x7f0000000100)={&(0x7f0000000080)=""/116, 0x74, 0x0, &(0x7f00000001c0)=""/139, 0x8b}}, 0x10) 09:31:53 executing program 1: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) accept$netrom(r0, 0x0, 0x0) recvfrom$netrom(r0, &(0x7f0000000080)=""/249, 0xf9, 0x1, 0x0, 0x0) r1 = socket(0x26, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r1) syz_init_net_socket$netrom(0x6, 0x5, 0x0) (async) accept$netrom(r0, 0x0, 0x0) (async) recvfrom$netrom(r0, &(0x7f0000000080)=""/249, 0xf9, 0x1, 0x0, 0x0) (async) socket(0x26, 0x1, 0x0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r1) (async) [ 1184.782282] FAULT_INJECTION: forcing a failure. [ 1184.782282] name failslab, interval 1, probability 0, space 0, times 0 09:31:53 executing program 1: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) accept$netrom(r0, 0x0, 0x0) recvfrom$netrom(r0, &(0x7f0000000080)=""/249, 0xf9, 0x1, 0x0, 0x0) (async) r1 = socket(0x26, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r1) [ 1184.829457] hfsplus: unable to parse mount options [ 1184.836959] hfsplus: creator requires a 4 character value [ 1184.858454] CPU: 1 PID: 28369 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1184.866358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1184.875718] Call Trace: [ 1184.878312] dump_stack+0x1b2/0x281 [ 1184.881967] should_fail.cold+0x10a/0x149 [ 1184.886119] should_failslab+0xd6/0x130 [ 1184.890107] kmem_cache_alloc+0x28e/0x3c0 [ 1184.894264] __kernfs_new_node+0x6f/0x470 [ 1184.898420] kernfs_create_dir_ns+0x8c/0x200 [ 1184.902835] internal_create_group+0xe9/0x710 [ 1184.907339] lo_ioctl+0x1137/0x1cd0 [ 1184.910974] ? loop_set_status64+0xe0/0xe0 [ 1184.915217] blkdev_ioctl+0x540/0x1830 [ 1184.919150] ? blkpg_ioctl+0x8d0/0x8d0 [ 1184.923048] ? trace_hardirqs_on+0x10/0x10 [ 1184.927287] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1184.932399] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1184.937438] block_ioctl+0xd9/0x120 [ 1184.941080] ? blkdev_fallocate+0x3a0/0x3a0 [ 1184.945408] do_vfs_ioctl+0x75a/0xff0 [ 1184.949213] ? lock_acquire+0x170/0x3f0 [ 1184.953196] ? ioctl_preallocate+0x1a0/0x1a0 [ 1184.957610] ? __fget+0x265/0x3e0 [ 1184.961176] ? do_vfs_ioctl+0xff0/0xff0 [ 1184.965160] ? security_file_ioctl+0x83/0xb0 [ 1184.969585] SyS_ioctl+0x7f/0xb0 [ 1184.972956] ? do_vfs_ioctl+0xff0/0xff0 [ 1184.976935] do_syscall_64+0x1d5/0x640 [ 1184.980834] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1184.986110] RIP: 0033:0x7f463664cea7 [ 1184.989907] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1184.997615] RAX: ffffffffffffffda RBX: 00007f4636696a20 RCX: 00007f463664cea7 [ 1185.004890] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1185.012159] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1185.019428] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1185.026698] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1185.040130] hfsplus: unable to parse mount options 09:31:53 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 11) 09:31:53 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x2, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f00000001c0)={&(0x7f0000000080), 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x28, r2, 0x100, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x11) 09:31:53 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CALIPSO_C_LIST(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x14}, 0x14}}, 0x0) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_MAX_FRAME_RETRIES(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x20, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x8051}, 0x40) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r2, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) 09:31:53 executing program 5: read$snapshot(0xffffffffffffffff, &(0x7f0000000000)=""/120, 0x78) (async) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63720000006f723dd7ce6751d4"]) (async) syz_init_net_socket$netrom(0x6, 0x5, 0x0) (async) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000280)={0xffffffffffffffff, 0x20, &(0x7f0000000100)={&(0x7f0000000080)=""/116, 0x74, 0x0, &(0x7f00000001c0)=""/139, 0x8b}}, 0x10) 09:31:53 executing program 2: getsockopt$netrom_NETROM_N2(0xffffffffffffffff, 0x103, 0x3, &(0x7f0000000000)=0x4, &(0x7f0000000040)=0x4) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) [ 1185.076677] hfsplus: creator requires a 4 character value [ 1185.084536] hfsplus: unable to parse mount options 09:31:53 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 12) 09:31:53 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x2, 0x0) (async) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0) (async, rerun: 64) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) (rerun: 64) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f00000001c0)={&(0x7f0000000080), 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x28, r2, 0x100, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x11) [ 1185.152373] hfsplus: creator requires a 4 character value [ 1185.156600] hfsplus: unable to parse mount options [ 1185.169167] FAULT_INJECTION: forcing a failure. [ 1185.169167] name failslab, interval 1, probability 0, space 0, times 0 [ 1185.185293] CPU: 1 PID: 28427 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1185.193205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1185.202559] Call Trace: [ 1185.203496] hfsplus: unable to parse mount options [ 1185.205163] dump_stack+0x1b2/0x281 [ 1185.205179] should_fail.cold+0x10a/0x149 [ 1185.205192] should_failslab+0xd6/0x130 [ 1185.221810] kmem_cache_alloc+0x28e/0x3c0 [ 1185.225970] __kernfs_new_node+0x6f/0x470 [ 1185.230131] kernfs_create_dir_ns+0x8c/0x200 [ 1185.234543] internal_create_group+0xe9/0x710 [ 1185.239045] lo_ioctl+0x1137/0x1cd0 [ 1185.242683] ? loop_set_status64+0xe0/0xe0 [ 1185.246929] blkdev_ioctl+0x540/0x1830 [ 1185.250826] ? blkpg_ioctl+0x8d0/0x8d0 [ 1185.254721] ? trace_hardirqs_on+0x10/0x10 [ 1185.258970] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1185.264082] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1185.269108] block_ioctl+0xd9/0x120 [ 1185.272737] ? blkdev_fallocate+0x3a0/0x3a0 [ 1185.277064] do_vfs_ioctl+0x75a/0xff0 [ 1185.280872] ? lock_acquire+0x170/0x3f0 [ 1185.284945] ? ioctl_preallocate+0x1a0/0x1a0 [ 1185.289360] ? __fget+0x265/0x3e0 [ 1185.292827] ? do_vfs_ioctl+0xff0/0xff0 [ 1185.296900] ? security_file_ioctl+0x83/0xb0 [ 1185.301315] SyS_ioctl+0x7f/0xb0 [ 1185.304685] ? do_vfs_ioctl+0xff0/0xff0 [ 1185.308669] do_syscall_64+0x1d5/0x640 [ 1185.312575] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1185.317891] RIP: 0033:0x7f322b2faea7 [ 1185.321599] RSP: 002b:00007f3229c6ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1185.329317] RAX: ffffffffffffffda RBX: 00007f322b344a20 RCX: 00007f322b2faea7 [ 1185.336588] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1185.343890] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f3229c701d0 09:31:53 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CALIPSO_C_LIST(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x14}, 0x14}}, 0x0) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_MAX_FRAME_RETRIES(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x20, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x8051}, 0x40) (async) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r2, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) 09:31:53 executing program 2: pipe2$9p(&(0x7f0000000000), 0x800) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) [ 1185.351243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1185.358517] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1185.383216] hfsplus: creator requires a 4 character value [ 1185.397856] FAULT_INJECTION: forcing a failure. 09:31:53 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) socket(0x39, 0x800, 0x40) [ 1185.397856] name failslab, interval 1, probability 0, space 0, times 0 [ 1185.418137] hfsplus: unable to parse mount options [ 1185.424421] CPU: 1 PID: 28431 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1185.432313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1185.441673] Call Trace: [ 1185.444269] dump_stack+0x1b2/0x281 [ 1185.447904] should_fail.cold+0x10a/0x149 [ 1185.452062] should_failslab+0xd6/0x130 [ 1185.456041] kmem_cache_alloc+0x28e/0x3c0 [ 1185.460197] __kernfs_new_node+0x6f/0x470 [ 1185.464353] kernfs_new_node+0x7b/0xe0 [ 1185.468249] __kernfs_create_file+0x3d/0x320 [ 1185.469600] hfsplus: creator requires a 4 character value [ 1185.472654] sysfs_add_file_mode_ns+0x1e1/0x450 [ 1185.472669] ? kernfs_create_dir_ns+0x171/0x200 [ 1185.487512] internal_create_group+0x22b/0x710 [ 1185.492103] lo_ioctl+0x1137/0x1cd0 [ 1185.495737] ? loop_set_status64+0xe0/0xe0 [ 1185.499972] blkdev_ioctl+0x540/0x1830 [ 1185.503866] ? blkpg_ioctl+0x8d0/0x8d0 [ 1185.507754] ? trace_hardirqs_on+0x10/0x10 [ 1185.511995] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1185.517099] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1185.522124] block_ioctl+0xd9/0x120 [ 1185.525755] ? blkdev_fallocate+0x3a0/0x3a0 [ 1185.526844] hfsplus: unable to parse mount options [ 1185.530073] do_vfs_ioctl+0x75a/0xff0 [ 1185.530084] ? lock_acquire+0x170/0x3f0 [ 1185.530093] ? ioctl_preallocate+0x1a0/0x1a0 [ 1185.530104] ? __fget+0x265/0x3e0 09:31:53 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x2, 0x0) (async) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0) (async) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f00000001c0)={&(0x7f0000000080), 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x28, r2, 0x100, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x11) [ 1185.530115] ? do_vfs_ioctl+0xff0/0xff0 [ 1185.530127] ? security_file_ioctl+0x83/0xb0 [ 1185.530135] SyS_ioctl+0x7f/0xb0 [ 1185.530142] ? do_vfs_ioctl+0xff0/0xff0 [ 1185.530152] do_syscall_64+0x1d5/0x640 [ 1185.530166] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1185.530176] RIP: 0033:0x7f463664cea7 [ 1185.579115] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1185.586830] RAX: ffffffffffffffda RBX: 00007f4636696a20 RCX: 00007f463664cea7 [ 1185.586836] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 09:31:53 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CALIPSO_C_LIST(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x14}, 0x14}}, 0x0) (async) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_MAX_FRAME_RETRIES(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x20, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x8051}, 0x40) (async) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r2, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) [ 1185.586842] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1185.586847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1185.586852] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1185.596766] hfsplus: creator requires a 4 character value [ 1185.640950] hfsplus: creator requires a 4 character value [ 1185.646515] hfsplus: unable to parse mount options 09:31:53 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 12) 09:31:53 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (async) socket(0x39, 0x800, 0x40) 09:31:53 executing program 4: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) getsockname$l2tp(r0, &(0x7f0000000080)={0x2, 0x0, @broadcast}, &(0x7f00000000c0)=0x10) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) [ 1185.660891] hfsplus: unable to parse mount options 09:31:53 executing program 2: pipe2$9p(&(0x7f0000000000), 0x800) (async) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) 09:31:53 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 13) 09:31:53 executing program 1: socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000), r1) r2 = shmget$private(0x0, 0x2000, 0x78000000, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_STAT_ANY(r2, 0xf, &(0x7f0000000040)=""/11) sendmsg$NL80211_CMD_LEAVE_MESH(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x0, 0x800, 0x70bd26, 0x25dfdbfe, {{}, {@void, @void}}, ["", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x44000) [ 1185.732095] FAULT_INJECTION: forcing a failure. [ 1185.732095] name failslab, interval 1, probability 0, space 0, times 0 [ 1185.745272] FAULT_INJECTION: forcing a failure. [ 1185.745272] name failslab, interval 1, probability 0, space 0, times 0 [ 1185.762418] hfsplus: creator requires a 4 character value [ 1185.767307] hfsplus: creator requires a 4 character value [ 1185.773966] CPU: 1 PID: 28473 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1185.781849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1185.781854] Call Trace: [ 1185.781871] dump_stack+0x1b2/0x281 [ 1185.781887] should_fail.cold+0x10a/0x149 [ 1185.781901] should_failslab+0xd6/0x130 [ 1185.781913] kmem_cache_alloc+0x28e/0x3c0 [ 1185.781926] __kernfs_new_node+0x6f/0x470 [ 1185.781939] kernfs_new_node+0x7b/0xe0 [ 1185.781949] __kernfs_create_file+0x3d/0x320 [ 1185.781960] sysfs_add_file_mode_ns+0x1e1/0x450 [ 1185.781969] ? kernfs_create_dir_ns+0x171/0x200 [ 1185.793636] hfsplus: unable to parse mount options [ 1185.793891] internal_create_group+0x22b/0x710 [ 1185.793906] lo_ioctl+0x1137/0x1cd0 [ 1185.844645] ? loop_set_status64+0xe0/0xe0 [ 1185.848891] blkdev_ioctl+0x540/0x1830 [ 1185.852786] ? blkpg_ioctl+0x8d0/0x8d0 [ 1185.856684] ? trace_hardirqs_on+0x10/0x10 [ 1185.860942] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1185.862776] hfsplus: unable to parse mount options [ 1185.866048] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1185.866064] block_ioctl+0xd9/0x120 [ 1185.866075] ? blkdev_fallocate+0x3a0/0x3a0 [ 1185.883921] do_vfs_ioctl+0x75a/0xff0 [ 1185.887905] ? lock_acquire+0x170/0x3f0 [ 1185.891892] ? ioctl_preallocate+0x1a0/0x1a0 [ 1185.896310] ? __fget+0x265/0x3e0 [ 1185.899774] ? do_vfs_ioctl+0xff0/0xff0 [ 1185.903753] ? security_file_ioctl+0x83/0xb0 [ 1185.908171] SyS_ioctl+0x7f/0xb0 [ 1185.911540] ? do_vfs_ioctl+0xff0/0xff0 [ 1185.915528] do_syscall_64+0x1d5/0x640 [ 1185.919429] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1185.924709] RIP: 0033:0x7f322b2faea7 09:31:54 executing program 4: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) getsockname$l2tp(r0, &(0x7f0000000080)={0x2, 0x0, @broadcast}, &(0x7f00000000c0)=0x10) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) (async) getsockname$l2tp(r0, &(0x7f0000000080)={0x2, 0x0, @broadcast}, &(0x7f00000000c0)=0x10) (async) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) [ 1185.928417] RSP: 002b:00007f3229c6ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1185.936130] RAX: ffffffffffffffda RBX: 00007f322b344a20 RCX: 00007f322b2faea7 [ 1185.943407] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1185.950677] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1185.958038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1185.965392] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1185.979002] CPU: 1 PID: 28475 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1185.986903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1185.996254] Call Trace: [ 1185.998848] dump_stack+0x1b2/0x281 [ 1186.002482] should_fail.cold+0x10a/0x149 [ 1186.006641] should_failslab+0xd6/0x130 [ 1186.010629] kmem_cache_alloc+0x28e/0x3c0 [ 1186.014784] __kernfs_new_node+0x6f/0x470 [ 1186.018942] kernfs_new_node+0x7b/0xe0 [ 1186.022833] __kernfs_create_file+0x3d/0x320 [ 1186.027246] sysfs_add_file_mode_ns+0x1e1/0x450 [ 1186.031920] ? kernfs_create_dir_ns+0x171/0x200 [ 1186.036640] internal_create_group+0x22b/0x710 [ 1186.041233] lo_ioctl+0x1137/0x1cd0 [ 1186.044871] ? loop_set_status64+0xe0/0xe0 [ 1186.049112] blkdev_ioctl+0x540/0x1830 [ 1186.053007] ? blkpg_ioctl+0x8d0/0x8d0 [ 1186.056897] ? trace_hardirqs_on+0x10/0x10 [ 1186.061140] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1186.066250] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1186.071278] block_ioctl+0xd9/0x120 [ 1186.074909] ? blkdev_fallocate+0x3a0/0x3a0 [ 1186.079237] do_vfs_ioctl+0x75a/0xff0 [ 1186.083038] ? lock_acquire+0x170/0x3f0 [ 1186.087011] ? ioctl_preallocate+0x1a0/0x1a0 [ 1186.091428] ? __fget+0x265/0x3e0 [ 1186.094887] ? do_vfs_ioctl+0xff0/0xff0 [ 1186.098867] ? security_file_ioctl+0x83/0xb0 [ 1186.103286] SyS_ioctl+0x7f/0xb0 [ 1186.106653] ? do_vfs_ioctl+0xff0/0xff0 [ 1186.110635] do_syscall_64+0x1d5/0x640 [ 1186.114529] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1186.119716] RIP: 0033:0x7f463664cea7 [ 1186.123424] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 09:31:54 executing program 1: socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) r0 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000), r1) r2 = shmget$private(0x0, 0x2000, 0x78000000, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_STAT_ANY(r2, 0xf, &(0x7f0000000040)=""/11) (async) sendmsg$NL80211_CMD_LEAVE_MESH(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x0, 0x800, 0x70bd26, 0x25dfdbfe, {{}, {@void, @void}}, ["", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x44000) [ 1186.131130] RAX: ffffffffffffffda RBX: 00007f4636696a20 RCX: 00007f463664cea7 [ 1186.138396] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1186.145672] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1186.153289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1186.160557] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 09:31:54 executing program 2: pipe2$9p(&(0x7f0000000000), 0x800) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) 09:31:54 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (async) socket(0x39, 0x800, 0x40) 09:31:54 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 13) [ 1186.182942] hfsplus: creator requires a 4 character value [ 1186.190052] hfsplus: unable to parse mount options [ 1186.195231] hfsplus: creator requires a 4 character value [ 1186.201561] hfsplus: unable to parse mount options [ 1186.220699] hfsplus: creator requires a 4 character value 09:31:54 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 14) 09:31:54 executing program 4: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) getsockname$l2tp(r0, &(0x7f0000000080)={0x2, 0x0, @broadcast}, &(0x7f00000000c0)=0x10) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) 09:31:54 executing program 1: socket$nl_generic(0x10, 0x3, 0x10) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000), r1) (async) r2 = shmget$private(0x0, 0x2000, 0x78000000, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_STAT_ANY(r2, 0xf, &(0x7f0000000040)=""/11) (async) sendmsg$NL80211_CMD_LEAVE_MESH(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x0, 0x800, 0x70bd26, 0x25dfdbfe, {{}, {@void, @void}}, ["", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x44000) 09:31:54 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561740180000000000000"]) ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000000)={0x0, 0x8, [@remote, @remote, @empty, @broadcast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @multicast, @broadcast, @broadcast]}) 09:31:54 executing program 4: r0 = socket(0x25, 0x1, 0x0) sendmsg$L2TP_CMD_SESSION_MODIFY(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x1) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000080)={0x0, 0x1}) [ 1186.229305] hfsplus: creator requires a 4 character value [ 1186.239471] hfsplus: unable to parse mount options [ 1186.247347] hfsplus: unable to parse mount options 09:31:54 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000000)) read$snapshot(r0, &(0x7f00000001c0)=""/221, 0xdd) [ 1186.317526] FAULT_INJECTION: forcing a failure. [ 1186.317526] name failslab, interval 1, probability 0, space 0, times 0 [ 1186.321212] hfsplus: unable to parse mount options [ 1186.334218] FAULT_INJECTION: forcing a failure. [ 1186.334218] name failslab, interval 1, probability 0, space 0, times 0 [ 1186.362502] CPU: 0 PID: 28524 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1186.370407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1186.379766] Call Trace: [ 1186.382356] dump_stack+0x1b2/0x281 [ 1186.386037] should_fail.cold+0x10a/0x149 [ 1186.390195] should_failslab+0xd6/0x130 [ 1186.394175] kmem_cache_alloc+0x28e/0x3c0 [ 1186.398346] __kernfs_new_node+0x6f/0x470 [ 1186.402508] kernfs_new_node+0x7b/0xe0 [ 1186.406400] __kernfs_create_file+0x3d/0x320 [ 1186.410819] sysfs_add_file_mode_ns+0x1e1/0x450 [ 1186.415492] ? kernfs_create_dir_ns+0x171/0x200 [ 1186.420167] internal_create_group+0x22b/0x710 [ 1186.424767] lo_ioctl+0x1137/0x1cd0 [ 1186.428405] ? loop_set_status64+0xe0/0xe0 [ 1186.432645] blkdev_ioctl+0x540/0x1830 [ 1186.436537] ? blkpg_ioctl+0x8d0/0x8d0 [ 1186.440437] ? trace_hardirqs_on+0x10/0x10 [ 1186.444678] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1186.449789] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1186.454815] block_ioctl+0xd9/0x120 [ 1186.458454] ? blkdev_fallocate+0x3a0/0x3a0 [ 1186.462777] do_vfs_ioctl+0x75a/0xff0 [ 1186.466593] ? lock_acquire+0x170/0x3f0 [ 1186.470582] ? ioctl_preallocate+0x1a0/0x1a0 [ 1186.474999] ? __fget+0x265/0x3e0 [ 1186.478451] ? do_vfs_ioctl+0xff0/0xff0 [ 1186.482407] ? security_file_ioctl+0x83/0xb0 [ 1186.486802] SyS_ioctl+0x7f/0xb0 [ 1186.490165] ? do_vfs_ioctl+0xff0/0xff0 [ 1186.494147] do_syscall_64+0x1d5/0x640 [ 1186.498046] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1186.503245] RIP: 0033:0x7f463664cea7 [ 1186.506956] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1186.514666] RAX: ffffffffffffffda RBX: 00007f4636696a20 RCX: 00007f463664cea7 [ 1186.521937] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1186.529208] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1186.536475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1186.543743] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1186.558562] CPU: 0 PID: 28521 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1186.566465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1186.575826] Call Trace: [ 1186.578415] dump_stack+0x1b2/0x281 [ 1186.582048] should_fail.cold+0x10a/0x149 [ 1186.586200] should_failslab+0xd6/0x130 [ 1186.590178] kmem_cache_alloc+0x28e/0x3c0 [ 1186.594330] __kernfs_new_node+0x6f/0x470 [ 1186.598490] kernfs_new_node+0x7b/0xe0 [ 1186.602380] __kernfs_create_file+0x3d/0x320 [ 1186.606793] sysfs_add_file_mode_ns+0x1e1/0x450 [ 1186.611462] ? kernfs_create_dir_ns+0x171/0x200 09:31:54 executing program 4: r0 = socket(0x25, 0x1, 0x0) sendmsg$L2TP_CMD_SESSION_MODIFY(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x1) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000080)={0x0, 0x1}) socket(0x25, 0x1, 0x0) (async) sendmsg$L2TP_CMD_SESSION_MODIFY(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x1) (async) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000080)={0x0, 0x1}) (async) 09:31:54 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561740180000000000000"]) (async) ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000000)={0x0, 0x8, [@remote, @remote, @empty, @broadcast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @multicast, @broadcast, @broadcast]}) [ 1186.616133] internal_create_group+0x22b/0x710 [ 1186.620724] lo_ioctl+0x1137/0x1cd0 [ 1186.624361] ? loop_set_status64+0xe0/0xe0 [ 1186.628598] blkdev_ioctl+0x540/0x1830 [ 1186.632489] ? blkpg_ioctl+0x8d0/0x8d0 [ 1186.636381] ? trace_hardirqs_on+0x10/0x10 [ 1186.640628] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1186.645736] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1186.650764] block_ioctl+0xd9/0x120 [ 1186.654397] ? blkdev_fallocate+0x3a0/0x3a0 [ 1186.658731] do_vfs_ioctl+0x75a/0xff0 [ 1186.662545] ? lock_acquire+0x170/0x3f0 [ 1186.666522] ? ioctl_preallocate+0x1a0/0x1a0 [ 1186.670309] hfsplus: unable to parse mount options [ 1186.670932] ? __fget+0x265/0x3e0 [ 1186.670944] ? do_vfs_ioctl+0xff0/0xff0 [ 1186.683264] ? security_file_ioctl+0x83/0xb0 [ 1186.687676] SyS_ioctl+0x7f/0xb0 [ 1186.691034] ? do_vfs_ioctl+0xff0/0xff0 [ 1186.691055] do_syscall_64+0x1d5/0x640 [ 1186.698892] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1186.704078] RIP: 0033:0x7f322b2faea7 [ 1186.707784] RSP: 002b:00007f3229c6ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 09:31:54 executing program 1: r0 = socket(0x25, 0x1, 0xffffffff) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) [ 1186.715521] RAX: ffffffffffffffda RBX: 00007f322b344a20 RCX: 00007f322b2faea7 [ 1186.722796] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1186.730069] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1186.733107] hfsplus: creator requires a 4 character value [ 1186.737333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1186.737339] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 09:31:55 executing program 4: r0 = socket(0x25, 0x1, 0x0) sendmsg$L2TP_CMD_SESSION_MODIFY(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x1) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000080)={0x0, 0x1}) socket(0x25, 0x1, 0x0) (async) sendmsg$L2TP_CMD_SESSION_MODIFY(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x1) (async) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000080)={0x0, 0x1}) (async) 09:31:55 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561740180000000000000"]) ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000000)={0x0, 0x8, [@remote, @remote, @empty, @broadcast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @multicast, @broadcast, @broadcast]}) [ 1186.780627] hfsplus: creator requires a 4 character value [ 1186.786840] hfsplus: unable to parse mount options [ 1186.809766] hfsplus: creator requires a 4 character value [ 1186.816318] hfsplus: unable to parse mount options [ 1186.824693] hfsplus: unable to parse mount options 09:31:55 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 14) 09:31:55 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 15) 09:31:55 executing program 1: r0 = socket(0x25, 0x1, 0xffffffff) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) 09:31:55 executing program 4: openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000080)={0x5, 0x9}) r2 = socket(0x18, 0x2, 0xffff) sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x3c, 0x0, 0x200, 0x70bd28, 0x25dfdbfb, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x1000}, @NBD_ATTR_SOCKETS={0x1c, 0x7, 0x0, 0x1, [{0x8}, {0x8, 0x1, r0}, {0x8, 0x1, r2}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x8080) 09:31:55 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000000)) read$snapshot(r0, &(0x7f00000001c0)=""/221, 0xdd) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) (async) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000000)) (async) read$snapshot(r0, &(0x7f00000001c0)=""/221, 0xdd) (async) [ 1186.851921] hfsplus: unable to parse mount options 09:31:55 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x3, &(0x7f00000011c0)=[{&(0x7f0000001240)="bd7237ac417c35feea3c282909476c1a598d772f9d77904f4a25f6efec8d0100000099fe9da20000000000000000e2df722970932ada5309b54a5880ecb70380163e9dbf294a4b168f796bcdb3a322be3d62c73feb35859d2ec1da62b944d0c7c7c4f244ec06ade58a07e28681ef3f25ab884254d7a97f1a74ab32b60d8f00ac54892ba3bb82e826932e887b881b5df3b1cb54ef73d12bbd744bb9e4c006dd333be82206987076136c6e2271f09d", 0xae, 0x8000}, {&(0x7f00000001c0)="4938c6672a549cf4f913aa1328d8e437a7a8667d4760e3692a6f6c408565dcf579c0c1706aba81746d91962a06137884283d69b9965f786c382f34eb41acd6181a9fe71b6ed13d97871369a77965f69c4819debd59eab3dcb7b34ce9b791d9866975c9b28885eff7c375431b19ecd249df07f94a99e601cc9193fbee1bb3dc73215d01286f4ce2a6283d8bb9b7eb3e0f6f70490cfaee8203e7be99819a8ae0ab565d5458e47bd5ba0d688a5381961d4a34920987caad1c719fb28d17f31c45672a738995ec5f30aeb2c5dbcb53ecf8466dae0aa3d49c07fb7fcabcce587a5008489bc995440e4a6c14704f7de08cb44a2a74e8047c6f1618f27b82696e1cc654464af4564c04a10e341c9de70e1241544109591681ea4baef6fb68f5257a4374dbb34c19c16d6c5d26e1f20b22f17cad36d6f27ba7666643a6c34e7c865357d1b797dafe3018d08e3bd17cd1d7e17d31799bf60351d87707d96a4e0f9c12bf73ffe29ee54011f3a328b874cb6dff406763c8aa1b1702f86fff7786796d91e105ba919e6cef06fd5684b02c754a36c293879f710f62b779468f5b96ed437064f88d2bd1cc837158f7c1b94906c6fd92ee5da759ccf1ac3f5c93095003dab1cf5d4d3d4b7a74f3e8fe560ecf35234ed13bc6386effdb6e4ca264c6a3da8126c39f79302a16ad1cb77b75cc5b7ed261647d7abc454dad26c248b25c742682454e2858a6a2bf87ad3eb213178aaef3dfe585ac172185cba2e59cea69e3992c0767d466884021d78c427a6b68321536a2af425f17db762309dac2d05723fa6551769606c44d21181ff7b6f9ccb93e6914c40d115130d99cd3620c701ac54d1e040dc66a40032158edcd711a847e77e8814a671b655fe646237a1d1294f9f93049f4ba27243815d59977660196a28d8de6160a43244a34cb67733686b99c6e21204edd326ebbdfe1a04f005af8021053390dad126ce82bb6374d0faa0ea200979f83fb632659e252e0a402d2d62569efacfbae654787e56175c0799252fdebe800c2f298c761dd4cbe1475e0ef805ac6bf353310c23d24042f1f9e3a0f4ef608b30dbbdbce1429c983e0d0b03cb0f5bd9f9083ba612e6d6da41fde64a12f7dca38460ff836ac0ee5fc509762c5343785254dd483712c15bede87c24428378b8f86aaf7dd28ad20846e75ef3220d50487199ca00beec8ca912f37ea327b35285b2f690b5805a77cdd3de196280e01d36060594ed0c356840ba49cc46d8379a3f12cf6251a687f2153b280a0ff049f1ceaadf72b91199fe07c3cdd1d294f1229e1e4b7cda11d237b4d9bf6ae07028a734f9e51c87929710cb859a7286ba8089f2213ad0c8fb151293ca9da75c81eda1000d807e7c30e4271e44a50a479595092fbd1b2b64003b377ec5fcc4429bfc84721aa9349910ad7c495c505a3d076ddc3cb2bb8c35fe28fc0965c26e157831515f39ba16a63359b05d608df73da013f8aa78cfcddc006dca36055a275ec33d653cc9b730d476735887c329fb55e05a0b65d49c4c604ad87d931755afd8e9fa609ecf40425b323755a4647b6274ca7475749d542f447aead5077cfe14b02bd2a290740b515237a8b731ec3d9cbff0ca72edac735c0d711e52d114d1e072ca098af45a06e553df6dea22a2e7451f823ff056d6044fdf0de3bb7ff73f3d7e9e38e7c3da6f2c91ed2f6bf4eb0a866c8cc50a9775c65bb087d4acafa86cbc2ace920f0206c7ac972ef97984db6c7ed09c1180a5af5932f0bfc23170a5bb1513a1be6de7911dbf6da8a387fde5f9553fdc62de9677088c6b84ceab964e4c55f9bd38631fdd8d8ca2f470d45f8e36cd1effa84acb577960591bd17ede67b0ab24aff6a2e37a23b622548ec3e1820ce35c8ea1ebf538e8d0cd5a945814791a87fa5de606776937cd48941d28c085014940cdc96afbcf9b0dff3c84d3ede26186764fc9d04f6da58fc56751c1af597ad46ec313af4624e4fae4bcf8870706f5b3c9134432d54289cb8310326a30c980f632f642b2736f0984b7eeb166311a01da771cd27861f0a004fecb9a8cce6365e26531f0beaaca6b14bcec64ed4fc3046d075caa0b009d0ab367f5f01556e964a3845268d111c17929532f110eb4ace57c6f1a9de02b851202448aadc9f54e879dba14d44c7c331de7d13fd06851bd50d9d5588397c88b93801ef2958a3130c0c3108a372a944abe5677c81714aefd25935f0c90a8585bc5e5a13d32efc38361f830b9b9266ffea587b65d8bfd89ee565f8f49031406ae7d81e17ac6dda474c3479f682a12c922e57dbb7180268e82f326b1821f1894a5e6413158fcd2347be9af368a3874491f3b8190333197c70970d9a7ac384078fd55b9715815805a30f24b94132eba17618eea065b9dc571866959e02d66e181c3a154b6ef4455cabc7c76a4eb824715c61fe48fe990a209cc88160e37d49132a61bcd4c5593a6d97d6fb46dd1cf97b783e908247648c12a38d9e77d9ddd6d3b28a6cd08b11933a1abf204fe9f1ae4b63fc4e11028462db1347bf63be2fc9826db6fafd4f09bc5436c33cd66aa531b1d9ee74417e39f45229deceb91a28949316be7557561319bf01b7bf63f708d4647a18eb6a5737eb3958e9875a9ff1790c77dbe033069d589e37343863be217a99b0f2ad906a0166d2be0dabd04c7db39f046af98723c45efa4b550121669dcea601e163f6d02d7cb49e5170e4f2d3d2bfe7cc56dd61ef72329d3ecdd5859982d8951de230415a039f964b8ec997a2996135f3ed78e23745e5a82cfba17b98852b11cc1a0914bc332483c32f2b67ebbd1b4bb45e55bd1ab4ffb74a0e6e921e71ab617a0f08a44ecaaaddf3128d7b214a4da314f7c2856d0799abb3f0cedb04050cc34ad6eabba274a4db3767911c1178cd55644c3acaab504912726d1283ca1975291f01c8c39eddb9847d94b1a10a563a828424f3a0808f63e9741713e0a73ab0aaa953a74867ff648d587db10dd50b8cb59a3d341533d73f21d1c528a7e4b93c3d5659f4310c23737345d18eebf89e0352e9f49dbac3a579dfcb3eb473bf26f74ae9d27508950f4dcda58af2eb70225463603b77c9fe29b5eabed57b7f853ad2aa4048bbb621c810170337c166b6d9ecbf6e3bf9ddae344aeccbc4844c39ce2b908dcfa490e59f2e15da9813c36d22cf8976df2f98e2df7ae21db698cfee304e0f03ce6189d7972597c5e5883117250181bc122489fd536db902ac54bf66c3c06692b55d7b61c420004051f3a4491c2147d89645de01fe206ca2a2b54a4182d42e54ac4ad4d4ccec1294d25190ccdd44d7e5f4c622fd0c758f80c471ce9b86cf7913066b572d9332f088ebf0f1b67bec3b177adfb8dca21923ada867a3bb206e8904ac3fb8780feb87e1358358716727f23753a8feed615937af1b3b341ca977f1c62a73d6ae16cf58ad8558dc08533cb6c0412989225410048d0981fac0d59c6c4eca92afb538819f7218746df991b1ae8b734e580ebfff445066f5e3e04f8adf6cfea6fb4381f357989b110100d9d3968a14f369eedfeb8316fcffb0911424b0ed6cb05c15967ecb5302a96ca1ae171b65e02f51fb093563649a6a21b4efba1e63ec537f8d9deab948cc44f758c8f8b3540a9894c1466c4dfbe1cd8c29752eee61e1aa01122682e39cce09a1085dcd898daa6a6589d384372002656f01773ebfe6ed9914eda8e968a20d3f9218e829e471d58bd95fc63ee5e056c7f4f6c33e37110235812d807d518a3fc5791b8976d3d53f76eb09c1215df4f4b84e72e69047f4001746dca7e6d6cb60bd468b572bfb16bacaf36611004370c1650017b8fde60a6789908887e269823f1656064d8b37a982dfc686f45a53649bc0592635ce08077fa45b7c82324516de52ed82e4a173d409b96aa1bd60be964c0fd028f823bd69001d88793cad910d08e770d2e57784ec6536ae86ca803da0ce812ea674585763219650190c20389a260020fba1ae295a5dca02b4d789b57dcc187dc684588583f99b7d34ef5b46e60fa43aaef9fea4cd917a8ce18c08a09a359ef8d2566cd057ee3341fcae6a491ca9347c9403f9fad10b7797685b61ec15f7cda656d94fbc99ce51ed9e7fc77e37d3fa1111180a16cd57e137804ded20f3408a06fbefb8cb7f20134ab8f6d3b5304684852bb6be753cba2315535137679a3d2f58cc5ad03e028212f8879902882f60b31b7b03f41560e9206533a1aa9012eae2d17775d68fe3e93b57d5717b3b88e8f331c04e28065caf7d92bdd5b9e26051136f97f9d6689e47e0678070160e44ee29172365aee4fe92893fdd89413a9a8e03a8456f52c64e7e14ebe7086af256143b7ac05822e4cbb279a50f1951719f9009e17085811b2700590e83a72f21518ece1956991be29a7662895d20737243e5c0364fd3aaec117dee8f2260575ca243a140a6e971d2b1863f2e4a3112cee486cae96b4f215ce7248b04345214a9b859ee266e4e8da3c6326313340bccc260046024863f066cf87758f35d02318aeefce29264c9794575ea859d1e3c2df4b895b586fd6a75a463d5ce10bd3dbad974dad04740f63e42148e5c71bfc67ee2def755a9dfba3a0617966b4de6b0f235d0d763fe5bed48acce59d54419f6cf70304136651850951c0773f6593aa3ac85431e989ec6c2f5ec23693b477980b486d0a9ef40d0214bb84b882312c6bff3c479b1e50af5d1a6fc482e449be0415bce8d166e62b08f602963700df627425e6750f17e8bc512f85525e16afacbe466c56e615ff7117a5784e3b7ffdbc60ab2817b2a55921cc6579651472c745aa39df72a247248b4ff41d5f347d7593a6b6aadf4e5a7c58a1a787bbab1263fdcbe089276d1d7b4abc7d4109c61af98029052b2d2053f0e1d85e4d4fd7204397f66a3ccbf8df5b4e9d09ad033a82b824c8886499dec114a8af66547b0db6c366c1f29cfd04281262090b2d810657bfaf08644b6b6d90967c2e9d1085df9cdeb9bd4d0e6765ade5fed13b8c8cce2a48d3aedacffb7b4c6611cd6c6d1d72a884aab710a47c3727665f89701f76f3561c2e07b08e4e783c56b43c536aba26bed56b4715005ae5c835c7fcc6089e584861a0d5c7ce4b781472eb0d995bcd9e103cacbe125bfb9636015859b7b969c0548eb6be2f3aab49779825cbf5e55176cf7dc6508444d107ed29b026e8ca6156632147cc596f30c669f32a0d6e40d876dede7728cdd0a3efec6184a0b35a07c14bfaae70bdf592145ea2d4ec6aa6f86ffeb0cb876039597923b8ee1c771f552eb022799d6c2450f61cd9b9e5ba34b5773d676b45e576ad068d57d9aab534c6b3bdfa18980c8e129be68f075ad33790b7378b005bc49a5bb16fd8fa7c855c97fb5ec2beecd5ebfe358ed422867582db25280c2ca68e164956c3bc4cb927b2aa7a63b4687664a7f2193bab75b37d91585cba620885f5ee7dc3c2da4257ecb4e410db9d407a7a720dd125ade4ac8782fe3bbc89f11dcccad26ede75f7f46f59d30d03b3d6e786769dd510127d87a889effd74dc26c2068c454a4d749a3a878aadd3b7fbe9c59ccbefef588c86ca86ad5d45a011355d89424097ac94fc201ff477d9463142ad0f32dfcbc8a8c2a43615a81e70f8b8f4dd14eba803dfba8a54b8d2686dbb2166bf77ebfec255755395dc33d7f605dca37ceed6982a9819bdf3096932fcc11e21e0c4c4f772e609712270dfe927abb5f91133fb3007313b74abed0dbba0b7b40576f1baafb251a148b9d533c84ef6b9291991d4dd80dd713c2378cd6ded5", 0x1000, 0x9}, {&(0x7f0000000040)="b7c5ba30d92b0513dda865b0361bc2a3b9db470e10e97b01c597a6cd1514c0e5a4f08ef68628470ff955a8d88d1e7bbc7148f1039045128748038cbddc8461ed4f04354517cdc8b81ae7ae79bf2adb53b6fabed971f8d3609a2d3e75044f481a0f1b0eda541b16cb923330ed5f7b1a81520894cc3250595a740e6fd2bc4ba550a9792857bed929805f2ff64f90ac915dd10f28a6dafd60cad27a6d83f886e5330399bb07fa62", 0xa6, 0x2}], 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000040)='.\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)) getresuid(&(0x7f0000001540)=0x0, &(0x7f0000001580)=0x0, &(0x7f00000015c0)=0x0) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) r4 = openat$cgroup_ro(r3, &(0x7f0000001800)='cpuset.effective_cpus\x00', 0x0, 0x0) r5 = getegid() syz_mount_image$fuse(&(0x7f0000001780), &(0x7f00000017c0)='./file0\x00', 0x0, 0x0, 0x0, 0x246442, &(0x7f0000001840)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x6000}, 0x2c, {'user_id', 0x3d, r2}, 0x2c, {'group_id', 0x3d, r5}, 0x2c, {[{@default_permissions}, {@allow_other}], [{@uid_gt={'uid>', r1}}]}}) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r3) r6 = getegid() r7 = geteuid() write$P9_RSTATu(r3, &(0x7f0000001700)={0x5e, 0x7d, 0x2, {{0x0, 0x44, 0x4, 0xffffffff, {0x10, 0x2, 0x8}, 0x80000000, 0x8, 0x5, 0x5, 0x5, '{$,$#', 0x3, '-&@', 0x5, '\xed&)*%', 0x4, 'uid<'}, 0x5, 'umask', r0, r6, r7}}, 0x5e) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x400, 0x2, &(0x7f0000001300)=[{&(0x7f0000001380)="1ef5eea965bdcda75db96dfe9284aa89b144dad5ad8d3e9ad6474d2abc7da74234b2d89e79dcff9a8719b6fc865bf4cf31b7b3cc2a83e8b4b68534551d58774b57c86a4c6795410f91ed2506d5a3babdcd27358b314accaf988da5b6c299d76625f0dfcbac7ade2fe9c2acf3d23ddf404049be6e9f9c76bf1042412b289c108b634da1beccbe36a837ef0bfa1686bb64981b7cd7e1a014f73c6d465f4d3e4b78464c64d6686ff222c30a1dcc50d889d65637fc8bcc9fcd79bc24e5488440125c", 0xc0, 0x523}, {&(0x7f0000001440)="7317a8626c4c70dc75d250ac63528314bb8477715220428169f8891127f0a2b11dc530664d2b20016fa52325477268f589f8ffbd519f60530e9c54268743c6c0e1d08891e66ed7ecbda7c34c6b47678894c1b48c4283fba9183b6fdbcbb49f26906739d78c819650c8a430ad0cedf90234374e8eefc10282110e4138f2bb71022a85fe9781cf0931f1eaab968b909f3e7e82d8e4cb6097ca88005dabb74fa81e72d9ba5c54de6188ebfd2eed3539e7f0bf3f7bfa04c120b2722e017bbfd7eaeb964ae173f490781a5021d50b5cf6d1813a218a90f288183c3d3a14446853e372f3e38e0e18ad328b1c2b9d2d6136", 0xee, 0x9}], 0x21000, &(0x7f0000001600)={[{@nodecompose}, {@force}, {@umask={'umask', 0x3d, 0x5}}], [{@pcr={'pcr', 0x3d, 0x16}}, {@hash}, {@fowner_lt={'fowner<', 0xee01}}, {@audit}, {@fowner_lt={'fowner<', r1}}, {@fowner_lt={'fowner<', 0xee00}}, {@uid_lt={'uid<', 0xee01}}]}) 09:31:55 executing program 4: openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) (async) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000080)={0x5, 0x9}) (async) r2 = socket(0x18, 0x2, 0xffff) sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x3c, 0x0, 0x200, 0x70bd28, 0x25dfdbfb, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x1000}, @NBD_ATTR_SOCKETS={0x1c, 0x7, 0x0, 0x1, [{0x8}, {0x8, 0x1, r0}, {0x8, 0x1, r2}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x8080) 09:31:55 executing program 1: r0 = socket(0x25, 0x1, 0xffffffff) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) [ 1186.923487] FAULT_INJECTION: forcing a failure. [ 1186.923487] name failslab, interval 1, probability 0, space 0, times 0 [ 1186.935219] FAULT_INJECTION: forcing a failure. [ 1186.935219] name failslab, interval 1, probability 0, space 0, times 0 [ 1186.942164] hfsplus: creator requires a 4 character value [ 1186.964331] CPU: 1 PID: 28591 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1186.966975] hfsplus: unable to parse mount options [ 1186.972311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1186.972316] Call Trace: [ 1186.972334] dump_stack+0x1b2/0x281 [ 1186.972351] should_fail.cold+0x10a/0x149 [ 1186.972365] should_failslab+0xd6/0x130 [ 1186.972378] kmem_cache_alloc+0x28e/0x3c0 [ 1186.972391] __kernfs_new_node+0x6f/0x470 [ 1186.972403] kernfs_new_node+0x7b/0xe0 [ 1186.972414] __kernfs_create_file+0x3d/0x320 [ 1186.972425] sysfs_add_file_mode_ns+0x1e1/0x450 [ 1186.972434] ? kernfs_create_dir_ns+0x171/0x200 [ 1186.972444] internal_create_group+0x22b/0x710 [ 1186.972458] lo_ioctl+0x1137/0x1cd0 [ 1186.972470] ? loop_set_status64+0xe0/0xe0 [ 1186.972481] blkdev_ioctl+0x540/0x1830 [ 1186.972492] ? blkpg_ioctl+0x8d0/0x8d0 [ 1186.972503] ? trace_hardirqs_on+0x10/0x10 [ 1186.972518] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1186.972531] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1186.972544] block_ioctl+0xd9/0x120 [ 1186.972553] ? blkdev_fallocate+0x3a0/0x3a0 [ 1186.972562] do_vfs_ioctl+0x75a/0xff0 [ 1186.972573] ? lock_acquire+0x170/0x3f0 [ 1187.012721] hfsplus: creator requires a 4 character value [ 1187.013221] ? ioctl_preallocate+0x1a0/0x1a0 [ 1187.043446] hfsplus: unable to parse mount options [ 1187.047145] ? __fget+0x265/0x3e0 [ 1187.047160] ? do_vfs_ioctl+0xff0/0xff0 [ 1187.047172] ? security_file_ioctl+0x83/0xb0 [ 1187.047181] SyS_ioctl+0x7f/0xb0 [ 1187.047191] ? do_vfs_ioctl+0xff0/0xff0 [ 1187.111063] do_syscall_64+0x1d5/0x640 [ 1187.114962] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1187.120145] RIP: 0033:0x7f322b2faea7 [ 1187.123847] RSP: 002b:00007f3229c6ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1187.131548] RAX: ffffffffffffffda RBX: 00007f322b344a20 RCX: 00007f322b2faea7 [ 1187.138818] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1187.146087] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1187.153351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1187.160625] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 09:31:55 executing program 1: syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) 09:31:55 executing program 1: syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) [ 1187.170643] CPU: 0 PID: 28597 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1187.178540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1187.188151] Call Trace: [ 1187.190743] dump_stack+0x1b2/0x281 [ 1187.194377] should_fail.cold+0x10a/0x149 [ 1187.198532] should_failslab+0xd6/0x130 [ 1187.202507] kmem_cache_alloc+0x28e/0x3c0 [ 1187.206659] __kernfs_new_node+0x6f/0x470 [ 1187.210813] kernfs_new_node+0x7b/0xe0 [ 1187.213193] hfsplus: creator requires a 4 character value [ 1187.214701] __kernfs_create_file+0x3d/0x320 09:31:55 executing program 1: syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) 09:31:55 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) [ 1187.214717] sysfs_add_file_mode_ns+0x1e1/0x450 [ 1187.224748] hfsplus: unable to parse mount options [ 1187.229281] ? kernfs_create_dir_ns+0x171/0x200 [ 1187.229293] internal_create_group+0x22b/0x710 [ 1187.229307] lo_ioctl+0x1137/0x1cd0 [ 1187.229319] ? loop_set_status64+0xe0/0xe0 [ 1187.229331] blkdev_ioctl+0x540/0x1830 [ 1187.229342] ? blkpg_ioctl+0x8d0/0x8d0 [ 1187.259052] ? trace_hardirqs_on+0x10/0x10 [ 1187.263294] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1187.268408] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1187.273467] block_ioctl+0xd9/0x120 [ 1187.273477] ? blkdev_fallocate+0x3a0/0x3a0 [ 1187.273488] do_vfs_ioctl+0x75a/0xff0 [ 1187.285184] ? lock_acquire+0x170/0x3f0 [ 1187.289140] ? ioctl_preallocate+0x1a0/0x1a0 [ 1187.293535] ? __fget+0x265/0x3e0 [ 1187.296966] ? do_vfs_ioctl+0xff0/0xff0 [ 1187.300918] ? security_file_ioctl+0x83/0xb0 [ 1187.305304] SyS_ioctl+0x7f/0xb0 [ 1187.308647] ? do_vfs_ioctl+0xff0/0xff0 [ 1187.312598] do_syscall_64+0x1d5/0x640 [ 1187.316476] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1187.321652] RIP: 0033:0x7f463664cea7 [ 1187.325339] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1187.333024] RAX: ffffffffffffffda RBX: 00007f4636696a20 RCX: 00007f463664cea7 [ 1187.340269] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1187.347541] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1187.354791] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1187.362046] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 09:31:55 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 15) [ 1187.402618] hfsplus: creator requires a 4 character value [ 1187.410583] print_req_error: I/O error, dev loop5, sector 0 [ 1187.416790] hfsplus: unable to parse mount options [ 1187.427630] hfsplus: creator requires a 4 character value [ 1187.443365] hfsplus: unable to parse mount options 09:31:55 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 16) 09:31:55 executing program 4: openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) (async, rerun: 64) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) (rerun: 64) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000080)={0x5, 0x9}) (async, rerun: 64) r2 = socket(0x18, 0x2, 0xffff) (rerun: 64) sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x3c, 0x0, 0x200, 0x70bd28, 0x25dfdbfb, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x1000}, @NBD_ATTR_SOCKETS={0x1c, 0x7, 0x0, 0x1, [{0x8}, {0x8, 0x1, r0}, {0x8, 0x1, r2}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x8080) 09:31:55 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) socket(0x25, 0x1, 0x0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) 09:31:55 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000000)) read$snapshot(r0, &(0x7f00000001c0)=""/221, 0xdd) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) (async) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000000)) (async) read$snapshot(r0, &(0x7f00000001c0)=""/221, 0xdd) (async) 09:31:55 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x3, &(0x7f00000011c0)=[{&(0x7f0000001240)="bd7237ac417c35feea3c282909476c1a598d772f9d77904f4a25f6efec8d0100000099fe9da20000000000000000e2df722970932ada5309b54a5880ecb70380163e9dbf294a4b168f796bcdb3a322be3d62c73feb35859d2ec1da62b944d0c7c7c4f244ec06ade58a07e28681ef3f25ab884254d7a97f1a74ab32b60d8f00ac54892ba3bb82e826932e887b881b5df3b1cb54ef73d12bbd744bb9e4c006dd333be82206987076136c6e2271f09d", 0xae, 0x8000}, {&(0x7f00000001c0)="4938c6672a549cf4f913aa1328d8e437a7a8667d4760e3692a6f6c408565dcf579c0c1706aba81746d91962a06137884283d69b9965f786c382f34eb41acd6181a9fe71b6ed13d97871369a77965f69c4819debd59eab3dcb7b34ce9b791d9866975c9b28885eff7c375431b19ecd249df07f94a99e601cc9193fbee1bb3dc73215d01286f4ce2a6283d8bb9b7eb3e0f6f70490cfaee8203e7be99819a8ae0ab565d5458e47bd5ba0d688a5381961d4a34920987caad1c719fb28d17f31c45672a738995ec5f30aeb2c5dbcb53ecf8466dae0aa3d49c07fb7fcabcce587a5008489bc995440e4a6c14704f7de08cb44a2a74e8047c6f1618f27b82696e1cc654464af4564c04a10e341c9de70e1241544109591681ea4baef6fb68f5257a4374dbb34c19c16d6c5d26e1f20b22f17cad36d6f27ba7666643a6c34e7c865357d1b797dafe3018d08e3bd17cd1d7e17d31799bf60351d87707d96a4e0f9c12bf73ffe29ee54011f3a328b874cb6dff406763c8aa1b1702f86fff7786796d91e105ba919e6cef06fd5684b02c754a36c293879f710f62b779468f5b96ed437064f88d2bd1cc837158f7c1b94906c6fd92ee5da759ccf1ac3f5c93095003dab1cf5d4d3d4b7a74f3e8fe560ecf35234ed13bc6386effdb6e4ca264c6a3da8126c39f79302a16ad1cb77b75cc5b7ed261647d7abc454dad26c248b25c742682454e2858a6a2bf87ad3eb213178aaef3dfe585ac172185cba2e59cea69e3992c0767d466884021d78c427a6b68321536a2af425f17db762309dac2d05723fa6551769606c44d21181ff7b6f9ccb93e6914c40d115130d99cd3620c701ac54d1e040dc66a40032158edcd711a847e77e8814a671b655fe646237a1d1294f9f93049f4ba27243815d59977660196a28d8de6160a43244a34cb67733686b99c6e21204edd326ebbdfe1a04f005af8021053390dad126ce82bb6374d0faa0ea200979f83fb632659e252e0a402d2d62569efacfbae654787e56175c0799252fdebe800c2f298c761dd4cbe1475e0ef805ac6bf353310c23d24042f1f9e3a0f4ef608b30dbbdbce1429c983e0d0b03cb0f5bd9f9083ba612e6d6da41fde64a12f7dca38460ff836ac0ee5fc509762c5343785254dd483712c15bede87c24428378b8f86aaf7dd28ad20846e75ef3220d50487199ca00beec8ca912f37ea327b35285b2f690b5805a77cdd3de196280e01d36060594ed0c356840ba49cc46d8379a3f12cf6251a687f2153b280a0ff049f1ceaadf72b91199fe07c3cdd1d294f1229e1e4b7cda11d237b4d9bf6ae07028a734f9e51c87929710cb859a7286ba8089f2213ad0c8fb151293ca9da75c81eda1000d807e7c30e4271e44a50a479595092fbd1b2b64003b377ec5fcc4429bfc84721aa9349910ad7c495c505a3d076ddc3cb2bb8c35fe28fc0965c26e157831515f39ba16a63359b05d608df73da013f8aa78cfcddc006dca36055a275ec33d653cc9b730d476735887c329fb55e05a0b65d49c4c604ad87d931755afd8e9fa609ecf40425b323755a4647b6274ca7475749d542f447aead5077cfe14b02bd2a290740b515237a8b731ec3d9cbff0ca72edac735c0d711e52d114d1e072ca098af45a06e553df6dea22a2e7451f823ff056d6044fdf0de3bb7ff73f3d7e9e38e7c3da6f2c91ed2f6bf4eb0a866c8cc50a9775c65bb087d4acafa86cbc2ace920f0206c7ac972ef97984db6c7ed09c1180a5af5932f0bfc23170a5bb1513a1be6de7911dbf6da8a387fde5f9553fdc62de9677088c6b84ceab964e4c55f9bd38631fdd8d8ca2f470d45f8e36cd1effa84acb577960591bd17ede67b0ab24aff6a2e37a23b622548ec3e1820ce35c8ea1ebf538e8d0cd5a945814791a87fa5de606776937cd48941d28c085014940cdc96afbcf9b0dff3c84d3ede26186764fc9d04f6da58fc56751c1af597ad46ec313af4624e4fae4bcf8870706f5b3c9134432d54289cb8310326a30c980f632f642b2736f0984b7eeb166311a01da771cd27861f0a004fecb9a8cce6365e26531f0beaaca6b14bcec64ed4fc3046d075caa0b009d0ab367f5f01556e964a3845268d111c17929532f110eb4ace57c6f1a9de02b851202448aadc9f54e879dba14d44c7c331de7d13fd06851bd50d9d5588397c88b93801ef2958a3130c0c3108a372a944abe5677c81714aefd25935f0c90a8585bc5e5a13d32efc38361f830b9b9266ffea587b65d8bfd89ee565f8f49031406ae7d81e17ac6dda474c3479f682a12c922e57dbb7180268e82f326b1821f1894a5e6413158fcd2347be9af368a3874491f3b8190333197c70970d9a7ac384078fd55b9715815805a30f24b94132eba17618eea065b9dc571866959e02d66e181c3a154b6ef4455cabc7c76a4eb824715c61fe48fe990a209cc88160e37d49132a61bcd4c5593a6d97d6fb46dd1cf97b783e908247648c12a38d9e77d9ddd6d3b28a6cd08b11933a1abf204fe9f1ae4b63fc4e11028462db1347bf63be2fc9826db6fafd4f09bc5436c33cd66aa531b1d9ee74417e39f45229deceb91a28949316be7557561319bf01b7bf63f708d4647a18eb6a5737eb3958e9875a9ff1790c77dbe033069d589e37343863be217a99b0f2ad906a0166d2be0dabd04c7db39f046af98723c45efa4b550121669dcea601e163f6d02d7cb49e5170e4f2d3d2bfe7cc56dd61ef72329d3ecdd5859982d8951de230415a039f964b8ec997a2996135f3ed78e23745e5a82cfba17b98852b11cc1a0914bc332483c32f2b67ebbd1b4bb45e55bd1ab4ffb74a0e6e921e71ab617a0f08a44ecaaaddf3128d7b214a4da314f7c2856d0799abb3f0cedb04050cc34ad6eabba274a4db3767911c1178cd55644c3acaab504912726d1283ca1975291f01c8c39eddb9847d94b1a10a563a828424f3a0808f63e9741713e0a73ab0aaa953a74867ff648d587db10dd50b8cb59a3d341533d73f21d1c528a7e4b93c3d5659f4310c23737345d18eebf89e0352e9f49dbac3a579dfcb3eb473bf26f74ae9d27508950f4dcda58af2eb70225463603b77c9fe29b5eabed57b7f853ad2aa4048bbb621c810170337c166b6d9ecbf6e3bf9ddae344aeccbc4844c39ce2b908dcfa490e59f2e15da9813c36d22cf8976df2f98e2df7ae21db698cfee304e0f03ce6189d7972597c5e5883117250181bc122489fd536db902ac54bf66c3c06692b55d7b61c420004051f3a4491c2147d89645de01fe206ca2a2b54a4182d42e54ac4ad4d4ccec1294d25190ccdd44d7e5f4c622fd0c758f80c471ce9b86cf7913066b572d9332f088ebf0f1b67bec3b177adfb8dca21923ada867a3bb206e8904ac3fb8780feb87e1358358716727f23753a8feed615937af1b3b341ca977f1c62a73d6ae16cf58ad8558dc08533cb6c0412989225410048d0981fac0d59c6c4eca92afb538819f7218746df991b1ae8b734e580ebfff445066f5e3e04f8adf6cfea6fb4381f357989b110100d9d3968a14f369eedfeb8316fcffb0911424b0ed6cb05c15967ecb5302a96ca1ae171b65e02f51fb093563649a6a21b4efba1e63ec537f8d9deab948cc44f758c8f8b3540a9894c1466c4dfbe1cd8c29752eee61e1aa01122682e39cce09a1085dcd898daa6a6589d384372002656f01773ebfe6ed9914eda8e968a20d3f9218e829e471d58bd95fc63ee5e056c7f4f6c33e37110235812d807d518a3fc5791b8976d3d53f76eb09c1215df4f4b84e72e69047f4001746dca7e6d6cb60bd468b572bfb16bacaf36611004370c1650017b8fde60a6789908887e269823f1656064d8b37a982dfc686f45a53649bc0592635ce08077fa45b7c82324516de52ed82e4a173d409b96aa1bd60be964c0fd028f823bd69001d88793cad910d08e770d2e57784ec6536ae86ca803da0ce812ea674585763219650190c20389a260020fba1ae295a5dca02b4d789b57dcc187dc684588583f99b7d34ef5b46e60fa43aaef9fea4cd917a8ce18c08a09a359ef8d2566cd057ee3341fcae6a491ca9347c9403f9fad10b7797685b61ec15f7cda656d94fbc99ce51ed9e7fc77e37d3fa1111180a16cd57e137804ded20f3408a06fbefb8cb7f20134ab8f6d3b5304684852bb6be753cba2315535137679a3d2f58cc5ad03e028212f8879902882f60b31b7b03f41560e9206533a1aa9012eae2d17775d68fe3e93b57d5717b3b88e8f331c04e28065caf7d92bdd5b9e26051136f97f9d6689e47e0678070160e44ee29172365aee4fe92893fdd89413a9a8e03a8456f52c64e7e14ebe7086af256143b7ac05822e4cbb279a50f1951719f9009e17085811b2700590e83a72f21518ece1956991be29a7662895d20737243e5c0364fd3aaec117dee8f2260575ca243a140a6e971d2b1863f2e4a3112cee486cae96b4f215ce7248b04345214a9b859ee266e4e8da3c6326313340bccc260046024863f066cf87758f35d02318aeefce29264c9794575ea859d1e3c2df4b895b586fd6a75a463d5ce10bd3dbad974dad04740f63e42148e5c71bfc67ee2def755a9dfba3a0617966b4de6b0f235d0d763fe5bed48acce59d54419f6cf70304136651850951c0773f6593aa3ac85431e989ec6c2f5ec23693b477980b486d0a9ef40d0214bb84b882312c6bff3c479b1e50af5d1a6fc482e449be0415bce8d166e62b08f602963700df627425e6750f17e8bc512f85525e16afacbe466c56e615ff7117a5784e3b7ffdbc60ab2817b2a55921cc6579651472c745aa39df72a247248b4ff41d5f347d7593a6b6aadf4e5a7c58a1a787bbab1263fdcbe089276d1d7b4abc7d4109c61af98029052b2d2053f0e1d85e4d4fd7204397f66a3ccbf8df5b4e9d09ad033a82b824c8886499dec114a8af66547b0db6c366c1f29cfd04281262090b2d810657bfaf08644b6b6d90967c2e9d1085df9cdeb9bd4d0e6765ade5fed13b8c8cce2a48d3aedacffb7b4c6611cd6c6d1d72a884aab710a47c3727665f89701f76f3561c2e07b08e4e783c56b43c536aba26bed56b4715005ae5c835c7fcc6089e584861a0d5c7ce4b781472eb0d995bcd9e103cacbe125bfb9636015859b7b969c0548eb6be2f3aab49779825cbf5e55176cf7dc6508444d107ed29b026e8ca6156632147cc596f30c669f32a0d6e40d876dede7728cdd0a3efec6184a0b35a07c14bfaae70bdf592145ea2d4ec6aa6f86ffeb0cb876039597923b8ee1c771f552eb022799d6c2450f61cd9b9e5ba34b5773d676b45e576ad068d57d9aab534c6b3bdfa18980c8e129be68f075ad33790b7378b005bc49a5bb16fd8fa7c855c97fb5ec2beecd5ebfe358ed422867582db25280c2ca68e164956c3bc4cb927b2aa7a63b4687664a7f2193bab75b37d91585cba620885f5ee7dc3c2da4257ecb4e410db9d407a7a720dd125ade4ac8782fe3bbc89f11dcccad26ede75f7f46f59d30d03b3d6e786769dd510127d87a889effd74dc26c2068c454a4d749a3a878aadd3b7fbe9c59ccbefef588c86ca86ad5d45a011355d89424097ac94fc201ff477d9463142ad0f32dfcbc8a8c2a43615a81e70f8b8f4dd14eba803dfba8a54b8d2686dbb2166bf77ebfec255755395dc33d7f605dca37ceed6982a9819bdf3096932fcc11e21e0c4c4f772e609712270dfe927abb5f91133fb3007313b74abed0dbba0b7b40576f1baafb251a148b9d533c84ef6b9291991d4dd80dd713c2378cd6ded5", 0x1000, 0x9}, {&(0x7f0000000040)="b7c5ba30d92b0513dda865b0361bc2a3b9db470e10e97b01c597a6cd1514c0e5a4f08ef68628470ff955a8d88d1e7bbc7148f1039045128748038cbddc8461ed4f04354517cdc8b81ae7ae79bf2adb53b6fabed971f8d3609a2d3e75044f481a0f1b0eda541b16cb923330ed5f7b1a81520894cc3250595a740e6fd2bc4ba550a9792857bed929805f2ff64f90ac915dd10f28a6dafd60cad27a6d83f886e5330399bb07fa62", 0xa6, 0x2}], 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000040)='.\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)) getresuid(&(0x7f0000001540)=0x0, &(0x7f0000001580)=0x0, &(0x7f00000015c0)=0x0) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) r4 = openat$cgroup_ro(r3, &(0x7f0000001800)='cpuset.effective_cpus\x00', 0x0, 0x0) r5 = getegid() syz_mount_image$fuse(&(0x7f0000001780), &(0x7f00000017c0)='./file0\x00', 0x0, 0x0, 0x0, 0x246442, &(0x7f0000001840)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x6000}, 0x2c, {'user_id', 0x3d, r2}, 0x2c, {'group_id', 0x3d, r5}, 0x2c, {[{@default_permissions}, {@allow_other}], [{@uid_gt={'uid>', r1}}]}}) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r3) r6 = getegid() r7 = geteuid() write$P9_RSTATu(r3, &(0x7f0000001700)={0x5e, 0x7d, 0x2, {{0x0, 0x44, 0x4, 0xffffffff, {0x10, 0x2, 0x8}, 0x80000000, 0x8, 0x5, 0x5, 0x5, '{$,$#', 0x3, '-&@', 0x5, '\xed&)*%', 0x4, 'uid<'}, 0x5, 'umask', r0, r6, r7}}, 0x5e) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x400, 0x2, &(0x7f0000001300)=[{&(0x7f0000001380)="1ef5eea965bdcda75db96dfe9284aa89b144dad5ad8d3e9ad6474d2abc7da74234b2d89e79dcff9a8719b6fc865bf4cf31b7b3cc2a83e8b4b68534551d58774b57c86a4c6795410f91ed2506d5a3babdcd27358b314accaf988da5b6c299d76625f0dfcbac7ade2fe9c2acf3d23ddf404049be6e9f9c76bf1042412b289c108b634da1beccbe36a837ef0bfa1686bb64981b7cd7e1a014f73c6d465f4d3e4b78464c64d6686ff222c30a1dcc50d889d65637fc8bcc9fcd79bc24e5488440125c", 0xc0, 0x523}, {&(0x7f0000001440)="7317a8626c4c70dc75d250ac63528314bb8477715220428169f8891127f0a2b11dc530664d2b20016fa52325477268f589f8ffbd519f60530e9c54268743c6c0e1d08891e66ed7ecbda7c34c6b47678894c1b48c4283fba9183b6fdbcbb49f26906739d78c819650c8a430ad0cedf90234374e8eefc10282110e4138f2bb71022a85fe9781cf0931f1eaab968b909f3e7e82d8e4cb6097ca88005dabb74fa81e72d9ba5c54de6188ebfd2eed3539e7f0bf3f7bfa04c120b2722e017bbfd7eaeb964ae173f490781a5021d50b5cf6d1813a218a90f288183c3d3a14446853e372f3e38e0e18ad328b1c2b9d2d6136", 0xee, 0x9}], 0x21000, &(0x7f0000001600)={[{@nodecompose}, {@force}, {@umask={'umask', 0x3d, 0x5}}], [{@pcr={'pcr', 0x3d, 0x16}}, {@hash}, {@fowner_lt={'fowner<', 0xee01}}, {@audit}, {@fowner_lt={'fowner<', r1}}, {@fowner_lt={'fowner<', 0xee00}}, {@uid_lt={'uid<', 0xee01}}]}) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x3, &(0x7f00000011c0)=[{&(0x7f0000001240)="bd7237ac417c35feea3c282909476c1a598d772f9d77904f4a25f6efec8d0100000099fe9da20000000000000000e2df722970932ada5309b54a5880ecb70380163e9dbf294a4b168f796bcdb3a322be3d62c73feb35859d2ec1da62b944d0c7c7c4f244ec06ade58a07e28681ef3f25ab884254d7a97f1a74ab32b60d8f00ac54892ba3bb82e826932e887b881b5df3b1cb54ef73d12bbd744bb9e4c006dd333be82206987076136c6e2271f09d", 0xae, 0x8000}, {&(0x7f00000001c0)="4938c6672a549cf4f913aa1328d8e437a7a8667d4760e3692a6f6c408565dcf579c0c1706aba81746d91962a06137884283d69b9965f786c382f34eb41acd6181a9fe71b6ed13d97871369a77965f69c4819debd59eab3dcb7b34ce9b791d9866975c9b28885eff7c375431b19ecd249df07f94a99e601cc9193fbee1bb3dc73215d01286f4ce2a6283d8bb9b7eb3e0f6f70490cfaee8203e7be99819a8ae0ab565d5458e47bd5ba0d688a5381961d4a34920987caad1c719fb28d17f31c45672a738995ec5f30aeb2c5dbcb53ecf8466dae0aa3d49c07fb7fcabcce587a5008489bc995440e4a6c14704f7de08cb44a2a74e8047c6f1618f27b82696e1cc654464af4564c04a10e341c9de70e1241544109591681ea4baef6fb68f5257a4374dbb34c19c16d6c5d26e1f20b22f17cad36d6f27ba7666643a6c34e7c865357d1b797dafe3018d08e3bd17cd1d7e17d31799bf60351d87707d96a4e0f9c12bf73ffe29ee54011f3a328b874cb6dff406763c8aa1b1702f86fff7786796d91e105ba919e6cef06fd5684b02c754a36c293879f710f62b779468f5b96ed437064f88d2bd1cc837158f7c1b94906c6fd92ee5da759ccf1ac3f5c93095003dab1cf5d4d3d4b7a74f3e8fe560ecf35234ed13bc6386effdb6e4ca264c6a3da8126c39f79302a16ad1cb77b75cc5b7ed261647d7abc454dad26c248b25c742682454e2858a6a2bf87ad3eb213178aaef3dfe585ac172185cba2e59cea69e3992c0767d466884021d78c427a6b68321536a2af425f17db762309dac2d05723fa6551769606c44d21181ff7b6f9ccb93e6914c40d115130d99cd3620c701ac54d1e040dc66a40032158edcd711a847e77e8814a671b655fe646237a1d1294f9f93049f4ba27243815d59977660196a28d8de6160a43244a34cb67733686b99c6e21204edd326ebbdfe1a04f005af8021053390dad126ce82bb6374d0faa0ea200979f83fb632659e252e0a402d2d62569efacfbae654787e56175c0799252fdebe800c2f298c761dd4cbe1475e0ef805ac6bf353310c23d24042f1f9e3a0f4ef608b30dbbdbce1429c983e0d0b03cb0f5bd9f9083ba612e6d6da41fde64a12f7dca38460ff836ac0ee5fc509762c5343785254dd483712c15bede87c24428378b8f86aaf7dd28ad20846e75ef3220d50487199ca00beec8ca912f37ea327b35285b2f690b5805a77cdd3de196280e01d36060594ed0c356840ba49cc46d8379a3f12cf6251a687f2153b280a0ff049f1ceaadf72b91199fe07c3cdd1d294f1229e1e4b7cda11d237b4d9bf6ae07028a734f9e51c87929710cb859a7286ba8089f2213ad0c8fb151293ca9da75c81eda1000d807e7c30e4271e44a50a479595092fbd1b2b64003b377ec5fcc4429bfc84721aa9349910ad7c495c505a3d076ddc3cb2bb8c35fe28fc0965c26e157831515f39ba16a63359b05d608df73da013f8aa78cfcddc006dca36055a275ec33d653cc9b730d476735887c329fb55e05a0b65d49c4c604ad87d931755afd8e9fa609ecf40425b323755a4647b6274ca7475749d542f447aead5077cfe14b02bd2a290740b515237a8b731ec3d9cbff0ca72edac735c0d711e52d114d1e072ca098af45a06e553df6dea22a2e7451f823ff056d6044fdf0de3bb7ff73f3d7e9e38e7c3da6f2c91ed2f6bf4eb0a866c8cc50a9775c65bb087d4acafa86cbc2ace920f0206c7ac972ef97984db6c7ed09c1180a5af5932f0bfc23170a5bb1513a1be6de7911dbf6da8a387fde5f9553fdc62de9677088c6b84ceab964e4c55f9bd38631fdd8d8ca2f470d45f8e36cd1effa84acb577960591bd17ede67b0ab24aff6a2e37a23b622548ec3e1820ce35c8ea1ebf538e8d0cd5a945814791a87fa5de606776937cd48941d28c085014940cdc96afbcf9b0dff3c84d3ede26186764fc9d04f6da58fc56751c1af597ad46ec313af4624e4fae4bcf8870706f5b3c9134432d54289cb8310326a30c980f632f642b2736f0984b7eeb166311a01da771cd27861f0a004fecb9a8cce6365e26531f0beaaca6b14bcec64ed4fc3046d075caa0b009d0ab367f5f01556e964a3845268d111c17929532f110eb4ace57c6f1a9de02b851202448aadc9f54e879dba14d44c7c331de7d13fd06851bd50d9d5588397c88b93801ef2958a3130c0c3108a372a944abe5677c81714aefd25935f0c90a8585bc5e5a13d32efc38361f830b9b9266ffea587b65d8bfd89ee565f8f49031406ae7d81e17ac6dda474c3479f682a12c922e57dbb7180268e82f326b1821f1894a5e6413158fcd2347be9af368a3874491f3b8190333197c70970d9a7ac384078fd55b9715815805a30f24b94132eba17618eea065b9dc571866959e02d66e181c3a154b6ef4455cabc7c76a4eb824715c61fe48fe990a209cc88160e37d49132a61bcd4c5593a6d97d6fb46dd1cf97b783e908247648c12a38d9e77d9ddd6d3b28a6cd08b11933a1abf204fe9f1ae4b63fc4e11028462db1347bf63be2fc9826db6fafd4f09bc5436c33cd66aa531b1d9ee74417e39f45229deceb91a28949316be7557561319bf01b7bf63f708d4647a18eb6a5737eb3958e9875a9ff1790c77dbe033069d589e37343863be217a99b0f2ad906a0166d2be0dabd04c7db39f046af98723c45efa4b550121669dcea601e163f6d02d7cb49e5170e4f2d3d2bfe7cc56dd61ef72329d3ecdd5859982d8951de230415a039f964b8ec997a2996135f3ed78e23745e5a82cfba17b98852b11cc1a0914bc332483c32f2b67ebbd1b4bb45e55bd1ab4ffb74a0e6e921e71ab617a0f08a44ecaaaddf3128d7b214a4da314f7c2856d0799abb3f0cedb04050cc34ad6eabba274a4db3767911c1178cd55644c3acaab504912726d1283ca1975291f01c8c39eddb9847d94b1a10a563a828424f3a0808f63e9741713e0a73ab0aaa953a74867ff648d587db10dd50b8cb59a3d341533d73f21d1c528a7e4b93c3d5659f4310c23737345d18eebf89e0352e9f49dbac3a579dfcb3eb473bf26f74ae9d27508950f4dcda58af2eb70225463603b77c9fe29b5eabed57b7f853ad2aa4048bbb621c810170337c166b6d9ecbf6e3bf9ddae344aeccbc4844c39ce2b908dcfa490e59f2e15da9813c36d22cf8976df2f98e2df7ae21db698cfee304e0f03ce6189d7972597c5e5883117250181bc122489fd536db902ac54bf66c3c06692b55d7b61c420004051f3a4491c2147d89645de01fe206ca2a2b54a4182d42e54ac4ad4d4ccec1294d25190ccdd44d7e5f4c622fd0c758f80c471ce9b86cf7913066b572d9332f088ebf0f1b67bec3b177adfb8dca21923ada867a3bb206e8904ac3fb8780feb87e1358358716727f23753a8feed615937af1b3b341ca977f1c62a73d6ae16cf58ad8558dc08533cb6c0412989225410048d0981fac0d59c6c4eca92afb538819f7218746df991b1ae8b734e580ebfff445066f5e3e04f8adf6cfea6fb4381f357989b110100d9d3968a14f369eedfeb8316fcffb0911424b0ed6cb05c15967ecb5302a96ca1ae171b65e02f51fb093563649a6a21b4efba1e63ec537f8d9deab948cc44f758c8f8b3540a9894c1466c4dfbe1cd8c29752eee61e1aa01122682e39cce09a1085dcd898daa6a6589d384372002656f01773ebfe6ed9914eda8e968a20d3f9218e829e471d58bd95fc63ee5e056c7f4f6c33e37110235812d807d518a3fc5791b8976d3d53f76eb09c1215df4f4b84e72e69047f4001746dca7e6d6cb60bd468b572bfb16bacaf36611004370c1650017b8fde60a6789908887e269823f1656064d8b37a982dfc686f45a53649bc0592635ce08077fa45b7c82324516de52ed82e4a173d409b96aa1bd60be964c0fd028f823bd69001d88793cad910d08e770d2e57784ec6536ae86ca803da0ce812ea674585763219650190c20389a260020fba1ae295a5dca02b4d789b57dcc187dc684588583f99b7d34ef5b46e60fa43aaef9fea4cd917a8ce18c08a09a359ef8d2566cd057ee3341fcae6a491ca9347c9403f9fad10b7797685b61ec15f7cda656d94fbc99ce51ed9e7fc77e37d3fa1111180a16cd57e137804ded20f3408a06fbefb8cb7f20134ab8f6d3b5304684852bb6be753cba2315535137679a3d2f58cc5ad03e028212f8879902882f60b31b7b03f41560e9206533a1aa9012eae2d17775d68fe3e93b57d5717b3b88e8f331c04e28065caf7d92bdd5b9e26051136f97f9d6689e47e0678070160e44ee29172365aee4fe92893fdd89413a9a8e03a8456f52c64e7e14ebe7086af256143b7ac05822e4cbb279a50f1951719f9009e17085811b2700590e83a72f21518ece1956991be29a7662895d20737243e5c0364fd3aaec117dee8f2260575ca243a140a6e971d2b1863f2e4a3112cee486cae96b4f215ce7248b04345214a9b859ee266e4e8da3c6326313340bccc260046024863f066cf87758f35d02318aeefce29264c9794575ea859d1e3c2df4b895b586fd6a75a463d5ce10bd3dbad974dad04740f63e42148e5c71bfc67ee2def755a9dfba3a0617966b4de6b0f235d0d763fe5bed48acce59d54419f6cf70304136651850951c0773f6593aa3ac85431e989ec6c2f5ec23693b477980b486d0a9ef40d0214bb84b882312c6bff3c479b1e50af5d1a6fc482e449be0415bce8d166e62b08f602963700df627425e6750f17e8bc512f85525e16afacbe466c56e615ff7117a5784e3b7ffdbc60ab2817b2a55921cc6579651472c745aa39df72a247248b4ff41d5f347d7593a6b6aadf4e5a7c58a1a787bbab1263fdcbe089276d1d7b4abc7d4109c61af98029052b2d2053f0e1d85e4d4fd7204397f66a3ccbf8df5b4e9d09ad033a82b824c8886499dec114a8af66547b0db6c366c1f29cfd04281262090b2d810657bfaf08644b6b6d90967c2e9d1085df9cdeb9bd4d0e6765ade5fed13b8c8cce2a48d3aedacffb7b4c6611cd6c6d1d72a884aab710a47c3727665f89701f76f3561c2e07b08e4e783c56b43c536aba26bed56b4715005ae5c835c7fcc6089e584861a0d5c7ce4b781472eb0d995bcd9e103cacbe125bfb9636015859b7b969c0548eb6be2f3aab49779825cbf5e55176cf7dc6508444d107ed29b026e8ca6156632147cc596f30c669f32a0d6e40d876dede7728cdd0a3efec6184a0b35a07c14bfaae70bdf592145ea2d4ec6aa6f86ffeb0cb876039597923b8ee1c771f552eb022799d6c2450f61cd9b9e5ba34b5773d676b45e576ad068d57d9aab534c6b3bdfa18980c8e129be68f075ad33790b7378b005bc49a5bb16fd8fa7c855c97fb5ec2beecd5ebfe358ed422867582db25280c2ca68e164956c3bc4cb927b2aa7a63b4687664a7f2193bab75b37d91585cba620885f5ee7dc3c2da4257ecb4e410db9d407a7a720dd125ade4ac8782fe3bbc89f11dcccad26ede75f7f46f59d30d03b3d6e786769dd510127d87a889effd74dc26c2068c454a4d749a3a878aadd3b7fbe9c59ccbefef588c86ca86ad5d45a011355d89424097ac94fc201ff477d9463142ad0f32dfcbc8a8c2a43615a81e70f8b8f4dd14eba803dfba8a54b8d2686dbb2166bf77ebfec255755395dc33d7f605dca37ceed6982a9819bdf3096932fcc11e21e0c4c4f772e609712270dfe927abb5f91133fb3007313b74abed0dbba0b7b40576f1baafb251a148b9d533c84ef6b9291991d4dd80dd713c2378cd6ded5", 0x1000, 0x9}, {&(0x7f0000000040)="b7c5ba30d92b0513dda865b0361bc2a3b9db470e10e97b01c597a6cd1514c0e5a4f08ef68628470ff955a8d88d1e7bbc7148f1039045128748038cbddc8461ed4f04354517cdc8b81ae7ae79bf2adb53b6fabed971f8d3609a2d3e75044f481a0f1b0eda541b16cb923330ed5f7b1a81520894cc3250595a740e6fd2bc4ba550a9792857bed929805f2ff64f90ac915dd10f28a6dafd60cad27a6d83f886e5330399bb07fa62", 0xa6, 0x2}], 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (async) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000040)='.\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)) (async) getresuid(&(0x7f0000001540), &(0x7f0000001580), &(0x7f00000015c0)) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) openat$cgroup_ro(r3, &(0x7f0000001800)='cpuset.effective_cpus\x00', 0x0, 0x0) (async) getegid() (async) syz_mount_image$fuse(&(0x7f0000001780), &(0x7f00000017c0)='./file0\x00', 0x0, 0x0, 0x0, 0x246442, &(0x7f0000001840)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x6000}, 0x2c, {'user_id', 0x3d, r2}, 0x2c, {'group_id', 0x3d, r5}, 0x2c, {[{@default_permissions}, {@allow_other}], [{@uid_gt={'uid>', r1}}]}}) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r3) (async) getegid() (async) geteuid() (async) write$P9_RSTATu(r3, &(0x7f0000001700)={0x5e, 0x7d, 0x2, {{0x0, 0x44, 0x4, 0xffffffff, {0x10, 0x2, 0x8}, 0x80000000, 0x8, 0x5, 0x5, 0x5, '{$,$#', 0x3, '-&@', 0x5, '\xed&)*%', 0x4, 'uid<'}, 0x5, 'umask', r0, r6, r7}}, 0x5e) (async) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x400, 0x2, &(0x7f0000001300)=[{&(0x7f0000001380)="1ef5eea965bdcda75db96dfe9284aa89b144dad5ad8d3e9ad6474d2abc7da74234b2d89e79dcff9a8719b6fc865bf4cf31b7b3cc2a83e8b4b68534551d58774b57c86a4c6795410f91ed2506d5a3babdcd27358b314accaf988da5b6c299d76625f0dfcbac7ade2fe9c2acf3d23ddf404049be6e9f9c76bf1042412b289c108b634da1beccbe36a837ef0bfa1686bb64981b7cd7e1a014f73c6d465f4d3e4b78464c64d6686ff222c30a1dcc50d889d65637fc8bcc9fcd79bc24e5488440125c", 0xc0, 0x523}, {&(0x7f0000001440)="7317a8626c4c70dc75d250ac63528314bb8477715220428169f8891127f0a2b11dc530664d2b20016fa52325477268f589f8ffbd519f60530e9c54268743c6c0e1d08891e66ed7ecbda7c34c6b47678894c1b48c4283fba9183b6fdbcbb49f26906739d78c819650c8a430ad0cedf90234374e8eefc10282110e4138f2bb71022a85fe9781cf0931f1eaab968b909f3e7e82d8e4cb6097ca88005dabb74fa81e72d9ba5c54de6188ebfd2eed3539e7f0bf3f7bfa04c120b2722e017bbfd7eaeb964ae173f490781a5021d50b5cf6d1813a218a90f288183c3d3a14446853e372f3e38e0e18ad328b1c2b9d2d6136", 0xee, 0x9}], 0x21000, &(0x7f0000001600)={[{@nodecompose}, {@force}, {@umask={'umask', 0x3d, 0x5}}], [{@pcr={'pcr', 0x3d, 0x16}}, {@hash}, {@fowner_lt={'fowner<', 0xee01}}, {@audit}, {@fowner_lt={'fowner<', r1}}, {@fowner_lt={'fowner<', 0xee00}}, {@uid_lt={'uid<', 0xee01}}]}) (async) 09:31:55 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) 09:31:55 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140), 0x53bf1db381bc9267, 0x0) read$snapshot(r1, &(0x7f00000000c0)=""/47, 0x2f) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r2) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000300)={r2, 0x20, &(0x7f0000000080)={&(0x7f0000000180)=""/175, 0xaf, 0x0, &(0x7f0000000240)=""/135, 0x87}}, 0x10) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r3) ioctl$SNAPSHOT_GET_IMAGE_SIZE(r0, 0x8008330e, &(0x7f0000000100)) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) ioctl$SNAPSHOT_FREE_SWAP_PAGES(r1, 0x3309) [ 1187.545074] hfsplus: creator requires a 4 character value [ 1187.550812] FAULT_INJECTION: forcing a failure. [ 1187.550812] name failslab, interval 1, probability 0, space 0, times 0 [ 1187.566388] hfsplus: unable to parse mount options [ 1187.576205] hfsplus: creator requires a 4 character value [ 1187.586022] CPU: 1 PID: 28654 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 09:31:55 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) ioctl$SOUND_MIXER_READ_VOLUME(0xffffffffffffffff, 0x80044d1a, &(0x7f0000000000)) [ 1187.590589] hfsplus: unable to parse mount options [ 1187.593907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1187.593913] Call Trace: [ 1187.593930] dump_stack+0x1b2/0x281 [ 1187.593946] should_fail.cold+0x10a/0x149 [ 1187.593961] should_failslab+0xd6/0x130 [ 1187.593974] kmem_cache_alloc+0x28e/0x3c0 [ 1187.593987] __kernfs_new_node+0x6f/0x470 [ 1187.618612] kernfs_new_node+0x7b/0xe0 [ 1187.618625] __kernfs_create_file+0x3d/0x320 [ 1187.618638] sysfs_add_file_mode_ns+0x1e1/0x450 [ 1187.618645] ? kernfs_create_dir_ns+0x171/0x200 [ 1187.618654] internal_create_group+0x22b/0x710 [ 1187.618668] lo_ioctl+0x1137/0x1cd0 [ 1187.618680] ? loop_set_status64+0xe0/0xe0 [ 1187.618693] blkdev_ioctl+0x540/0x1830 [ 1187.618702] ? blkpg_ioctl+0x8d0/0x8d0 [ 1187.618711] ? trace_hardirqs_on+0x10/0x10 [ 1187.618725] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1187.618738] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1187.641705] FAULT_INJECTION: forcing a failure. [ 1187.641705] name failslab, interval 1, probability 0, space 0, times 0 09:31:55 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140), 0x53bf1db381bc9267, 0x0) read$snapshot(r1, &(0x7f00000000c0)=""/47, 0x2f) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r2) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000300)={r2, 0x20, &(0x7f0000000080)={&(0x7f0000000180)=""/175, 0xaf, 0x0, &(0x7f0000000240)=""/135, 0x87}}, 0x10) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r3) ioctl$SNAPSHOT_GET_IMAGE_SIZE(r0, 0x8008330e, &(0x7f0000000100)) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) ioctl$SNAPSHOT_FREE_SWAP_PAGES(r1, 0x3309) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140), 0x53bf1db381bc9267, 0x0) (async) read$snapshot(r1, &(0x7f00000000c0)=""/47, 0x2f) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r2) (async) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000300)={r2, 0x20, &(0x7f0000000080)={&(0x7f0000000180)=""/175, 0xaf, 0x0, &(0x7f0000000240)=""/135, 0x87}}, 0x10) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r3) (async) ioctl$SNAPSHOT_GET_IMAGE_SIZE(r0, 0x8008330e, &(0x7f0000000100)) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) ioctl$SNAPSHOT_FREE_SWAP_PAGES(r1, 0x3309) (async) [ 1187.643931] block_ioctl+0xd9/0x120 [ 1187.643942] ? blkdev_fallocate+0x3a0/0x3a0 [ 1187.643954] do_vfs_ioctl+0x75a/0xff0 [ 1187.643965] ? lock_acquire+0x170/0x3f0 [ 1187.643978] ? ioctl_preallocate+0x1a0/0x1a0 [ 1187.714300] ? __fget+0x265/0x3e0 [ 1187.717755] ? do_vfs_ioctl+0xff0/0xff0 [ 1187.721738] ? security_file_ioctl+0x83/0xb0 [ 1187.726146] SyS_ioctl+0x7f/0xb0 [ 1187.729509] ? do_vfs_ioctl+0xff0/0xff0 [ 1187.733481] do_syscall_64+0x1d5/0x640 [ 1187.737364] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1187.742543] RIP: 0033:0x7f322b2faea7 [ 1187.746248] RSP: 002b:00007f3229c6ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1187.753962] RAX: ffffffffffffffda RBX: 00007f322b344a20 RCX: 00007f322b2faea7 [ 1187.761223] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1187.768494] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1187.775755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1187.783012] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1187.790283] CPU: 0 PID: 28676 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1187.798356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1187.807713] Call Trace: [ 1187.810307] dump_stack+0x1b2/0x281 [ 1187.813940] should_fail.cold+0x10a/0x149 [ 1187.818234] should_failslab+0xd6/0x130 [ 1187.822220] kmem_cache_alloc+0x28e/0x3c0 [ 1187.826376] __kernfs_new_node+0x6f/0x470 [ 1187.830531] kernfs_new_node+0x7b/0xe0 [ 1187.834425] __kernfs_create_file+0x3d/0x320 [ 1187.838844] sysfs_add_file_mode_ns+0x1e1/0x450 [ 1187.843541] ? kernfs_create_dir_ns+0x171/0x200 [ 1187.848217] internal_create_group+0x22b/0x710 [ 1187.852809] lo_ioctl+0x1137/0x1cd0 [ 1187.856448] ? loop_set_status64+0xe0/0xe0 [ 1187.860695] blkdev_ioctl+0x540/0x1830 [ 1187.864587] ? blkpg_ioctl+0x8d0/0x8d0 [ 1187.868475] ? trace_hardirqs_on+0x10/0x10 [ 1187.872719] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1187.876546] hfsplus: creator requires a 4 character value [ 1187.877821] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1187.877835] block_ioctl+0xd9/0x120 [ 1187.877842] ? blkdev_fallocate+0x3a0/0x3a0 [ 1187.877851] do_vfs_ioctl+0x75a/0xff0 [ 1187.877870] ? lock_acquire+0x170/0x3f0 [ 1187.883438] hfsplus: unable to parse mount options [ 1187.888409] ? ioctl_preallocate+0x1a0/0x1a0 [ 1187.888422] ? __fget+0x265/0x3e0 [ 1187.888431] ? do_vfs_ioctl+0xff0/0xff0 [ 1187.888441] ? security_file_ioctl+0x83/0xb0 [ 1187.888450] SyS_ioctl+0x7f/0xb0 [ 1187.888457] ? do_vfs_ioctl+0xff0/0xff0 [ 1187.888469] do_syscall_64+0x1d5/0x640 [ 1187.936412] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1187.941578] RIP: 0033:0x7f463664cea7 09:31:56 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140), 0x53bf1db381bc9267, 0x0) read$snapshot(r1, &(0x7f00000000c0)=""/47, 0x2f) (async) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r2) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000300)={r2, 0x20, &(0x7f0000000080)={&(0x7f0000000180)=""/175, 0xaf, 0x0, &(0x7f0000000240)=""/135, 0x87}}, 0x10) (async, rerun: 64) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (rerun: 64) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r3) (async) ioctl$SNAPSHOT_GET_IMAGE_SIZE(r0, 0x8008330e, &(0x7f0000000100)) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async, rerun: 64) ioctl$SNAPSHOT_FREE_SWAP_PAGES(r1, 0x3309) (rerun: 64) 09:31:56 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) ioctl$SOUND_MIXER_READ_VOLUME(0xffffffffffffffff, 0x80044d1a, &(0x7f0000000000)) [ 1187.945263] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1187.952945] RAX: ffffffffffffffda RBX: 00007f4636696a20 RCX: 00007f463664cea7 [ 1187.960199] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1187.967447] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1187.974690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1187.981937] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 09:31:56 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 16) 09:31:56 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 17) 09:31:56 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) ioctl$SOUND_MIXER_READ_VOLUME(0xffffffffffffffff, 0x80044d1a, &(0x7f0000000000)) [ 1188.001554] hfsplus: creator requires a 4 character value [ 1188.007154] hfsplus: unable to parse mount options [ 1188.028711] print_req_error: I/O error, dev loop5, sector 0 [ 1188.033801] hfsplus: creator requires a 4 character value [ 1188.041986] hfsplus: unable to parse mount options 09:31:56 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x650101, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000100)) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000180)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r1, 0x40082102, &(0x7f00000000c0)=r2) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0xa0a02, 0x0) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/vs/cache_bypass\x00', 0x2, 0x0) r4 = openat$cgroup_ro(r3, &(0x7f0000000240)='cpuset.effective_cpus\x00', 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r4, 0x400c330d, &(0x7f0000000280)={0x0, 0x80000000}) ioctl$SNAPSHOT_FREE(r3, 0x3305) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) [ 1188.058653] FAULT_INJECTION: forcing a failure. [ 1188.058653] name failslab, interval 1, probability 0, space 0, times 0 [ 1188.079807] CPU: 0 PID: 28724 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1188.087716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1188.097066] Call Trace: [ 1188.099645] dump_stack+0x1b2/0x281 [ 1188.103260] should_fail.cold+0x10a/0x149 [ 1188.107397] should_failslab+0xd6/0x130 [ 1188.111355] kmem_cache_alloc+0x28e/0x3c0 [ 1188.115486] __kernfs_new_node+0x6f/0x470 [ 1188.119616] kernfs_new_node+0x7b/0xe0 [ 1188.123489] __kernfs_create_file+0x3d/0x320 [ 1188.127880] sysfs_add_file_mode_ns+0x1e1/0x450 [ 1188.132528] ? kernfs_create_dir_ns+0x171/0x200 [ 1188.137183] internal_create_group+0x22b/0x710 [ 1188.141753] lo_ioctl+0x1137/0x1cd0 [ 1188.145364] ? loop_set_status64+0xe0/0xe0 [ 1188.149583] blkdev_ioctl+0x540/0x1830 [ 1188.153452] ? blkpg_ioctl+0x8d0/0x8d0 [ 1188.157322] ? trace_hardirqs_on+0x10/0x10 [ 1188.161541] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1188.166626] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1188.171625] block_ioctl+0xd9/0x120 [ 1188.175231] ? blkdev_fallocate+0x3a0/0x3a0 [ 1188.179534] do_vfs_ioctl+0x75a/0xff0 [ 1188.183318] ? lock_acquire+0x170/0x3f0 [ 1188.187275] ? ioctl_preallocate+0x1a0/0x1a0 [ 1188.191665] ? __fget+0x265/0x3e0 [ 1188.195100] ? do_vfs_ioctl+0xff0/0xff0 [ 1188.199055] ? security_file_ioctl+0x83/0xb0 [ 1188.203446] SyS_ioctl+0x7f/0xb0 [ 1188.206793] ? do_vfs_ioctl+0xff0/0xff0 [ 1188.210775] do_syscall_64+0x1d5/0x640 [ 1188.214647] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1188.219817] RIP: 0033:0x7f322b2faea7 [ 1188.223510] RSP: 002b:00007f3229c6ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1188.231200] RAX: ffffffffffffffda RBX: 00007f322b344a20 RCX: 00007f322b2faea7 [ 1188.238449] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1188.245698] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1188.252950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1188.260198] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1188.271808] FAULT_INJECTION: forcing a failure. [ 1188.271808] name failslab, interval 1, probability 0, space 0, times 0 09:31:56 executing program 2: r0 = syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) ioctl$SNAPSHOT_GET_IMAGE_SIZE(r0, 0x8008330e, &(0x7f0000000000)) 09:31:56 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x3, &(0x7f00000011c0)=[{&(0x7f0000001240)="bd7237ac417c35feea3c282909476c1a598d772f9d77904f4a25f6efec8d0100000099fe9da20000000000000000e2df722970932ada5309b54a5880ecb70380163e9dbf294a4b168f796bcdb3a322be3d62c73feb35859d2ec1da62b944d0c7c7c4f244ec06ade58a07e28681ef3f25ab884254d7a97f1a74ab32b60d8f00ac54892ba3bb82e826932e887b881b5df3b1cb54ef73d12bbd744bb9e4c006dd333be82206987076136c6e2271f09d", 0xae, 0x8000}, {&(0x7f00000001c0)="4938c6672a549cf4f913aa1328d8e437a7a8667d4760e3692a6f6c408565dcf579c0c1706aba81746d91962a06137884283d69b9965f786c382f34eb41acd6181a9fe71b6ed13d97871369a77965f69c4819debd59eab3dcb7b34ce9b791d9866975c9b28885eff7c375431b19ecd249df07f94a99e601cc9193fbee1bb3dc73215d01286f4ce2a6283d8bb9b7eb3e0f6f70490cfaee8203e7be99819a8ae0ab565d5458e47bd5ba0d688a5381961d4a34920987caad1c719fb28d17f31c45672a738995ec5f30aeb2c5dbcb53ecf8466dae0aa3d49c07fb7fcabcce587a5008489bc995440e4a6c14704f7de08cb44a2a74e8047c6f1618f27b82696e1cc654464af4564c04a10e341c9de70e1241544109591681ea4baef6fb68f5257a4374dbb34c19c16d6c5d26e1f20b22f17cad36d6f27ba7666643a6c34e7c865357d1b797dafe3018d08e3bd17cd1d7e17d31799bf60351d87707d96a4e0f9c12bf73ffe29ee54011f3a328b874cb6dff406763c8aa1b1702f86fff7786796d91e105ba919e6cef06fd5684b02c754a36c293879f710f62b779468f5b96ed437064f88d2bd1cc837158f7c1b94906c6fd92ee5da759ccf1ac3f5c93095003dab1cf5d4d3d4b7a74f3e8fe560ecf35234ed13bc6386effdb6e4ca264c6a3da8126c39f79302a16ad1cb77b75cc5b7ed261647d7abc454dad26c248b25c742682454e2858a6a2bf87ad3eb213178aaef3dfe585ac172185cba2e59cea69e3992c0767d466884021d78c427a6b68321536a2af425f17db762309dac2d05723fa6551769606c44d21181ff7b6f9ccb93e6914c40d115130d99cd3620c701ac54d1e040dc66a40032158edcd711a847e77e8814a671b655fe646237a1d1294f9f93049f4ba27243815d59977660196a28d8de6160a43244a34cb67733686b99c6e21204edd326ebbdfe1a04f005af8021053390dad126ce82bb6374d0faa0ea200979f83fb632659e252e0a402d2d62569efacfbae654787e56175c0799252fdebe800c2f298c761dd4cbe1475e0ef805ac6bf353310c23d24042f1f9e3a0f4ef608b30dbbdbce1429c983e0d0b03cb0f5bd9f9083ba612e6d6da41fde64a12f7dca38460ff836ac0ee5fc509762c5343785254dd483712c15bede87c24428378b8f86aaf7dd28ad20846e75ef3220d50487199ca00beec8ca912f37ea327b35285b2f690b5805a77cdd3de196280e01d36060594ed0c356840ba49cc46d8379a3f12cf6251a687f2153b280a0ff049f1ceaadf72b91199fe07c3cdd1d294f1229e1e4b7cda11d237b4d9bf6ae07028a734f9e51c87929710cb859a7286ba8089f2213ad0c8fb151293ca9da75c81eda1000d807e7c30e4271e44a50a479595092fbd1b2b64003b377ec5fcc4429bfc84721aa9349910ad7c495c505a3d076ddc3cb2bb8c35fe28fc0965c26e157831515f39ba16a63359b05d608df73da013f8aa78cfcddc006dca36055a275ec33d653cc9b730d476735887c329fb55e05a0b65d49c4c604ad87d931755afd8e9fa609ecf40425b323755a4647b6274ca7475749d542f447aead5077cfe14b02bd2a290740b515237a8b731ec3d9cbff0ca72edac735c0d711e52d114d1e072ca098af45a06e553df6dea22a2e7451f823ff056d6044fdf0de3bb7ff73f3d7e9e38e7c3da6f2c91ed2f6bf4eb0a866c8cc50a9775c65bb087d4acafa86cbc2ace920f0206c7ac972ef97984db6c7ed09c1180a5af5932f0bfc23170a5bb1513a1be6de7911dbf6da8a387fde5f9553fdc62de9677088c6b84ceab964e4c55f9bd38631fdd8d8ca2f470d45f8e36cd1effa84acb577960591bd17ede67b0ab24aff6a2e37a23b622548ec3e1820ce35c8ea1ebf538e8d0cd5a945814791a87fa5de606776937cd48941d28c085014940cdc96afbcf9b0dff3c84d3ede26186764fc9d04f6da58fc56751c1af597ad46ec313af4624e4fae4bcf8870706f5b3c9134432d54289cb8310326a30c980f632f642b2736f0984b7eeb166311a01da771cd27861f0a004fecb9a8cce6365e26531f0beaaca6b14bcec64ed4fc3046d075caa0b009d0ab367f5f01556e964a3845268d111c17929532f110eb4ace57c6f1a9de02b851202448aadc9f54e879dba14d44c7c331de7d13fd06851bd50d9d5588397c88b93801ef2958a3130c0c3108a372a944abe5677c81714aefd25935f0c90a8585bc5e5a13d32efc38361f830b9b9266ffea587b65d8bfd89ee565f8f49031406ae7d81e17ac6dda474c3479f682a12c922e57dbb7180268e82f326b1821f1894a5e6413158fcd2347be9af368a3874491f3b8190333197c70970d9a7ac384078fd55b9715815805a30f24b94132eba17618eea065b9dc571866959e02d66e181c3a154b6ef4455cabc7c76a4eb824715c61fe48fe990a209cc88160e37d49132a61bcd4c5593a6d97d6fb46dd1cf97b783e908247648c12a38d9e77d9ddd6d3b28a6cd08b11933a1abf204fe9f1ae4b63fc4e11028462db1347bf63be2fc9826db6fafd4f09bc5436c33cd66aa531b1d9ee74417e39f45229deceb91a28949316be7557561319bf01b7bf63f708d4647a18eb6a5737eb3958e9875a9ff1790c77dbe033069d589e37343863be217a99b0f2ad906a0166d2be0dabd04c7db39f046af98723c45efa4b550121669dcea601e163f6d02d7cb49e5170e4f2d3d2bfe7cc56dd61ef72329d3ecdd5859982d8951de230415a039f964b8ec997a2996135f3ed78e23745e5a82cfba17b98852b11cc1a0914bc332483c32f2b67ebbd1b4bb45e55bd1ab4ffb74a0e6e921e71ab617a0f08a44ecaaaddf3128d7b214a4da314f7c2856d0799abb3f0cedb04050cc34ad6eabba274a4db3767911c1178cd55644c3acaab504912726d1283ca1975291f01c8c39eddb9847d94b1a10a563a828424f3a0808f63e9741713e0a73ab0aaa953a74867ff648d587db10dd50b8cb59a3d341533d73f21d1c528a7e4b93c3d5659f4310c23737345d18eebf89e0352e9f49dbac3a579dfcb3eb473bf26f74ae9d27508950f4dcda58af2eb70225463603b77c9fe29b5eabed57b7f853ad2aa4048bbb621c810170337c166b6d9ecbf6e3bf9ddae344aeccbc4844c39ce2b908dcfa490e59f2e15da9813c36d22cf8976df2f98e2df7ae21db698cfee304e0f03ce6189d7972597c5e5883117250181bc122489fd536db902ac54bf66c3c06692b55d7b61c420004051f3a4491c2147d89645de01fe206ca2a2b54a4182d42e54ac4ad4d4ccec1294d25190ccdd44d7e5f4c622fd0c758f80c471ce9b86cf7913066b572d9332f088ebf0f1b67bec3b177adfb8dca21923ada867a3bb206e8904ac3fb8780feb87e1358358716727f23753a8feed615937af1b3b341ca977f1c62a73d6ae16cf58ad8558dc08533cb6c0412989225410048d0981fac0d59c6c4eca92afb538819f7218746df991b1ae8b734e580ebfff445066f5e3e04f8adf6cfea6fb4381f357989b110100d9d3968a14f369eedfeb8316fcffb0911424b0ed6cb05c15967ecb5302a96ca1ae171b65e02f51fb093563649a6a21b4efba1e63ec537f8d9deab948cc44f758c8f8b3540a9894c1466c4dfbe1cd8c29752eee61e1aa01122682e39cce09a1085dcd898daa6a6589d384372002656f01773ebfe6ed9914eda8e968a20d3f9218e829e471d58bd95fc63ee5e056c7f4f6c33e37110235812d807d518a3fc5791b8976d3d53f76eb09c1215df4f4b84e72e69047f4001746dca7e6d6cb60bd468b572bfb16bacaf36611004370c1650017b8fde60a6789908887e269823f1656064d8b37a982dfc686f45a53649bc0592635ce08077fa45b7c82324516de52ed82e4a173d409b96aa1bd60be964c0fd028f823bd69001d88793cad910d08e770d2e57784ec6536ae86ca803da0ce812ea674585763219650190c20389a260020fba1ae295a5dca02b4d789b57dcc187dc684588583f99b7d34ef5b46e60fa43aaef9fea4cd917a8ce18c08a09a359ef8d2566cd057ee3341fcae6a491ca9347c9403f9fad10b7797685b61ec15f7cda656d94fbc99ce51ed9e7fc77e37d3fa1111180a16cd57e137804ded20f3408a06fbefb8cb7f20134ab8f6d3b5304684852bb6be753cba2315535137679a3d2f58cc5ad03e028212f8879902882f60b31b7b03f41560e9206533a1aa9012eae2d17775d68fe3e93b57d5717b3b88e8f331c04e28065caf7d92bdd5b9e26051136f97f9d6689e47e0678070160e44ee29172365aee4fe92893fdd89413a9a8e03a8456f52c64e7e14ebe7086af256143b7ac05822e4cbb279a50f1951719f9009e17085811b2700590e83a72f21518ece1956991be29a7662895d20737243e5c0364fd3aaec117dee8f2260575ca243a140a6e971d2b1863f2e4a3112cee486cae96b4f215ce7248b04345214a9b859ee266e4e8da3c6326313340bccc260046024863f066cf87758f35d02318aeefce29264c9794575ea859d1e3c2df4b895b586fd6a75a463d5ce10bd3dbad974dad04740f63e42148e5c71bfc67ee2def755a9dfba3a0617966b4de6b0f235d0d763fe5bed48acce59d54419f6cf70304136651850951c0773f6593aa3ac85431e989ec6c2f5ec23693b477980b486d0a9ef40d0214bb84b882312c6bff3c479b1e50af5d1a6fc482e449be0415bce8d166e62b08f602963700df627425e6750f17e8bc512f85525e16afacbe466c56e615ff7117a5784e3b7ffdbc60ab2817b2a55921cc6579651472c745aa39df72a247248b4ff41d5f347d7593a6b6aadf4e5a7c58a1a787bbab1263fdcbe089276d1d7b4abc7d4109c61af98029052b2d2053f0e1d85e4d4fd7204397f66a3ccbf8df5b4e9d09ad033a82b824c8886499dec114a8af66547b0db6c366c1f29cfd04281262090b2d810657bfaf08644b6b6d90967c2e9d1085df9cdeb9bd4d0e6765ade5fed13b8c8cce2a48d3aedacffb7b4c6611cd6c6d1d72a884aab710a47c3727665f89701f76f3561c2e07b08e4e783c56b43c536aba26bed56b4715005ae5c835c7fcc6089e584861a0d5c7ce4b781472eb0d995bcd9e103cacbe125bfb9636015859b7b969c0548eb6be2f3aab49779825cbf5e55176cf7dc6508444d107ed29b026e8ca6156632147cc596f30c669f32a0d6e40d876dede7728cdd0a3efec6184a0b35a07c14bfaae70bdf592145ea2d4ec6aa6f86ffeb0cb876039597923b8ee1c771f552eb022799d6c2450f61cd9b9e5ba34b5773d676b45e576ad068d57d9aab534c6b3bdfa18980c8e129be68f075ad33790b7378b005bc49a5bb16fd8fa7c855c97fb5ec2beecd5ebfe358ed422867582db25280c2ca68e164956c3bc4cb927b2aa7a63b4687664a7f2193bab75b37d91585cba620885f5ee7dc3c2da4257ecb4e410db9d407a7a720dd125ade4ac8782fe3bbc89f11dcccad26ede75f7f46f59d30d03b3d6e786769dd510127d87a889effd74dc26c2068c454a4d749a3a878aadd3b7fbe9c59ccbefef588c86ca86ad5d45a011355d89424097ac94fc201ff477d9463142ad0f32dfcbc8a8c2a43615a81e70f8b8f4dd14eba803dfba8a54b8d2686dbb2166bf77ebfec255755395dc33d7f605dca37ceed6982a9819bdf3096932fcc11e21e0c4c4f772e609712270dfe927abb5f91133fb3007313b74abed0dbba0b7b40576f1baafb251a148b9d533c84ef6b9291991d4dd80dd713c2378cd6ded5", 0x1000, 0x9}, {&(0x7f0000000040)="b7c5ba30d92b0513dda865b0361bc2a3b9db470e10e97b01c597a6cd1514c0e5a4f08ef68628470ff955a8d88d1e7bbc7148f1039045128748038cbddc8461ed4f04354517cdc8b81ae7ae79bf2adb53b6fabed971f8d3609a2d3e75044f481a0f1b0eda541b16cb923330ed5f7b1a81520894cc3250595a740e6fd2bc4ba550a9792857bed929805f2ff64f90ac915dd10f28a6dafd60cad27a6d83f886e5330399bb07fa62", 0xa6, 0x2}], 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000040)='.\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)) getresuid(&(0x7f0000001540)=0x0, &(0x7f0000001580)=0x0, &(0x7f00000015c0)=0x0) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) r4 = openat$cgroup_ro(r3, &(0x7f0000001800)='cpuset.effective_cpus\x00', 0x0, 0x0) r5 = getegid() syz_mount_image$fuse(&(0x7f0000001780), &(0x7f00000017c0)='./file0\x00', 0x0, 0x0, 0x0, 0x246442, &(0x7f0000001840)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x6000}, 0x2c, {'user_id', 0x3d, r2}, 0x2c, {'group_id', 0x3d, r5}, 0x2c, {[{@default_permissions}, {@allow_other}], [{@uid_gt={'uid>', r1}}]}}) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r3) r6 = getegid() r7 = geteuid() write$P9_RSTATu(r3, &(0x7f0000001700)={0x5e, 0x7d, 0x2, {{0x0, 0x44, 0x4, 0xffffffff, {0x10, 0x2, 0x8}, 0x80000000, 0x8, 0x5, 0x5, 0x5, '{$,$#', 0x3, '-&@', 0x5, '\xed&)*%', 0x4, 'uid<'}, 0x5, 'umask', r0, r6, r7}}, 0x5e) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x400, 0x2, &(0x7f0000001300)=[{&(0x7f0000001380)="1ef5eea965bdcda75db96dfe9284aa89b144dad5ad8d3e9ad6474d2abc7da74234b2d89e79dcff9a8719b6fc865bf4cf31b7b3cc2a83e8b4b68534551d58774b57c86a4c6795410f91ed2506d5a3babdcd27358b314accaf988da5b6c299d76625f0dfcbac7ade2fe9c2acf3d23ddf404049be6e9f9c76bf1042412b289c108b634da1beccbe36a837ef0bfa1686bb64981b7cd7e1a014f73c6d465f4d3e4b78464c64d6686ff222c30a1dcc50d889d65637fc8bcc9fcd79bc24e5488440125c", 0xc0, 0x523}, {&(0x7f0000001440)="7317a8626c4c70dc75d250ac63528314bb8477715220428169f8891127f0a2b11dc530664d2b20016fa52325477268f589f8ffbd519f60530e9c54268743c6c0e1d08891e66ed7ecbda7c34c6b47678894c1b48c4283fba9183b6fdbcbb49f26906739d78c819650c8a430ad0cedf90234374e8eefc10282110e4138f2bb71022a85fe9781cf0931f1eaab968b909f3e7e82d8e4cb6097ca88005dabb74fa81e72d9ba5c54de6188ebfd2eed3539e7f0bf3f7bfa04c120b2722e017bbfd7eaeb964ae173f490781a5021d50b5cf6d1813a218a90f288183c3d3a14446853e372f3e38e0e18ad328b1c2b9d2d6136", 0xee, 0x9}], 0x21000, &(0x7f0000001600)={[{@nodecompose}, {@force}, {@umask={'umask', 0x3d, 0x5}}], [{@pcr={'pcr', 0x3d, 0x16}}, {@hash}, {@fowner_lt={'fowner<', 0xee01}}, {@audit}, {@fowner_lt={'fowner<', r1}}, {@fowner_lt={'fowner<', 0xee00}}, {@uid_lt={'uid<', 0xee01}}]}) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x3, &(0x7f00000011c0)=[{&(0x7f0000001240)="bd7237ac417c35feea3c282909476c1a598d772f9d77904f4a25f6efec8d0100000099fe9da20000000000000000e2df722970932ada5309b54a5880ecb70380163e9dbf294a4b168f796bcdb3a322be3d62c73feb35859d2ec1da62b944d0c7c7c4f244ec06ade58a07e28681ef3f25ab884254d7a97f1a74ab32b60d8f00ac54892ba3bb82e826932e887b881b5df3b1cb54ef73d12bbd744bb9e4c006dd333be82206987076136c6e2271f09d", 0xae, 0x8000}, {&(0x7f00000001c0)="4938c6672a549cf4f913aa1328d8e437a7a8667d4760e3692a6f6c408565dcf579c0c1706aba81746d91962a06137884283d69b9965f786c382f34eb41acd6181a9fe71b6ed13d97871369a77965f69c4819debd59eab3dcb7b34ce9b791d9866975c9b28885eff7c375431b19ecd249df07f94a99e601cc9193fbee1bb3dc73215d01286f4ce2a6283d8bb9b7eb3e0f6f70490cfaee8203e7be99819a8ae0ab565d5458e47bd5ba0d688a5381961d4a34920987caad1c719fb28d17f31c45672a738995ec5f30aeb2c5dbcb53ecf8466dae0aa3d49c07fb7fcabcce587a5008489bc995440e4a6c14704f7de08cb44a2a74e8047c6f1618f27b82696e1cc654464af4564c04a10e341c9de70e1241544109591681ea4baef6fb68f5257a4374dbb34c19c16d6c5d26e1f20b22f17cad36d6f27ba7666643a6c34e7c865357d1b797dafe3018d08e3bd17cd1d7e17d31799bf60351d87707d96a4e0f9c12bf73ffe29ee54011f3a328b874cb6dff406763c8aa1b1702f86fff7786796d91e105ba919e6cef06fd5684b02c754a36c293879f710f62b779468f5b96ed437064f88d2bd1cc837158f7c1b94906c6fd92ee5da759ccf1ac3f5c93095003dab1cf5d4d3d4b7a74f3e8fe560ecf35234ed13bc6386effdb6e4ca264c6a3da8126c39f79302a16ad1cb77b75cc5b7ed261647d7abc454dad26c248b25c742682454e2858a6a2bf87ad3eb213178aaef3dfe585ac172185cba2e59cea69e3992c0767d466884021d78c427a6b68321536a2af425f17db762309dac2d05723fa6551769606c44d21181ff7b6f9ccb93e6914c40d115130d99cd3620c701ac54d1e040dc66a40032158edcd711a847e77e8814a671b655fe646237a1d1294f9f93049f4ba27243815d59977660196a28d8de6160a43244a34cb67733686b99c6e21204edd326ebbdfe1a04f005af8021053390dad126ce82bb6374d0faa0ea200979f83fb632659e252e0a402d2d62569efacfbae654787e56175c0799252fdebe800c2f298c761dd4cbe1475e0ef805ac6bf353310c23d24042f1f9e3a0f4ef608b30dbbdbce1429c983e0d0b03cb0f5bd9f9083ba612e6d6da41fde64a12f7dca38460ff836ac0ee5fc509762c5343785254dd483712c15bede87c24428378b8f86aaf7dd28ad20846e75ef3220d50487199ca00beec8ca912f37ea327b35285b2f690b5805a77cdd3de196280e01d36060594ed0c356840ba49cc46d8379a3f12cf6251a687f2153b280a0ff049f1ceaadf72b91199fe07c3cdd1d294f1229e1e4b7cda11d237b4d9bf6ae07028a734f9e51c87929710cb859a7286ba8089f2213ad0c8fb151293ca9da75c81eda1000d807e7c30e4271e44a50a479595092fbd1b2b64003b377ec5fcc4429bfc84721aa9349910ad7c495c505a3d076ddc3cb2bb8c35fe28fc0965c26e157831515f39ba16a63359b05d608df73da013f8aa78cfcddc006dca36055a275ec33d653cc9b730d476735887c329fb55e05a0b65d49c4c604ad87d931755afd8e9fa609ecf40425b323755a4647b6274ca7475749d542f447aead5077cfe14b02bd2a290740b515237a8b731ec3d9cbff0ca72edac735c0d711e52d114d1e072ca098af45a06e553df6dea22a2e7451f823ff056d6044fdf0de3bb7ff73f3d7e9e38e7c3da6f2c91ed2f6bf4eb0a866c8cc50a9775c65bb087d4acafa86cbc2ace920f0206c7ac972ef97984db6c7ed09c1180a5af5932f0bfc23170a5bb1513a1be6de7911dbf6da8a387fde5f9553fdc62de9677088c6b84ceab964e4c55f9bd38631fdd8d8ca2f470d45f8e36cd1effa84acb577960591bd17ede67b0ab24aff6a2e37a23b622548ec3e1820ce35c8ea1ebf538e8d0cd5a945814791a87fa5de606776937cd48941d28c085014940cdc96afbcf9b0dff3c84d3ede26186764fc9d04f6da58fc56751c1af597ad46ec313af4624e4fae4bcf8870706f5b3c9134432d54289cb8310326a30c980f632f642b2736f0984b7eeb166311a01da771cd27861f0a004fecb9a8cce6365e26531f0beaaca6b14bcec64ed4fc3046d075caa0b009d0ab367f5f01556e964a3845268d111c17929532f110eb4ace57c6f1a9de02b851202448aadc9f54e879dba14d44c7c331de7d13fd06851bd50d9d5588397c88b93801ef2958a3130c0c3108a372a944abe5677c81714aefd25935f0c90a8585bc5e5a13d32efc38361f830b9b9266ffea587b65d8bfd89ee565f8f49031406ae7d81e17ac6dda474c3479f682a12c922e57dbb7180268e82f326b1821f1894a5e6413158fcd2347be9af368a3874491f3b8190333197c70970d9a7ac384078fd55b9715815805a30f24b94132eba17618eea065b9dc571866959e02d66e181c3a154b6ef4455cabc7c76a4eb824715c61fe48fe990a209cc88160e37d49132a61bcd4c5593a6d97d6fb46dd1cf97b783e908247648c12a38d9e77d9ddd6d3b28a6cd08b11933a1abf204fe9f1ae4b63fc4e11028462db1347bf63be2fc9826db6fafd4f09bc5436c33cd66aa531b1d9ee74417e39f45229deceb91a28949316be7557561319bf01b7bf63f708d4647a18eb6a5737eb3958e9875a9ff1790c77dbe033069d589e37343863be217a99b0f2ad906a0166d2be0dabd04c7db39f046af98723c45efa4b550121669dcea601e163f6d02d7cb49e5170e4f2d3d2bfe7cc56dd61ef72329d3ecdd5859982d8951de230415a039f964b8ec997a2996135f3ed78e23745e5a82cfba17b98852b11cc1a0914bc332483c32f2b67ebbd1b4bb45e55bd1ab4ffb74a0e6e921e71ab617a0f08a44ecaaaddf3128d7b214a4da314f7c2856d0799abb3f0cedb04050cc34ad6eabba274a4db3767911c1178cd55644c3acaab504912726d1283ca1975291f01c8c39eddb9847d94b1a10a563a828424f3a0808f63e9741713e0a73ab0aaa953a74867ff648d587db10dd50b8cb59a3d341533d73f21d1c528a7e4b93c3d5659f4310c23737345d18eebf89e0352e9f49dbac3a579dfcb3eb473bf26f74ae9d27508950f4dcda58af2eb70225463603b77c9fe29b5eabed57b7f853ad2aa4048bbb621c810170337c166b6d9ecbf6e3bf9ddae344aeccbc4844c39ce2b908dcfa490e59f2e15da9813c36d22cf8976df2f98e2df7ae21db698cfee304e0f03ce6189d7972597c5e5883117250181bc122489fd536db902ac54bf66c3c06692b55d7b61c420004051f3a4491c2147d89645de01fe206ca2a2b54a4182d42e54ac4ad4d4ccec1294d25190ccdd44d7e5f4c622fd0c758f80c471ce9b86cf7913066b572d9332f088ebf0f1b67bec3b177adfb8dca21923ada867a3bb206e8904ac3fb8780feb87e1358358716727f23753a8feed615937af1b3b341ca977f1c62a73d6ae16cf58ad8558dc08533cb6c0412989225410048d0981fac0d59c6c4eca92afb538819f7218746df991b1ae8b734e580ebfff445066f5e3e04f8adf6cfea6fb4381f357989b110100d9d3968a14f369eedfeb8316fcffb0911424b0ed6cb05c15967ecb5302a96ca1ae171b65e02f51fb093563649a6a21b4efba1e63ec537f8d9deab948cc44f758c8f8b3540a9894c1466c4dfbe1cd8c29752eee61e1aa01122682e39cce09a1085dcd898daa6a6589d384372002656f01773ebfe6ed9914eda8e968a20d3f9218e829e471d58bd95fc63ee5e056c7f4f6c33e37110235812d807d518a3fc5791b8976d3d53f76eb09c1215df4f4b84e72e69047f4001746dca7e6d6cb60bd468b572bfb16bacaf36611004370c1650017b8fde60a6789908887e269823f1656064d8b37a982dfc686f45a53649bc0592635ce08077fa45b7c82324516de52ed82e4a173d409b96aa1bd60be964c0fd028f823bd69001d88793cad910d08e770d2e57784ec6536ae86ca803da0ce812ea674585763219650190c20389a260020fba1ae295a5dca02b4d789b57dcc187dc684588583f99b7d34ef5b46e60fa43aaef9fea4cd917a8ce18c08a09a359ef8d2566cd057ee3341fcae6a491ca9347c9403f9fad10b7797685b61ec15f7cda656d94fbc99ce51ed9e7fc77e37d3fa1111180a16cd57e137804ded20f3408a06fbefb8cb7f20134ab8f6d3b5304684852bb6be753cba2315535137679a3d2f58cc5ad03e028212f8879902882f60b31b7b03f41560e9206533a1aa9012eae2d17775d68fe3e93b57d5717b3b88e8f331c04e28065caf7d92bdd5b9e26051136f97f9d6689e47e0678070160e44ee29172365aee4fe92893fdd89413a9a8e03a8456f52c64e7e14ebe7086af256143b7ac05822e4cbb279a50f1951719f9009e17085811b2700590e83a72f21518ece1956991be29a7662895d20737243e5c0364fd3aaec117dee8f2260575ca243a140a6e971d2b1863f2e4a3112cee486cae96b4f215ce7248b04345214a9b859ee266e4e8da3c6326313340bccc260046024863f066cf87758f35d02318aeefce29264c9794575ea859d1e3c2df4b895b586fd6a75a463d5ce10bd3dbad974dad04740f63e42148e5c71bfc67ee2def755a9dfba3a0617966b4de6b0f235d0d763fe5bed48acce59d54419f6cf70304136651850951c0773f6593aa3ac85431e989ec6c2f5ec23693b477980b486d0a9ef40d0214bb84b882312c6bff3c479b1e50af5d1a6fc482e449be0415bce8d166e62b08f602963700df627425e6750f17e8bc512f85525e16afacbe466c56e615ff7117a5784e3b7ffdbc60ab2817b2a55921cc6579651472c745aa39df72a247248b4ff41d5f347d7593a6b6aadf4e5a7c58a1a787bbab1263fdcbe089276d1d7b4abc7d4109c61af98029052b2d2053f0e1d85e4d4fd7204397f66a3ccbf8df5b4e9d09ad033a82b824c8886499dec114a8af66547b0db6c366c1f29cfd04281262090b2d810657bfaf08644b6b6d90967c2e9d1085df9cdeb9bd4d0e6765ade5fed13b8c8cce2a48d3aedacffb7b4c6611cd6c6d1d72a884aab710a47c3727665f89701f76f3561c2e07b08e4e783c56b43c536aba26bed56b4715005ae5c835c7fcc6089e584861a0d5c7ce4b781472eb0d995bcd9e103cacbe125bfb9636015859b7b969c0548eb6be2f3aab49779825cbf5e55176cf7dc6508444d107ed29b026e8ca6156632147cc596f30c669f32a0d6e40d876dede7728cdd0a3efec6184a0b35a07c14bfaae70bdf592145ea2d4ec6aa6f86ffeb0cb876039597923b8ee1c771f552eb022799d6c2450f61cd9b9e5ba34b5773d676b45e576ad068d57d9aab534c6b3bdfa18980c8e129be68f075ad33790b7378b005bc49a5bb16fd8fa7c855c97fb5ec2beecd5ebfe358ed422867582db25280c2ca68e164956c3bc4cb927b2aa7a63b4687664a7f2193bab75b37d91585cba620885f5ee7dc3c2da4257ecb4e410db9d407a7a720dd125ade4ac8782fe3bbc89f11dcccad26ede75f7f46f59d30d03b3d6e786769dd510127d87a889effd74dc26c2068c454a4d749a3a878aadd3b7fbe9c59ccbefef588c86ca86ad5d45a011355d89424097ac94fc201ff477d9463142ad0f32dfcbc8a8c2a43615a81e70f8b8f4dd14eba803dfba8a54b8d2686dbb2166bf77ebfec255755395dc33d7f605dca37ceed6982a9819bdf3096932fcc11e21e0c4c4f772e609712270dfe927abb5f91133fb3007313b74abed0dbba0b7b40576f1baafb251a148b9d533c84ef6b9291991d4dd80dd713c2378cd6ded5", 0x1000, 0x9}, {&(0x7f0000000040)="b7c5ba30d92b0513dda865b0361bc2a3b9db470e10e97b01c597a6cd1514c0e5a4f08ef68628470ff955a8d88d1e7bbc7148f1039045128748038cbddc8461ed4f04354517cdc8b81ae7ae79bf2adb53b6fabed971f8d3609a2d3e75044f481a0f1b0eda541b16cb923330ed5f7b1a81520894cc3250595a740e6fd2bc4ba550a9792857bed929805f2ff64f90ac915dd10f28a6dafd60cad27a6d83f886e5330399bb07fa62", 0xa6, 0x2}], 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (async) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000040)='.\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)) (async) getresuid(&(0x7f0000001540), &(0x7f0000001580), &(0x7f00000015c0)) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) openat$cgroup_ro(r3, &(0x7f0000001800)='cpuset.effective_cpus\x00', 0x0, 0x0) (async) getegid() (async) syz_mount_image$fuse(&(0x7f0000001780), &(0x7f00000017c0)='./file0\x00', 0x0, 0x0, 0x0, 0x246442, &(0x7f0000001840)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x6000}, 0x2c, {'user_id', 0x3d, r2}, 0x2c, {'group_id', 0x3d, r5}, 0x2c, {[{@default_permissions}, {@allow_other}], [{@uid_gt={'uid>', r1}}]}}) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r3) (async) getegid() (async) geteuid() (async) write$P9_RSTATu(r3, &(0x7f0000001700)={0x5e, 0x7d, 0x2, {{0x0, 0x44, 0x4, 0xffffffff, {0x10, 0x2, 0x8}, 0x80000000, 0x8, 0x5, 0x5, 0x5, '{$,$#', 0x3, '-&@', 0x5, '\xed&)*%', 0x4, 'uid<'}, 0x5, 'umask', r0, r6, r7}}, 0x5e) (async) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x400, 0x2, &(0x7f0000001300)=[{&(0x7f0000001380)="1ef5eea965bdcda75db96dfe9284aa89b144dad5ad8d3e9ad6474d2abc7da74234b2d89e79dcff9a8719b6fc865bf4cf31b7b3cc2a83e8b4b68534551d58774b57c86a4c6795410f91ed2506d5a3babdcd27358b314accaf988da5b6c299d76625f0dfcbac7ade2fe9c2acf3d23ddf404049be6e9f9c76bf1042412b289c108b634da1beccbe36a837ef0bfa1686bb64981b7cd7e1a014f73c6d465f4d3e4b78464c64d6686ff222c30a1dcc50d889d65637fc8bcc9fcd79bc24e5488440125c", 0xc0, 0x523}, {&(0x7f0000001440)="7317a8626c4c70dc75d250ac63528314bb8477715220428169f8891127f0a2b11dc530664d2b20016fa52325477268f589f8ffbd519f60530e9c54268743c6c0e1d08891e66ed7ecbda7c34c6b47678894c1b48c4283fba9183b6fdbcbb49f26906739d78c819650c8a430ad0cedf90234374e8eefc10282110e4138f2bb71022a85fe9781cf0931f1eaab968b909f3e7e82d8e4cb6097ca88005dabb74fa81e72d9ba5c54de6188ebfd2eed3539e7f0bf3f7bfa04c120b2722e017bbfd7eaeb964ae173f490781a5021d50b5cf6d1813a218a90f288183c3d3a14446853e372f3e38e0e18ad328b1c2b9d2d6136", 0xee, 0x9}], 0x21000, &(0x7f0000001600)={[{@nodecompose}, {@force}, {@umask={'umask', 0x3d, 0x5}}], [{@pcr={'pcr', 0x3d, 0x16}}, {@hash}, {@fowner_lt={'fowner<', 0xee01}}, {@audit}, {@fowner_lt={'fowner<', r1}}, {@fowner_lt={'fowner<', 0xee00}}, {@uid_lt={'uid<', 0xee01}}]}) (async) 09:31:56 executing program 1: r0 = socket(0x25, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_FLUSH(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x34, 0x0, 0x800, 0x70bd25, 0x25dfdbfb, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x4) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r1, &(0x7f0000000880)={&(0x7f0000000240), 0xc, &(0x7f0000000840)={&(0x7f00000002c0)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TX_RATES={0x8, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x4}]}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="f81dffef", @ANYRES16=r2, @ANYBLOB="000227bd7000fedbdf2539000000080003001d68648a0b743508e34f06dc6e442ee72ba9cb3b36b5e2c0a2e097a659796aa3a20d2e50f5d8b9c5e5c5191dc14885c6906ab3c58fe44eecd096fd665ea5097c4d36d5569ba2a3f93f5c05bb4c55388c7ae95e9ee63be6a856da6861994345f3496f8d5e551b68a08ae9311a2247b3ca62dbdc4bbfc8495985f892d9ce195ff3da015c2270193ae490efc4c831bf9937b76656207c2ebfcf548825aeb534a652f0cde969c07437c8d2acfc003e57d8ac9bf4177f62ce", @ANYRES32=0x0, @ANYBLOB="0c0099007200000008000000b4015a80a80001801f00010024121824606c48126c481b4848090319050b6c481b183c0b24180b0014000300000005000100010120000800c2faffff1400050002001f000300ff7f33c70101020005000500070000000000050004000000000014000300ffff08002ce0050001807f00bd360900050004000000000006000100360400001400050001000100ff0f00000500000000000400140005001db2ff0fe26d7f00740001f80700b4009c00018014000300080008000700ffff01000001060004001b000100161b0b24060506241b36180209240612040404300b05480014000300070000100300c5000080008033fc000805000600000000001400030003000500200002007f007f00710a0000140005000100b10301000500c87806008e0006000500070002000000140003000200050000000400010006000400c5960500070001000000440003801400050000001f000000310c0100620000007f0005000700010000000500060001000000050007000100000012000100120b0404001b36300936032b01010000180003801400050002004449819d01000700060000100100100002800c00010001166c1b160903021c005a80180002801400050004002000fbff07001f00008075050600"], 0x1f8}, 0x1, 0x0, 0x0, 0x24004810}, 0x20000000) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) 09:31:56 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x650101, 0x0) (async) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000100)) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000180)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r1, 0x40082102, &(0x7f00000000c0)=r2) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0xa0a02, 0x0) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/vs/cache_bypass\x00', 0x2, 0x0) r4 = openat$cgroup_ro(r3, &(0x7f0000000240)='cpuset.effective_cpus\x00', 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r4, 0x400c330d, &(0x7f0000000280)={0x0, 0x80000000}) (async, rerun: 64) ioctl$SNAPSHOT_FREE(r3, 0x3305) (rerun: 64) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) [ 1188.308800] CPU: 1 PID: 28731 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1188.316709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1188.326061] Call Trace: [ 1188.328649] dump_stack+0x1b2/0x281 [ 1188.332289] should_fail.cold+0x10a/0x149 [ 1188.336455] should_failslab+0xd6/0x130 [ 1188.340538] kmem_cache_alloc+0x28e/0x3c0 [ 1188.344691] __kernfs_new_node+0x6f/0x470 [ 1188.348846] kernfs_new_node+0x7b/0xe0 [ 1188.352736] __kernfs_create_file+0x3d/0x320 09:31:56 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x650101, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000100)) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000180)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r1, 0x40082102, &(0x7f00000000c0)=r2) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0xa0a02, 0x0) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/vs/cache_bypass\x00', 0x2, 0x0) r4 = openat$cgroup_ro(r3, &(0x7f0000000240)='cpuset.effective_cpus\x00', 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r4, 0x400c330d, &(0x7f0000000280)={0x0, 0x80000000}) ioctl$SNAPSHOT_FREE(r3, 0x3305) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x650101, 0x0) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000100)) (async) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000180)) (async) ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r1, 0x40082102, &(0x7f00000000c0)=r2) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) (async) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0xa0a02, 0x0) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/vs/cache_bypass\x00', 0x2, 0x0) (async) openat$cgroup_ro(r3, &(0x7f0000000240)='cpuset.effective_cpus\x00', 0x0, 0x0) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r4, 0x400c330d, &(0x7f0000000280)={0x0, 0x80000000}) (async) ioctl$SNAPSHOT_FREE(r3, 0x3305) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) [ 1188.357150] sysfs_add_file_mode_ns+0x1e1/0x450 [ 1188.361818] ? kernfs_create_dir_ns+0x171/0x200 [ 1188.366487] internal_create_group+0x22b/0x710 [ 1188.371080] lo_ioctl+0x1137/0x1cd0 [ 1188.374718] ? loop_set_status64+0xe0/0xe0 [ 1188.378967] blkdev_ioctl+0x540/0x1830 [ 1188.382858] ? blkpg_ioctl+0x8d0/0x8d0 [ 1188.386746] ? trace_hardirqs_on+0x10/0x10 [ 1188.390987] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1188.396094] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1188.401118] block_ioctl+0xd9/0x120 [ 1188.404743] ? blkdev_fallocate+0x3a0/0x3a0 [ 1188.409064] do_vfs_ioctl+0x75a/0xff0 [ 1188.412863] ? lock_acquire+0x170/0x3f0 [ 1188.416835] ? ioctl_preallocate+0x1a0/0x1a0 [ 1188.421253] ? __fget+0x265/0x3e0 [ 1188.424710] ? do_vfs_ioctl+0xff0/0xff0 [ 1188.428693] ? security_file_ioctl+0x83/0xb0 [ 1188.433111] SyS_ioctl+0x7f/0xb0 [ 1188.436488] ? do_vfs_ioctl+0xff0/0xff0 [ 1188.440466] do_syscall_64+0x1d5/0x640 [ 1188.444364] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1188.449554] RIP: 0033:0x7f463664cea7 09:31:56 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) setsockopt$inet6_dccp_int(0xffffffffffffffff, 0x21, 0x10, &(0x7f0000000080)=0x3, 0x4) [ 1188.453260] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1188.460971] RAX: ffffffffffffffda RBX: 00007f4636696a20 RCX: 00007f463664cea7 [ 1188.468240] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1188.475504] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1188.482775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1188.490043] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1188.504835] hfsplus: creator requires a 4 character value 09:31:56 executing program 1: r0 = socket(0x25, 0x1, 0x0) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) sendmsg$SMC_PNETID_FLUSH(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x34, 0x0, 0x800, 0x70bd25, 0x25dfdbfb, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x4) (rerun: 64) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r1, &(0x7f0000000880)={&(0x7f0000000240), 0xc, &(0x7f0000000840)={&(0x7f00000002c0)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TX_RATES={0x8, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x4}]}]}, 0x24}}, 0x0) (async) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="f81dffef", @ANYRES16=r2, @ANYBLOB="000227bd7000fedbdf2539000000080003001d68648a0b743508e34f06dc6e442ee72ba9cb3b36b5e2c0a2e097a659796aa3a20d2e50f5d8b9c5e5c5191dc14885c6906ab3c58fe44eecd096fd665ea5097c4d36d5569ba2a3f93f5c05bb4c55388c7ae95e9ee63be6a856da6861994345f3496f8d5e551b68a08ae9311a2247b3ca62dbdc4bbfc8495985f892d9ce195ff3da015c2270193ae490efc4c831bf9937b76656207c2ebfcf548825aeb534a652f0cde969c07437c8d2acfc003e57d8ac9bf4177f62ce", @ANYRES32=0x0, @ANYBLOB="0c0099007200000008000000b4015a80a80001801f00010024121824606c48126c481b4848090319050b6c481b183c0b24180b0014000300000005000100010120000800c2faffff1400050002001f000300ff7f33c70101020005000500070000000000050004000000000014000300ffff08002ce0050001807f00bd360900050004000000000006000100360400001400050001000100ff0f00000500000000000400140005001db2ff0fe26d7f00740001f80700b4009c00018014000300080008000700ffff01000001060004001b000100161b0b24060506241b36180209240612040404300b05480014000300070000100300c5000080008033fc000805000600000000001400030003000500200002007f007f00710a0000140005000100b10301000500c87806008e0006000500070002000000140003000200050000000400010006000400c5960500070001000000440003801400050000001f000000310c0100620000007f0005000700010000000500060001000000050007000100000012000100120b0404001b36300936032b01010000180003801400050002004449819d01000700060000100100100002800c00010001166c1b160903021c005a80180002801400050004002000fbff07001f00008075050600"], 0x1f8}, 0x1, 0x0, 0x0, 0x24004810}, 0x20000000) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) 09:31:56 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) setsockopt$inet6_dccp_int(0xffffffffffffffff, 0x21, 0x10, &(0x7f0000000080)=0x3, 0x4) [ 1188.538276] hfsplus: unable to parse mount options [ 1188.556849] hfsplus: creator requires a 4 character value [ 1188.561019] hfsplus: creator requires a 4 character value [ 1188.578683] hfsplus: creator requires a 4 character value 09:31:56 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 17) [ 1188.595058] hfsplus: unable to parse mount options [ 1188.595957] hfsplus: unable to parse mount options [ 1188.604432] hfsplus: unable to parse mount options [ 1188.640087] FAULT_INJECTION: forcing a failure. [ 1188.640087] name failslab, interval 1, probability 0, space 0, times 0 [ 1188.665893] CPU: 1 PID: 28786 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1188.673901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1188.683252] Call Trace: [ 1188.685851] dump_stack+0x1b2/0x281 [ 1188.689484] should_fail.cold+0x10a/0x149 [ 1188.693634] should_failslab+0xd6/0x130 [ 1188.697619] kmem_cache_alloc_trace+0x29a/0x3d0 [ 1188.702295] ? dev_uevent_filter+0xd0/0xd0 [ 1188.706543] kobject_uevent_env+0x20c/0xf30 [ 1188.711039] ? internal_create_group+0x48f/0x710 [ 1188.715793] lo_ioctl+0x11a6/0x1cd0 [ 1188.719428] ? loop_set_status64+0xe0/0xe0 [ 1188.723663] blkdev_ioctl+0x540/0x1830 [ 1188.727551] ? blkpg_ioctl+0x8d0/0x8d0 [ 1188.731440] ? trace_hardirqs_on+0x10/0x10 [ 1188.735682] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1188.740782] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1188.745781] block_ioctl+0xd9/0x120 [ 1188.749385] ? blkdev_fallocate+0x3a0/0x3a0 [ 1188.753690] do_vfs_ioctl+0x75a/0xff0 [ 1188.757470] ? lock_acquire+0x170/0x3f0 [ 1188.761429] ? ioctl_preallocate+0x1a0/0x1a0 [ 1188.765818] ? __fget+0x265/0x3e0 [ 1188.769249] ? do_vfs_ioctl+0xff0/0xff0 [ 1188.773202] ? security_file_ioctl+0x83/0xb0 [ 1188.777602] SyS_ioctl+0x7f/0xb0 [ 1188.781002] ? do_vfs_ioctl+0xff0/0xff0 [ 1188.784971] do_syscall_64+0x1d5/0x640 [ 1188.788844] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1188.794012] RIP: 0033:0x7f322b2faea7 [ 1188.797700] RSP: 002b:00007f3229c6ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1188.805387] RAX: ffffffffffffffda RBX: 00007f322b344a20 RCX: 00007f322b2faea7 [ 1188.812637] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1188.819884] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1188.827128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 09:31:57 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 18) 09:31:57 executing program 1: r0 = socket(0x25, 0x1, 0x0) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$SMC_PNETID_FLUSH(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x34, 0x0, 0x800, 0x70bd25, 0x25dfdbfb, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x4) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r1, &(0x7f0000000880)={&(0x7f0000000240), 0xc, &(0x7f0000000840)={&(0x7f00000002c0)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TX_RATES={0x8, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x4}]}]}, 0x24}}, 0x0) (async) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="f81dffef", @ANYRES16=r2, @ANYBLOB="000227bd7000fedbdf2539000000080003001d68648a0b743508e34f06dc6e442ee72ba9cb3b36b5e2c0a2e097a659796aa3a20d2e50f5d8b9c5e5c5191dc14885c6906ab3c58fe44eecd096fd665ea5097c4d36d5569ba2a3f93f5c05bb4c55388c7ae95e9ee63be6a856da6861994345f3496f8d5e551b68a08ae9311a2247b3ca62dbdc4bbfc8495985f892d9ce195ff3da015c2270193ae490efc4c831bf9937b76656207c2ebfcf548825aeb534a652f0cde969c07437c8d2acfc003e57d8ac9bf4177f62ce", @ANYRES32=0x0, @ANYBLOB="0c0099007200000008000000b4015a80a80001801f00010024121824606c48126c481b4848090319050b6c481b183c0b24180b0014000300000005000100010120000800c2faffff1400050002001f000300ff7f33c70101020005000500070000000000050004000000000014000300ffff08002ce0050001807f00bd360900050004000000000006000100360400001400050001000100ff0f00000500000000000400140005001db2ff0fe26d7f00740001f80700b4009c00018014000300080008000700ffff01000001060004001b000100161b0b24060506241b36180209240612040404300b05480014000300070000100300c5000080008033fc000805000600000000001400030003000500200002007f007f00710a0000140005000100b10301000500c87806008e0006000500070002000000140003000200050000000400010006000400c5960500070001000000440003801400050000001f000000310c0100620000007f0005000700010000000500060001000000050007000100000012000100120b0404001b36300936032b01010000180003801400050002004449819d01000700060000100100100002800c00010001166c1b160903021c005a80180002801400050004002000fbff07001f00008075050600"], 0x1f8}, 0x1, 0x0, 0x0, 0x24004810}, 0x20000000) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) 09:31:57 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) setsockopt$inet6_dccp_int(0xffffffffffffffff, 0x21, 0x10, &(0x7f0000000080)=0x3, 0x4) 09:31:57 executing program 2: r0 = syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) ioctl$SNAPSHOT_GET_IMAGE_SIZE(r0, 0x8008330e, &(0x7f0000000000)) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (async) ioctl$SNAPSHOT_GET_IMAGE_SIZE(r0, 0x8008330e, &(0x7f0000000000)) (async) [ 1188.834381] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 09:31:57 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='pids.events\x00', 0x0, 0x0) sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)={0x54, 0x0, 0x4, 0x70bd2a, 0x25dfdbfe, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x3}, @SEG6_ATTR_DST={0x14, 0x1, @dev={0xfe, 0x80, '\x00', 0x23}}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x7}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x5}, @SEG6_ATTR_SECRET={0xc, 0x4, [0xfffffffb, 0x10000]}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x1}]}, 0x54}, 0x1, 0x0, 0x0, 0x20040000}, 0x408c000) getsockopt$inet6_dccp_int(r0, 0x21, 0x3, &(0x7f0000000040), &(0x7f0000000080)=0x4) 09:31:57 executing program 1: r0 = socket(0x25, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_GET(r3, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r2, 0xb09}, 0x14}}, 0x0) sendmsg$L2TP_CMD_TUNNEL_MODIFY(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r2, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@L2TP_ATTR_CONN_ID={0x8}, @L2TP_ATTR_UDP_ZERO_CSUM6_TX={0x5}, @L2TP_ATTR_UDP_CSUM={0x5, 0xd, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40040}, 0x44000000) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) 09:31:57 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x402, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f00000000c0)={0x0, 0x6, r0, 0x1ff, 0x80000}) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$SNAPSHOT_UNFREEZE(r2, 0x3302) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(r2, 0x3312, 0x2) r3 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000100), 0x2, 0x0) ioctl$LOOP_SET_FD(r1, 0x4c00, r3) [ 1188.920518] hfsplus: creator requires a 4 character value [ 1188.927024] FAULT_INJECTION: forcing a failure. [ 1188.927024] name failslab, interval 1, probability 0, space 0, times 0 [ 1188.941000] hfsplus: unable to parse mount options [ 1188.953377] hfsplus: creator requires a 4 character value [ 1188.953988] CPU: 1 PID: 28827 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1188.966818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1188.966921] hfsplus: unable to parse mount options [ 1188.976171] Call Trace: [ 1188.976191] dump_stack+0x1b2/0x281 [ 1188.976205] should_fail.cold+0x10a/0x149 [ 1188.976216] should_failslab+0xd6/0x130 [ 1188.976227] kmem_cache_alloc_trace+0x29a/0x3d0 [ 1188.976237] ? dev_uevent_filter+0xd0/0xd0 [ 1188.976248] kobject_uevent_env+0x20c/0xf30 [ 1188.976260] ? internal_create_group+0x48f/0x710 [ 1188.976275] lo_ioctl+0x11a6/0x1cd0 [ 1188.976286] ? loop_set_status64+0xe0/0xe0 [ 1188.976296] blkdev_ioctl+0x540/0x1830 [ 1188.976306] ? blkpg_ioctl+0x8d0/0x8d0 [ 1188.976315] ? trace_hardirqs_on+0x10/0x10 [ 1188.976329] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1188.976340] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1188.976358] block_ioctl+0xd9/0x120 [ 1189.047029] ? blkdev_fallocate+0x3a0/0x3a0 [ 1189.051361] do_vfs_ioctl+0x75a/0xff0 [ 1189.055164] ? lock_acquire+0x170/0x3f0 [ 1189.059139] ? ioctl_preallocate+0x1a0/0x1a0 [ 1189.063550] ? __fget+0x265/0x3e0 [ 1189.066999] ? do_vfs_ioctl+0xff0/0xff0 09:31:57 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x402, 0x0) (async) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) (async) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f00000000c0)={0x0, 0x6, r0, 0x1ff, 0x80000}) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$SNAPSHOT_UNFREEZE(r2, 0x3302) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(r2, 0x3312, 0x2) (async) r3 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000100), 0x2, 0x0) ioctl$LOOP_SET_FD(r1, 0x4c00, r3) [ 1189.070975] ? security_file_ioctl+0x83/0xb0 [ 1189.075383] SyS_ioctl+0x7f/0xb0 [ 1189.078748] ? do_vfs_ioctl+0xff0/0xff0 [ 1189.082721] do_syscall_64+0x1d5/0x640 [ 1189.086615] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1189.091796] RIP: 0033:0x7f463664cea7 [ 1189.095500] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1189.101734] hfsplus: creator requires a 4 character value [ 1189.103201] RAX: ffffffffffffffda RBX: 00007f4636696a20 RCX: 00007f463664cea7 09:31:57 executing program 1: r0 = socket(0x25, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_GET(r3, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r2, 0xb09}, 0x14}}, 0x0) sendmsg$L2TP_CMD_TUNNEL_MODIFY(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r2, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@L2TP_ATTR_CONN_ID={0x8}, @L2TP_ATTR_UDP_ZERO_CSUM6_TX={0x5}, @L2TP_ATTR_UDP_CSUM={0x5, 0xd, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40040}, 0x44000000) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) socket(0x25, 0x1, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) (async) syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$L2TP_CMD_SESSION_GET(r3, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r2, 0xb09}, 0x14}}, 0x0) (async) sendmsg$L2TP_CMD_TUNNEL_MODIFY(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r2, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@L2TP_ATTR_CONN_ID={0x8}, @L2TP_ATTR_UDP_ZERO_CSUM6_TX={0x5}, @L2TP_ATTR_UDP_CSUM={0x5, 0xd, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40040}, 0x44000000) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) [ 1189.103207] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1189.103212] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1189.103218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1189.103223] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1189.116374] hfsplus: creator requires a 4 character value [ 1189.150837] hfsplus: unable to parse mount options 09:31:57 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (async) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='pids.events\x00', 0x0, 0x0) sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)={0x54, 0x0, 0x4, 0x70bd2a, 0x25dfdbfe, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x3}, @SEG6_ATTR_DST={0x14, 0x1, @dev={0xfe, 0x80, '\x00', 0x23}}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x7}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x5}, @SEG6_ATTR_SECRET={0xc, 0x4, [0xfffffffb, 0x10000]}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x1}]}, 0x54}, 0x1, 0x0, 0x0, 0x20040000}, 0x408c000) getsockopt$inet6_dccp_int(r0, 0x21, 0x3, &(0x7f0000000040), &(0x7f0000000080)=0x4) 09:31:57 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 18) 09:31:57 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x402, 0x0) (async) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f00000000c0)={0x0, 0x6, r0, 0x1ff, 0x80000}) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$SNAPSHOT_UNFREEZE(r2, 0x3302) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(r2, 0x3312, 0x2) r3 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000100), 0x2, 0x0) ioctl$LOOP_SET_FD(r1, 0x4c00, r3) [ 1189.176164] hfsplus: unable to parse mount options [ 1189.184413] hfsplus: creator requires a 4 character value [ 1189.192049] hfsplus: unable to parse mount options 09:31:57 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 19) 09:31:57 executing program 2: r0 = syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) ioctl$SNAPSHOT_GET_IMAGE_SIZE(r0, 0x8008330e, &(0x7f0000000000)) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (async) ioctl$SNAPSHOT_GET_IMAGE_SIZE(r0, 0x8008330e, &(0x7f0000000000)) (async) 09:31:57 executing program 1: r0 = socket(0x25, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) (async) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_GET(r3, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r2, 0xb09}, 0x14}}, 0x0) (async) sendmsg$L2TP_CMD_TUNNEL_MODIFY(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r2, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@L2TP_ATTR_CONN_ID={0x8}, @L2TP_ATTR_UDP_ZERO_CSUM6_TX={0x5}, @L2TP_ATTR_UDP_CSUM={0x5, 0xd, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40040}, 0x44000000) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) [ 1189.255653] FAULT_INJECTION: forcing a failure. [ 1189.255653] name failslab, interval 1, probability 0, space 0, times 0 [ 1189.272915] hfsplus: creator requires a 4 character value [ 1189.296375] hfsplus: creator requires a 4 character value [ 1189.297042] hfsplus: unable to parse mount options [ 1189.303171] CPU: 1 PID: 28878 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1189.314851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1189.324199] Call Trace: [ 1189.326790] dump_stack+0x1b2/0x281 [ 1189.330418] should_fail.cold+0x10a/0x149 [ 1189.334573] should_failslab+0xd6/0x130 [ 1189.338553] kmem_cache_alloc_trace+0x29a/0x3d0 [ 1189.343228] ? dev_uevent_filter+0xd0/0xd0 [ 1189.347466] kobject_uevent_env+0x20c/0xf30 [ 1189.351786] ? internal_create_group+0x48f/0x710 [ 1189.356550] lo_ioctl+0x11a6/0x1cd0 [ 1189.360182] ? loop_set_status64+0xe0/0xe0 [ 1189.364420] blkdev_ioctl+0x540/0x1830 [ 1189.368315] ? blkpg_ioctl+0x8d0/0x8d0 [ 1189.372202] ? trace_hardirqs_on+0x10/0x10 [ 1189.376440] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1189.381547] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1189.386571] block_ioctl+0xd9/0x120 [ 1189.390198] ? blkdev_fallocate+0x3a0/0x3a0 [ 1189.394517] do_vfs_ioctl+0x75a/0xff0 [ 1189.398326] ? lock_acquire+0x170/0x3f0 [ 1189.402297] ? ioctl_preallocate+0x1a0/0x1a0 [ 1189.406710] ? __fget+0x265/0x3e0 [ 1189.410164] ? do_vfs_ioctl+0xff0/0xff0 [ 1189.414132] ? security_file_ioctl+0x83/0xb0 [ 1189.418541] SyS_ioctl+0x7f/0xb0 [ 1189.421908] ? do_vfs_ioctl+0xff0/0xff0 [ 1189.425880] do_syscall_64+0x1d5/0x640 [ 1189.429780] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1189.434967] RIP: 0033:0x7f322b2faea7 [ 1189.438667] RSP: 002b:00007f3229c6ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 09:31:57 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000080)={0x8000000000000, 0x401}) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x800000000000006, 0x9}) [ 1189.446372] RAX: ffffffffffffffda RBX: 00007f322b344a20 RCX: 00007f322b2faea7 [ 1189.453640] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1189.460908] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1189.468176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1189.475445] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1189.490734] hfsplus: unable to parse mount options 09:31:57 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (async) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='pids.events\x00', 0x0, 0x0) sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)={0x54, 0x0, 0x4, 0x70bd2a, 0x25dfdbfe, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x3}, @SEG6_ATTR_DST={0x14, 0x1, @dev={0xfe, 0x80, '\x00', 0x23}}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x7}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x5}, @SEG6_ATTR_SECRET={0xc, 0x4, [0xfffffffb, 0x10000]}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x1}]}, 0x54}, 0x1, 0x0, 0x0, 0x20040000}, 0x408c000) (async) getsockopt$inet6_dccp_int(r0, 0x21, 0x3, &(0x7f0000000040), &(0x7f0000000080)=0x4) 09:31:57 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000080)={0x8000000000000, 0x401}) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x800000000000006, 0x9}) [ 1189.497178] FAULT_INJECTION: forcing a failure. [ 1189.497178] name failslab, interval 1, probability 0, space 0, times 0 [ 1189.517352] hfsplus: creator requires a 4 character value [ 1189.523386] hfsplus: unable to parse mount options 09:31:57 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000080)={0x8000000000000, 0x401}) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x800000000000006, 0x9}) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000080)={0x8000000000000, 0x401}) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x800000000000006, 0x9}) (async) [ 1189.545099] CPU: 0 PID: 28889 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1189.553001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1189.560560] hfsplus: creator requires a 4 character value [ 1189.562349] Call Trace: [ 1189.570449] dump_stack+0x1b2/0x281 [ 1189.573361] hfsplus: unable to parse mount options [ 1189.574076] should_fail.cold+0x10a/0x149 [ 1189.574091] should_failslab+0xd6/0x130 [ 1189.574103] __kmalloc+0x2c1/0x400 [ 1189.574115] ? kobject_get_path+0xb5/0x230 09:31:57 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv4/vs/conn_reuse_mode\x00', 0x2, 0x0) sendmsg$NL80211_CMD_LEAVE_MESH(r1, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x14, 0x0, 0x30, 0x70bd27, 0x25dfdbfb, {{}, {@void, @void}}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000091}, 0x4000) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_GET(r3, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r2, 0xb09}, 0x14}}, 0x0) sendmsg$L2TP_CMD_TUNNEL_DELETE(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r2, 0x10, 0x70bd26, 0x25dfdbfb, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0xc000) setsockopt$inet6_dccp_buf(r0, 0x21, 0x80, &(0x7f0000000080)="70f111384496c7ea80ec79a5b5ada34e52e0a4e2e2fb3040a26b6e8d487715ed9acd2bc7a667cac5ea120e55b263909788ac3ec6997ec091eb090cdb3aa60d373209322ed8f2890c69511186a04889d3f1ce45bd4017af3d32a546a81c56f4a63408e0e89e6867f9629b987165fae84cd20e4785469570664e09503850863e096062909f743a4bd90a0d07e623933604804499b619ffa58265c43bc7", 0x9c) 09:31:57 executing program 4: openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x47be, 0x3}) 09:31:57 executing program 4: openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x47be, 0x3}) [ 1189.594869] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 1189.600328] kobject_get_path+0xb5/0x230 [ 1189.604401] kobject_uevent_env+0x230/0xf30 [ 1189.608730] ? internal_create_group+0x48f/0x710 [ 1189.613497] lo_ioctl+0x11a6/0x1cd0 [ 1189.617135] ? loop_set_status64+0xe0/0xe0 [ 1189.621375] blkdev_ioctl+0x540/0x1830 [ 1189.625260] ? blkpg_ioctl+0x8d0/0x8d0 [ 1189.629145] ? trace_hardirqs_on+0x10/0x10 [ 1189.633387] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1189.638496] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1189.643606] block_ioctl+0xd9/0x120 [ 1189.647238] ? blkdev_fallocate+0x3a0/0x3a0 [ 1189.651564] do_vfs_ioctl+0x75a/0xff0 [ 1189.655368] ? lock_acquire+0x170/0x3f0 [ 1189.659345] ? ioctl_preallocate+0x1a0/0x1a0 [ 1189.663762] ? __fget+0x265/0x3e0 [ 1189.667221] ? do_vfs_ioctl+0xff0/0xff0 [ 1189.671204] ? security_file_ioctl+0x83/0xb0 [ 1189.675614] SyS_ioctl+0x7f/0xb0 [ 1189.678980] ? do_vfs_ioctl+0xff0/0xff0 [ 1189.682958] do_syscall_64+0x1d5/0x640 [ 1189.686859] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1189.692046] RIP: 0033:0x7f463664cea7 [ 1189.695753] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1189.703462] RAX: ffffffffffffffda RBX: 00007f4636696a20 RCX: 00007f463664cea7 [ 1189.710729] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1189.717994] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1189.725262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1189.732524] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 09:31:57 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 19) 09:31:57 executing program 4: openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x47be, 0x3}) [ 1189.754998] hfsplus: creator requires a 4 character value [ 1189.760781] hfsplus: unable to parse mount options [ 1189.769939] hfsplus: creator requires a 4 character value [ 1189.779695] FAULT_INJECTION: forcing a failure. [ 1189.779695] name failslab, interval 1, probability 0, space 0, times 0 [ 1189.794823] hfsplus: unable to parse mount options [ 1189.804480] CPU: 0 PID: 28942 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1189.812379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1189.821729] Call Trace: [ 1189.824324] dump_stack+0x1b2/0x281 [ 1189.827957] should_fail.cold+0x10a/0x149 [ 1189.832115] should_failslab+0xd6/0x130 [ 1189.836091] __kmalloc+0x2c1/0x400 [ 1189.839632] ? kobject_get_path+0xb5/0x230 [ 1189.843893] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 1189.849348] kobject_get_path+0xb5/0x230 [ 1189.853416] kobject_uevent_env+0x230/0xf30 [ 1189.857741] ? internal_create_group+0x48f/0x710 [ 1189.862509] lo_ioctl+0x11a6/0x1cd0 [ 1189.866268] ? loop_set_status64+0xe0/0xe0 [ 1189.870520] blkdev_ioctl+0x540/0x1830 [ 1189.874394] ? blkpg_ioctl+0x8d0/0x8d0 [ 1189.878267] ? trace_hardirqs_on+0x10/0x10 [ 1189.882506] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1189.887587] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1189.892582] block_ioctl+0xd9/0x120 [ 1189.896188] ? blkdev_fallocate+0x3a0/0x3a0 [ 1189.900489] do_vfs_ioctl+0x75a/0xff0 [ 1189.904265] ? lock_acquire+0x170/0x3f0 [ 1189.908217] ? ioctl_preallocate+0x1a0/0x1a0 [ 1189.912601] ? __fget+0x265/0x3e0 [ 1189.916051] ? do_vfs_ioctl+0xff0/0xff0 [ 1189.920028] ? security_file_ioctl+0x83/0xb0 [ 1189.924410] SyS_ioctl+0x7f/0xb0 [ 1189.927751] ? do_vfs_ioctl+0xff0/0xff0 [ 1189.931701] do_syscall_64+0x1d5/0x640 [ 1189.935566] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1189.940732] RIP: 0033:0x7f322b2faea7 [ 1189.944419] RSP: 002b:00007f3229c6ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 09:31:58 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 20) 09:31:58 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv4/vs/conn_reuse_mode\x00', 0x2, 0x0) sendmsg$NL80211_CMD_LEAVE_MESH(r1, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x14, 0x0, 0x30, 0x70bd27, 0x25dfdbfb, {{}, {@void, @void}}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000091}, 0x4000) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_GET(r3, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r2, 0xb09}, 0x14}}, 0x0) sendmsg$L2TP_CMD_TUNNEL_DELETE(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r2, 0x10, 0x70bd26, 0x25dfdbfb, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0xc000) setsockopt$inet6_dccp_buf(r0, 0x21, 0x80, &(0x7f0000000080)="70f111384496c7ea80ec79a5b5ada34e52e0a4e2e2fb3040a26b6e8d487715ed9acd2bc7a667cac5ea120e55b263909788ac3ec6997ec091eb090cdb3aa60d373209322ed8f2890c69511186a04889d3f1ce45bd4017af3d32a546a81c56f4a63408e0e89e6867f9629b987165fae84cd20e4785469570664e09503850863e096062909f743a4bd90a0d07e623933604804499b619ffa58265c43bc7", 0x9c) socket(0x25, 0x1, 0x0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv4/vs/conn_reuse_mode\x00', 0x2, 0x0) (async) sendmsg$NL80211_CMD_LEAVE_MESH(r1, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x14, 0x0, 0x30, 0x70bd27, 0x25dfdbfb, {{}, {@void, @void}}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000091}, 0x4000) (async) syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$L2TP_CMD_SESSION_GET(r3, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r2, 0xb09}, 0x14}}, 0x0) (async) sendmsg$L2TP_CMD_TUNNEL_DELETE(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r2, 0x10, 0x70bd26, 0x25dfdbfb, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0xc000) (async) setsockopt$inet6_dccp_buf(r0, 0x21, 0x80, &(0x7f0000000080)="70f111384496c7ea80ec79a5b5ada34e52e0a4e2e2fb3040a26b6e8d487715ed9acd2bc7a667cac5ea120e55b263909788ac3ec6997ec091eb090cdb3aa60d373209322ed8f2890c69511186a04889d3f1ce45bd4017af3d32a546a81c56f4a63408e0e89e6867f9629b987165fae84cd20e4785469570664e09503850863e096062909f743a4bd90a0d07e623933604804499b619ffa58265c43bc7", 0x9c) (async) 09:31:58 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0xfffffffffffffffe, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$smc(&(0x7f00000003c0), r0) sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x3c, r2, 0x6, 0x70bd29, 0x25dfdbfd, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x84051) r3 = syz_genetlink_get_family_id$smc(&(0x7f00000000c0), r0) sendmsg$SMC_PNETID_DEL(r0, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000300)={&(0x7f0000000100)={0x3c, r3, 0x8, 0x70bd2d, 0x25dfdbfb, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'veth1_virt_wifi\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24000055}, 0x4080) syz_mount_image$fuse(&(0x7f0000000000), &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, 0x0, 0x80, &(0x7f00000001c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0xc000}, 0x2c, {'user_id', 0x3d, 0xffffffffffffffff}, 0x2c, {}, 0x2c, {[{@allow_other}, {@default_permissions}, {@blksize={'blksize', 0x3d, 0x1800}}, {@allow_other}, {@blksize={'blksize', 0x3d, 0x200}}, {@default_permissions}], [{@fsuuid={'fsuuid', 0x3d, {[0x35, 0x36, 0x35, 0x65, 0x38, 0x66, 0x38, 0x35], 0x2d, [0x32, 0x36, 0x39, 0x30], 0x2d, [0x61, 0x32, 0x63, 0x65], 0x2d, [0x72, 0x37, 0x0, 0x34], 0x2d, [0x39, 0x34, 0x0, 0xe9aa4cecbb52dad5, 0x30, 0x30, 0x38, 0x38]}}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'hfsplus\x00'}}, {@obj_role={'obj_role', 0x3d, '.[%/:&.[-&'}}]}}) 09:31:58 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CALIPSO_C_LIST(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x14, 0x0, 0x10}, 0x14}}, 0x40880) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$SNAPSHOT_ATOMIC_RESTORE(r1, 0x3304) sendmsg$NBD_CMD_STATUS(r2, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x50, 0x0, 0x400, 0x70bd28, 0x25dfdbfb, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x2}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x5dc}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x7f}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x1}, @NBD_ATTR_CLIENT_FLAGS={0xc}]}, 0x50}, 0x1, 0x0, 0x0, 0xc0}, 0x14040000) [ 1189.952194] RAX: ffffffffffffffda RBX: 00007f322b344a20 RCX: 00007f322b2faea7 [ 1189.959440] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1189.966683] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1189.973928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1189.981173] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 09:31:58 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) [ 1190.006886] hfsplus: creator requires a 4 character value [ 1190.032599] hfsplus: unable to parse mount options [ 1190.045943] hfsplus: creator requires a 4 character value 09:31:58 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CALIPSO_C_LIST(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x14, 0x0, 0x10}, 0x14}}, 0x40880) (async) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0) (async, rerun: 32) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (rerun: 32) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$SNAPSHOT_ATOMIC_RESTORE(r1, 0x3304) (async, rerun: 32) sendmsg$NBD_CMD_STATUS(r2, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x50, 0x0, 0x400, 0x70bd28, 0x25dfdbfb, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x2}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x5dc}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x7f}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x1}, @NBD_ATTR_CLIENT_FLAGS={0xc}]}, 0x50}, 0x1, 0x0, 0x0, 0xc0}, 0x14040000) (rerun: 32) 09:31:58 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv4/vs/conn_reuse_mode\x00', 0x2, 0x0) sendmsg$NL80211_CMD_LEAVE_MESH(r1, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x14, 0x0, 0x30, 0x70bd27, 0x25dfdbfb, {{}, {@void, @void}}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000091}, 0x4000) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_GET(r3, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r2, 0xb09}, 0x14}}, 0x0) sendmsg$L2TP_CMD_TUNNEL_DELETE(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r2, 0x10, 0x70bd26, 0x25dfdbfb, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0xc000) setsockopt$inet6_dccp_buf(r0, 0x21, 0x80, &(0x7f0000000080)="70f111384496c7ea80ec79a5b5ada34e52e0a4e2e2fb3040a26b6e8d487715ed9acd2bc7a667cac5ea120e55b263909788ac3ec6997ec091eb090cdb3aa60d373209322ed8f2890c69511186a04889d3f1ce45bd4017af3d32a546a81c56f4a63408e0e89e6867f9629b987165fae84cd20e4785469570664e09503850863e096062909f743a4bd90a0d07e623933604804499b619ffa58265c43bc7", 0x9c) socket(0x25, 0x1, 0x0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv4/vs/conn_reuse_mode\x00', 0x2, 0x0) (async) sendmsg$NL80211_CMD_LEAVE_MESH(r1, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x14, 0x0, 0x30, 0x70bd27, 0x25dfdbfb, {{}, {@void, @void}}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000091}, 0x4000) (async) syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$L2TP_CMD_SESSION_GET(r3, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r2, 0xb09}, 0x14}}, 0x0) (async) sendmsg$L2TP_CMD_TUNNEL_DELETE(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r2, 0x10, 0x70bd26, 0x25dfdbfb, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0xc000) (async) setsockopt$inet6_dccp_buf(r0, 0x21, 0x80, &(0x7f0000000080)="70f111384496c7ea80ec79a5b5ada34e52e0a4e2e2fb3040a26b6e8d487715ed9acd2bc7a667cac5ea120e55b263909788ac3ec6997ec091eb090cdb3aa60d373209322ed8f2890c69511186a04889d3f1ce45bd4017af3d32a546a81c56f4a63408e0e89e6867f9629b987165fae84cd20e4785469570664e09503850863e096062909f743a4bd90a0d07e623933604804499b619ffa58265c43bc7", 0x9c) (async) [ 1190.060675] hfsplus: unable to parse mount options [ 1190.069868] FAULT_INJECTION: forcing a failure. [ 1190.069868] name failslab, interval 1, probability 0, space 0, times 0 [ 1190.087333] CPU: 0 PID: 28963 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1190.095237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1190.104584] Call Trace: [ 1190.107173] dump_stack+0x1b2/0x281 [ 1190.110802] should_fail.cold+0x10a/0x149 [ 1190.114960] should_failslab+0xd6/0x130 [ 1190.118933] kmem_cache_alloc_node+0x263/0x410 [ 1190.118946] __alloc_skb+0x5c/0x510 [ 1190.118960] kobject_uevent_env+0x882/0xf30 [ 1190.131451] lo_ioctl+0x11a6/0x1cd0 [ 1190.135089] ? loop_set_status64+0xe0/0xe0 [ 1190.139307] blkdev_ioctl+0x540/0x1830 [ 1190.143174] ? blkpg_ioctl+0x8d0/0x8d0 [ 1190.147040] ? trace_hardirqs_on+0x10/0x10 [ 1190.151256] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1190.156337] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1190.161332] block_ioctl+0xd9/0x120 [ 1190.164935] ? blkdev_fallocate+0x3a0/0x3a0 [ 1190.169232] do_vfs_ioctl+0x75a/0xff0 [ 1190.173011] ? lock_acquire+0x170/0x3f0 [ 1190.176962] ? ioctl_preallocate+0x1a0/0x1a0 [ 1190.181355] ? __fget+0x265/0x3e0 [ 1190.184792] ? do_vfs_ioctl+0xff0/0xff0 [ 1190.188753] ? security_file_ioctl+0x83/0xb0 [ 1190.193159] SyS_ioctl+0x7f/0xb0 [ 1190.196507] ? do_vfs_ioctl+0xff0/0xff0 [ 1190.200457] do_syscall_64+0x1d5/0x640 [ 1190.204325] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1190.209491] RIP: 0033:0x7f463664cea7 [ 1190.213182] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1190.220873] RAX: ffffffffffffffda RBX: 00007f4636696a20 RCX: 00007f463664cea7 [ 1190.228129] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1190.235379] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1190.242632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1190.249889] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 09:31:58 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 20) 09:31:58 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0xfffffffffffffffe, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (async) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$smc(&(0x7f00000003c0), r0) sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x3c, r2, 0x6, 0x70bd29, 0x25dfdbfd, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x84051) (async) r3 = syz_genetlink_get_family_id$smc(&(0x7f00000000c0), r0) sendmsg$SMC_PNETID_DEL(r0, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000300)={&(0x7f0000000100)={0x3c, r3, 0x8, 0x70bd2d, 0x25dfdbfb, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'veth1_virt_wifi\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24000055}, 0x4080) (async, rerun: 64) syz_mount_image$fuse(&(0x7f0000000000), &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, 0x0, 0x80, &(0x7f00000001c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0xc000}, 0x2c, {'user_id', 0x3d, 0xffffffffffffffff}, 0x2c, {}, 0x2c, {[{@allow_other}, {@default_permissions}, {@blksize={'blksize', 0x3d, 0x1800}}, {@allow_other}, {@blksize={'blksize', 0x3d, 0x200}}, {@default_permissions}], [{@fsuuid={'fsuuid', 0x3d, {[0x35, 0x36, 0x35, 0x65, 0x38, 0x66, 0x38, 0x35], 0x2d, [0x32, 0x36, 0x39, 0x30], 0x2d, [0x61, 0x32, 0x63, 0x65], 0x2d, [0x72, 0x37, 0x0, 0x34], 0x2d, [0x39, 0x34, 0x0, 0xe9aa4cecbb52dad5, 0x30, 0x30, 0x38, 0x38]}}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'hfsplus\x00'}}, {@obj_role={'obj_role', 0x3d, '.[%/:&.[-&'}}]}}) (rerun: 64) 09:31:58 executing program 1: openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x500c0, 0x0) r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) 09:31:58 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CALIPSO_C_LIST(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x14, 0x0, 0x10}, 0x14}}, 0x40880) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r0) (async) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$SNAPSHOT_ATOMIC_RESTORE(r1, 0x3304) (async) sendmsg$NBD_CMD_STATUS(r2, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x50, 0x0, 0x400, 0x70bd28, 0x25dfdbfb, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x2}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x5dc}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x7f}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x1}, @NBD_ATTR_CLIENT_FLAGS={0xc}]}, 0x50}, 0x1, 0x0, 0x0, 0xc0}, 0x14040000) 09:31:58 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 21) [ 1190.269220] hfsplus: creator requires a 4 character value [ 1190.275450] hfsplus: unable to parse mount options [ 1190.293771] hfsplus: unable to find HFS+ superblock [ 1190.308825] hfsplus: creator requires a 4 character value 09:31:58 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) [ 1190.336304] hfsplus: unable to parse mount options 09:31:58 executing program 1: openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x500c0, 0x0) r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x500c0, 0x0) (async) socket(0x25, 0x1, 0x0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) [ 1190.363730] FAULT_INJECTION: forcing a failure. [ 1190.363730] name failslab, interval 1, probability 0, space 0, times 0 [ 1190.395783] CPU: 1 PID: 29014 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1190.403678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1190.403683] Call Trace: [ 1190.403699] dump_stack+0x1b2/0x281 [ 1190.403715] should_fail.cold+0x10a/0x149 [ 1190.423374] should_failslab+0xd6/0x130 [ 1190.427336] kmem_cache_alloc_node+0x263/0x410 [ 1190.431907] __alloc_skb+0x5c/0x510 [ 1190.435515] kobject_uevent_env+0x882/0xf30 [ 1190.439833] lo_ioctl+0x11a6/0x1cd0 [ 1190.443448] ? loop_set_status64+0xe0/0xe0 [ 1190.447670] blkdev_ioctl+0x540/0x1830 [ 1190.451552] ? blkpg_ioctl+0x8d0/0x8d0 [ 1190.455420] ? trace_hardirqs_on+0x10/0x10 [ 1190.459643] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1190.464732] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1190.469727] block_ioctl+0xd9/0x120 [ 1190.473330] ? blkdev_fallocate+0x3a0/0x3a0 [ 1190.477637] do_vfs_ioctl+0x75a/0xff0 [ 1190.481425] ? lock_acquire+0x170/0x3f0 [ 1190.485376] ? ioctl_preallocate+0x1a0/0x1a0 [ 1190.489765] ? __fget+0x265/0x3e0 [ 1190.493198] ? do_vfs_ioctl+0xff0/0xff0 [ 1190.497161] ? security_file_ioctl+0x83/0xb0 [ 1190.501557] SyS_ioctl+0x7f/0xb0 [ 1190.504900] ? do_vfs_ioctl+0xff0/0xff0 [ 1190.508862] do_syscall_64+0x1d5/0x640 [ 1190.512741] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1190.517914] RIP: 0033:0x7f322b2faea7 [ 1190.521617] RSP: 002b:00007f3229c6ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1190.529318] RAX: ffffffffffffffda RBX: 00007f322b344a20 RCX: 00007f322b2faea7 [ 1190.536567] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1190.543816] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1190.551071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1190.558334] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1190.573201] FAULT_INJECTION: forcing a failure. [ 1190.573201] name failslab, interval 1, probability 0, space 0, times 0 [ 1190.578878] hfsplus: creator requires a 4 character value [ 1190.598664] hfsplus: unable to parse mount options [ 1190.605217] CPU: 1 PID: 29020 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 09:31:58 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0xd0000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) ioctl$SNAPSHOT_CREATE_IMAGE(r0, 0x40043311, &(0x7f00000002c0)) sendmsg$SEG6_CMD_DUMPHMAC(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="db"], 0x44}}, 0x0) sendmsg$SEG6_CMD_SET_TUNSRC(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r2, 0x200, 0x70bd29, 0x25dfdbff, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x7ff}]}, 0xfffffffffffffee2}, 0x1, 0x0, 0x0, 0x8084}, 0x24004894) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r3, 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$SEG6_CMD_DUMPHMAC(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="db"], 0x44}}, 0x0) sendmsg$SEG6_CMD_SET_TUNSRC(r3, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x24, r5, 0x10, 0x70bd26, 0x25dfdbfe, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x6}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x3f}]}, 0x24}, 0x1, 0x0, 0x0, 0x20008014}, 0x4000800) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x3, 0x9}) ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304) 09:31:58 executing program 1: openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x500c0, 0x0) (async, rerun: 64) r0 = socket(0x25, 0x1, 0x0) (rerun: 64) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) 09:31:58 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0xfffffffffffffffe, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (async) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) r1 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) r2 = syz_genetlink_get_family_id$smc(&(0x7f00000003c0), r0) (rerun: 32) sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x3c, r2, 0x6, 0x70bd29, 0x25dfdbfd, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x84051) r3 = syz_genetlink_get_family_id$smc(&(0x7f00000000c0), r0) sendmsg$SMC_PNETID_DEL(r0, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000300)={&(0x7f0000000100)={0x3c, r3, 0x8, 0x70bd2d, 0x25dfdbfb, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'veth1_virt_wifi\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24000055}, 0x4080) syz_mount_image$fuse(&(0x7f0000000000), &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, 0x0, 0x80, &(0x7f00000001c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0xc000}, 0x2c, {'user_id', 0x3d, 0xffffffffffffffff}, 0x2c, {}, 0x2c, {[{@allow_other}, {@default_permissions}, {@blksize={'blksize', 0x3d, 0x1800}}, {@allow_other}, {@blksize={'blksize', 0x3d, 0x200}}, {@default_permissions}], [{@fsuuid={'fsuuid', 0x3d, {[0x35, 0x36, 0x35, 0x65, 0x38, 0x66, 0x38, 0x35], 0x2d, [0x32, 0x36, 0x39, 0x30], 0x2d, [0x61, 0x32, 0x63, 0x65], 0x2d, [0x72, 0x37, 0x0, 0x34], 0x2d, [0x39, 0x34, 0x0, 0xe9aa4cecbb52dad5, 0x30, 0x30, 0x38, 0x38]}}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'hfsplus\x00'}}, {@obj_role={'obj_role', 0x3d, '.[%/:&.[-&'}}]}}) [ 1190.613114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1190.622463] Call Trace: [ 1190.625049] dump_stack+0x1b2/0x281 [ 1190.628682] should_fail.cold+0x10a/0x149 [ 1190.632836] should_failslab+0xd6/0x130 [ 1190.636817] kmem_cache_alloc_node+0x263/0x410 [ 1190.641398] __alloc_skb+0x5c/0x510 [ 1190.645023] kobject_uevent_env+0x882/0xf30 [ 1190.649348] lo_ioctl+0x11a6/0x1cd0 [ 1190.653068] ? loop_set_status64+0xe0/0xe0 [ 1190.657390] blkdev_ioctl+0x540/0x1830 [ 1190.661278] ? blkpg_ioctl+0x8d0/0x8d0 09:31:58 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0xd0000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) ioctl$SNAPSHOT_CREATE_IMAGE(r0, 0x40043311, &(0x7f00000002c0)) sendmsg$SEG6_CMD_DUMPHMAC(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="db"], 0x44}}, 0x0) sendmsg$SEG6_CMD_SET_TUNSRC(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r2, 0x200, 0x70bd29, 0x25dfdbff, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x7ff}]}, 0xfffffffffffffee2}, 0x1, 0x0, 0x0, 0x8084}, 0x24004894) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r3, 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$SEG6_CMD_DUMPHMAC(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="db"], 0x44}}, 0x0) sendmsg$SEG6_CMD_SET_TUNSRC(r3, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x24, r5, 0x10, 0x70bd26, 0x25dfdbfe, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x6}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x3f}]}, 0x24}, 0x1, 0x0, 0x0, 0x20008014}, 0x4000800) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x3, 0x9}) ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0xd0000, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) (async) ioctl$SNAPSHOT_CREATE_IMAGE(r0, 0x40043311, &(0x7f00000002c0)) (async) sendmsg$SEG6_CMD_DUMPHMAC(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="db"], 0x44}}, 0x0) (async) sendmsg$SEG6_CMD_SET_TUNSRC(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r2, 0x200, 0x70bd29, 0x25dfdbff, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x7ff}]}, 0xfffffffffffffee2}, 0x1, 0x0, 0x0, 0x8084}, 0x24004894) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$SMC_PNETID_DEL(r3, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) (async) sendmsg$SEG6_CMD_DUMPHMAC(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="db"], 0x44}}, 0x0) (async) sendmsg$SEG6_CMD_SET_TUNSRC(r3, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x24, r5, 0x10, 0x70bd26, 0x25dfdbfe, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x6}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x3f}]}, 0x24}, 0x1, 0x0, 0x0, 0x20008014}, 0x4000800) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x3, 0x9}) (async) ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304) (async) [ 1190.665166] ? trace_hardirqs_on+0x10/0x10 [ 1190.669403] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1190.674495] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1190.674511] block_ioctl+0xd9/0x120 [ 1190.674521] ? blkdev_fallocate+0x3a0/0x3a0 [ 1190.687530] do_vfs_ioctl+0x75a/0xff0 [ 1190.691329] ? lock_acquire+0x170/0x3f0 [ 1190.695301] ? ioctl_preallocate+0x1a0/0x1a0 [ 1190.699717] ? __fget+0x265/0x3e0 [ 1190.703175] ? do_vfs_ioctl+0xff0/0xff0 [ 1190.707154] ? security_file_ioctl+0x83/0xb0 [ 1190.711564] SyS_ioctl+0x7f/0xb0 09:31:58 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0xd0000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) ioctl$SNAPSHOT_CREATE_IMAGE(r0, 0x40043311, &(0x7f00000002c0)) (async) sendmsg$SEG6_CMD_DUMPHMAC(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="db"], 0x44}}, 0x0) (async) sendmsg$SEG6_CMD_SET_TUNSRC(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r2, 0x200, 0x70bd29, 0x25dfdbff, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x7ff}]}, 0xfffffffffffffee2}, 0x1, 0x0, 0x0, 0x8084}, 0x24004894) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r3, 0x0, 0x0) (async) r4 = socket$nl_generic(0x10, 0x3, 0x10) (async) r5 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$SEG6_CMD_DUMPHMAC(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="db"], 0x44}}, 0x0) (async) sendmsg$SEG6_CMD_SET_TUNSRC(r3, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x24, r5, 0x10, 0x70bd26, 0x25dfdbfe, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x6}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x3f}]}, 0x24}, 0x1, 0x0, 0x0, 0x20008014}, 0x4000800) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x3, 0x9}) ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304) [ 1190.714939] ? do_vfs_ioctl+0xff0/0xff0 [ 1190.718933] do_syscall_64+0x1d5/0x640 [ 1190.722826] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1190.728013] RIP: 0033:0x7f463664cea7 [ 1190.731717] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1190.739423] RAX: ffffffffffffffda RBX: 00007f4636696a20 RCX: 00007f463664cea7 [ 1190.746690] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1190.754043] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f4634fc21d0 09:31:59 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 21) 09:31:59 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) ioctl$SNAPSHOT_S2RAM(r1, 0x330b) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x3, 0x9}) r2 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x141000, 0x0) ioctl$SOUND_MIXER_INFO(r2, 0x805c4d65, &(0x7f00000000c0)) [ 1190.758678] hfsplus: unable to find HFS+ superblock [ 1190.761319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1190.761326] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1190.783136] hfsplus: creator requires a 4 character value [ 1190.785693] hfsplus: creator requires a 4 character value 09:31:59 executing program 1: openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0) r0 = socket(0x25, 0x1, 0x0) write$P9_RMKDIR(0xffffffffffffffff, &(0x7f0000000100)={0x14, 0x49, 0x2, {0x2, 0x2, 0x1}}, 0x14) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='memory.swap.current\x00', 0x0, 0x0) write$P9_RVERSION(r1, &(0x7f0000000180)={0x15, 0x65, 0xffff, 0x1, 0x8, '9P2000.L'}, 0x15) getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000080)=0x3, &(0x7f00000000c0)=0x4) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) [ 1190.812156] hfsplus: unable to parse mount options [ 1190.828946] FAULT_INJECTION: forcing a failure. [ 1190.828946] name failslab, interval 1, probability 0, space 0, times 0 [ 1190.849538] CPU: 0 PID: 29065 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1190.857529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1190.857889] hfsplus: unable to parse mount options [ 1190.867096] Call Trace: [ 1190.867116] dump_stack+0x1b2/0x281 [ 1190.867130] should_fail.cold+0x10a/0x149 [ 1190.867144] should_failslab+0xd6/0x130 [ 1190.867158] kmem_cache_alloc_node_trace+0x25a/0x400 [ 1190.867170] __kmalloc_node_track_caller+0x38/0x70 [ 1190.867182] __alloc_skb+0x96/0x510 [ 1190.899995] kobject_uevent_env+0x882/0xf30 [ 1190.904331] lo_ioctl+0x11a6/0x1cd0 [ 1190.907962] ? loop_set_status64+0xe0/0xe0 [ 1190.912207] blkdev_ioctl+0x540/0x1830 09:31:59 executing program 1: openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0) (async) r0 = socket(0x25, 0x1, 0x0) write$P9_RMKDIR(0xffffffffffffffff, &(0x7f0000000100)={0x14, 0x49, 0x2, {0x2, 0x2, 0x1}}, 0x14) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='memory.swap.current\x00', 0x0, 0x0) write$P9_RVERSION(r1, &(0x7f0000000180)={0x15, 0x65, 0xffff, 0x1, 0x8, '9P2000.L'}, 0x15) (async) getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000080)=0x3, &(0x7f00000000c0)=0x4) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) [ 1190.916109] ? blkpg_ioctl+0x8d0/0x8d0 [ 1190.920002] ? trace_hardirqs_on+0x10/0x10 [ 1190.924244] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1190.929343] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1190.934351] block_ioctl+0xd9/0x120 [ 1190.937968] ? blkdev_fallocate+0x3a0/0x3a0 [ 1190.942281] do_vfs_ioctl+0x75a/0xff0 [ 1190.946069] ? lock_acquire+0x170/0x3f0 [ 1190.950042] ? ioctl_preallocate+0x1a0/0x1a0 [ 1190.954450] ? __fget+0x265/0x3e0 [ 1190.957893] ? do_vfs_ioctl+0xff0/0xff0 [ 1190.961847] ? security_file_ioctl+0x83/0xb0 [ 1190.966242] SyS_ioctl+0x7f/0xb0 [ 1190.969589] ? do_vfs_ioctl+0xff0/0xff0 [ 1190.973544] do_syscall_64+0x1d5/0x640 [ 1190.977414] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1190.982582] RIP: 0033:0x7f322b2faea7 [ 1190.986286] RSP: 002b:00007f3229c6ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1190.993979] RAX: ffffffffffffffda RBX: 00007f322b344a20 RCX: 00007f322b2faea7 [ 1191.001230] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1191.008481] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1191.015730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1191.022986] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1191.045868] hfsplus: creator requires a 4 character value [ 1191.056880] hfsplus: unable to parse mount options 09:31:59 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 22) 09:31:59 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) ioctl$SNAPSHOT_S2RAM(r1, 0x330b) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x3, 0x9}) (async) r2 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x141000, 0x0) ioctl$SOUND_MIXER_INFO(r2, 0x805c4d65, &(0x7f00000000c0)) 09:31:59 executing program 1: openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0) r0 = socket(0x25, 0x1, 0x0) (async) write$P9_RMKDIR(0xffffffffffffffff, &(0x7f0000000100)={0x14, 0x49, 0x2, {0x2, 0x2, 0x1}}, 0x14) (async) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='memory.swap.current\x00', 0x0, 0x0) write$P9_RVERSION(r1, &(0x7f0000000180)={0x15, 0x65, 0xffff, 0x1, 0x8, '9P2000.L'}, 0x15) (async) getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000000080)=0x3, &(0x7f00000000c0)=0x4) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) 09:31:59 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB]) 09:31:59 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="000000000000000600000000001d2ae0fad20517838c59b54230e834e9918b3902bf73280c189771d5e578c2f016ae3b6961a05c284d535a6cb0f538830b8421f049c3f78ab1e9bb09c121"]) 09:31:59 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 22) 09:31:59 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r0, 0x0, 0x0) sendmsg$NL80211_CMD_LEAVE_MESH(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, 0x0, 0x100, 0x70bd2d, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0xff, 0x22}}}}, ["", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x880) r1 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r1) r2 = socket(0x2b, 0x6, 0x3) sendmsg$L2TP_CMD_NOOP(r1, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x78, 0x0, 0x4, 0x70bd2c, 0x25dfdbfb, {}, [@L2TP_ATTR_IP6_DADDR={0x14, 0x20, @loopback}, @L2TP_ATTR_FD={0x8, 0x17, @udp=r2}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x7}, @L2TP_ATTR_OFFSET={0x6, 0x3, 0xffc1}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}}, @L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_L2SPEC_LEN={0x5, 0x6, 0xcc}, @L2TP_ATTR_IFNAME={0x14, 0x8, 'tunl0\x00'}]}, 0x78}, 0x1, 0x0, 0x0, 0x200000d0}, 0x8000) 09:31:59 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) ioctl$SNAPSHOT_S2RAM(r1, 0x330b) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x3, 0x9}) r2 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x141000, 0x0) ioctl$SOUND_MIXER_INFO(r2, 0x805c4d65, &(0x7f00000000c0)) [ 1191.123834] hfsplus: unable to find HFS+ superblock [ 1191.136110] hfsplus: unable to find HFS+ superblock [ 1191.149233] FAULT_INJECTION: forcing a failure. [ 1191.149233] name failslab, interval 1, probability 0, space 0, times 0 09:31:59 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r0, 0x0, 0x0) (async) sendmsg$NL80211_CMD_LEAVE_MESH(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, 0x0, 0x100, 0x70bd2d, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0xff, 0x22}}}}, ["", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x880) (async, rerun: 32) r1 = socket(0x25, 0x1, 0x0) (rerun: 32) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r1) (async) r2 = socket(0x2b, 0x6, 0x3) sendmsg$L2TP_CMD_NOOP(r1, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x78, 0x0, 0x4, 0x70bd2c, 0x25dfdbfb, {}, [@L2TP_ATTR_IP6_DADDR={0x14, 0x20, @loopback}, @L2TP_ATTR_FD={0x8, 0x17, @udp=r2}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x7}, @L2TP_ATTR_OFFSET={0x6, 0x3, 0xffc1}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}}, @L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_L2SPEC_LEN={0x5, 0x6, 0xcc}, @L2TP_ATTR_IFNAME={0x14, 0x8, 'tunl0\x00'}]}, 0x78}, 0x1, 0x0, 0x0, 0x200000d0}, 0x8000) [ 1191.174490] CPU: 0 PID: 29099 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1191.182395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1191.191745] Call Trace: [ 1191.194336] dump_stack+0x1b2/0x281 [ 1191.197965] should_fail.cold+0x10a/0x149 [ 1191.202108] should_failslab+0xd6/0x130 [ 1191.206088] kmem_cache_alloc_node_trace+0x25a/0x400 [ 1191.211189] __kmalloc_node_track_caller+0x38/0x70 [ 1191.216106] __alloc_skb+0x96/0x510 [ 1191.219737] kobject_uevent_env+0x882/0xf30 [ 1191.224048] lo_ioctl+0x11a6/0x1cd0 [ 1191.227664] ? loop_set_status64+0xe0/0xe0 [ 1191.231887] blkdev_ioctl+0x540/0x1830 [ 1191.235764] ? blkpg_ioctl+0x8d0/0x8d0 [ 1191.239635] ? trace_hardirqs_on+0x10/0x10 [ 1191.243862] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1191.248943] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1191.253938] block_ioctl+0xd9/0x120 [ 1191.257547] ? blkdev_fallocate+0x3a0/0x3a0 [ 1191.261850] do_vfs_ioctl+0x75a/0xff0 [ 1191.265634] ? lock_acquire+0x170/0x3f0 [ 1191.269586] ? ioctl_preallocate+0x1a0/0x1a0 [ 1191.273976] ? __fget+0x265/0x3e0 [ 1191.277411] ? do_vfs_ioctl+0xff0/0xff0 [ 1191.281372] ? security_file_ioctl+0x83/0xb0 [ 1191.285781] SyS_ioctl+0x7f/0xb0 [ 1191.289123] ? do_vfs_ioctl+0xff0/0xff0 [ 1191.293083] do_syscall_64+0x1d5/0x640 [ 1191.296956] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1191.302124] RIP: 0033:0x7f322b2faea7 [ 1191.305815] RSP: 002b:00007f3229c6ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1191.313498] RAX: ffffffffffffffda RBX: 00007f322b344a20 RCX: 00007f322b2faea7 [ 1191.320753] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1191.328006] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1191.335264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1191.342518] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1191.354808] FAULT_INJECTION: forcing a failure. [ 1191.354808] name failslab, interval 1, probability 0, space 0, times 0 [ 1191.367653] hfsplus: creator requires a 4 character value 09:31:59 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) ioctl$SOUND_MIXER_READ_VOLUME(r1, 0x80044d13, &(0x7f0000000080)) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r2, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x14, r4, 0x1}, 0x14}}, 0x0) sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x58, r4, 0x800, 0x70bd2a, 0x25dfdbfb, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'caif0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x20040000}, 0x40080) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r5, 0x0, 0x0) syz_genetlink_get_family_id$smc(&(0x7f00000000c0), r5) 09:31:59 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) (async) ioctl$SOUND_MIXER_READ_VOLUME(r1, 0x80044d13, &(0x7f0000000080)) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r2, 0x0, 0x0) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) (async) r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x14, r4, 0x1}, 0x14}}, 0x0) (async) sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x58, r4, 0x800, 0x70bd2a, 0x25dfdbfb, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'caif0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x20040000}, 0x40080) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r5, 0x0, 0x0) (async, rerun: 32) syz_genetlink_get_family_id$smc(&(0x7f00000000c0), r5) (rerun: 32) [ 1191.373588] CPU: 0 PID: 29102 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1191.381470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1191.390820] Call Trace: [ 1191.393407] dump_stack+0x1b2/0x281 [ 1191.397046] should_fail.cold+0x10a/0x149 [ 1191.401216] should_failslab+0xd6/0x130 [ 1191.405199] kmem_cache_alloc_node+0x263/0x410 [ 1191.407969] hfsplus: unable to parse mount options [ 1191.409779] __alloc_skb+0x5c/0x510 [ 1191.409796] kobject_uevent_env+0x882/0xf30 09:31:59 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) (async) ioctl$SOUND_MIXER_READ_VOLUME(r1, 0x80044d13, &(0x7f0000000080)) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r2, 0x0, 0x0) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) (async) r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x14, r4, 0x1}, 0x14}}, 0x0) (async) sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x58, r4, 0x800, 0x70bd2a, 0x25dfdbfb, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'caif0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x20040000}, 0x40080) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r5, 0x0, 0x0) syz_genetlink_get_family_id$smc(&(0x7f00000000c0), r5) [ 1191.409819] lo_ioctl+0x11a6/0x1cd0 [ 1191.409832] ? loop_set_status64+0xe0/0xe0 [ 1191.430497] blkdev_ioctl+0x540/0x1830 [ 1191.434388] ? blkpg_ioctl+0x8d0/0x8d0 [ 1191.438274] ? trace_hardirqs_on+0x10/0x10 [ 1191.442518] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1191.447620] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1191.452644] block_ioctl+0xd9/0x120 [ 1191.456274] ? blkdev_fallocate+0x3a0/0x3a0 [ 1191.460603] do_vfs_ioctl+0x75a/0xff0 [ 1191.464407] ? lock_acquire+0x170/0x3f0 [ 1191.468384] ? ioctl_preallocate+0x1a0/0x1a0 [ 1191.472787] ? __fget+0x265/0x3e0 [ 1191.476222] ? do_vfs_ioctl+0xff0/0xff0 [ 1191.480181] ? security_file_ioctl+0x83/0xb0 [ 1191.484583] SyS_ioctl+0x7f/0xb0 [ 1191.487941] ? do_vfs_ioctl+0xff0/0xff0 [ 1191.491904] do_syscall_64+0x1d5/0x640 [ 1191.495781] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1191.500953] RIP: 0033:0x7f463664cea7 [ 1191.504646] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1191.512346] RAX: ffffffffffffffda RBX: 00007f4636696a20 RCX: 00007f463664cea7 [ 1191.519600] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1191.526850] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1191.534101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1191.541351] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1191.569096] hfsplus: creator requires a 4 character value [ 1191.590060] hfsplus: unable to parse mount options 09:31:59 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 23) 09:31:59 executing program 4: shmctl$SHM_STAT_ANY(0x0, 0xf, &(0x7f0000000080)=""/3) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) 09:31:59 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r0, 0x0, 0x0) (async, rerun: 64) sendmsg$NL80211_CMD_LEAVE_MESH(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, 0x0, 0x100, 0x70bd2d, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0xff, 0x22}}}}, ["", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x880) (rerun: 64) r1 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r1) (async) r2 = socket(0x2b, 0x6, 0x3) sendmsg$L2TP_CMD_NOOP(r1, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x78, 0x0, 0x4, 0x70bd2c, 0x25dfdbfb, {}, [@L2TP_ATTR_IP6_DADDR={0x14, 0x20, @loopback}, @L2TP_ATTR_FD={0x8, 0x17, @udp=r2}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x7}, @L2TP_ATTR_OFFSET={0x6, 0x3, 0xffc1}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}}, @L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_L2SPEC_LEN={0x5, 0x6, 0xcc}, @L2TP_ATTR_IFNAME={0x14, 0x8, 'tunl0\x00'}]}, 0x78}, 0x1, 0x0, 0x0, 0x200000d0}, 0x8000) 09:31:59 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="000000000000000600000000001d2ae0fad20517838c59b54230e834e9918b3902bf73280c189771d5e578c2f016ae3b6961a05c284d535a6cb0f538830b8421f049c3f78ab1e9bb09c121"]) 09:31:59 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) r0 = geteuid() syz_mount_image$xfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x82ed, 0x4, &(0x7f0000000300)=[{&(0x7f0000000080)="ad4757f16e53ba31d3359f9810ae2d67f775d56c2fe950bc0a31dba3f9ee76f5a7851c1690a4de98fed46cc8bb9cf86d3f13f1bfc744fd41a86ff073b8dc6659c5c444c1e89eac3f26596a2405203794b3e06ecf7c453f3c8703cd8cce32d5f07af5f70281281ec890bafd3123bd1e14f5b9eb25412cb8e5a9b532ca12dc5e5b66179d7e8bbaeb980c81e08b77c93c3b0606791042af881102de8b", 0x9b, 0xdeef}, {&(0x7f00000001c0)="5eaaaee0db55de093c4c297aa0be8fe4862642452354ff14829f9a89dde10875d393c15f0f8c466b7927936c95c550524f90acc815dad4121e92b938902a392e00fa038b9e", 0x45, 0x7}, {&(0x7f0000000240)="bfd91558bbacc275a45414e0b3738cefb536bdaf95739fa7", 0x18, 0x581}, {&(0x7f0000000280)="98375134ec2dadd60738096810933970d71171005c6228d3f6b53cc9510794e6c7edab686feb2e29d53a28e61477e65c7717eb2a6905cbe4c6c4d246dd97597d481e02f2a02322b5c904544e727a1b91c6396c07aa04333619dcf92fa5", 0x5d, 0x7}], 0x2004, &(0x7f0000000480)={[{@allocsize={'allocsize', 0x3d, [0x32]}}, {@sunit={'sunit', 0x3d, 0x8}}, {@discard}, {@allocsize={'allocsize', 0x3d, [0x38, 0x34]}}, {@gquota}, {@nolargeio}], [{@smackfsfloor={'smackfsfloor', 0x3d, '\xe1@\',:[U-@[][^@'}}, {@seclabel}, {@fsuuid={'fsuuid', 0x3d, {[0x31, 0x35, 0x61, 0x62, 0x57, 0x65, 0x65, 0x33], 0x2d, [0x36, 0x38, 0x32, 0x34], 0x2d, [0x33, 0x61, 0x62, 0x63], 0x2d, [0x38, 0x61, 0x32, 0x62], 0x2d, [0x39, 0x38, 0x64, 0x32, 0x62, 0x35, 0x61, 0x30]}}}, {@smackfstransmute={'smackfstransmute', 0x3d, '#^'}}, {@fowner_eq}, {@obj_role={'obj_role', 0x3d, 'hfsplus\x00'}}, {@euid_lt={'euid<', r0}}]}) 09:31:59 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 23) 09:31:59 executing program 4: shmctl$SHM_STAT_ANY(0x0, 0xf, &(0x7f0000000080)=""/3) (async) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) 09:32:00 executing program 1: r0 = socket(0x25, 0x800, 0x0) sendmsg$SMC_PNETID_ADD(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x80, 0x0, 0x8, 0x70bd2d, 0x25dfdbfb, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'wg1\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'netdevsim0\x00'}, @SMC_PNETID_IBNAME={0x8, 0x3, 'syz1\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_NAME={0x0, 0x1, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x69, 0x4, 0x1}]}, 0x80}, 0x1, 0x0, 0x0, 0x20000040}, 0x20008010) syz_genetlink_get_family_id$SEG6(&(0x7f0000000180), r0) 09:32:00 executing program 4: shmctl$SHM_STAT_ANY(0x0, 0xf, &(0x7f0000000080)=""/3) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) shmctl$SHM_STAT_ANY(0x0, 0xf, &(0x7f0000000080)=""/3) (async) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) [ 1191.715444] hfsplus: creator requires a 4 character value [ 1191.743573] FAULT_INJECTION: forcing a failure. [ 1191.743573] name failslab, interval 1, probability 0, space 0, times 0 09:32:00 executing program 1: r0 = socket(0x25, 0x800, 0x0) sendmsg$SMC_PNETID_ADD(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x80, 0x0, 0x8, 0x70bd2d, 0x25dfdbfb, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'wg1\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'netdevsim0\x00'}, @SMC_PNETID_IBNAME={0x8, 0x3, 'syz1\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_NAME={0x0, 0x1, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x69, 0x4, 0x1}]}, 0x80}, 0x1, 0x0, 0x0, 0x20000040}, 0x20008010) syz_genetlink_get_family_id$SEG6(&(0x7f0000000180), r0) [ 1191.795399] hfsplus: unable to parse mount options 09:32:00 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r1) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r1, &(0x7f0000000840)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000800)={&(0x7f0000000180)={0x670, r2, 0x100, 0x48a1, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_TX_RATES={0x4c, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x48, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x11, 0x2, [{0x6}, {0x2, 0x4}, {0x0, 0x7}, {0x0, 0x7}, {0x7}, {0x6, 0x3}, {0x5, 0x2}, {0x2, 0x5}, {0x7, 0xa}, {0x2, 0x9}, {0x3, 0x4}, {0x7, 0xa}, {0x4, 0x2}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x89, 0x4, 0x0, 0x1, 0x3, 0x1, 0x101, 0x3]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x5, 0x4, 0x1, 0x8, 0x6, 0x6438, 0x4, 0x9]}}]}]}, @NL80211_ATTR_TX_RATES={0x178, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xdc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x9, 0x208, 0x800, 0x2, 0x9, 0x1f, 0xbaf]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HT={0x28, 0x2, [{0x3, 0x3}, {0x2, 0x7}, {0x0, 0x5}, {0x0, 0x4}, {0x1, 0xa}, {0x1, 0x9}, {0x6, 0x4}, {0x1, 0x4}, {0x1, 0xa}, {0x0, 0x5}, {0x7, 0x9}, {0x2, 0x4}, {0x3, 0x7}, {0x0, 0x3}, {0x7, 0x1}, {0x1, 0xb}, {0x4, 0x2}, {0x4, 0x4}, {0x7, 0x9}, {0x1}, {0x2, 0x4}, {0x6, 0x6}, {0x1, 0x6}, {0x1, 0x8}, {0x1, 0x7}, {0x1, 0x9}, {0x1, 0x8}, {0x5, 0x4}, {0x4, 0xa}, {0x4, 0x9}, {0x0, 0x5}, {0x6}, {0x2, 0x1}, {0x5, 0x5}, {0x6, 0x8}, {0x6, 0x3}]}, @NL80211_TXRATE_LEGACY={0x24, 0x1, [0x18, 0x6, 0x18, 0xc, 0xc, 0x9, 0x7, 0xc, 0xc, 0x60, 0x5, 0x60, 0x6c, 0x1, 0x5, 0x18, 0x5, 0x12, 0x3, 0x30, 0xc, 0x6c, 0x3, 0x3, 0xc, 0x1, 0x12, 0x6, 0xc, 0x6, 0x50, 0x4]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x4a, 0x2, [{0x4}, {0x0, 0x1}, {0x1, 0x2}, {0x5, 0xa}, {0x1, 0x7}, {0x4, 0x6}, {0x5, 0x6}, {0x5, 0x2}, {0x4, 0x3}, {0x7, 0xa}, {0x2, 0x4}, {0x6, 0x5}, {0x4, 0x7}, {0x0, 0xa}, {0x2, 0x3}, {0x0, 0x9}, {0x2, 0x3}, {0x2}, {0x0, 0x5}, {0x6}, {0x6, 0x3}, {0x1, 0xa}, {0x7, 0x3}, {0x5, 0x2}, {0x5, 0x6}, {0x7, 0x2}, {0x7, 0x5}, {0x4, 0x7}, {0x2, 0x5}, {0x2, 0x8}, {0x6, 0x6}, {}, {0x5}, {0x5, 0x3}, {0x0, 0x5}, {0x1, 0x7}, {0x3, 0x6}, {0x6, 0x1}, {0x2, 0x2}, {0x1, 0x8}, {0x7, 0x3}, {0x1, 0x8}, {0x3, 0x1}, {0x1, 0x8}, {0x0, 0x1}, {0x5}, {0x1, 0x5}, {0x4, 0x7}, {0x0, 0x3}, {0x0, 0x1d}, {0x2, 0x8}, {0x2, 0x9}, {0x4, 0x2}, {0x1, 0x1}, {0x3, 0x5}, {0x2, 0x8}, {0x0, 0x4}, {0x1, 0x7}, {0x0, 0x4}, {0x5, 0x9}, {0x0, 0x5}, {0x6, 0x8}, {0x6, 0x9}, {}, {0x5, 0x8}, {0x4, 0x9}, {0x2, 0x3}, {0x3, 0x2}, {0x6}, {0x3, 0x4}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x10, 0x0, 0x6, 0x4, 0x7, 0x6, 0x7fff, 0xe63]}}]}, @NL80211_BAND_60GHZ={0x8c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x15, 0x1, [0x5, 0x4, 0x5, 0x30, 0x6, 0x6c, 0x2, 0x36, 0x12, 0xb, 0x6c, 0x18, 0x1, 0x6, 0x5c, 0x30, 0x1b]}, @NL80211_TXRATE_HT={0x3e, 0x2, [{}, {0x2, 0x5}, {0x7, 0x6}, {0x0, 0x1}, {0x4, 0x2}, {0x3, 0x2}, {0x0, 0x9}, {0x6, 0x6}, {0x7, 0x6}, {0x3, 0x6}, {0x5, 0x3}, {0x7, 0xa}, {0x0, 0x8}, {0x6, 0x1}, {0x6, 0xa}, {0x6, 0x5}, {0x6, 0x4}, {0x5}, {0x4, 0x7}, {0x1, 0x2}, {0x7, 0x3}, {0x2, 0x7}, {0x1, 0x6}, {0x7, 0x1}, {0x0, 0x3}, {0x1, 0x6}, {0x0, 0x5}, {0x0, 0x5}, {0x1, 0x8}, {0x6, 0xa}, {0x4, 0x4}, {0x2, 0x9}, {0x5, 0x9}, {0x2, 0xa}, {0x4, 0x9}, {0x6, 0x1}, {0x3, 0x4}, {0x1, 0x5}, {0x7, 0x9}, {0x3, 0x7}, {0x2}, {0x1, 0xa}, {0x5, 0x6}, {0x5}, {0x5}, {0x0, 0x2}, {0x6, 0x5}, {0x0, 0x5}, {0x2, 0xa}, {0x1, 0x1}, {0x2, 0x8}, {0x4, 0x8}, {0x7, 0xa}, {0x1, 0x3}, {0x7, 0x6}, {}, {0x6, 0xa}, {0x1, 0x2}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0x7, 0x9, 0x100, 0x8, 0x7, 0x2]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HT={0xb, 0x2, [{0x1, 0x8}, {0x0, 0x8}, {0x1, 0x4}, {0x1, 0x8}, {0x3}, {0x5, 0xa}, {0x4, 0x4}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}]}]}, @NL80211_ATTR_TX_RATES={0x130, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_5GHZ={0x48, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x40, 0x9, 0x1, 0x2, 0x800, 0x5, 0x105, 0x40]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x25, 0x2, [{0x2, 0x3}, {0x7, 0x4}, {0x4, 0x4}, {0x6, 0xa}, {0x7, 0x3}, {0x3, 0x3}, {0x3, 0x5}, {0x7, 0x6}, {0x1, 0x8}, {0x4, 0x2}, {0x7, 0x3}, {0x0, 0x6}, {0x5, 0x8}, {0x5, 0x2}, {0x4, 0xa}, {0x1, 0x8}, {0x0, 0x7}, {0x6, 0x9}, {0x2, 0x7}, {0x3, 0x3}, {0x5, 0x2}, {0x4, 0x7}, {0x0, 0x1}, {0x0, 0x9}, {0x4}, {0x3, 0x1}, {0x4, 0x7}, {0x3, 0x1}, {0x0, 0xa}, {0x1}, {0x1, 0x4}, {0x5}, {0x6, 0x4}]}]}, @NL80211_BAND_6GHZ={0x1c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_2GHZ={0x74, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x18, 0x1, [0x2, 0x60, 0x4, 0x0, 0x6, 0x16, 0xf571df87c3f34c90, 0x9, 0x18, 0x48, 0x5d, 0x6, 0xc, 0x12, 0x6, 0xc, 0x5, 0x48, 0x9, 0x1]}, @NL80211_TXRATE_LEGACY={0x1a, 0x1, [0x24, 0x18, 0x1b, 0x24, 0x48, 0x3, 0xe, 0x90, 0x9, 0x5, 0x9, 0x3, 0x4, 0x24, 0x53, 0x5, 0x16, 0x4, 0x12, 0x6, 0x6, 0x16]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8906, 0xffff, 0x1ff, 0x9, 0x0, 0x0, 0x4, 0x9]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x7, 0x4, 0x101, 0x3, 0x4, 0x7, 0xfff]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0xb, 0x1, [0x4, 0x3, 0x60, 0x18, 0x12, 0x48, 0xb]}]}, @NL80211_BAND_6GHZ={0x1c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_5GHZ={0x2c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0x16, 0x1, [0x36, 0x1, 0x16, 0x30, 0x9, 0x30, 0x77, 0x3e, 0x6, 0x12, 0x24, 0x3, 0x4, 0x16, 0x30, 0x3, 0x5, 0x9]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}]}, @NL80211_ATTR_TX_RATES={0x194, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x74, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0x2, 0x4, 0x7, 0xb6, 0x5, 0x3, 0x9]}}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xff, 0x26, 0x8000, 0x1ff, 0x5, 0x3, 0x4, 0x9]}}, @NL80211_TXRATE_LEGACY={0x14, 0x1, [0x4, 0x1b, 0x30, 0x36, 0xb, 0x24, 0x6, 0x60, 0x30, 0x3, 0x66, 0x3, 0x16, 0x16, 0x4, 0x4d]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_LEGACY={0x6, 0x1, [0xb, 0x3]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_LEGACY={0x13, 0x1, [0x6, 0x16, 0x16, 0x12, 0x6, 0x60, 0x6c, 0x6c, 0x24, 0x4, 0x5, 0x3, 0x12, 0x5, 0x24]}]}, @NL80211_BAND_5GHZ={0xc0, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x22, 0x1, [0x3f, 0x1, 0x3, 0x48, 0x6c, 0x6c, 0x6c, 0x60, 0x2, 0x18, 0x4, 0x24, 0x1, 0xb, 0x60, 0x4, 0x4, 0x6, 0x2, 0x1b, 0x24, 0x32, 0x24, 0x12, 0x36, 0x18, 0x36, 0x1b, 0x30, 0x12]}, @NL80211_TXRATE_LEGACY={0x20, 0x1, [0x36, 0x30, 0x4, 0xb, 0x6, 0x0, 0xc, 0x18, 0x36, 0x60, 0x16, 0x30, 0x16, 0x36, 0x48, 0x36, 0x60, 0x2, 0xb, 0x6, 0x1, 0x30, 0x24, 0x30, 0x18, 0x16, 0x1, 0x24]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xe3, 0xfff9, 0x4, 0x9, 0x3, 0x200, 0xfffa, 0xfff]}}, @NL80211_TXRATE_HT={0x4}, @NL80211_TXRATE_HT={0x42, 0x2, [{0x0, 0x3}, {0x6, 0x5}, {0x4, 0x6}, {0x0, 0x5}, {0x4, 0x1}, {0x6}, {0x7, 0x1}, {0x4, 0x1d}, {0x2, 0x9}, {0x1, 0xa}, {0x0, 0x4}, {0x7, 0x1}, {0x4, 0xa}, {0x5, 0x2}, {0x4, 0x9}, {0x7, 0x3}, {0x0, 0x5}, {0x0, 0x6}, {0x1, 0x2}, {0x4}, {0x7, 0x2}, {0x3, 0x4}, {0x3, 0x4}, {0x1, 0x4}, {0x0, 0x3}, {0x4, 0x6}, {0x0, 0x4}, {0x4, 0x9}, {0x0, 0x9}, {0x0, 0x4}, {0x1, 0x6}, {0x0, 0x7}, {0x2, 0x3}, {0x7, 0x1}, {0x4}, {0x2, 0x4}, {0x3}, {0x0, 0x9}, {0x2, 0x8}, {0x6, 0x5}, {0x7}, {0x3, 0x5}, {0x1, 0x7}, {0x6, 0x1}, {0x0, 0x1}, {0x7, 0x8}, {0x1, 0x2}, {0x1, 0xa}, {0x7, 0x6}, {0x7, 0x3}, {0x2, 0xa}, {0x6, 0x4}, {0x1, 0x5}, {0x7, 0x5}, {0x0, 0x9}, {0x0, 0x4}, {0x4, 0x1}, {}, {0x6, 0xa}, {0x1, 0x3}, {0x7, 0x2}, {0x3, 0x4}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3ff, 0x9, 0x400, 0x90, 0x800, 0x0, 0x9, 0x1]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_2GHZ={0x5c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x100, 0x7, 0x401, 0x0, 0x5, 0x1000, 0x8, 0x9]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x5, 0x3800, 0x100, 0x7, 0x9, 0x6532, 0x7fff, 0x4]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x3ff, 0x7bbc, 0x7, 0x7ff, 0xfff, 0x2, 0x1]}}, @NL80211_TXRATE_HT={0xb, 0x2, [{0x3, 0x5}, {0x6, 0x1}, {0x5, 0x3}, {0x2, 0x6}, {0x7, 0x5}, {0x5, 0x5}, {0x1, 0x2}]}]}]}, @NL80211_ATTR_TX_RATES={0x24, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x20, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xbf, 0x8, 0xa10, 0xc9ac, 0x8, 0x6, 0x62a3, 0x5]}}]}]}, @NL80211_ATTR_TX_RATES={0x7c, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x6c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0xff, 0x1, 0x1f, 0x0, 0x8, 0xfff7]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x0, 0xfffb, 0x800, 0x3ff, 0x1, 0x2, 0xfffb]}}, @NL80211_TXRATE_LEGACY={0x1a, 0x1, [0x2d, 0x18, 0x2, 0x12, 0x48, 0x30, 0xb, 0x30, 0x24, 0x2, 0x1c, 0x5, 0x30, 0x6, 0x5, 0x1b, 0x4, 0x6c, 0x0, 0x6, 0x6c, 0x4]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3ff, 0x401, 0xfffe, 0x3, 0xfff, 0x9df, 0x1, 0x6]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}, @NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}]}]}, @NL80211_ATTR_TX_RATES={0x134, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x1c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x18, 0x2, [{0x1, 0x9}, {0x1, 0x5}, {}, {0x5, 0x8}, {0x6, 0x4}, {0x7, 0x1}, {0x1, 0x9}, {0x7}, {0x6, 0x5}, {0x5, 0x6}, {0x7}, {0x4, 0x8}, {0x6, 0x9}, {0x0, 0x9}, {0x5, 0x4}, {0x0, 0xa}, {0x0, 0x6}, {0x4, 0x7}, {0x1, 0xa}, {0x5, 0x9}]}]}, @NL80211_BAND_60GHZ={0x78, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x23, 0x2, [{0x4, 0x9}, {0x4, 0x5}, {0x3, 0x5}, {0x6, 0x2}, {0x7, 0x3}, {0x7, 0x4}, {0x0, 0x9}, {0x2, 0x8}, {}, {0x6, 0xa}, {0x3, 0x3}, {}, {}, {0x3, 0x6}, {0x4, 0x9}, {0x2, 0x4}, {0x1, 0x7}, {0x2, 0x5}, {0x3}, {0x4, 0x8}, {0x4, 0x8}, {0x3, 0x5}, {0x5, 0x6}, {0x7, 0x5}, {0x0, 0x9}, {0x4, 0x6}, {0x7, 0x9}, {0x0, 0x6}, {0x3, 0x3}, {0x7, 0x3}, {0x0, 0x8}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x2, 0x6, 0x6, 0x7, 0x3, 0x848, 0x9]}}, @NL80211_TXRATE_HT={0x39, 0x2, [{0x1}, {0x3}, {0x7, 0x1}, {0x0, 0x9}, {0x0, 0xa}, {0x1}, {0x6, 0x9}, {0x0, 0x8}, {0x5, 0x9}, {0x1, 0x9}, {0x0, 0x3}, {0x5, 0x3}, {0x3}, {0x6, 0x6}, {0x3, 0x4}, {0x6, 0x7}, {0x5, 0xa}, {0x5, 0x1}, {0x4, 0x2}, {0x0, 0x4}, {0x3, 0x7}, {0x0, 0x2}, {0x6}, {0x6, 0xa}, {0x1, 0x9}, {0x0, 0x6}, {0x6, 0x2}, {0x1, 0x1}, {0x3, 0x3}, {0x2, 0x2}, {0x4, 0x3}, {0x0, 0x8}, {0x1, 0x6}, {0x3, 0x1}, {0x3, 0x5}, {0x6, 0x2}, {0x2, 0x7}, {0x7, 0x2}, {0x0, 0x5}, {0x2, 0x1}, {0x5, 0x5}, {0x5, 0x9}, {0x7, 0x6}, {0x1, 0x1}, {0x6, 0x8}, {0x4, 0x4}, {0x0, 0x6}, {0x2, 0x5}, {0x3, 0x6}, {0x2, 0x9}, {0x1, 0x2}, {0x1, 0x9}, {0x5, 0x3}]}]}, @NL80211_BAND_60GHZ={0x90, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x24, 0x1, [0x2, 0x9, 0x6, 0x48, 0x34, 0x21, 0x9, 0x1b, 0x12, 0x48, 0x1, 0x60, 0x2, 0xb, 0x48, 0x2, 0x13, 0x60, 0x30, 0x24, 0x6, 0x0, 0x18, 0x13, 0x36, 0xc, 0x1b, 0xc, 0x3, 0x36, 0xb, 0x18]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x94, 0x0, 0x0, 0x2, 0x800, 0x5b2, 0x685f]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8000, 0x1, 0x7fff, 0x389e, 0x0, 0x3ff, 0x2]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xa7a0, 0x9, 0x1, 0x62, 0x9dc3, 0x4, 0x8, 0x40]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xdd, 0x8, 0x0, 0x9ea6, 0x60, 0x7, 0x32a]}}]}, @NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}]}]}, 0x670}, 0x1, 0x0, 0x0, 0x24000890}, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) ioctl$SOUND_MIXER_INFO(0xffffffffffffffff, 0x805c4d65, &(0x7f0000000880)) accept4$netrom(r1, 0x0, &(0x7f00000000c0), 0x80000) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000080)={0x1, 0x4}) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) [ 1191.822042] CPU: 0 PID: 29156 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1191.829950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1191.839306] Call Trace: [ 1191.841898] dump_stack+0x1b2/0x281 [ 1191.845536] should_fail.cold+0x10a/0x149 [ 1191.849708] should_failslab+0xd6/0x130 [ 1191.853693] kmem_cache_alloc_node+0x263/0x410 [ 1191.858283] __alloc_skb+0x5c/0x510 [ 1191.861926] kobject_uevent_env+0x882/0xf30 [ 1191.866262] lo_ioctl+0x11a6/0x1cd0 [ 1191.869895] ? loop_set_status64+0xe0/0xe0 [ 1191.874136] blkdev_ioctl+0x540/0x1830 [ 1191.878031] ? blkpg_ioctl+0x8d0/0x8d0 [ 1191.881918] ? trace_hardirqs_on+0x10/0x10 [ 1191.886161] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1191.891271] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1191.896300] block_ioctl+0xd9/0x120 [ 1191.899910] ? blkdev_fallocate+0x3a0/0x3a0 [ 1191.904214] do_vfs_ioctl+0x75a/0xff0 [ 1191.908008] ? lock_acquire+0x170/0x3f0 [ 1191.911969] ? ioctl_preallocate+0x1a0/0x1a0 [ 1191.916358] ? __fget+0x265/0x3e0 [ 1191.919792] ? do_vfs_ioctl+0xff0/0xff0 [ 1191.923764] ? security_file_ioctl+0x83/0xb0 [ 1191.928163] SyS_ioctl+0x7f/0xb0 [ 1191.931519] ? do_vfs_ioctl+0xff0/0xff0 [ 1191.935480] do_syscall_64+0x1d5/0x640 [ 1191.939352] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1191.944519] RIP: 0033:0x7f463664cea7 [ 1191.948210] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1191.955902] RAX: ffffffffffffffda RBX: 00007f4636696a20 RCX: 00007f463664cea7 [ 1191.963162] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 09:32:00 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r1) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r1, &(0x7f0000000840)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000800)={&(0x7f0000000180)={0x670, r2, 0x100, 0x48a1, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_TX_RATES={0x4c, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x48, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x11, 0x2, [{0x6}, {0x2, 0x4}, {0x0, 0x7}, {0x0, 0x7}, {0x7}, {0x6, 0x3}, {0x5, 0x2}, {0x2, 0x5}, {0x7, 0xa}, {0x2, 0x9}, {0x3, 0x4}, {0x7, 0xa}, {0x4, 0x2}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x89, 0x4, 0x0, 0x1, 0x3, 0x1, 0x101, 0x3]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x5, 0x4, 0x1, 0x8, 0x6, 0x6438, 0x4, 0x9]}}]}]}, @NL80211_ATTR_TX_RATES={0x178, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xdc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x9, 0x208, 0x800, 0x2, 0x9, 0x1f, 0xbaf]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HT={0x28, 0x2, [{0x3, 0x3}, {0x2, 0x7}, {0x0, 0x5}, {0x0, 0x4}, {0x1, 0xa}, {0x1, 0x9}, {0x6, 0x4}, {0x1, 0x4}, {0x1, 0xa}, {0x0, 0x5}, {0x7, 0x9}, {0x2, 0x4}, {0x3, 0x7}, {0x0, 0x3}, {0x7, 0x1}, {0x1, 0xb}, {0x4, 0x2}, {0x4, 0x4}, {0x7, 0x9}, {0x1}, {0x2, 0x4}, {0x6, 0x6}, {0x1, 0x6}, {0x1, 0x8}, {0x1, 0x7}, {0x1, 0x9}, {0x1, 0x8}, {0x5, 0x4}, {0x4, 0xa}, {0x4, 0x9}, {0x0, 0x5}, {0x6}, {0x2, 0x1}, {0x5, 0x5}, {0x6, 0x8}, {0x6, 0x3}]}, @NL80211_TXRATE_LEGACY={0x24, 0x1, [0x18, 0x6, 0x18, 0xc, 0xc, 0x9, 0x7, 0xc, 0xc, 0x60, 0x5, 0x60, 0x6c, 0x1, 0x5, 0x18, 0x5, 0x12, 0x3, 0x30, 0xc, 0x6c, 0x3, 0x3, 0xc, 0x1, 0x12, 0x6, 0xc, 0x6, 0x50, 0x4]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x4a, 0x2, [{0x4}, {0x0, 0x1}, {0x1, 0x2}, {0x5, 0xa}, {0x1, 0x7}, {0x4, 0x6}, {0x5, 0x6}, {0x5, 0x2}, {0x4, 0x3}, {0x7, 0xa}, {0x2, 0x4}, {0x6, 0x5}, {0x4, 0x7}, {0x0, 0xa}, {0x2, 0x3}, {0x0, 0x9}, {0x2, 0x3}, {0x2}, {0x0, 0x5}, {0x6}, {0x6, 0x3}, {0x1, 0xa}, {0x7, 0x3}, {0x5, 0x2}, {0x5, 0x6}, {0x7, 0x2}, {0x7, 0x5}, {0x4, 0x7}, {0x2, 0x5}, {0x2, 0x8}, {0x6, 0x6}, {}, {0x5}, {0x5, 0x3}, {0x0, 0x5}, {0x1, 0x7}, {0x3, 0x6}, {0x6, 0x1}, {0x2, 0x2}, {0x1, 0x8}, {0x7, 0x3}, {0x1, 0x8}, {0x3, 0x1}, {0x1, 0x8}, {0x0, 0x1}, {0x5}, {0x1, 0x5}, {0x4, 0x7}, {0x0, 0x3}, {0x0, 0x1d}, {0x2, 0x8}, {0x2, 0x9}, {0x4, 0x2}, {0x1, 0x1}, {0x3, 0x5}, {0x2, 0x8}, {0x0, 0x4}, {0x1, 0x7}, {0x0, 0x4}, {0x5, 0x9}, {0x0, 0x5}, {0x6, 0x8}, {0x6, 0x9}, {}, {0x5, 0x8}, {0x4, 0x9}, {0x2, 0x3}, {0x3, 0x2}, {0x6}, {0x3, 0x4}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x10, 0x0, 0x6, 0x4, 0x7, 0x6, 0x7fff, 0xe63]}}]}, @NL80211_BAND_60GHZ={0x8c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x15, 0x1, [0x5, 0x4, 0x5, 0x30, 0x6, 0x6c, 0x2, 0x36, 0x12, 0xb, 0x6c, 0x18, 0x1, 0x6, 0x5c, 0x30, 0x1b]}, @NL80211_TXRATE_HT={0x3e, 0x2, [{}, {0x2, 0x5}, {0x7, 0x6}, {0x0, 0x1}, {0x4, 0x2}, {0x3, 0x2}, {0x0, 0x9}, {0x6, 0x6}, {0x7, 0x6}, {0x3, 0x6}, {0x5, 0x3}, {0x7, 0xa}, {0x0, 0x8}, {0x6, 0x1}, {0x6, 0xa}, {0x6, 0x5}, {0x6, 0x4}, {0x5}, {0x4, 0x7}, {0x1, 0x2}, {0x7, 0x3}, {0x2, 0x7}, {0x1, 0x6}, {0x7, 0x1}, {0x0, 0x3}, {0x1, 0x6}, {0x0, 0x5}, {0x0, 0x5}, {0x1, 0x8}, {0x6, 0xa}, {0x4, 0x4}, {0x2, 0x9}, {0x5, 0x9}, {0x2, 0xa}, {0x4, 0x9}, {0x6, 0x1}, {0x3, 0x4}, {0x1, 0x5}, {0x7, 0x9}, {0x3, 0x7}, {0x2}, {0x1, 0xa}, {0x5, 0x6}, {0x5}, {0x5}, {0x0, 0x2}, {0x6, 0x5}, {0x0, 0x5}, {0x2, 0xa}, {0x1, 0x1}, {0x2, 0x8}, {0x4, 0x8}, {0x7, 0xa}, {0x1, 0x3}, {0x7, 0x6}, {}, {0x6, 0xa}, {0x1, 0x2}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0x7, 0x9, 0x100, 0x8, 0x7, 0x2]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HT={0xb, 0x2, [{0x1, 0x8}, {0x0, 0x8}, {0x1, 0x4}, {0x1, 0x8}, {0x3}, {0x5, 0xa}, {0x4, 0x4}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}]}]}, @NL80211_ATTR_TX_RATES={0x130, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_5GHZ={0x48, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x40, 0x9, 0x1, 0x2, 0x800, 0x5, 0x105, 0x40]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x25, 0x2, [{0x2, 0x3}, {0x7, 0x4}, {0x4, 0x4}, {0x6, 0xa}, {0x7, 0x3}, {0x3, 0x3}, {0x3, 0x5}, {0x7, 0x6}, {0x1, 0x8}, {0x4, 0x2}, {0x7, 0x3}, {0x0, 0x6}, {0x5, 0x8}, {0x5, 0x2}, {0x4, 0xa}, {0x1, 0x8}, {0x0, 0x7}, {0x6, 0x9}, {0x2, 0x7}, {0x3, 0x3}, {0x5, 0x2}, {0x4, 0x7}, {0x0, 0x1}, {0x0, 0x9}, {0x4}, {0x3, 0x1}, {0x4, 0x7}, {0x3, 0x1}, {0x0, 0xa}, {0x1}, {0x1, 0x4}, {0x5}, {0x6, 0x4}]}]}, @NL80211_BAND_6GHZ={0x1c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_2GHZ={0x74, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x18, 0x1, [0x2, 0x60, 0x4, 0x0, 0x6, 0x16, 0xf571df87c3f34c90, 0x9, 0x18, 0x48, 0x5d, 0x6, 0xc, 0x12, 0x6, 0xc, 0x5, 0x48, 0x9, 0x1]}, @NL80211_TXRATE_LEGACY={0x1a, 0x1, [0x24, 0x18, 0x1b, 0x24, 0x48, 0x3, 0xe, 0x90, 0x9, 0x5, 0x9, 0x3, 0x4, 0x24, 0x53, 0x5, 0x16, 0x4, 0x12, 0x6, 0x6, 0x16]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8906, 0xffff, 0x1ff, 0x9, 0x0, 0x0, 0x4, 0x9]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x7, 0x4, 0x101, 0x3, 0x4, 0x7, 0xfff]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0xb, 0x1, [0x4, 0x3, 0x60, 0x18, 0x12, 0x48, 0xb]}]}, @NL80211_BAND_6GHZ={0x1c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_5GHZ={0x2c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0x16, 0x1, [0x36, 0x1, 0x16, 0x30, 0x9, 0x30, 0x77, 0x3e, 0x6, 0x12, 0x24, 0x3, 0x4, 0x16, 0x30, 0x3, 0x5, 0x9]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}]}, @NL80211_ATTR_TX_RATES={0x194, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x74, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0x2, 0x4, 0x7, 0xb6, 0x5, 0x3, 0x9]}}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xff, 0x26, 0x8000, 0x1ff, 0x5, 0x3, 0x4, 0x9]}}, @NL80211_TXRATE_LEGACY={0x14, 0x1, [0x4, 0x1b, 0x30, 0x36, 0xb, 0x24, 0x6, 0x60, 0x30, 0x3, 0x66, 0x3, 0x16, 0x16, 0x4, 0x4d]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_LEGACY={0x6, 0x1, [0xb, 0x3]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_LEGACY={0x13, 0x1, [0x6, 0x16, 0x16, 0x12, 0x6, 0x60, 0x6c, 0x6c, 0x24, 0x4, 0x5, 0x3, 0x12, 0x5, 0x24]}]}, @NL80211_BAND_5GHZ={0xc0, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x22, 0x1, [0x3f, 0x1, 0x3, 0x48, 0x6c, 0x6c, 0x6c, 0x60, 0x2, 0x18, 0x4, 0x24, 0x1, 0xb, 0x60, 0x4, 0x4, 0x6, 0x2, 0x1b, 0x24, 0x32, 0x24, 0x12, 0x36, 0x18, 0x36, 0x1b, 0x30, 0x12]}, @NL80211_TXRATE_LEGACY={0x20, 0x1, [0x36, 0x30, 0x4, 0xb, 0x6, 0x0, 0xc, 0x18, 0x36, 0x60, 0x16, 0x30, 0x16, 0x36, 0x48, 0x36, 0x60, 0x2, 0xb, 0x6, 0x1, 0x30, 0x24, 0x30, 0x18, 0x16, 0x1, 0x24]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xe3, 0xfff9, 0x4, 0x9, 0x3, 0x200, 0xfffa, 0xfff]}}, @NL80211_TXRATE_HT={0x4}, @NL80211_TXRATE_HT={0x42, 0x2, [{0x0, 0x3}, {0x6, 0x5}, {0x4, 0x6}, {0x0, 0x5}, {0x4, 0x1}, {0x6}, {0x7, 0x1}, {0x4, 0x1d}, {0x2, 0x9}, {0x1, 0xa}, {0x0, 0x4}, {0x7, 0x1}, {0x4, 0xa}, {0x5, 0x2}, {0x4, 0x9}, {0x7, 0x3}, {0x0, 0x5}, {0x0, 0x6}, {0x1, 0x2}, {0x4}, {0x7, 0x2}, {0x3, 0x4}, {0x3, 0x4}, {0x1, 0x4}, {0x0, 0x3}, {0x4, 0x6}, {0x0, 0x4}, {0x4, 0x9}, {0x0, 0x9}, {0x0, 0x4}, {0x1, 0x6}, {0x0, 0x7}, {0x2, 0x3}, {0x7, 0x1}, {0x4}, {0x2, 0x4}, {0x3}, {0x0, 0x9}, {0x2, 0x8}, {0x6, 0x5}, {0x7}, {0x3, 0x5}, {0x1, 0x7}, {0x6, 0x1}, {0x0, 0x1}, {0x7, 0x8}, {0x1, 0x2}, {0x1, 0xa}, {0x7, 0x6}, {0x7, 0x3}, {0x2, 0xa}, {0x6, 0x4}, {0x1, 0x5}, {0x7, 0x5}, {0x0, 0x9}, {0x0, 0x4}, {0x4, 0x1}, {}, {0x6, 0xa}, {0x1, 0x3}, {0x7, 0x2}, {0x3, 0x4}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3ff, 0x9, 0x400, 0x90, 0x800, 0x0, 0x9, 0x1]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_2GHZ={0x5c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x100, 0x7, 0x401, 0x0, 0x5, 0x1000, 0x8, 0x9]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x5, 0x3800, 0x100, 0x7, 0x9, 0x6532, 0x7fff, 0x4]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x3ff, 0x7bbc, 0x7, 0x7ff, 0xfff, 0x2, 0x1]}}, @NL80211_TXRATE_HT={0xb, 0x2, [{0x3, 0x5}, {0x6, 0x1}, {0x5, 0x3}, {0x2, 0x6}, {0x7, 0x5}, {0x5, 0x5}, {0x1, 0x2}]}]}]}, @NL80211_ATTR_TX_RATES={0x24, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x20, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xbf, 0x8, 0xa10, 0xc9ac, 0x8, 0x6, 0x62a3, 0x5]}}]}]}, @NL80211_ATTR_TX_RATES={0x7c, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x6c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0xff, 0x1, 0x1f, 0x0, 0x8, 0xfff7]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x0, 0xfffb, 0x800, 0x3ff, 0x1, 0x2, 0xfffb]}}, @NL80211_TXRATE_LEGACY={0x1a, 0x1, [0x2d, 0x18, 0x2, 0x12, 0x48, 0x30, 0xb, 0x30, 0x24, 0x2, 0x1c, 0x5, 0x30, 0x6, 0x5, 0x1b, 0x4, 0x6c, 0x0, 0x6, 0x6c, 0x4]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3ff, 0x401, 0xfffe, 0x3, 0xfff, 0x9df, 0x1, 0x6]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}, @NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}]}]}, @NL80211_ATTR_TX_RATES={0x134, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x1c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x18, 0x2, [{0x1, 0x9}, {0x1, 0x5}, {}, {0x5, 0x8}, {0x6, 0x4}, {0x7, 0x1}, {0x1, 0x9}, {0x7}, {0x6, 0x5}, {0x5, 0x6}, {0x7}, {0x4, 0x8}, {0x6, 0x9}, {0x0, 0x9}, {0x5, 0x4}, {0x0, 0xa}, {0x0, 0x6}, {0x4, 0x7}, {0x1, 0xa}, {0x5, 0x9}]}]}, @NL80211_BAND_60GHZ={0x78, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x23, 0x2, [{0x4, 0x9}, {0x4, 0x5}, {0x3, 0x5}, {0x6, 0x2}, {0x7, 0x3}, {0x7, 0x4}, {0x0, 0x9}, {0x2, 0x8}, {}, {0x6, 0xa}, {0x3, 0x3}, {}, {}, {0x3, 0x6}, {0x4, 0x9}, {0x2, 0x4}, {0x1, 0x7}, {0x2, 0x5}, {0x3}, {0x4, 0x8}, {0x4, 0x8}, {0x3, 0x5}, {0x5, 0x6}, {0x7, 0x5}, {0x0, 0x9}, {0x4, 0x6}, {0x7, 0x9}, {0x0, 0x6}, {0x3, 0x3}, {0x7, 0x3}, {0x0, 0x8}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x2, 0x6, 0x6, 0x7, 0x3, 0x848, 0x9]}}, @NL80211_TXRATE_HT={0x39, 0x2, [{0x1}, {0x3}, {0x7, 0x1}, {0x0, 0x9}, {0x0, 0xa}, {0x1}, {0x6, 0x9}, {0x0, 0x8}, {0x5, 0x9}, {0x1, 0x9}, {0x0, 0x3}, {0x5, 0x3}, {0x3}, {0x6, 0x6}, {0x3, 0x4}, {0x6, 0x7}, {0x5, 0xa}, {0x5, 0x1}, {0x4, 0x2}, {0x0, 0x4}, {0x3, 0x7}, {0x0, 0x2}, {0x6}, {0x6, 0xa}, {0x1, 0x9}, {0x0, 0x6}, {0x6, 0x2}, {0x1, 0x1}, {0x3, 0x3}, {0x2, 0x2}, {0x4, 0x3}, {0x0, 0x8}, {0x1, 0x6}, {0x3, 0x1}, {0x3, 0x5}, {0x6, 0x2}, {0x2, 0x7}, {0x7, 0x2}, {0x0, 0x5}, {0x2, 0x1}, {0x5, 0x5}, {0x5, 0x9}, {0x7, 0x6}, {0x1, 0x1}, {0x6, 0x8}, {0x4, 0x4}, {0x0, 0x6}, {0x2, 0x5}, {0x3, 0x6}, {0x2, 0x9}, {0x1, 0x2}, {0x1, 0x9}, {0x5, 0x3}]}]}, @NL80211_BAND_60GHZ={0x90, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x24, 0x1, [0x2, 0x9, 0x6, 0x48, 0x34, 0x21, 0x9, 0x1b, 0x12, 0x48, 0x1, 0x60, 0x2, 0xb, 0x48, 0x2, 0x13, 0x60, 0x30, 0x24, 0x6, 0x0, 0x18, 0x13, 0x36, 0xc, 0x1b, 0xc, 0x3, 0x36, 0xb, 0x18]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x94, 0x0, 0x0, 0x2, 0x800, 0x5b2, 0x685f]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8000, 0x1, 0x7fff, 0x389e, 0x0, 0x3ff, 0x2]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xa7a0, 0x9, 0x1, 0x62, 0x9dc3, 0x4, 0x8, 0x40]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xdd, 0x8, 0x0, 0x9ea6, 0x60, 0x7, 0x32a]}}]}, @NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}]}]}, 0x670}, 0x1, 0x0, 0x0, 0x24000890}, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) ioctl$SOUND_MIXER_INFO(0xffffffffffffffff, 0x805c4d65, &(0x7f0000000880)) accept4$netrom(r1, 0x0, &(0x7f00000000c0), 0x80000) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000080)={0x1, 0x4}) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r1) (async) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r1, &(0x7f0000000840)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000800)={&(0x7f0000000180)={0x670, r2, 0x100, 0x48a1, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_TX_RATES={0x4c, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x48, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x11, 0x2, [{0x6}, {0x2, 0x4}, {0x0, 0x7}, {0x0, 0x7}, {0x7}, {0x6, 0x3}, {0x5, 0x2}, {0x2, 0x5}, {0x7, 0xa}, {0x2, 0x9}, {0x3, 0x4}, {0x7, 0xa}, {0x4, 0x2}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x89, 0x4, 0x0, 0x1, 0x3, 0x1, 0x101, 0x3]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x5, 0x4, 0x1, 0x8, 0x6, 0x6438, 0x4, 0x9]}}]}]}, @NL80211_ATTR_TX_RATES={0x178, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xdc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x9, 0x208, 0x800, 0x2, 0x9, 0x1f, 0xbaf]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HT={0x28, 0x2, [{0x3, 0x3}, {0x2, 0x7}, {0x0, 0x5}, {0x0, 0x4}, {0x1, 0xa}, {0x1, 0x9}, {0x6, 0x4}, {0x1, 0x4}, {0x1, 0xa}, {0x0, 0x5}, {0x7, 0x9}, {0x2, 0x4}, {0x3, 0x7}, {0x0, 0x3}, {0x7, 0x1}, {0x1, 0xb}, {0x4, 0x2}, {0x4, 0x4}, {0x7, 0x9}, {0x1}, {0x2, 0x4}, {0x6, 0x6}, {0x1, 0x6}, {0x1, 0x8}, {0x1, 0x7}, {0x1, 0x9}, {0x1, 0x8}, {0x5, 0x4}, {0x4, 0xa}, {0x4, 0x9}, {0x0, 0x5}, {0x6}, {0x2, 0x1}, {0x5, 0x5}, {0x6, 0x8}, {0x6, 0x3}]}, @NL80211_TXRATE_LEGACY={0x24, 0x1, [0x18, 0x6, 0x18, 0xc, 0xc, 0x9, 0x7, 0xc, 0xc, 0x60, 0x5, 0x60, 0x6c, 0x1, 0x5, 0x18, 0x5, 0x12, 0x3, 0x30, 0xc, 0x6c, 0x3, 0x3, 0xc, 0x1, 0x12, 0x6, 0xc, 0x6, 0x50, 0x4]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x4a, 0x2, [{0x4}, {0x0, 0x1}, {0x1, 0x2}, {0x5, 0xa}, {0x1, 0x7}, {0x4, 0x6}, {0x5, 0x6}, {0x5, 0x2}, {0x4, 0x3}, {0x7, 0xa}, {0x2, 0x4}, {0x6, 0x5}, {0x4, 0x7}, {0x0, 0xa}, {0x2, 0x3}, {0x0, 0x9}, {0x2, 0x3}, {0x2}, {0x0, 0x5}, {0x6}, {0x6, 0x3}, {0x1, 0xa}, {0x7, 0x3}, {0x5, 0x2}, {0x5, 0x6}, {0x7, 0x2}, {0x7, 0x5}, {0x4, 0x7}, {0x2, 0x5}, {0x2, 0x8}, {0x6, 0x6}, {}, {0x5}, {0x5, 0x3}, {0x0, 0x5}, {0x1, 0x7}, {0x3, 0x6}, {0x6, 0x1}, {0x2, 0x2}, {0x1, 0x8}, {0x7, 0x3}, {0x1, 0x8}, {0x3, 0x1}, {0x1, 0x8}, {0x0, 0x1}, {0x5}, {0x1, 0x5}, {0x4, 0x7}, {0x0, 0x3}, {0x0, 0x1d}, {0x2, 0x8}, {0x2, 0x9}, {0x4, 0x2}, {0x1, 0x1}, {0x3, 0x5}, {0x2, 0x8}, {0x0, 0x4}, {0x1, 0x7}, {0x0, 0x4}, {0x5, 0x9}, {0x0, 0x5}, {0x6, 0x8}, {0x6, 0x9}, {}, {0x5, 0x8}, {0x4, 0x9}, {0x2, 0x3}, {0x3, 0x2}, {0x6}, {0x3, 0x4}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x10, 0x0, 0x6, 0x4, 0x7, 0x6, 0x7fff, 0xe63]}}]}, @NL80211_BAND_60GHZ={0x8c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x15, 0x1, [0x5, 0x4, 0x5, 0x30, 0x6, 0x6c, 0x2, 0x36, 0x12, 0xb, 0x6c, 0x18, 0x1, 0x6, 0x5c, 0x30, 0x1b]}, @NL80211_TXRATE_HT={0x3e, 0x2, [{}, {0x2, 0x5}, {0x7, 0x6}, {0x0, 0x1}, {0x4, 0x2}, {0x3, 0x2}, {0x0, 0x9}, {0x6, 0x6}, {0x7, 0x6}, {0x3, 0x6}, {0x5, 0x3}, {0x7, 0xa}, {0x0, 0x8}, {0x6, 0x1}, {0x6, 0xa}, {0x6, 0x5}, {0x6, 0x4}, {0x5}, {0x4, 0x7}, {0x1, 0x2}, {0x7, 0x3}, {0x2, 0x7}, {0x1, 0x6}, {0x7, 0x1}, {0x0, 0x3}, {0x1, 0x6}, {0x0, 0x5}, {0x0, 0x5}, {0x1, 0x8}, {0x6, 0xa}, {0x4, 0x4}, {0x2, 0x9}, {0x5, 0x9}, {0x2, 0xa}, {0x4, 0x9}, {0x6, 0x1}, {0x3, 0x4}, {0x1, 0x5}, {0x7, 0x9}, {0x3, 0x7}, {0x2}, {0x1, 0xa}, {0x5, 0x6}, {0x5}, {0x5}, {0x0, 0x2}, {0x6, 0x5}, {0x0, 0x5}, {0x2, 0xa}, {0x1, 0x1}, {0x2, 0x8}, {0x4, 0x8}, {0x7, 0xa}, {0x1, 0x3}, {0x7, 0x6}, {}, {0x6, 0xa}, {0x1, 0x2}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0x7, 0x9, 0x100, 0x8, 0x7, 0x2]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HT={0xb, 0x2, [{0x1, 0x8}, {0x0, 0x8}, {0x1, 0x4}, {0x1, 0x8}, {0x3}, {0x5, 0xa}, {0x4, 0x4}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}]}]}, @NL80211_ATTR_TX_RATES={0x130, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_5GHZ={0x48, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x40, 0x9, 0x1, 0x2, 0x800, 0x5, 0x105, 0x40]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x25, 0x2, [{0x2, 0x3}, {0x7, 0x4}, {0x4, 0x4}, {0x6, 0xa}, {0x7, 0x3}, {0x3, 0x3}, {0x3, 0x5}, {0x7, 0x6}, {0x1, 0x8}, {0x4, 0x2}, {0x7, 0x3}, {0x0, 0x6}, {0x5, 0x8}, {0x5, 0x2}, {0x4, 0xa}, {0x1, 0x8}, {0x0, 0x7}, {0x6, 0x9}, {0x2, 0x7}, {0x3, 0x3}, {0x5, 0x2}, {0x4, 0x7}, {0x0, 0x1}, {0x0, 0x9}, {0x4}, {0x3, 0x1}, {0x4, 0x7}, {0x3, 0x1}, {0x0, 0xa}, {0x1}, {0x1, 0x4}, {0x5}, {0x6, 0x4}]}]}, @NL80211_BAND_6GHZ={0x1c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_2GHZ={0x74, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x18, 0x1, [0x2, 0x60, 0x4, 0x0, 0x6, 0x16, 0xf571df87c3f34c90, 0x9, 0x18, 0x48, 0x5d, 0x6, 0xc, 0x12, 0x6, 0xc, 0x5, 0x48, 0x9, 0x1]}, @NL80211_TXRATE_LEGACY={0x1a, 0x1, [0x24, 0x18, 0x1b, 0x24, 0x48, 0x3, 0xe, 0x90, 0x9, 0x5, 0x9, 0x3, 0x4, 0x24, 0x53, 0x5, 0x16, 0x4, 0x12, 0x6, 0x6, 0x16]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8906, 0xffff, 0x1ff, 0x9, 0x0, 0x0, 0x4, 0x9]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x7, 0x4, 0x101, 0x3, 0x4, 0x7, 0xfff]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0xb, 0x1, [0x4, 0x3, 0x60, 0x18, 0x12, 0x48, 0xb]}]}, @NL80211_BAND_6GHZ={0x1c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_5GHZ={0x2c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0x16, 0x1, [0x36, 0x1, 0x16, 0x30, 0x9, 0x30, 0x77, 0x3e, 0x6, 0x12, 0x24, 0x3, 0x4, 0x16, 0x30, 0x3, 0x5, 0x9]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}]}, @NL80211_ATTR_TX_RATES={0x194, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x74, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0x2, 0x4, 0x7, 0xb6, 0x5, 0x3, 0x9]}}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xff, 0x26, 0x8000, 0x1ff, 0x5, 0x3, 0x4, 0x9]}}, @NL80211_TXRATE_LEGACY={0x14, 0x1, [0x4, 0x1b, 0x30, 0x36, 0xb, 0x24, 0x6, 0x60, 0x30, 0x3, 0x66, 0x3, 0x16, 0x16, 0x4, 0x4d]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_LEGACY={0x6, 0x1, [0xb, 0x3]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_LEGACY={0x13, 0x1, [0x6, 0x16, 0x16, 0x12, 0x6, 0x60, 0x6c, 0x6c, 0x24, 0x4, 0x5, 0x3, 0x12, 0x5, 0x24]}]}, @NL80211_BAND_5GHZ={0xc0, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x22, 0x1, [0x3f, 0x1, 0x3, 0x48, 0x6c, 0x6c, 0x6c, 0x60, 0x2, 0x18, 0x4, 0x24, 0x1, 0xb, 0x60, 0x4, 0x4, 0x6, 0x2, 0x1b, 0x24, 0x32, 0x24, 0x12, 0x36, 0x18, 0x36, 0x1b, 0x30, 0x12]}, @NL80211_TXRATE_LEGACY={0x20, 0x1, [0x36, 0x30, 0x4, 0xb, 0x6, 0x0, 0xc, 0x18, 0x36, 0x60, 0x16, 0x30, 0x16, 0x36, 0x48, 0x36, 0x60, 0x2, 0xb, 0x6, 0x1, 0x30, 0x24, 0x30, 0x18, 0x16, 0x1, 0x24]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xe3, 0xfff9, 0x4, 0x9, 0x3, 0x200, 0xfffa, 0xfff]}}, @NL80211_TXRATE_HT={0x4}, @NL80211_TXRATE_HT={0x42, 0x2, [{0x0, 0x3}, {0x6, 0x5}, {0x4, 0x6}, {0x0, 0x5}, {0x4, 0x1}, {0x6}, {0x7, 0x1}, {0x4, 0x1d}, {0x2, 0x9}, {0x1, 0xa}, {0x0, 0x4}, {0x7, 0x1}, {0x4, 0xa}, {0x5, 0x2}, {0x4, 0x9}, {0x7, 0x3}, {0x0, 0x5}, {0x0, 0x6}, {0x1, 0x2}, {0x4}, {0x7, 0x2}, {0x3, 0x4}, {0x3, 0x4}, {0x1, 0x4}, {0x0, 0x3}, {0x4, 0x6}, {0x0, 0x4}, {0x4, 0x9}, {0x0, 0x9}, {0x0, 0x4}, {0x1, 0x6}, {0x0, 0x7}, {0x2, 0x3}, {0x7, 0x1}, {0x4}, {0x2, 0x4}, {0x3}, {0x0, 0x9}, {0x2, 0x8}, {0x6, 0x5}, {0x7}, {0x3, 0x5}, {0x1, 0x7}, {0x6, 0x1}, {0x0, 0x1}, {0x7, 0x8}, {0x1, 0x2}, {0x1, 0xa}, {0x7, 0x6}, {0x7, 0x3}, {0x2, 0xa}, {0x6, 0x4}, {0x1, 0x5}, {0x7, 0x5}, {0x0, 0x9}, {0x0, 0x4}, {0x4, 0x1}, {}, {0x6, 0xa}, {0x1, 0x3}, {0x7, 0x2}, {0x3, 0x4}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3ff, 0x9, 0x400, 0x90, 0x800, 0x0, 0x9, 0x1]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_2GHZ={0x5c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x100, 0x7, 0x401, 0x0, 0x5, 0x1000, 0x8, 0x9]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x5, 0x3800, 0x100, 0x7, 0x9, 0x6532, 0x7fff, 0x4]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x3ff, 0x7bbc, 0x7, 0x7ff, 0xfff, 0x2, 0x1]}}, @NL80211_TXRATE_HT={0xb, 0x2, [{0x3, 0x5}, {0x6, 0x1}, {0x5, 0x3}, {0x2, 0x6}, {0x7, 0x5}, {0x5, 0x5}, {0x1, 0x2}]}]}]}, @NL80211_ATTR_TX_RATES={0x24, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x20, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xbf, 0x8, 0xa10, 0xc9ac, 0x8, 0x6, 0x62a3, 0x5]}}]}]}, @NL80211_ATTR_TX_RATES={0x7c, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x6c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0xff, 0x1, 0x1f, 0x0, 0x8, 0xfff7]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x0, 0xfffb, 0x800, 0x3ff, 0x1, 0x2, 0xfffb]}}, @NL80211_TXRATE_LEGACY={0x1a, 0x1, [0x2d, 0x18, 0x2, 0x12, 0x48, 0x30, 0xb, 0x30, 0x24, 0x2, 0x1c, 0x5, 0x30, 0x6, 0x5, 0x1b, 0x4, 0x6c, 0x0, 0x6, 0x6c, 0x4]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3ff, 0x401, 0xfffe, 0x3, 0xfff, 0x9df, 0x1, 0x6]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}, @NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}]}]}, @NL80211_ATTR_TX_RATES={0x134, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x1c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x18, 0x2, [{0x1, 0x9}, {0x1, 0x5}, {}, {0x5, 0x8}, {0x6, 0x4}, {0x7, 0x1}, {0x1, 0x9}, {0x7}, {0x6, 0x5}, {0x5, 0x6}, {0x7}, {0x4, 0x8}, {0x6, 0x9}, {0x0, 0x9}, {0x5, 0x4}, {0x0, 0xa}, {0x0, 0x6}, {0x4, 0x7}, {0x1, 0xa}, {0x5, 0x9}]}]}, @NL80211_BAND_60GHZ={0x78, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x23, 0x2, [{0x4, 0x9}, {0x4, 0x5}, {0x3, 0x5}, {0x6, 0x2}, {0x7, 0x3}, {0x7, 0x4}, {0x0, 0x9}, {0x2, 0x8}, {}, {0x6, 0xa}, {0x3, 0x3}, {}, {}, {0x3, 0x6}, {0x4, 0x9}, {0x2, 0x4}, {0x1, 0x7}, {0x2, 0x5}, {0x3}, {0x4, 0x8}, {0x4, 0x8}, {0x3, 0x5}, {0x5, 0x6}, {0x7, 0x5}, {0x0, 0x9}, {0x4, 0x6}, {0x7, 0x9}, {0x0, 0x6}, {0x3, 0x3}, {0x7, 0x3}, {0x0, 0x8}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x2, 0x6, 0x6, 0x7, 0x3, 0x848, 0x9]}}, @NL80211_TXRATE_HT={0x39, 0x2, [{0x1}, {0x3}, {0x7, 0x1}, {0x0, 0x9}, {0x0, 0xa}, {0x1}, {0x6, 0x9}, {0x0, 0x8}, {0x5, 0x9}, {0x1, 0x9}, {0x0, 0x3}, {0x5, 0x3}, {0x3}, {0x6, 0x6}, {0x3, 0x4}, {0x6, 0x7}, {0x5, 0xa}, {0x5, 0x1}, {0x4, 0x2}, {0x0, 0x4}, {0x3, 0x7}, {0x0, 0x2}, {0x6}, {0x6, 0xa}, {0x1, 0x9}, {0x0, 0x6}, {0x6, 0x2}, {0x1, 0x1}, {0x3, 0x3}, {0x2, 0x2}, {0x4, 0x3}, {0x0, 0x8}, {0x1, 0x6}, {0x3, 0x1}, {0x3, 0x5}, {0x6, 0x2}, {0x2, 0x7}, {0x7, 0x2}, {0x0, 0x5}, {0x2, 0x1}, {0x5, 0x5}, {0x5, 0x9}, {0x7, 0x6}, {0x1, 0x1}, {0x6, 0x8}, {0x4, 0x4}, {0x0, 0x6}, {0x2, 0x5}, {0x3, 0x6}, {0x2, 0x9}, {0x1, 0x2}, {0x1, 0x9}, {0x5, 0x3}]}]}, @NL80211_BAND_60GHZ={0x90, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x24, 0x1, [0x2, 0x9, 0x6, 0x48, 0x34, 0x21, 0x9, 0x1b, 0x12, 0x48, 0x1, 0x60, 0x2, 0xb, 0x48, 0x2, 0x13, 0x60, 0x30, 0x24, 0x6, 0x0, 0x18, 0x13, 0x36, 0xc, 0x1b, 0xc, 0x3, 0x36, 0xb, 0x18]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x94, 0x0, 0x0, 0x2, 0x800, 0x5b2, 0x685f]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8000, 0x1, 0x7fff, 0x389e, 0x0, 0x3ff, 0x2]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xa7a0, 0x9, 0x1, 0x62, 0x9dc3, 0x4, 0x8, 0x40]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xdd, 0x8, 0x0, 0x9ea6, 0x60, 0x7, 0x32a]}}]}, @NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}]}]}, 0x670}, 0x1, 0x0, 0x0, 0x24000890}, 0x0) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) (async) ioctl$SOUND_MIXER_INFO(0xffffffffffffffff, 0x805c4d65, &(0x7f0000000880)) (async) accept4$netrom(r1, 0x0, &(0x7f00000000c0), 0x80000) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000080)={0x1, 0x4}) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) [ 1191.970412] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1191.977658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1191.984914] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1192.005133] FAULT_INJECTION: forcing a failure. [ 1192.005133] name failslab, interval 1, probability 0, space 0, times 0 [ 1192.006279] hfsplus: unable to find HFS+ superblock [ 1192.021586] hfsplus: creator requires a 4 character value [ 1192.027701] CPU: 0 PID: 29160 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1192.029636] hfsplus: unable to parse mount options [ 1192.035585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1192.035591] Call Trace: [ 1192.035609] dump_stack+0x1b2/0x281 [ 1192.035625] should_fail.cold+0x10a/0x149 [ 1192.035639] should_failslab+0xd6/0x130 [ 1192.035654] kmem_cache_alloc_node_trace+0x25a/0x400 [ 1192.035667] __kmalloc_node_track_caller+0x38/0x70 [ 1192.035679] __alloc_skb+0x96/0x510 [ 1192.077871] kobject_uevent_env+0x882/0xf30 [ 1192.082181] lo_ioctl+0x11a6/0x1cd0 [ 1192.085788] ? loop_set_status64+0xe0/0xe0 [ 1192.090007] blkdev_ioctl+0x540/0x1830 [ 1192.093875] ? blkpg_ioctl+0x8d0/0x8d0 [ 1192.097745] ? trace_hardirqs_on+0x10/0x10 [ 1192.101960] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1192.107045] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1192.112044] block_ioctl+0xd9/0x120 [ 1192.115651] ? blkdev_fallocate+0x3a0/0x3a0 [ 1192.119959] do_vfs_ioctl+0x75a/0xff0 [ 1192.123737] ? lock_acquire+0x170/0x3f0 [ 1192.127688] ? ioctl_preallocate+0x1a0/0x1a0 [ 1192.132077] ? __fget+0x265/0x3e0 [ 1192.135509] ? do_vfs_ioctl+0xff0/0xff0 [ 1192.139461] ? security_file_ioctl+0x83/0xb0 [ 1192.143845] SyS_ioctl+0x7f/0xb0 [ 1192.147195] ? do_vfs_ioctl+0xff0/0xff0 [ 1192.151164] do_syscall_64+0x1d5/0x640 [ 1192.155038] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1192.160203] RIP: 0033:0x7f322b2faea7 [ 1192.163891] RSP: 002b:00007f3229c6ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1192.171575] RAX: ffffffffffffffda RBX: 00007f322b344a20 RCX: 00007f322b2faea7 [ 1192.178832] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1192.186088] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1192.193346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1192.200598] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 09:32:00 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 24) 09:32:00 executing program 1: r0 = socket(0x25, 0x800, 0x0) sendmsg$SMC_PNETID_ADD(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x80, 0x0, 0x8, 0x70bd2d, 0x25dfdbfb, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'wg1\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'netdevsim0\x00'}, @SMC_PNETID_IBNAME={0x8, 0x3, 'syz1\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_NAME={0x0, 0x1, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x69, 0x4, 0x1}]}, 0x80}, 0x1, 0x0, 0x0, 0x20000040}, 0x20008010) syz_genetlink_get_family_id$SEG6(&(0x7f0000000180), r0) 09:32:00 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r1) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r1, &(0x7f0000000840)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000800)={&(0x7f0000000180)={0x670, r2, 0x100, 0x48a1, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_TX_RATES={0x4c, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x48, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x11, 0x2, [{0x6}, {0x2, 0x4}, {0x0, 0x7}, {0x0, 0x7}, {0x7}, {0x6, 0x3}, {0x5, 0x2}, {0x2, 0x5}, {0x7, 0xa}, {0x2, 0x9}, {0x3, 0x4}, {0x7, 0xa}, {0x4, 0x2}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x89, 0x4, 0x0, 0x1, 0x3, 0x1, 0x101, 0x3]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x5, 0x4, 0x1, 0x8, 0x6, 0x6438, 0x4, 0x9]}}]}]}, @NL80211_ATTR_TX_RATES={0x178, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xdc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x9, 0x208, 0x800, 0x2, 0x9, 0x1f, 0xbaf]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HT={0x28, 0x2, [{0x3, 0x3}, {0x2, 0x7}, {0x0, 0x5}, {0x0, 0x4}, {0x1, 0xa}, {0x1, 0x9}, {0x6, 0x4}, {0x1, 0x4}, {0x1, 0xa}, {0x0, 0x5}, {0x7, 0x9}, {0x2, 0x4}, {0x3, 0x7}, {0x0, 0x3}, {0x7, 0x1}, {0x1, 0xb}, {0x4, 0x2}, {0x4, 0x4}, {0x7, 0x9}, {0x1}, {0x2, 0x4}, {0x6, 0x6}, {0x1, 0x6}, {0x1, 0x8}, {0x1, 0x7}, {0x1, 0x9}, {0x1, 0x8}, {0x5, 0x4}, {0x4, 0xa}, {0x4, 0x9}, {0x0, 0x5}, {0x6}, {0x2, 0x1}, {0x5, 0x5}, {0x6, 0x8}, {0x6, 0x3}]}, @NL80211_TXRATE_LEGACY={0x24, 0x1, [0x18, 0x6, 0x18, 0xc, 0xc, 0x9, 0x7, 0xc, 0xc, 0x60, 0x5, 0x60, 0x6c, 0x1, 0x5, 0x18, 0x5, 0x12, 0x3, 0x30, 0xc, 0x6c, 0x3, 0x3, 0xc, 0x1, 0x12, 0x6, 0xc, 0x6, 0x50, 0x4]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x4a, 0x2, [{0x4}, {0x0, 0x1}, {0x1, 0x2}, {0x5, 0xa}, {0x1, 0x7}, {0x4, 0x6}, {0x5, 0x6}, {0x5, 0x2}, {0x4, 0x3}, {0x7, 0xa}, {0x2, 0x4}, {0x6, 0x5}, {0x4, 0x7}, {0x0, 0xa}, {0x2, 0x3}, {0x0, 0x9}, {0x2, 0x3}, {0x2}, {0x0, 0x5}, {0x6}, {0x6, 0x3}, {0x1, 0xa}, {0x7, 0x3}, {0x5, 0x2}, {0x5, 0x6}, {0x7, 0x2}, {0x7, 0x5}, {0x4, 0x7}, {0x2, 0x5}, {0x2, 0x8}, {0x6, 0x6}, {}, {0x5}, {0x5, 0x3}, {0x0, 0x5}, {0x1, 0x7}, {0x3, 0x6}, {0x6, 0x1}, {0x2, 0x2}, {0x1, 0x8}, {0x7, 0x3}, {0x1, 0x8}, {0x3, 0x1}, {0x1, 0x8}, {0x0, 0x1}, {0x5}, {0x1, 0x5}, {0x4, 0x7}, {0x0, 0x3}, {0x0, 0x1d}, {0x2, 0x8}, {0x2, 0x9}, {0x4, 0x2}, {0x1, 0x1}, {0x3, 0x5}, {0x2, 0x8}, {0x0, 0x4}, {0x1, 0x7}, {0x0, 0x4}, {0x5, 0x9}, {0x0, 0x5}, {0x6, 0x8}, {0x6, 0x9}, {}, {0x5, 0x8}, {0x4, 0x9}, {0x2, 0x3}, {0x3, 0x2}, {0x6}, {0x3, 0x4}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x10, 0x0, 0x6, 0x4, 0x7, 0x6, 0x7fff, 0xe63]}}]}, @NL80211_BAND_60GHZ={0x8c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x15, 0x1, [0x5, 0x4, 0x5, 0x30, 0x6, 0x6c, 0x2, 0x36, 0x12, 0xb, 0x6c, 0x18, 0x1, 0x6, 0x5c, 0x30, 0x1b]}, @NL80211_TXRATE_HT={0x3e, 0x2, [{}, {0x2, 0x5}, {0x7, 0x6}, {0x0, 0x1}, {0x4, 0x2}, {0x3, 0x2}, {0x0, 0x9}, {0x6, 0x6}, {0x7, 0x6}, {0x3, 0x6}, {0x5, 0x3}, {0x7, 0xa}, {0x0, 0x8}, {0x6, 0x1}, {0x6, 0xa}, {0x6, 0x5}, {0x6, 0x4}, {0x5}, {0x4, 0x7}, {0x1, 0x2}, {0x7, 0x3}, {0x2, 0x7}, {0x1, 0x6}, {0x7, 0x1}, {0x0, 0x3}, {0x1, 0x6}, {0x0, 0x5}, {0x0, 0x5}, {0x1, 0x8}, {0x6, 0xa}, {0x4, 0x4}, {0x2, 0x9}, {0x5, 0x9}, {0x2, 0xa}, {0x4, 0x9}, {0x6, 0x1}, {0x3, 0x4}, {0x1, 0x5}, {0x7, 0x9}, {0x3, 0x7}, {0x2}, {0x1, 0xa}, {0x5, 0x6}, {0x5}, {0x5}, {0x0, 0x2}, {0x6, 0x5}, {0x0, 0x5}, {0x2, 0xa}, {0x1, 0x1}, {0x2, 0x8}, {0x4, 0x8}, {0x7, 0xa}, {0x1, 0x3}, {0x7, 0x6}, {}, {0x6, 0xa}, {0x1, 0x2}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0x7, 0x9, 0x100, 0x8, 0x7, 0x2]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HT={0xb, 0x2, [{0x1, 0x8}, {0x0, 0x8}, {0x1, 0x4}, {0x1, 0x8}, {0x3}, {0x5, 0xa}, {0x4, 0x4}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}]}]}, @NL80211_ATTR_TX_RATES={0x130, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_5GHZ={0x48, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x40, 0x9, 0x1, 0x2, 0x800, 0x5, 0x105, 0x40]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x25, 0x2, [{0x2, 0x3}, {0x7, 0x4}, {0x4, 0x4}, {0x6, 0xa}, {0x7, 0x3}, {0x3, 0x3}, {0x3, 0x5}, {0x7, 0x6}, {0x1, 0x8}, {0x4, 0x2}, {0x7, 0x3}, {0x0, 0x6}, {0x5, 0x8}, {0x5, 0x2}, {0x4, 0xa}, {0x1, 0x8}, {0x0, 0x7}, {0x6, 0x9}, {0x2, 0x7}, {0x3, 0x3}, {0x5, 0x2}, {0x4, 0x7}, {0x0, 0x1}, {0x0, 0x9}, {0x4}, {0x3, 0x1}, {0x4, 0x7}, {0x3, 0x1}, {0x0, 0xa}, {0x1}, {0x1, 0x4}, {0x5}, {0x6, 0x4}]}]}, @NL80211_BAND_6GHZ={0x1c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_2GHZ={0x74, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x18, 0x1, [0x2, 0x60, 0x4, 0x0, 0x6, 0x16, 0xf571df87c3f34c90, 0x9, 0x18, 0x48, 0x5d, 0x6, 0xc, 0x12, 0x6, 0xc, 0x5, 0x48, 0x9, 0x1]}, @NL80211_TXRATE_LEGACY={0x1a, 0x1, [0x24, 0x18, 0x1b, 0x24, 0x48, 0x3, 0xe, 0x90, 0x9, 0x5, 0x9, 0x3, 0x4, 0x24, 0x53, 0x5, 0x16, 0x4, 0x12, 0x6, 0x6, 0x16]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8906, 0xffff, 0x1ff, 0x9, 0x0, 0x0, 0x4, 0x9]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x7, 0x4, 0x101, 0x3, 0x4, 0x7, 0xfff]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0xb, 0x1, [0x4, 0x3, 0x60, 0x18, 0x12, 0x48, 0xb]}]}, @NL80211_BAND_6GHZ={0x1c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_5GHZ={0x2c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0x16, 0x1, [0x36, 0x1, 0x16, 0x30, 0x9, 0x30, 0x77, 0x3e, 0x6, 0x12, 0x24, 0x3, 0x4, 0x16, 0x30, 0x3, 0x5, 0x9]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}]}, @NL80211_ATTR_TX_RATES={0x194, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x74, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0x2, 0x4, 0x7, 0xb6, 0x5, 0x3, 0x9]}}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xff, 0x26, 0x8000, 0x1ff, 0x5, 0x3, 0x4, 0x9]}}, @NL80211_TXRATE_LEGACY={0x14, 0x1, [0x4, 0x1b, 0x30, 0x36, 0xb, 0x24, 0x6, 0x60, 0x30, 0x3, 0x66, 0x3, 0x16, 0x16, 0x4, 0x4d]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_LEGACY={0x6, 0x1, [0xb, 0x3]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_LEGACY={0x13, 0x1, [0x6, 0x16, 0x16, 0x12, 0x6, 0x60, 0x6c, 0x6c, 0x24, 0x4, 0x5, 0x3, 0x12, 0x5, 0x24]}]}, @NL80211_BAND_5GHZ={0xc0, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x22, 0x1, [0x3f, 0x1, 0x3, 0x48, 0x6c, 0x6c, 0x6c, 0x60, 0x2, 0x18, 0x4, 0x24, 0x1, 0xb, 0x60, 0x4, 0x4, 0x6, 0x2, 0x1b, 0x24, 0x32, 0x24, 0x12, 0x36, 0x18, 0x36, 0x1b, 0x30, 0x12]}, @NL80211_TXRATE_LEGACY={0x20, 0x1, [0x36, 0x30, 0x4, 0xb, 0x6, 0x0, 0xc, 0x18, 0x36, 0x60, 0x16, 0x30, 0x16, 0x36, 0x48, 0x36, 0x60, 0x2, 0xb, 0x6, 0x1, 0x30, 0x24, 0x30, 0x18, 0x16, 0x1, 0x24]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xe3, 0xfff9, 0x4, 0x9, 0x3, 0x200, 0xfffa, 0xfff]}}, @NL80211_TXRATE_HT={0x4}, @NL80211_TXRATE_HT={0x42, 0x2, [{0x0, 0x3}, {0x6, 0x5}, {0x4, 0x6}, {0x0, 0x5}, {0x4, 0x1}, {0x6}, {0x7, 0x1}, {0x4, 0x1d}, {0x2, 0x9}, {0x1, 0xa}, {0x0, 0x4}, {0x7, 0x1}, {0x4, 0xa}, {0x5, 0x2}, {0x4, 0x9}, {0x7, 0x3}, {0x0, 0x5}, {0x0, 0x6}, {0x1, 0x2}, {0x4}, {0x7, 0x2}, {0x3, 0x4}, {0x3, 0x4}, {0x1, 0x4}, {0x0, 0x3}, {0x4, 0x6}, {0x0, 0x4}, {0x4, 0x9}, {0x0, 0x9}, {0x0, 0x4}, {0x1, 0x6}, {0x0, 0x7}, {0x2, 0x3}, {0x7, 0x1}, {0x4}, {0x2, 0x4}, {0x3}, {0x0, 0x9}, {0x2, 0x8}, {0x6, 0x5}, {0x7}, {0x3, 0x5}, {0x1, 0x7}, {0x6, 0x1}, {0x0, 0x1}, {0x7, 0x8}, {0x1, 0x2}, {0x1, 0xa}, {0x7, 0x6}, {0x7, 0x3}, {0x2, 0xa}, {0x6, 0x4}, {0x1, 0x5}, {0x7, 0x5}, {0x0, 0x9}, {0x0, 0x4}, {0x4, 0x1}, {}, {0x6, 0xa}, {0x1, 0x3}, {0x7, 0x2}, {0x3, 0x4}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3ff, 0x9, 0x400, 0x90, 0x800, 0x0, 0x9, 0x1]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_2GHZ={0x5c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x100, 0x7, 0x401, 0x0, 0x5, 0x1000, 0x8, 0x9]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x5, 0x3800, 0x100, 0x7, 0x9, 0x6532, 0x7fff, 0x4]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x3ff, 0x7bbc, 0x7, 0x7ff, 0xfff, 0x2, 0x1]}}, @NL80211_TXRATE_HT={0xb, 0x2, [{0x3, 0x5}, {0x6, 0x1}, {0x5, 0x3}, {0x2, 0x6}, {0x7, 0x5}, {0x5, 0x5}, {0x1, 0x2}]}]}]}, @NL80211_ATTR_TX_RATES={0x24, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x20, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xbf, 0x8, 0xa10, 0xc9ac, 0x8, 0x6, 0x62a3, 0x5]}}]}]}, @NL80211_ATTR_TX_RATES={0x7c, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x6c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0xff, 0x1, 0x1f, 0x0, 0x8, 0xfff7]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x0, 0xfffb, 0x800, 0x3ff, 0x1, 0x2, 0xfffb]}}, @NL80211_TXRATE_LEGACY={0x1a, 0x1, [0x2d, 0x18, 0x2, 0x12, 0x48, 0x30, 0xb, 0x30, 0x24, 0x2, 0x1c, 0x5, 0x30, 0x6, 0x5, 0x1b, 0x4, 0x6c, 0x0, 0x6, 0x6c, 0x4]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3ff, 0x401, 0xfffe, 0x3, 0xfff, 0x9df, 0x1, 0x6]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}, @NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}]}]}, @NL80211_ATTR_TX_RATES={0x134, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x1c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x18, 0x2, [{0x1, 0x9}, {0x1, 0x5}, {}, {0x5, 0x8}, {0x6, 0x4}, {0x7, 0x1}, {0x1, 0x9}, {0x7}, {0x6, 0x5}, {0x5, 0x6}, {0x7}, {0x4, 0x8}, {0x6, 0x9}, {0x0, 0x9}, {0x5, 0x4}, {0x0, 0xa}, {0x0, 0x6}, {0x4, 0x7}, {0x1, 0xa}, {0x5, 0x9}]}]}, @NL80211_BAND_60GHZ={0x78, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x23, 0x2, [{0x4, 0x9}, {0x4, 0x5}, {0x3, 0x5}, {0x6, 0x2}, {0x7, 0x3}, {0x7, 0x4}, {0x0, 0x9}, {0x2, 0x8}, {}, {0x6, 0xa}, {0x3, 0x3}, {}, {}, {0x3, 0x6}, {0x4, 0x9}, {0x2, 0x4}, {0x1, 0x7}, {0x2, 0x5}, {0x3}, {0x4, 0x8}, {0x4, 0x8}, {0x3, 0x5}, {0x5, 0x6}, {0x7, 0x5}, {0x0, 0x9}, {0x4, 0x6}, {0x7, 0x9}, {0x0, 0x6}, {0x3, 0x3}, {0x7, 0x3}, {0x0, 0x8}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x2, 0x6, 0x6, 0x7, 0x3, 0x848, 0x9]}}, @NL80211_TXRATE_HT={0x39, 0x2, [{0x1}, {0x3}, {0x7, 0x1}, {0x0, 0x9}, {0x0, 0xa}, {0x1}, {0x6, 0x9}, {0x0, 0x8}, {0x5, 0x9}, {0x1, 0x9}, {0x0, 0x3}, {0x5, 0x3}, {0x3}, {0x6, 0x6}, {0x3, 0x4}, {0x6, 0x7}, {0x5, 0xa}, {0x5, 0x1}, {0x4, 0x2}, {0x0, 0x4}, {0x3, 0x7}, {0x0, 0x2}, {0x6}, {0x6, 0xa}, {0x1, 0x9}, {0x0, 0x6}, {0x6, 0x2}, {0x1, 0x1}, {0x3, 0x3}, {0x2, 0x2}, {0x4, 0x3}, {0x0, 0x8}, {0x1, 0x6}, {0x3, 0x1}, {0x3, 0x5}, {0x6, 0x2}, {0x2, 0x7}, {0x7, 0x2}, {0x0, 0x5}, {0x2, 0x1}, {0x5, 0x5}, {0x5, 0x9}, {0x7, 0x6}, {0x1, 0x1}, {0x6, 0x8}, {0x4, 0x4}, {0x0, 0x6}, {0x2, 0x5}, {0x3, 0x6}, {0x2, 0x9}, {0x1, 0x2}, {0x1, 0x9}, {0x5, 0x3}]}]}, @NL80211_BAND_60GHZ={0x90, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x24, 0x1, [0x2, 0x9, 0x6, 0x48, 0x34, 0x21, 0x9, 0x1b, 0x12, 0x48, 0x1, 0x60, 0x2, 0xb, 0x48, 0x2, 0x13, 0x60, 0x30, 0x24, 0x6, 0x0, 0x18, 0x13, 0x36, 0xc, 0x1b, 0xc, 0x3, 0x36, 0xb, 0x18]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x94, 0x0, 0x0, 0x2, 0x800, 0x5b2, 0x685f]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8000, 0x1, 0x7fff, 0x389e, 0x0, 0x3ff, 0x2]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xa7a0, 0x9, 0x1, 0x62, 0x9dc3, 0x4, 0x8, 0x40]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xdd, 0x8, 0x0, 0x9ea6, 0x60, 0x7, 0x32a]}}]}, @NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}]}]}, 0x670}, 0x1, 0x0, 0x0, 0x24000890}, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) ioctl$SOUND_MIXER_INFO(0xffffffffffffffff, 0x805c4d65, &(0x7f0000000880)) accept4$netrom(r1, 0x0, &(0x7f00000000c0), 0x80000) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000080)={0x1, 0x4}) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r1) (async) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r1, &(0x7f0000000840)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000800)={&(0x7f0000000180)={0x670, r2, 0x100, 0x48a1, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_TX_RATES={0x4c, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x48, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x11, 0x2, [{0x6}, {0x2, 0x4}, {0x0, 0x7}, {0x0, 0x7}, {0x7}, {0x6, 0x3}, {0x5, 0x2}, {0x2, 0x5}, {0x7, 0xa}, {0x2, 0x9}, {0x3, 0x4}, {0x7, 0xa}, {0x4, 0x2}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x89, 0x4, 0x0, 0x1, 0x3, 0x1, 0x101, 0x3]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x5, 0x4, 0x1, 0x8, 0x6, 0x6438, 0x4, 0x9]}}]}]}, @NL80211_ATTR_TX_RATES={0x178, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xdc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x9, 0x208, 0x800, 0x2, 0x9, 0x1f, 0xbaf]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HT={0x28, 0x2, [{0x3, 0x3}, {0x2, 0x7}, {0x0, 0x5}, {0x0, 0x4}, {0x1, 0xa}, {0x1, 0x9}, {0x6, 0x4}, {0x1, 0x4}, {0x1, 0xa}, {0x0, 0x5}, {0x7, 0x9}, {0x2, 0x4}, {0x3, 0x7}, {0x0, 0x3}, {0x7, 0x1}, {0x1, 0xb}, {0x4, 0x2}, {0x4, 0x4}, {0x7, 0x9}, {0x1}, {0x2, 0x4}, {0x6, 0x6}, {0x1, 0x6}, {0x1, 0x8}, {0x1, 0x7}, {0x1, 0x9}, {0x1, 0x8}, {0x5, 0x4}, {0x4, 0xa}, {0x4, 0x9}, {0x0, 0x5}, {0x6}, {0x2, 0x1}, {0x5, 0x5}, {0x6, 0x8}, {0x6, 0x3}]}, @NL80211_TXRATE_LEGACY={0x24, 0x1, [0x18, 0x6, 0x18, 0xc, 0xc, 0x9, 0x7, 0xc, 0xc, 0x60, 0x5, 0x60, 0x6c, 0x1, 0x5, 0x18, 0x5, 0x12, 0x3, 0x30, 0xc, 0x6c, 0x3, 0x3, 0xc, 0x1, 0x12, 0x6, 0xc, 0x6, 0x50, 0x4]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x4a, 0x2, [{0x4}, {0x0, 0x1}, {0x1, 0x2}, {0x5, 0xa}, {0x1, 0x7}, {0x4, 0x6}, {0x5, 0x6}, {0x5, 0x2}, {0x4, 0x3}, {0x7, 0xa}, {0x2, 0x4}, {0x6, 0x5}, {0x4, 0x7}, {0x0, 0xa}, {0x2, 0x3}, {0x0, 0x9}, {0x2, 0x3}, {0x2}, {0x0, 0x5}, {0x6}, {0x6, 0x3}, {0x1, 0xa}, {0x7, 0x3}, {0x5, 0x2}, {0x5, 0x6}, {0x7, 0x2}, {0x7, 0x5}, {0x4, 0x7}, {0x2, 0x5}, {0x2, 0x8}, {0x6, 0x6}, {}, {0x5}, {0x5, 0x3}, {0x0, 0x5}, {0x1, 0x7}, {0x3, 0x6}, {0x6, 0x1}, {0x2, 0x2}, {0x1, 0x8}, {0x7, 0x3}, {0x1, 0x8}, {0x3, 0x1}, {0x1, 0x8}, {0x0, 0x1}, {0x5}, {0x1, 0x5}, {0x4, 0x7}, {0x0, 0x3}, {0x0, 0x1d}, {0x2, 0x8}, {0x2, 0x9}, {0x4, 0x2}, {0x1, 0x1}, {0x3, 0x5}, {0x2, 0x8}, {0x0, 0x4}, {0x1, 0x7}, {0x0, 0x4}, {0x5, 0x9}, {0x0, 0x5}, {0x6, 0x8}, {0x6, 0x9}, {}, {0x5, 0x8}, {0x4, 0x9}, {0x2, 0x3}, {0x3, 0x2}, {0x6}, {0x3, 0x4}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x10, 0x0, 0x6, 0x4, 0x7, 0x6, 0x7fff, 0xe63]}}]}, @NL80211_BAND_60GHZ={0x8c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x15, 0x1, [0x5, 0x4, 0x5, 0x30, 0x6, 0x6c, 0x2, 0x36, 0x12, 0xb, 0x6c, 0x18, 0x1, 0x6, 0x5c, 0x30, 0x1b]}, @NL80211_TXRATE_HT={0x3e, 0x2, [{}, {0x2, 0x5}, {0x7, 0x6}, {0x0, 0x1}, {0x4, 0x2}, {0x3, 0x2}, {0x0, 0x9}, {0x6, 0x6}, {0x7, 0x6}, {0x3, 0x6}, {0x5, 0x3}, {0x7, 0xa}, {0x0, 0x8}, {0x6, 0x1}, {0x6, 0xa}, {0x6, 0x5}, {0x6, 0x4}, {0x5}, {0x4, 0x7}, {0x1, 0x2}, {0x7, 0x3}, {0x2, 0x7}, {0x1, 0x6}, {0x7, 0x1}, {0x0, 0x3}, {0x1, 0x6}, {0x0, 0x5}, {0x0, 0x5}, {0x1, 0x8}, {0x6, 0xa}, {0x4, 0x4}, {0x2, 0x9}, {0x5, 0x9}, {0x2, 0xa}, {0x4, 0x9}, {0x6, 0x1}, {0x3, 0x4}, {0x1, 0x5}, {0x7, 0x9}, {0x3, 0x7}, {0x2}, {0x1, 0xa}, {0x5, 0x6}, {0x5}, {0x5}, {0x0, 0x2}, {0x6, 0x5}, {0x0, 0x5}, {0x2, 0xa}, {0x1, 0x1}, {0x2, 0x8}, {0x4, 0x8}, {0x7, 0xa}, {0x1, 0x3}, {0x7, 0x6}, {}, {0x6, 0xa}, {0x1, 0x2}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0x7, 0x9, 0x100, 0x8, 0x7, 0x2]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HT={0xb, 0x2, [{0x1, 0x8}, {0x0, 0x8}, {0x1, 0x4}, {0x1, 0x8}, {0x3}, {0x5, 0xa}, {0x4, 0x4}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}]}]}, @NL80211_ATTR_TX_RATES={0x130, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_5GHZ={0x48, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x40, 0x9, 0x1, 0x2, 0x800, 0x5, 0x105, 0x40]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x25, 0x2, [{0x2, 0x3}, {0x7, 0x4}, {0x4, 0x4}, {0x6, 0xa}, {0x7, 0x3}, {0x3, 0x3}, {0x3, 0x5}, {0x7, 0x6}, {0x1, 0x8}, {0x4, 0x2}, {0x7, 0x3}, {0x0, 0x6}, {0x5, 0x8}, {0x5, 0x2}, {0x4, 0xa}, {0x1, 0x8}, {0x0, 0x7}, {0x6, 0x9}, {0x2, 0x7}, {0x3, 0x3}, {0x5, 0x2}, {0x4, 0x7}, {0x0, 0x1}, {0x0, 0x9}, {0x4}, {0x3, 0x1}, {0x4, 0x7}, {0x3, 0x1}, {0x0, 0xa}, {0x1}, {0x1, 0x4}, {0x5}, {0x6, 0x4}]}]}, @NL80211_BAND_6GHZ={0x1c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_2GHZ={0x74, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x18, 0x1, [0x2, 0x60, 0x4, 0x0, 0x6, 0x16, 0xf571df87c3f34c90, 0x9, 0x18, 0x48, 0x5d, 0x6, 0xc, 0x12, 0x6, 0xc, 0x5, 0x48, 0x9, 0x1]}, @NL80211_TXRATE_LEGACY={0x1a, 0x1, [0x24, 0x18, 0x1b, 0x24, 0x48, 0x3, 0xe, 0x90, 0x9, 0x5, 0x9, 0x3, 0x4, 0x24, 0x53, 0x5, 0x16, 0x4, 0x12, 0x6, 0x6, 0x16]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8906, 0xffff, 0x1ff, 0x9, 0x0, 0x0, 0x4, 0x9]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x7, 0x4, 0x101, 0x3, 0x4, 0x7, 0xfff]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0xb, 0x1, [0x4, 0x3, 0x60, 0x18, 0x12, 0x48, 0xb]}]}, @NL80211_BAND_6GHZ={0x1c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_5GHZ={0x2c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0x16, 0x1, [0x36, 0x1, 0x16, 0x30, 0x9, 0x30, 0x77, 0x3e, 0x6, 0x12, 0x24, 0x3, 0x4, 0x16, 0x30, 0x3, 0x5, 0x9]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}]}, @NL80211_ATTR_TX_RATES={0x194, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x74, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0x2, 0x4, 0x7, 0xb6, 0x5, 0x3, 0x9]}}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xff, 0x26, 0x8000, 0x1ff, 0x5, 0x3, 0x4, 0x9]}}, @NL80211_TXRATE_LEGACY={0x14, 0x1, [0x4, 0x1b, 0x30, 0x36, 0xb, 0x24, 0x6, 0x60, 0x30, 0x3, 0x66, 0x3, 0x16, 0x16, 0x4, 0x4d]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_LEGACY={0x6, 0x1, [0xb, 0x3]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_LEGACY={0x13, 0x1, [0x6, 0x16, 0x16, 0x12, 0x6, 0x60, 0x6c, 0x6c, 0x24, 0x4, 0x5, 0x3, 0x12, 0x5, 0x24]}]}, @NL80211_BAND_5GHZ={0xc0, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x22, 0x1, [0x3f, 0x1, 0x3, 0x48, 0x6c, 0x6c, 0x6c, 0x60, 0x2, 0x18, 0x4, 0x24, 0x1, 0xb, 0x60, 0x4, 0x4, 0x6, 0x2, 0x1b, 0x24, 0x32, 0x24, 0x12, 0x36, 0x18, 0x36, 0x1b, 0x30, 0x12]}, @NL80211_TXRATE_LEGACY={0x20, 0x1, [0x36, 0x30, 0x4, 0xb, 0x6, 0x0, 0xc, 0x18, 0x36, 0x60, 0x16, 0x30, 0x16, 0x36, 0x48, 0x36, 0x60, 0x2, 0xb, 0x6, 0x1, 0x30, 0x24, 0x30, 0x18, 0x16, 0x1, 0x24]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xe3, 0xfff9, 0x4, 0x9, 0x3, 0x200, 0xfffa, 0xfff]}}, @NL80211_TXRATE_HT={0x4}, @NL80211_TXRATE_HT={0x42, 0x2, [{0x0, 0x3}, {0x6, 0x5}, {0x4, 0x6}, {0x0, 0x5}, {0x4, 0x1}, {0x6}, {0x7, 0x1}, {0x4, 0x1d}, {0x2, 0x9}, {0x1, 0xa}, {0x0, 0x4}, {0x7, 0x1}, {0x4, 0xa}, {0x5, 0x2}, {0x4, 0x9}, {0x7, 0x3}, {0x0, 0x5}, {0x0, 0x6}, {0x1, 0x2}, {0x4}, {0x7, 0x2}, {0x3, 0x4}, {0x3, 0x4}, {0x1, 0x4}, {0x0, 0x3}, {0x4, 0x6}, {0x0, 0x4}, {0x4, 0x9}, {0x0, 0x9}, {0x0, 0x4}, {0x1, 0x6}, {0x0, 0x7}, {0x2, 0x3}, {0x7, 0x1}, {0x4}, {0x2, 0x4}, {0x3}, {0x0, 0x9}, {0x2, 0x8}, {0x6, 0x5}, {0x7}, {0x3, 0x5}, {0x1, 0x7}, {0x6, 0x1}, {0x0, 0x1}, {0x7, 0x8}, {0x1, 0x2}, {0x1, 0xa}, {0x7, 0x6}, {0x7, 0x3}, {0x2, 0xa}, {0x6, 0x4}, {0x1, 0x5}, {0x7, 0x5}, {0x0, 0x9}, {0x0, 0x4}, {0x4, 0x1}, {}, {0x6, 0xa}, {0x1, 0x3}, {0x7, 0x2}, {0x3, 0x4}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3ff, 0x9, 0x400, 0x90, 0x800, 0x0, 0x9, 0x1]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_2GHZ={0x5c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x100, 0x7, 0x401, 0x0, 0x5, 0x1000, 0x8, 0x9]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x5, 0x3800, 0x100, 0x7, 0x9, 0x6532, 0x7fff, 0x4]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x3ff, 0x7bbc, 0x7, 0x7ff, 0xfff, 0x2, 0x1]}}, @NL80211_TXRATE_HT={0xb, 0x2, [{0x3, 0x5}, {0x6, 0x1}, {0x5, 0x3}, {0x2, 0x6}, {0x7, 0x5}, {0x5, 0x5}, {0x1, 0x2}]}]}]}, @NL80211_ATTR_TX_RATES={0x24, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x20, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xbf, 0x8, 0xa10, 0xc9ac, 0x8, 0x6, 0x62a3, 0x5]}}]}]}, @NL80211_ATTR_TX_RATES={0x7c, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x6c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0xff, 0x1, 0x1f, 0x0, 0x8, 0xfff7]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x0, 0xfffb, 0x800, 0x3ff, 0x1, 0x2, 0xfffb]}}, @NL80211_TXRATE_LEGACY={0x1a, 0x1, [0x2d, 0x18, 0x2, 0x12, 0x48, 0x30, 0xb, 0x30, 0x24, 0x2, 0x1c, 0x5, 0x30, 0x6, 0x5, 0x1b, 0x4, 0x6c, 0x0, 0x6, 0x6c, 0x4]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3ff, 0x401, 0xfffe, 0x3, 0xfff, 0x9df, 0x1, 0x6]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}, @NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}]}]}, @NL80211_ATTR_TX_RATES={0x134, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x1c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x18, 0x2, [{0x1, 0x9}, {0x1, 0x5}, {}, {0x5, 0x8}, {0x6, 0x4}, {0x7, 0x1}, {0x1, 0x9}, {0x7}, {0x6, 0x5}, {0x5, 0x6}, {0x7}, {0x4, 0x8}, {0x6, 0x9}, {0x0, 0x9}, {0x5, 0x4}, {0x0, 0xa}, {0x0, 0x6}, {0x4, 0x7}, {0x1, 0xa}, {0x5, 0x9}]}]}, @NL80211_BAND_60GHZ={0x78, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x23, 0x2, [{0x4, 0x9}, {0x4, 0x5}, {0x3, 0x5}, {0x6, 0x2}, {0x7, 0x3}, {0x7, 0x4}, {0x0, 0x9}, {0x2, 0x8}, {}, {0x6, 0xa}, {0x3, 0x3}, {}, {}, {0x3, 0x6}, {0x4, 0x9}, {0x2, 0x4}, {0x1, 0x7}, {0x2, 0x5}, {0x3}, {0x4, 0x8}, {0x4, 0x8}, {0x3, 0x5}, {0x5, 0x6}, {0x7, 0x5}, {0x0, 0x9}, {0x4, 0x6}, {0x7, 0x9}, {0x0, 0x6}, {0x3, 0x3}, {0x7, 0x3}, {0x0, 0x8}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x2, 0x6, 0x6, 0x7, 0x3, 0x848, 0x9]}}, @NL80211_TXRATE_HT={0x39, 0x2, [{0x1}, {0x3}, {0x7, 0x1}, {0x0, 0x9}, {0x0, 0xa}, {0x1}, {0x6, 0x9}, {0x0, 0x8}, {0x5, 0x9}, {0x1, 0x9}, {0x0, 0x3}, {0x5, 0x3}, {0x3}, {0x6, 0x6}, {0x3, 0x4}, {0x6, 0x7}, {0x5, 0xa}, {0x5, 0x1}, {0x4, 0x2}, {0x0, 0x4}, {0x3, 0x7}, {0x0, 0x2}, {0x6}, {0x6, 0xa}, {0x1, 0x9}, {0x0, 0x6}, {0x6, 0x2}, {0x1, 0x1}, {0x3, 0x3}, {0x2, 0x2}, {0x4, 0x3}, {0x0, 0x8}, {0x1, 0x6}, {0x3, 0x1}, {0x3, 0x5}, {0x6, 0x2}, {0x2, 0x7}, {0x7, 0x2}, {0x0, 0x5}, {0x2, 0x1}, {0x5, 0x5}, {0x5, 0x9}, {0x7, 0x6}, {0x1, 0x1}, {0x6, 0x8}, {0x4, 0x4}, {0x0, 0x6}, {0x2, 0x5}, {0x3, 0x6}, {0x2, 0x9}, {0x1, 0x2}, {0x1, 0x9}, {0x5, 0x3}]}]}, @NL80211_BAND_60GHZ={0x90, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x24, 0x1, [0x2, 0x9, 0x6, 0x48, 0x34, 0x21, 0x9, 0x1b, 0x12, 0x48, 0x1, 0x60, 0x2, 0xb, 0x48, 0x2, 0x13, 0x60, 0x30, 0x24, 0x6, 0x0, 0x18, 0x13, 0x36, 0xc, 0x1b, 0xc, 0x3, 0x36, 0xb, 0x18]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x94, 0x0, 0x0, 0x2, 0x800, 0x5b2, 0x685f]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8000, 0x1, 0x7fff, 0x389e, 0x0, 0x3ff, 0x2]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xa7a0, 0x9, 0x1, 0x62, 0x9dc3, 0x4, 0x8, 0x40]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xdd, 0x8, 0x0, 0x9ea6, 0x60, 0x7, 0x32a]}}]}, @NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}]}]}, 0x670}, 0x1, 0x0, 0x0, 0x24000890}, 0x0) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) (async) ioctl$SOUND_MIXER_INFO(0xffffffffffffffff, 0x805c4d65, &(0x7f0000000880)) (async) accept4$netrom(r1, 0x0, &(0x7f00000000c0), 0x80000) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000080)={0x1, 0x4}) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) 09:32:00 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (async) r0 = geteuid() syz_mount_image$xfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x82ed, 0x4, &(0x7f0000000300)=[{&(0x7f0000000080)="ad4757f16e53ba31d3359f9810ae2d67f775d56c2fe950bc0a31dba3f9ee76f5a7851c1690a4de98fed46cc8bb9cf86d3f13f1bfc744fd41a86ff073b8dc6659c5c444c1e89eac3f26596a2405203794b3e06ecf7c453f3c8703cd8cce32d5f07af5f70281281ec890bafd3123bd1e14f5b9eb25412cb8e5a9b532ca12dc5e5b66179d7e8bbaeb980c81e08b77c93c3b0606791042af881102de8b", 0x9b, 0xdeef}, {&(0x7f00000001c0)="5eaaaee0db55de093c4c297aa0be8fe4862642452354ff14829f9a89dde10875d393c15f0f8c466b7927936c95c550524f90acc815dad4121e92b938902a392e00fa038b9e", 0x45, 0x7}, {&(0x7f0000000240)="bfd91558bbacc275a45414e0b3738cefb536bdaf95739fa7", 0x18, 0x581}, {&(0x7f0000000280)="98375134ec2dadd60738096810933970d71171005c6228d3f6b53cc9510794e6c7edab686feb2e29d53a28e61477e65c7717eb2a6905cbe4c6c4d246dd97597d481e02f2a02322b5c904544e727a1b91c6396c07aa04333619dcf92fa5", 0x5d, 0x7}], 0x2004, &(0x7f0000000480)={[{@allocsize={'allocsize', 0x3d, [0x32]}}, {@sunit={'sunit', 0x3d, 0x8}}, {@discard}, {@allocsize={'allocsize', 0x3d, [0x38, 0x34]}}, {@gquota}, {@nolargeio}], [{@smackfsfloor={'smackfsfloor', 0x3d, '\xe1@\',:[U-@[][^@'}}, {@seclabel}, {@fsuuid={'fsuuid', 0x3d, {[0x31, 0x35, 0x61, 0x62, 0x57, 0x65, 0x65, 0x33], 0x2d, [0x36, 0x38, 0x32, 0x34], 0x2d, [0x33, 0x61, 0x62, 0x63], 0x2d, [0x38, 0x61, 0x32, 0x62], 0x2d, [0x39, 0x38, 0x64, 0x32, 0x62, 0x35, 0x61, 0x30]}}}, {@smackfstransmute={'smackfstransmute', 0x3d, '#^'}}, {@fowner_eq}, {@obj_role={'obj_role', 0x3d, 'hfsplus\x00'}}, {@euid_lt={'euid<', r0}}]}) 09:32:00 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="000000000000000600000000001d2ae0fad20517838c59b54230e834e9918b3902bf73280c189771d5e578c2f016ae3b6961a05c284d535a6cb0f538830b8421f049c3f78ab1e9bb09c121"]) 09:32:00 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 24) [ 1192.225973] hfsplus: creator requires a 4 character value [ 1192.247255] hfsplus: unable to parse mount options 09:32:00 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$SEG6_CMD_DUMPHMAC(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="db"], 0x44}}, 0x0) sendmsg$SEG6_CMD_DUMPHMAC(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r3, 0x400, 0x70bd2b, 0x25dfdbff, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x9}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x1}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0xd9d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8}, 0xc044) 09:32:00 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) socket(0x3, 0xa, 0x80000000) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x6, 0x9}) [ 1192.322950] FAULT_INJECTION: forcing a failure. [ 1192.322950] name failslab, interval 1, probability 0, space 0, times 0 [ 1192.357534] CPU: 1 PID: 29206 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1192.365436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1192.365441] Call Trace: [ 1192.365462] dump_stack+0x1b2/0x281 [ 1192.365479] should_fail.cold+0x10a/0x149 [ 1192.365493] should_failslab+0xd6/0x130 [ 1192.389115] kmem_cache_alloc_node+0x263/0x410 [ 1192.393695] __alloc_skb+0x5c/0x510 [ 1192.397321] kobject_uevent_env+0x882/0xf30 [ 1192.401637] lo_ioctl+0x11a6/0x1cd0 [ 1192.405244] ? loop_set_status64+0xe0/0xe0 [ 1192.409553] blkdev_ioctl+0x540/0x1830 [ 1192.413427] ? blkpg_ioctl+0x8d0/0x8d0 [ 1192.417310] ? trace_hardirqs_on+0x10/0x10 [ 1192.421529] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1192.426612] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1192.431640] block_ioctl+0xd9/0x120 [ 1192.435245] ? blkdev_fallocate+0x3a0/0x3a0 [ 1192.439545] do_vfs_ioctl+0x75a/0xff0 [ 1192.443331] ? lock_acquire+0x170/0x3f0 [ 1192.447296] ? ioctl_preallocate+0x1a0/0x1a0 [ 1192.451687] ? __fget+0x265/0x3e0 [ 1192.455120] ? do_vfs_ioctl+0xff0/0xff0 [ 1192.459074] ? security_file_ioctl+0x83/0xb0 [ 1192.463461] SyS_ioctl+0x7f/0xb0 [ 1192.466803] ? do_vfs_ioctl+0xff0/0xff0 [ 1192.470759] do_syscall_64+0x1d5/0x640 [ 1192.474630] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1192.479801] RIP: 0033:0x7f463664cea7 [ 1192.483500] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1192.491187] RAX: ffffffffffffffda RBX: 00007f4636696a20 RCX: 00007f463664cea7 [ 1192.498434] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1192.505680] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1192.512925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 09:32:00 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) socket(0x3, 0xa, 0x80000000) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x6, 0x9}) 09:32:00 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$SEG6_CMD_DUMPHMAC(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="db"], 0x44}}, 0x0) sendmsg$SEG6_CMD_DUMPHMAC(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r3, 0x400, 0x70bd2b, 0x25dfdbff, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x9}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x1}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0xd9d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8}, 0xc044) socket(0x25, 0x1, 0x0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) (async) sendmsg$SEG6_CMD_DUMPHMAC(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="db"], 0x44}}, 0x0) (async) sendmsg$SEG6_CMD_DUMPHMAC(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r3, 0x400, 0x70bd2b, 0x25dfdbff, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x9}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x1}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0xd9d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8}, 0xc044) (async) [ 1192.520172] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1192.541508] FAULT_INJECTION: forcing a failure. [ 1192.541508] name failslab, interval 1, probability 0, space 0, times 0 [ 1192.553528] hfsplus: unable to find HFS+ superblock [ 1192.561758] hfsplus: creator requires a 4 character value 09:32:00 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) socket(0x3, 0xa, 0x80000000) (async, rerun: 32) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x6, 0x9}) (rerun: 32) [ 1192.562125] CPU: 0 PID: 29219 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1192.575189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1192.576507] hfsplus: unable to parse mount options [ 1192.584537] Call Trace: [ 1192.584555] dump_stack+0x1b2/0x281 [ 1192.584568] should_fail.cold+0x10a/0x149 [ 1192.584580] should_failslab+0xd6/0x130 [ 1192.584591] kmem_cache_alloc_node+0x263/0x410 [ 1192.584604] __alloc_skb+0x5c/0x510 [ 1192.584618] kobject_uevent_env+0x882/0xf30 [ 1192.584635] lo_ioctl+0x11a6/0x1cd0 [ 1192.619907] ? loop_set_status64+0xe0/0xe0 09:32:00 executing program 4: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x4) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000000)={0xa, 0xd}) ioctl$SNAPSHOT_CREATE_IMAGE(r1, 0x40043311, &(0x7f0000000080)) ioctl$SNAPSHOT_PLATFORM_SUPPORT(0xffffffffffffffff, 0x330f, 0x5) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) r3 = syz_open_dev$loop(&(0x7f0000000180), 0xb057, 0x10100) ioctl$LOOP_SET_STATUS64(r3, 0x4c04, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x401, 0x100000001, 0x0, 0x2, 0x15, 0x9, "dd8c83c54f6e2e670a8609d5905da46704e31c4a236c677cbf41ff54a228b75193283d0dba8897c040497e860550d8bd6e0c8369309c38cee17a8931c9a54cda", "3697e09478d6c55dd5fded6025a4540ee002a21a0b110956a1fb7904a4b434a16a979e693f2e7b2fa327adce2ba91b215323a25069955941690a7732cecfc026", "a8dbf1d7535bc0e26d34565e482392a49f0c3b1233b2c9b775df1a168ce7831c", [0x775d, 0x3]}) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r2) bind$l2tp(r2, &(0x7f0000000140)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x4}, 0x10) r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) setsockopt$netrom_NETROM_N2(r4, 0x103, 0x3, &(0x7f0000000100)=0x40, 0x4) bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f00000000c0), 0x4) [ 1192.624148] blkdev_ioctl+0x540/0x1830 [ 1192.628040] ? blkpg_ioctl+0x8d0/0x8d0 [ 1192.631926] ? trace_hardirqs_on+0x10/0x10 [ 1192.636167] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1192.641267] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1192.646289] block_ioctl+0xd9/0x120 [ 1192.649928] ? blkdev_fallocate+0x3a0/0x3a0 [ 1192.654257] do_vfs_ioctl+0x75a/0xff0 [ 1192.658050] ? lock_acquire+0x170/0x3f0 [ 1192.662012] ? ioctl_preallocate+0x1a0/0x1a0 [ 1192.666401] ? __fget+0x265/0x3e0 [ 1192.669833] ? do_vfs_ioctl+0xff0/0xff0 [ 1192.673785] ? security_file_ioctl+0x83/0xb0 [ 1192.678170] SyS_ioctl+0x7f/0xb0 [ 1192.681513] ? do_vfs_ioctl+0xff0/0xff0 [ 1192.685463] do_syscall_64+0x1d5/0x640 [ 1192.689332] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1192.694497] RIP: 0033:0x7f322b2faea7 [ 1192.698182] RSP: 002b:00007f3229c6ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1192.705867] RAX: ffffffffffffffda RBX: 00007f322b344a20 RCX: 00007f322b2faea7 [ 1192.713115] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1192.720360] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1192.727610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1192.734862] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 09:32:01 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 25) 09:32:01 executing program 4: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x4) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000000)={0xa, 0xd}) ioctl$SNAPSHOT_CREATE_IMAGE(r1, 0x40043311, &(0x7f0000000080)) ioctl$SNAPSHOT_PLATFORM_SUPPORT(0xffffffffffffffff, 0x330f, 0x5) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) r3 = syz_open_dev$loop(&(0x7f0000000180), 0xb057, 0x10100) ioctl$LOOP_SET_STATUS64(r3, 0x4c04, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x401, 0x100000001, 0x0, 0x2, 0x15, 0x9, "dd8c83c54f6e2e670a8609d5905da46704e31c4a236c677cbf41ff54a228b75193283d0dba8897c040497e860550d8bd6e0c8369309c38cee17a8931c9a54cda", "3697e09478d6c55dd5fded6025a4540ee002a21a0b110956a1fb7904a4b434a16a979e693f2e7b2fa327adce2ba91b215323a25069955941690a7732cecfc026", "a8dbf1d7535bc0e26d34565e482392a49f0c3b1233b2c9b775df1a168ce7831c", [0x775d, 0x3]}) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r2) bind$l2tp(r2, &(0x7f0000000140)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x4}, 0x10) r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) setsockopt$netrom_NETROM_N2(r4, 0x103, 0x3, &(0x7f0000000100)=0x40, 0x4) bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f00000000c0), 0x4) openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) (async) ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x4) (async) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000000)={0xa, 0xd}) (async) ioctl$SNAPSHOT_CREATE_IMAGE(r1, 0x40043311, &(0x7f0000000080)) (async) ioctl$SNAPSHOT_PLATFORM_SUPPORT(0xffffffffffffffff, 0x330f, 0x5) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) syz_open_dev$loop(&(0x7f0000000180), 0xb057, 0x10100) (async) ioctl$LOOP_SET_STATUS64(r3, 0x4c04, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x401, 0x100000001, 0x0, 0x2, 0x15, 0x9, "dd8c83c54f6e2e670a8609d5905da46704e31c4a236c677cbf41ff54a228b75193283d0dba8897c040497e860550d8bd6e0c8369309c38cee17a8931c9a54cda", "3697e09478d6c55dd5fded6025a4540ee002a21a0b110956a1fb7904a4b434a16a979e693f2e7b2fa327adce2ba91b215323a25069955941690a7732cecfc026", "a8dbf1d7535bc0e26d34565e482392a49f0c3b1233b2c9b775df1a168ce7831c", [0x775d, 0x3]}) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r2) (async) bind$l2tp(r2, &(0x7f0000000140)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x4}, 0x10) (async) syz_init_net_socket$netrom(0x6, 0x5, 0x0) (async) setsockopt$netrom_NETROM_N2(r4, 0x103, 0x3, &(0x7f0000000100)=0x40, 0x4) (async) bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f00000000c0), 0x4) (async) 09:32:01 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$SEG6_CMD_DUMPHMAC(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="db"], 0x44}}, 0x0) (async) sendmsg$SEG6_CMD_DUMPHMAC(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r3, 0x400, 0x70bd2b, 0x25dfdbff, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x9}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x1}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0xd9d}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8}, 0xc044) [ 1192.768835] hfsplus: creator requires a 4 character value [ 1192.774401] hfsplus: unable to parse mount options [ 1192.791519] hfsplus: creator requires a 4 character value [ 1192.797080] hfsplus: unable to parse mount options [ 1192.832897] FAULT_INJECTION: forcing a failure. [ 1192.832897] name failslab, interval 1, probability 0, space 0, times 0 [ 1192.844676] CPU: 1 PID: 29262 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1192.852560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1192.861906] Call Trace: [ 1192.861923] dump_stack+0x1b2/0x281 [ 1192.861938] should_fail.cold+0x10a/0x149 [ 1192.861951] should_failslab+0xd6/0x130 [ 1192.861962] kmem_cache_alloc_node+0x263/0x410 [ 1192.861974] __alloc_skb+0x5c/0x510 [ 1192.861987] kobject_uevent_env+0x882/0xf30 [ 1192.862003] lo_ioctl+0x11a6/0x1cd0 [ 1192.892292] ? loop_set_status64+0xe0/0xe0 [ 1192.896506] blkdev_ioctl+0x540/0x1830 [ 1192.900370] ? blkpg_ioctl+0x8d0/0x8d0 [ 1192.904233] ? trace_hardirqs_on+0x10/0x10 [ 1192.908452] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1192.913532] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1192.918530] block_ioctl+0xd9/0x120 [ 1192.922134] ? blkdev_fallocate+0x3a0/0x3a0 [ 1192.926436] do_vfs_ioctl+0x75a/0xff0 [ 1192.930219] ? lock_acquire+0x170/0x3f0 [ 1192.934169] ? ioctl_preallocate+0x1a0/0x1a0 [ 1192.938559] ? __fget+0x265/0x3e0 [ 1192.941989] ? do_vfs_ioctl+0xff0/0xff0 [ 1192.945946] ? security_file_ioctl+0x83/0xb0 [ 1192.950330] SyS_ioctl+0x7f/0xb0 [ 1192.953674] ? do_vfs_ioctl+0xff0/0xff0 [ 1192.957635] do_syscall_64+0x1d5/0x640 [ 1192.961510] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1192.966676] RIP: 0033:0x7f463664cea7 [ 1192.970364] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 09:32:01 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (async) r0 = geteuid() syz_mount_image$xfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x82ed, 0x4, &(0x7f0000000300)=[{&(0x7f0000000080)="ad4757f16e53ba31d3359f9810ae2d67f775d56c2fe950bc0a31dba3f9ee76f5a7851c1690a4de98fed46cc8bb9cf86d3f13f1bfc744fd41a86ff073b8dc6659c5c444c1e89eac3f26596a2405203794b3e06ecf7c453f3c8703cd8cce32d5f07af5f70281281ec890bafd3123bd1e14f5b9eb25412cb8e5a9b532ca12dc5e5b66179d7e8bbaeb980c81e08b77c93c3b0606791042af881102de8b", 0x9b, 0xdeef}, {&(0x7f00000001c0)="5eaaaee0db55de093c4c297aa0be8fe4862642452354ff14829f9a89dde10875d393c15f0f8c466b7927936c95c550524f90acc815dad4121e92b938902a392e00fa038b9e", 0x45, 0x7}, {&(0x7f0000000240)="bfd91558bbacc275a45414e0b3738cefb536bdaf95739fa7", 0x18, 0x581}, {&(0x7f0000000280)="98375134ec2dadd60738096810933970d71171005c6228d3f6b53cc9510794e6c7edab686feb2e29d53a28e61477e65c7717eb2a6905cbe4c6c4d246dd97597d481e02f2a02322b5c904544e727a1b91c6396c07aa04333619dcf92fa5", 0x5d, 0x7}], 0x2004, &(0x7f0000000480)={[{@allocsize={'allocsize', 0x3d, [0x32]}}, {@sunit={'sunit', 0x3d, 0x8}}, {@discard}, {@allocsize={'allocsize', 0x3d, [0x38, 0x34]}}, {@gquota}, {@nolargeio}], [{@smackfsfloor={'smackfsfloor', 0x3d, '\xe1@\',:[U-@[][^@'}}, {@seclabel}, {@fsuuid={'fsuuid', 0x3d, {[0x31, 0x35, 0x61, 0x62, 0x57, 0x65, 0x65, 0x33], 0x2d, [0x36, 0x38, 0x32, 0x34], 0x2d, [0x33, 0x61, 0x62, 0x63], 0x2d, [0x38, 0x61, 0x32, 0x62], 0x2d, [0x39, 0x38, 0x64, 0x32, 0x62, 0x35, 0x61, 0x30]}}}, {@smackfstransmute={'smackfstransmute', 0x3d, '#^'}}, {@fowner_eq}, {@obj_role={'obj_role', 0x3d, 'hfsplus\x00'}}, {@euid_lt={'euid<', r0}}]}) 09:32:01 executing program 2: set_robust_list(&(0x7f00000000c0), 0x18) getsockname$l2tp(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @broadcast}, &(0x7f0000000140)=0x10) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63720900746f723dd7ce6751d4"]) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000040)='./file0\x00'}, 0x10) syz_mount_image$xfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x8001, 0x7, &(0x7f0000000540)=[{&(0x7f0000000240)="e96c65cd150dce30a0571929464190ffd05b9dea331ab46f3c9ee7eac322", 0x1e, 0x8}, {&(0x7f0000000280)="746f0d630de94a37665682830e4b8717d817427c4c84e80064cf2eb39d61027d32b60beb8352661da74bb0177951269b18ea71ff3964eaa314e20409e5bdadafc0bed29501bbc8f0650bce6ec90eabaf3c347467164e6bac5648ce2fc6091ed64235be00cefedd29fb07b8c5678313123224111a9f17adc268f5da3d08fb13c3f76f5223e78544eed29895299d448ae9c316f04d2900d91f7c2ecf", 0x9b, 0x1}, {&(0x7f0000000340)="f77575fed2b4291e8f55069e924619f235d4d515025b45dd27eb1791124eb22dba4e5223482f5f37ab06cd491ffc0cb6c235a72aaf6784719b", 0x39, 0x1f}, {&(0x7f0000000380)="8dfded29b37d98c9f7850fd8858152719153406cb0bc718e31052cd3d6e76dc857ca603d222ff565a9116e65ca9191102962e1dea6d23f5560f3e72d3ea8d31632855d16e5add6e445c9", 0x4a, 0x1}, {&(0x7f0000000400)="930517ac5d4e8ef0307cdb8ffb4088663870fa2332982c5399e1a7fd76b1621d1efafeba3af97f6b421f8830cb829dc346c53aabf8b1a78a2512313a6259dbf8e5747042230316b14dddcd6a1282e5c029c4e7da174efe5677b162f19ccfe1891f90ba40ee13", 0x66, 0x3}, {&(0x7f0000000480)="340d7809fbab2494b25cd259c325cbc2238801af", 0x14, 0x8001}, {&(0x7f00000004c0)="77bedce24b82117e63fba205743f71fec34408b0c6d2731491f257c15df08852e01e693ced3de10ceb2b109a4fd7e12777f696a59a033b75734448791ced054da94c266a57363b9ee8783746c2c2362ea658b251dfa0f1442c9e7bb832da5dad977aeb0dd3e58d0f83eaabc023a45bac6bd7ed50", 0x74, 0xff}], 0x188000, &(0x7f0000000600)={[{@logdev={'logdev', 0x3d, './file0'}}, {@nolargeio}, {@logbsize={'logbsize', 0x3d, [0x67]}}, {@pqnoenforce}, {@gquota}, {@nogrpid}], [{@hash}, {@appraise}, {@appraise_type}, {@obj_user={'obj_user', 0x3d, 'hfsplus\x00'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '(/'}}, {@fowner_gt={'fowner>', 0xffffffffffffffff}}]}) 09:32:01 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 25) 09:32:01 executing program 4: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x4) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000000)={0xa, 0xd}) ioctl$SNAPSHOT_CREATE_IMAGE(r1, 0x40043311, &(0x7f0000000080)) ioctl$SNAPSHOT_PLATFORM_SUPPORT(0xffffffffffffffff, 0x330f, 0x5) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) r3 = syz_open_dev$loop(&(0x7f0000000180), 0xb057, 0x10100) ioctl$LOOP_SET_STATUS64(r3, 0x4c04, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x401, 0x100000001, 0x0, 0x2, 0x15, 0x9, "dd8c83c54f6e2e670a8609d5905da46704e31c4a236c677cbf41ff54a228b75193283d0dba8897c040497e860550d8bd6e0c8369309c38cee17a8931c9a54cda", "3697e09478d6c55dd5fded6025a4540ee002a21a0b110956a1fb7904a4b434a16a979e693f2e7b2fa327adce2ba91b215323a25069955941690a7732cecfc026", "a8dbf1d7535bc0e26d34565e482392a49f0c3b1233b2c9b775df1a168ce7831c", [0x775d, 0x3]}) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r2) bind$l2tp(r2, &(0x7f0000000140)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x4}, 0x10) r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) setsockopt$netrom_NETROM_N2(r4, 0x103, 0x3, &(0x7f0000000100)=0x40, 0x4) bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f00000000c0), 0x4) openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) (async) ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x4) (async) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000000)={0xa, 0xd}) (async) ioctl$SNAPSHOT_CREATE_IMAGE(r1, 0x40043311, &(0x7f0000000080)) (async) ioctl$SNAPSHOT_PLATFORM_SUPPORT(0xffffffffffffffff, 0x330f, 0x5) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) syz_open_dev$loop(&(0x7f0000000180), 0xb057, 0x10100) (async) ioctl$LOOP_SET_STATUS64(r3, 0x4c04, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x401, 0x100000001, 0x0, 0x2, 0x15, 0x9, "dd8c83c54f6e2e670a8609d5905da46704e31c4a236c677cbf41ff54a228b75193283d0dba8897c040497e860550d8bd6e0c8369309c38cee17a8931c9a54cda", "3697e09478d6c55dd5fded6025a4540ee002a21a0b110956a1fb7904a4b434a16a979e693f2e7b2fa327adce2ba91b215323a25069955941690a7732cecfc026", "a8dbf1d7535bc0e26d34565e482392a49f0c3b1233b2c9b775df1a168ce7831c", [0x775d, 0x3]}) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r2) (async) bind$l2tp(r2, &(0x7f0000000140)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x4}, 0x10) (async) syz_init_net_socket$netrom(0x6, 0x5, 0x0) (async) setsockopt$netrom_NETROM_N2(r4, 0x103, 0x3, &(0x7f0000000100)=0x40, 0x4) (async) bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f00000000c0), 0x4) (async) 09:32:01 executing program 1: r0 = socket(0x25, 0x2, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) [ 1192.978048] RAX: ffffffffffffffda RBX: 00007f4636696a20 RCX: 00007f463664cea7 [ 1192.985294] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1192.992563] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1192.999813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1193.007060] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1193.020053] hfsplus: creator requires a 4 character value [ 1193.025986] hfsplus: unable to parse mount options 09:32:01 executing program 1: r0 = socket(0x25, 0x2, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) 09:32:01 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 26) 09:32:01 executing program 1: r0 = socket(0x25, 0x2, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) socket(0x25, 0x2, 0x0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) 09:32:01 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_UNFREEZE(r0, 0x3302) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) [ 1193.093601] hfsplus: unable to parse mount options [ 1193.101484] FAULT_INJECTION: forcing a failure. [ 1193.101484] name failslab, interval 1, probability 0, space 0, times 0 [ 1193.118692] CPU: 0 PID: 29297 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1193.126587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1193.135940] Call Trace: [ 1193.138535] dump_stack+0x1b2/0x281 09:32:01 executing program 1: getpeername$l2tp(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @multicast2}, &(0x7f0000000080)=0x10) r0 = socket(0x25, 0x6, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_GET(r3, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r2, 0xb09}, 0x14}}, 0x0) sendmsg$L2TP_CMD_SESSION_MODIFY(r1, &(0x7f00000003c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r2, 0x300, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x4011) r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_GET(r5, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r4, 0xb09}, 0x14}}, 0x0) r6 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r6) sendmsg$L2TP_CMD_TUNNEL_GET(r0, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x302041}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x48, r4, 0x200, 0x70bd26, 0x25dfdbfd, {}, [@L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e23}, @L2TP_ATTR_FD={0x8, 0x17, @udp6=r6}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @empty}, @L2TP_ATTR_L2SPEC_TYPE={0x5, 0x5, 0x1}, @L2TP_ATTR_PW_TYPE={0x6}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000c00}, 0x40000) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) r7 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$SEG6_CMD_DUMPHMAC(r5, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x20800008}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x4c, r7, 0x800, 0x70bd27, 0x25dfdbff, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x40}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x9}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x10000}, @SEG6_ATTR_DST={0x14, 0x1, @private2}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x3}, @SEG6_ATTR_SECRET={0x4}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20054010}, 0x20000000) 09:32:01 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_UNFREEZE(r0, 0x3302) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$SNAPSHOT_UNFREEZE(r0, 0x3302) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) 09:32:01 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_UNFREEZE(r0, 0x3302) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$SNAPSHOT_UNFREEZE(r0, 0x3302) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) [ 1193.142167] should_fail.cold+0x10a/0x149 [ 1193.146316] should_failslab+0xd6/0x130 [ 1193.150300] kmem_cache_alloc_node_trace+0x25a/0x400 [ 1193.155421] __kmalloc_node_track_caller+0x38/0x70 [ 1193.160359] __alloc_skb+0x96/0x510 [ 1193.163987] kobject_uevent_env+0x882/0xf30 [ 1193.168325] lo_ioctl+0x11a6/0x1cd0 [ 1193.171958] ? loop_set_status64+0xe0/0xe0 [ 1193.176195] blkdev_ioctl+0x540/0x1830 [ 1193.180083] ? blkpg_ioctl+0x8d0/0x8d0 [ 1193.183969] ? trace_hardirqs_on+0x10/0x10 [ 1193.188207] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1193.193311] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1193.198346] block_ioctl+0xd9/0x120 [ 1193.201971] ? blkdev_fallocate+0x3a0/0x3a0 [ 1193.206293] do_vfs_ioctl+0x75a/0xff0 [ 1193.210100] ? lock_acquire+0x170/0x3f0 [ 1193.214074] ? ioctl_preallocate+0x1a0/0x1a0 [ 1193.218475] ? __fget+0x265/0x3e0 [ 1193.221928] ? do_vfs_ioctl+0xff0/0xff0 [ 1193.225888] ? security_file_ioctl+0x83/0xb0 [ 1193.230274] SyS_ioctl+0x7f/0xb0 [ 1193.233616] ? do_vfs_ioctl+0xff0/0xff0 [ 1193.237567] do_syscall_64+0x1d5/0x640 [ 1193.241439] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1193.246607] RIP: 0033:0x7f322b2faea7 [ 1193.250295] RSP: 002b:00007f3229c6ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1193.257981] RAX: ffffffffffffffda RBX: 00007f322b344a20 RCX: 00007f322b2faea7 [ 1193.265234] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1193.272491] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1193.279755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1193.287012] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1193.298125] hfsplus: creator requires a 4 character value [ 1193.303672] hfsplus: unable to parse mount options [ 1193.307294] FAULT_INJECTION: forcing a failure. [ 1193.307294] name failslab, interval 1, probability 0, space 0, times 0 [ 1193.315502] hfsplus: creator requires a 4 character value [ 1193.331613] CPU: 0 PID: 29316 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1193.335146] hfsplus: unable to parse mount options [ 1193.339503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1193.339508] Call Trace: [ 1193.339527] dump_stack+0x1b2/0x281 [ 1193.339544] should_fail.cold+0x10a/0x149 [ 1193.339557] should_failslab+0xd6/0x130 [ 1193.339569] kmem_cache_alloc_node_trace+0x25a/0x400 [ 1193.339583] __kmalloc_node_track_caller+0x38/0x70 [ 1193.339592] __alloc_skb+0x96/0x510 [ 1193.339607] kobject_uevent_env+0x882/0xf30 [ 1193.339625] lo_ioctl+0x11a6/0x1cd0 [ 1193.339636] ? loop_set_status64+0xe0/0xe0 [ 1193.339648] blkdev_ioctl+0x540/0x1830 [ 1193.339658] ? blkpg_ioctl+0x8d0/0x8d0 [ 1193.339667] ? trace_hardirqs_on+0x10/0x10 [ 1193.339681] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1193.339692] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1193.339707] block_ioctl+0xd9/0x120 [ 1193.339715] ? blkdev_fallocate+0x3a0/0x3a0 [ 1193.339740] do_vfs_ioctl+0x75a/0xff0 [ 1193.339750] ? lock_acquire+0x170/0x3f0 [ 1193.339759] ? ioctl_preallocate+0x1a0/0x1a0 [ 1193.339771] ? __fget+0x265/0x3e0 [ 1193.339781] ? do_vfs_ioctl+0xff0/0xff0 [ 1193.339791] ? security_file_ioctl+0x83/0xb0 [ 1193.339800] SyS_ioctl+0x7f/0xb0 [ 1193.339807] ? do_vfs_ioctl+0xff0/0xff0 [ 1193.339822] do_syscall_64+0x1d5/0x640 [ 1193.339834] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1193.339842] RIP: 0033:0x7f463664cea7 [ 1193.339847] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1193.339857] RAX: ffffffffffffffda RBX: 00007f4636696a20 RCX: 00007f463664cea7 [ 1193.339862] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1193.339866] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f4634fc21d0 09:32:01 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x8, 0x0, &(0x7f0000000000), 0x2348027, &(0x7f0000001340)=ANY=[]) 09:32:01 executing program 1: getpeername$l2tp(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @multicast2}, &(0x7f0000000080)=0x10) (async) r0 = socket(0x25, 0x6, 0x0) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) (async) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_GET(r3, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r2, 0xb09}, 0x14}}, 0x0) sendmsg$L2TP_CMD_SESSION_MODIFY(r1, &(0x7f00000003c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r2, 0x300, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x4011) r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) (async) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_GET(r5, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r4, 0xb09}, 0x14}}, 0x0) r6 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r6) (async) sendmsg$L2TP_CMD_TUNNEL_GET(r0, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x302041}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x48, r4, 0x200, 0x70bd26, 0x25dfdbfd, {}, [@L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e23}, @L2TP_ATTR_FD={0x8, 0x17, @udp6=r6}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @empty}, @L2TP_ATTR_L2SPEC_TYPE={0x5, 0x5, 0x1}, @L2TP_ATTR_PW_TYPE={0x6}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000c00}, 0x40000) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) r7 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$SEG6_CMD_DUMPHMAC(r5, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x20800008}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x4c, r7, 0x800, 0x70bd27, 0x25dfdbff, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x40}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x9}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x10000}, @SEG6_ATTR_DST={0x14, 0x1, @private2}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x3}, @SEG6_ATTR_SECRET={0x4}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20054010}, 0x20000000) 09:32:01 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 26) 09:32:01 executing program 4: fanotify_mark(0xffffffffffffffff, 0xc0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0xffffffffffdffff8, 0x17}) ioctl$SOUND_MIXER_WRITE_RECSRC(r1, 0xc0044dff, &(0x7f00000000c0)=0x5) 09:32:01 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 27) 09:32:01 executing program 2: set_robust_list(&(0x7f00000000c0), 0x18) getsockname$l2tp(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @broadcast}, &(0x7f0000000140)=0x10) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63720900746f723dd7ce6751d4"]) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000040)='./file0\x00'}, 0x10) syz_mount_image$xfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x8001, 0x7, &(0x7f0000000540)=[{&(0x7f0000000240)="e96c65cd150dce30a0571929464190ffd05b9dea331ab46f3c9ee7eac322", 0x1e, 0x8}, {&(0x7f0000000280)="746f0d630de94a37665682830e4b8717d817427c4c84e80064cf2eb39d61027d32b60beb8352661da74bb0177951269b18ea71ff3964eaa314e20409e5bdadafc0bed29501bbc8f0650bce6ec90eabaf3c347467164e6bac5648ce2fc6091ed64235be00cefedd29fb07b8c5678313123224111a9f17adc268f5da3d08fb13c3f76f5223e78544eed29895299d448ae9c316f04d2900d91f7c2ecf", 0x9b, 0x1}, {&(0x7f0000000340)="f77575fed2b4291e8f55069e924619f235d4d515025b45dd27eb1791124eb22dba4e5223482f5f37ab06cd491ffc0cb6c235a72aaf6784719b", 0x39, 0x1f}, {&(0x7f0000000380)="8dfded29b37d98c9f7850fd8858152719153406cb0bc718e31052cd3d6e76dc857ca603d222ff565a9116e65ca9191102962e1dea6d23f5560f3e72d3ea8d31632855d16e5add6e445c9", 0x4a, 0x1}, {&(0x7f0000000400)="930517ac5d4e8ef0307cdb8ffb4088663870fa2332982c5399e1a7fd76b1621d1efafeba3af97f6b421f8830cb829dc346c53aabf8b1a78a2512313a6259dbf8e5747042230316b14dddcd6a1282e5c029c4e7da174efe5677b162f19ccfe1891f90ba40ee13", 0x66, 0x3}, {&(0x7f0000000480)="340d7809fbab2494b25cd259c325cbc2238801af", 0x14, 0x8001}, {&(0x7f00000004c0)="77bedce24b82117e63fba205743f71fec34408b0c6d2731491f257c15df08852e01e693ced3de10ceb2b109a4fd7e12777f696a59a033b75734448791ced054da94c266a57363b9ee8783746c2c2362ea658b251dfa0f1442c9e7bb832da5dad977aeb0dd3e58d0f83eaabc023a45bac6bd7ed50", 0x74, 0xff}], 0x188000, &(0x7f0000000600)={[{@logdev={'logdev', 0x3d, './file0'}}, {@nolargeio}, {@logbsize={'logbsize', 0x3d, [0x67]}}, {@pqnoenforce}, {@gquota}, {@nogrpid}], [{@hash}, {@appraise}, {@appraise_type}, {@obj_user={'obj_user', 0x3d, 'hfsplus\x00'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '(/'}}, {@fowner_gt={'fowner>', 0xffffffffffffffff}}]}) set_robust_list(&(0x7f00000000c0), 0x18) (async) getsockname$l2tp(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @broadcast}, &(0x7f0000000140)=0x10) (async) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63720900746f723dd7ce6751d4"]) (async) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000040)='./file0\x00'}, 0x10) (async) syz_mount_image$xfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x8001, 0x7, &(0x7f0000000540)=[{&(0x7f0000000240)="e96c65cd150dce30a0571929464190ffd05b9dea331ab46f3c9ee7eac322", 0x1e, 0x8}, {&(0x7f0000000280)="746f0d630de94a37665682830e4b8717d817427c4c84e80064cf2eb39d61027d32b60beb8352661da74bb0177951269b18ea71ff3964eaa314e20409e5bdadafc0bed29501bbc8f0650bce6ec90eabaf3c347467164e6bac5648ce2fc6091ed64235be00cefedd29fb07b8c5678313123224111a9f17adc268f5da3d08fb13c3f76f5223e78544eed29895299d448ae9c316f04d2900d91f7c2ecf", 0x9b, 0x1}, {&(0x7f0000000340)="f77575fed2b4291e8f55069e924619f235d4d515025b45dd27eb1791124eb22dba4e5223482f5f37ab06cd491ffc0cb6c235a72aaf6784719b", 0x39, 0x1f}, {&(0x7f0000000380)="8dfded29b37d98c9f7850fd8858152719153406cb0bc718e31052cd3d6e76dc857ca603d222ff565a9116e65ca9191102962e1dea6d23f5560f3e72d3ea8d31632855d16e5add6e445c9", 0x4a, 0x1}, {&(0x7f0000000400)="930517ac5d4e8ef0307cdb8ffb4088663870fa2332982c5399e1a7fd76b1621d1efafeba3af97f6b421f8830cb829dc346c53aabf8b1a78a2512313a6259dbf8e5747042230316b14dddcd6a1282e5c029c4e7da174efe5677b162f19ccfe1891f90ba40ee13", 0x66, 0x3}, {&(0x7f0000000480)="340d7809fbab2494b25cd259c325cbc2238801af", 0x14, 0x8001}, {&(0x7f00000004c0)="77bedce24b82117e63fba205743f71fec34408b0c6d2731491f257c15df08852e01e693ced3de10ceb2b109a4fd7e12777f696a59a033b75734448791ced054da94c266a57363b9ee8783746c2c2362ea658b251dfa0f1442c9e7bb832da5dad977aeb0dd3e58d0f83eaabc023a45bac6bd7ed50", 0x74, 0xff}], 0x188000, &(0x7f0000000600)={[{@logdev={'logdev', 0x3d, './file0'}}, {@nolargeio}, {@logbsize={'logbsize', 0x3d, [0x67]}}, {@pqnoenforce}, {@gquota}, {@nogrpid}], [{@hash}, {@appraise}, {@appraise_type}, {@obj_user={'obj_user', 0x3d, 'hfsplus\x00'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '(/'}}, {@fowner_gt={'fowner>', 0xffffffffffffffff}}]}) (async) [ 1193.339871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1193.339876] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1193.361684] hfsplus: creator requires a 4 character value [ 1193.522624] hfsplus: unable to parse mount options [ 1193.539906] print_req_error: I/O error, dev loop2, sector 0 09:32:01 executing program 1: getpeername$l2tp(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @multicast2}, &(0x7f0000000080)=0x10) r0 = socket(0x25, 0x6, 0x0) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) (async) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_GET(r3, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r2, 0xb09}, 0x14}}, 0x0) (async) sendmsg$L2TP_CMD_SESSION_MODIFY(r1, &(0x7f00000003c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r2, 0x300, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x4011) (async) r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_GET(r5, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r4, 0xb09}, 0x14}}, 0x0) r6 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r6) (async) sendmsg$L2TP_CMD_TUNNEL_GET(r0, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x302041}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x48, r4, 0x200, 0x70bd26, 0x25dfdbfd, {}, [@L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e23}, @L2TP_ATTR_FD={0x8, 0x17, @udp6=r6}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @empty}, @L2TP_ATTR_L2SPEC_TYPE={0x5, 0x5, 0x1}, @L2TP_ATTR_PW_TYPE={0x6}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000c00}, 0x40000) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) r7 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$SEG6_CMD_DUMPHMAC(r5, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x20800008}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x4c, r7, 0x800, 0x70bd27, 0x25dfdbff, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x40}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x9}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x10000}, @SEG6_ATTR_DST={0x14, 0x1, @private2}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x3}, @SEG6_ATTR_SECRET={0x4}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20054010}, 0x20000000) 09:32:01 executing program 4: fanotify_mark(0xffffffffffffffff, 0xc0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0xffffffffffdffff8, 0x17}) (async) ioctl$SOUND_MIXER_WRITE_RECSRC(r1, 0xc0044dff, &(0x7f00000000c0)=0x5) 09:32:01 executing program 4: fanotify_mark(0xffffffffffffffff, 0xc0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0xffffffffffdffff8, 0x17}) ioctl$SOUND_MIXER_WRITE_RECSRC(r1, 0xc0044dff, &(0x7f00000000c0)=0x5) fanotify_mark(0xffffffffffffffff, 0xc0, 0x0, 0xffffffffffffffff, 0x0) (async) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0xffffffffffdffff8, 0x17}) (async) ioctl$SOUND_MIXER_WRITE_RECSRC(r1, 0xc0044dff, &(0x7f00000000c0)=0x5) (async) [ 1193.615890] hfsplus: unable to parse mount options [ 1193.622564] FAULT_INJECTION: forcing a failure. [ 1193.622564] name failslab, interval 1, probability 0, space 0, times 0 [ 1193.651073] CPU: 1 PID: 29358 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 09:32:01 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = accept$netrom(0xffffffffffffffff, &(0x7f0000000080)={{0x3, @default}, [@remote, @default, @default, @default, @null, @netrom, @null, @rose]}, &(0x7f0000000100)=0x48) getsockopt$netrom_NETROM_N2(r1, 0x103, 0x3, &(0x7f0000000140)=0x80000001, &(0x7f0000000180)=0x4) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) 09:32:01 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) r1 = accept$netrom(0xffffffffffffffff, &(0x7f0000000080)={{0x3, @default}, [@remote, @default, @default, @default, @null, @netrom, @null, @rose]}, &(0x7f0000000100)=0x48) getsockopt$netrom_NETROM_N2(r1, 0x103, 0x3, &(0x7f0000000140)=0x80000001, &(0x7f0000000180)=0x4) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) [ 1193.658980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1193.668331] Call Trace: [ 1193.670922] dump_stack+0x1b2/0x281 [ 1193.674561] should_fail.cold+0x10a/0x149 [ 1193.678718] should_failslab+0xd6/0x130 [ 1193.682698] kmem_cache_alloc_node_trace+0x25a/0x400 [ 1193.687809] __kmalloc_node_track_caller+0x38/0x70 [ 1193.692737] __alloc_skb+0x96/0x510 [ 1193.696364] kobject_uevent_env+0x882/0xf30 [ 1193.700697] lo_ioctl+0x11a6/0x1cd0 [ 1193.704332] ? loop_set_status64+0xe0/0xe0 [ 1193.708571] blkdev_ioctl+0x540/0x1830 [ 1193.712459] ? blkpg_ioctl+0x8d0/0x8d0 09:32:01 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) r1 = accept$netrom(0xffffffffffffffff, &(0x7f0000000080)={{0x3, @default}, [@remote, @default, @default, @default, @null, @netrom, @null, @rose]}, &(0x7f0000000100)=0x48) getsockopt$netrom_NETROM_N2(r1, 0x103, 0x3, &(0x7f0000000140)=0x80000001, &(0x7f0000000180)=0x4) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) [ 1193.716342] ? trace_hardirqs_on+0x10/0x10 [ 1193.720583] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1193.725688] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1193.730708] block_ioctl+0xd9/0x120 [ 1193.734337] ? blkdev_fallocate+0x3a0/0x3a0 [ 1193.738658] do_vfs_ioctl+0x75a/0xff0 [ 1193.742450] ? lock_acquire+0x170/0x3f0 [ 1193.746409] ? ioctl_preallocate+0x1a0/0x1a0 [ 1193.750798] ? __fget+0x265/0x3e0 [ 1193.754234] ? do_vfs_ioctl+0xff0/0xff0 [ 1193.758196] ? security_file_ioctl+0x83/0xb0 [ 1193.762590] SyS_ioctl+0x7f/0xb0 [ 1193.765940] ? do_vfs_ioctl+0xff0/0xff0 [ 1193.769917] do_syscall_64+0x1d5/0x640 [ 1193.773814] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1193.778990] RIP: 0033:0x7f463664cea7 [ 1193.782680] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1193.790364] RAX: ffffffffffffffda RBX: 00007f4636696a20 RCX: 00007f463664cea7 [ 1193.797615] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1193.804869] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1193.812126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1193.819379] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1193.832570] hfsplus: creator requires a 4 character value [ 1193.837532] FAULT_INJECTION: forcing a failure. [ 1193.837532] name failslab, interval 1, probability 0, space 0, times 0 [ 1193.838576] hfsplus: unable to parse mount options [ 1193.854486] CPU: 1 PID: 29377 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1193.862369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1193.871724] Call Trace: [ 1193.874316] dump_stack+0x1b2/0x281 [ 1193.877947] should_fail.cold+0x10a/0x149 [ 1193.882081] should_failslab+0xd6/0x130 [ 1193.886035] kmem_cache_alloc_node+0x263/0x410 [ 1193.890611] __alloc_skb+0x5c/0x510 [ 1193.894229] kobject_uevent_env+0x882/0xf30 [ 1193.898591] lo_ioctl+0x11a6/0x1cd0 [ 1193.902199] ? loop_set_status64+0xe0/0xe0 [ 1193.906415] blkdev_ioctl+0x540/0x1830 [ 1193.910291] ? blkpg_ioctl+0x8d0/0x8d0 [ 1193.914171] ? trace_hardirqs_on+0x10/0x10 [ 1193.918480] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1193.923563] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1193.928574] block_ioctl+0xd9/0x120 [ 1193.932188] ? blkdev_fallocate+0x3a0/0x3a0 [ 1193.936496] do_vfs_ioctl+0x75a/0xff0 [ 1193.940283] ? lock_acquire+0x170/0x3f0 [ 1193.944239] ? ioctl_preallocate+0x1a0/0x1a0 [ 1193.948634] ? __fget+0x265/0x3e0 [ 1193.952074] ? do_vfs_ioctl+0xff0/0xff0 [ 1193.956028] ? security_file_ioctl+0x83/0xb0 [ 1193.960432] SyS_ioctl+0x7f/0xb0 [ 1193.963781] ? do_vfs_ioctl+0xff0/0xff0 [ 1193.967745] do_syscall_64+0x1d5/0x640 [ 1193.971627] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1193.976805] RIP: 0033:0x7f322b2faea7 [ 1193.980512] RSP: 002b:00007f3229c6ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1193.988217] RAX: ffffffffffffffda RBX: 00007f322b344a20 RCX: 00007f322b2faea7 [ 1193.995478] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1194.002733] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1194.009991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 09:32:02 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x8, 0x0, &(0x7f0000000000), 0x2348027, &(0x7f0000001340)=ANY=[]) 09:32:02 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) [ 1194.017250] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1194.027036] hfsplus: creator requires a 4 character value [ 1194.033208] hfsplus: unable to parse mount options 09:32:02 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 27) 09:32:02 executing program 1: r0 = socket(0x38, 0x80002, 0x1) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) getsockopt$inet6_dccp_buf(r0, 0x21, 0xf, &(0x7f0000000080)=""/224, &(0x7f0000000000)=0xe0) 09:32:02 executing program 2: set_robust_list(&(0x7f00000000c0), 0x18) (async) getsockname$l2tp(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @broadcast}, &(0x7f0000000140)=0x10) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63720900746f723dd7ce6751d4"]) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000040)='./file0\x00'}, 0x10) syz_mount_image$xfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x8001, 0x7, &(0x7f0000000540)=[{&(0x7f0000000240)="e96c65cd150dce30a0571929464190ffd05b9dea331ab46f3c9ee7eac322", 0x1e, 0x8}, {&(0x7f0000000280)="746f0d630de94a37665682830e4b8717d817427c4c84e80064cf2eb39d61027d32b60beb8352661da74bb0177951269b18ea71ff3964eaa314e20409e5bdadafc0bed29501bbc8f0650bce6ec90eabaf3c347467164e6bac5648ce2fc6091ed64235be00cefedd29fb07b8c5678313123224111a9f17adc268f5da3d08fb13c3f76f5223e78544eed29895299d448ae9c316f04d2900d91f7c2ecf", 0x9b, 0x1}, {&(0x7f0000000340)="f77575fed2b4291e8f55069e924619f235d4d515025b45dd27eb1791124eb22dba4e5223482f5f37ab06cd491ffc0cb6c235a72aaf6784719b", 0x39, 0x1f}, {&(0x7f0000000380)="8dfded29b37d98c9f7850fd8858152719153406cb0bc718e31052cd3d6e76dc857ca603d222ff565a9116e65ca9191102962e1dea6d23f5560f3e72d3ea8d31632855d16e5add6e445c9", 0x4a, 0x1}, {&(0x7f0000000400)="930517ac5d4e8ef0307cdb8ffb4088663870fa2332982c5399e1a7fd76b1621d1efafeba3af97f6b421f8830cb829dc346c53aabf8b1a78a2512313a6259dbf8e5747042230316b14dddcd6a1282e5c029c4e7da174efe5677b162f19ccfe1891f90ba40ee13", 0x66, 0x3}, {&(0x7f0000000480)="340d7809fbab2494b25cd259c325cbc2238801af", 0x14, 0x8001}, {&(0x7f00000004c0)="77bedce24b82117e63fba205743f71fec34408b0c6d2731491f257c15df08852e01e693ced3de10ceb2b109a4fd7e12777f696a59a033b75734448791ced054da94c266a57363b9ee8783746c2c2362ea658b251dfa0f1442c9e7bb832da5dad977aeb0dd3e58d0f83eaabc023a45bac6bd7ed50", 0x74, 0xff}], 0x188000, &(0x7f0000000600)={[{@logdev={'logdev', 0x3d, './file0'}}, {@nolargeio}, {@logbsize={'logbsize', 0x3d, [0x67]}}, {@pqnoenforce}, {@gquota}, {@nogrpid}], [{@hash}, {@appraise}, {@appraise_type}, {@obj_user={'obj_user', 0x3d, 'hfsplus\x00'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '(/'}}, {@fowner_gt={'fowner>', 0xffffffffffffffff}}]}) 09:32:02 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 28) 09:32:02 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) 09:32:02 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x8, 0x0, &(0x7f0000000000), 0x2348027, &(0x7f0000001340)=ANY=[]) 09:32:02 executing program 1: r0 = socket(0x38, 0x80002, 0x1) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) getsockopt$inet6_dccp_buf(r0, 0x21, 0xf, &(0x7f0000000080)=""/224, &(0x7f0000000000)=0xe0) 09:32:02 executing program 1: r0 = socket(0x38, 0x80002, 0x1) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) getsockopt$inet6_dccp_buf(r0, 0x21, 0xf, &(0x7f0000000080)=""/224, &(0x7f0000000000)=0xe0) [ 1194.133451] FAULT_INJECTION: forcing a failure. [ 1194.133451] name failslab, interval 1, probability 0, space 0, times 0 [ 1194.145672] CPU: 0 PID: 29427 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1194.153568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1194.162918] Call Trace: [ 1194.165509] dump_stack+0x1b2/0x281 [ 1194.169148] should_fail.cold+0x10a/0x149 [ 1194.173305] should_failslab+0xd6/0x130 [ 1194.177286] kmem_cache_alloc_node_trace+0x25a/0x400 09:32:02 executing program 1: r0 = socket(0x25, 0x1, 0x0) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_GET(r2, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r1, 0xb09}, 0x14}}, 0x0) sendmsg$L2TP_CMD_NOOP(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, r1, 0x201, 0x70bd28, 0x25dfdbff, {}, [@L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e21}, @L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x7}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x3}, @L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x40004}, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000), r0) [ 1194.182396] __kmalloc_node_track_caller+0x38/0x70 [ 1194.187329] __alloc_skb+0x96/0x510 [ 1194.190960] kobject_uevent_env+0x882/0xf30 [ 1194.195283] lo_ioctl+0x11a6/0x1cd0 [ 1194.198895] ? loop_set_status64+0xe0/0xe0 [ 1194.203114] blkdev_ioctl+0x540/0x1830 [ 1194.206985] ? blkpg_ioctl+0x8d0/0x8d0 [ 1194.210854] ? trace_hardirqs_on+0x10/0x10 [ 1194.215069] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1194.220150] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1194.225145] block_ioctl+0xd9/0x120 [ 1194.228752] ? blkdev_fallocate+0x3a0/0x3a0 [ 1194.233048] do_vfs_ioctl+0x75a/0xff0 [ 1194.236839] ? lock_acquire+0x170/0x3f0 [ 1194.240798] ? ioctl_preallocate+0x1a0/0x1a0 [ 1194.245185] ? __fget+0x265/0x3e0 [ 1194.248636] ? do_vfs_ioctl+0xff0/0xff0 [ 1194.252602] ? security_file_ioctl+0x83/0xb0 [ 1194.256994] SyS_ioctl+0x7f/0xb0 [ 1194.260336] ? do_vfs_ioctl+0xff0/0xff0 [ 1194.264287] do_syscall_64+0x1d5/0x640 [ 1194.268159] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1194.273325] RIP: 0033:0x7f463664cea7 09:32:02 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) [ 1194.277012] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1194.284702] RAX: ffffffffffffffda RBX: 00007f4636696a20 RCX: 00007f463664cea7 [ 1194.291948] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1194.299197] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1194.306445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1194.313720] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1194.334538] hfsplus: creator requires a 4 character value [ 1194.338307] hfsplus: unable to parse mount options [ 1194.340351] FAULT_INJECTION: forcing a failure. [ 1194.340351] name failslab, interval 1, probability 0, space 0, times 0 [ 1194.360925] hfsplus: unable to parse mount options [ 1194.366097] CPU: 0 PID: 29426 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1194.373979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1194.383327] Call Trace: [ 1194.385905] dump_stack+0x1b2/0x281 [ 1194.389535] should_fail.cold+0x10a/0x149 [ 1194.393689] should_failslab+0xd6/0x130 [ 1194.397650] kmem_cache_alloc_node_trace+0x25a/0x400 [ 1194.402748] __kmalloc_node_track_caller+0x38/0x70 [ 1194.407688] __alloc_skb+0x96/0x510 [ 1194.411314] kobject_uevent_env+0x882/0xf30 [ 1194.415633] lo_ioctl+0x11a6/0x1cd0 [ 1194.419253] ? loop_set_status64+0xe0/0xe0 [ 1194.423493] blkdev_ioctl+0x540/0x1830 [ 1194.427388] ? blkpg_ioctl+0x8d0/0x8d0 [ 1194.431263] ? trace_hardirqs_on+0x10/0x10 [ 1194.435488] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1194.440493] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1194.445243] block_ioctl+0xd9/0x120 [ 1194.448865] ? blkdev_fallocate+0x3a0/0x3a0 [ 1194.453187] do_vfs_ioctl+0x75a/0xff0 [ 1194.457072] ? lock_acquire+0x170/0x3f0 [ 1194.461027] ? ioctl_preallocate+0x1a0/0x1a0 [ 1194.465420] ? __fget+0x265/0x3e0 [ 1194.468853] ? do_vfs_ioctl+0xff0/0xff0 [ 1194.472816] ? security_file_ioctl+0x83/0xb0 [ 1194.477215] SyS_ioctl+0x7f/0xb0 [ 1194.480583] ? do_vfs_ioctl+0xff0/0xff0 [ 1194.484556] do_syscall_64+0x1d5/0x640 [ 1194.488436] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1194.493602] RIP: 0033:0x7f322b2faea7 [ 1194.497290] RSP: 002b:00007f3229c6ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1194.504982] RAX: ffffffffffffffda RBX: 00007f322b344a20 RCX: 00007f322b2faea7 [ 1194.512236] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1194.519487] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1194.526736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 09:32:02 executing program 4: bind$l2tp(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @private=0xa010100, 0x3}, 0x10) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_GET(r5, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r4, 0xb09}, 0x14}}, 0x0) sendmsg$L2TP_CMD_TUNNEL_GET(r3, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x20, r4, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@L2TP_ATTR_COOKIE={0xc, 0xf, 0x9}]}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x4000) sendmsg$L2TP_CMD_SESSION_GET(r3, &(0x7f0000000240)={&(0x7f0000000180), 0xffffffaa, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r2, 0x100}, 0x14}}, 0x0) sendmsg$L2TP_CMD_TUNNEL_GET(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r2, 0x200, 0x70bd25, 0x25dfdbfd, {}, [@L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000050}, 0x20040000) r6 = shmget$private(0x0, 0x4000, 0x3040, &(0x7f0000ffb000/0x4000)=nil) shmctl$SHM_LOCK(r6, 0xb) shmctl$IPC_RMID(r6, 0x0) ioctl$SOUND_MIXER_READ_RECMASK(0xffffffffffffffff, 0x80044dfd, &(0x7f0000001380)) shmctl$SHM_STAT(r6, 0xd, &(0x7f0000000380)=""/4096) 09:32:02 executing program 1: r0 = socket(0x25, 0x1, 0x0) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_GET(r2, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r1, 0xb09}, 0x14}}, 0x0) (async) sendmsg$L2TP_CMD_NOOP(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, r1, 0x201, 0x70bd28, 0x25dfdbff, {}, [@L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e21}, @L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x7}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x3}, @L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x40004}, 0x0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000), r0) [ 1194.533985] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1194.561137] hfsplus: creator requires a 4 character value [ 1194.570686] hfsplus: unable to parse mount options 09:32:02 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 28) 09:32:02 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) syz_mount_image$xfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8, 0x9, &(0x7f00000006c0)=[{&(0x7f00000001c0)="d62f2d19ce770a980ee40a8cb113a4afba5d5a8123089db0a792562aa8506d20692dbd56827e98832562921aebcd6efafeac08642c23f6717a986ba5a767afeb9bd7cc0dca15b8ab6b5d27dc8e66e444a72600462ea83a369646e43759162bd21c1f7be1d53494767c0b9041d634297456f805c2c3bc51639121ff21373d04d617c36b6d5f7ddffdb8be5ceb1751d961599fe2615923a848a9ccf43ac8baff5e6eb3b66585ee359d998ee6c90af310b9f59ce5a8271cc25578254206b2b123989b8875", 0xc3, 0x80000000}, {&(0x7f0000000080)="28152ab54667d189db5e0ee541ee29e710effc1101a71a2e5dc4769fce14ed880a40c1f48f1b49f921760e95967f58ce14c762ed4b7efbd53dde0a3970441c10617459d021aef8d2932ee10042a431602314e42da156c183616c1500aa7bcc0b", 0x60, 0x4}, {&(0x7f00000002c0)="4a9a166c93bd3215831b6bf314cf50c9521c7575a234d4b90071dfacc48b1c1630a3b8e1487099658c9f62cb6395ecfddf6a3e913da83bc8f25f562a597bf0025ff07b79ee92c3639c51c0a68f1141fd964ca072997ce738ba080dfd069006fac6ec79be04f69452bf44be921dcf57872483d0e1d9d4257947f0f7830af99c155e0a4534827e45f27b4ba78642ae8d0d4529", 0x92, 0x1}, {&(0x7f0000000380)="dcdbf1e0cbff7fe1ac142c4cf6ff6625d6619bd3e36bf7a42a902013ebd04e74fb4134db8d3e45f5ec14018e6eacf47793f851971565fc87241e71ebb8993f68ce8aad565e57806dbfccd2933064658736e484a7c4b15ab1f202844e78145948467475e6db50113aa1faa148a3d006eb6a8aa1c8236edf513df548d91ab22a61809ecba6316ede22a3db38d790a7b6eb991c", 0x92, 0x1}, {&(0x7f0000000440)="ae51f02c7b2617a0431186c0ef6e20e807ee39d0fe657142cc779487394785dd89fe9f5125dd4e69bfbba53b19a62aba4311ec32e88cdf21b8f999de5c14c4dca5242a621e70e12528023944d09eb5cdbe06781fb95dd25d1cc99f2a747eeb939ebbb18d0f87c8b0741bdd3bb44fd1027b18e26c1c6a61d0e0b108a3366cde5e8b12e50b53eb7d77afc3f573c5cc50c8d3d9cadfdf0b172ffba0a38f43a4cae421b19a1d5475fe", 0xa7, 0x5}, {&(0x7f0000000100)="24a4e674ea11fba0f119f12248df", 0xe, 0x1ff}, {&(0x7f0000000500)="c48e9d619aca0f963b361000e7c53ca1fb6a374385778df57e6eff18996f5c9058112b2b7e30e46c6700c74c8bde5872803f28188c17252c431c00ad15a81bacb7185ff2edc331ed8ac91389ae93945edc4a2b8471b2dd8272cf8cfd0899b49c", 0x60, 0x40}, {&(0x7f0000000580)="e29c4a1cbcd167a8f9b95dd38af5056bc3a02fe646c0ebe8febfce7d84b5f48db77dbeed95c4c7ab0f43f18b972641af08f35efbaeb3e8acbc29887545902dd36f660c8d4e75f0abd88957032c1e384b9c71741595caa4d7736fcee7410f9efd58581d8f09795d132f3b0acc924dfae94f20a9acaeef5827fc0eb205993fa5a2ae0f18", 0x83, 0xfffffffffffffeff}, {&(0x7f0000000640)="d4414137d9f53191333b8e7ccc0bd1ee475eb563e77e716f5649869bef39357d35063a66c73113d3958a16f7ab6c1f13b5d2ea6a8201a7071b5108ec097dc39495e1f48c1f3937447897db4ec9d56eea6fa69a02e9d241460d8134eefce39ab2", 0x60, 0x3}], 0x2008000, &(0x7f00000008c0)=ANY=[@ANYBLOB="6c6f676273697a653d32f72c6e6f757569642c716e6f656e666f7263652c6d7470742c6c6f676465763d2e2f66696c65302c61747472322c7571756f74612c736d61636b66735e2c646f6e745f6d656173757a652c61707072616973655f747970653d696d617369672c736d61636b66737472616e736d7574653d6673706c7573002c646566636f6e746578743d757365725f752c66736d616769633d1478303030303030303030303030376666662c663e0000000000", @ANYRESDEC, @ANYBLOB=',uid>', @ANYRESDEC=0xee01, @ANYBLOB=',\x00']) 09:32:02 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 29) 09:32:02 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="6561c431d0746f723dd7ce"]) 09:32:02 executing program 4: bind$l2tp(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @private=0xa010100, 0x3}, 0x10) (async) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async, rerun: 32) r1 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) (async) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_GET(r5, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r4, 0xb09}, 0x14}}, 0x0) (async) sendmsg$L2TP_CMD_TUNNEL_GET(r3, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x20, r4, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@L2TP_ATTR_COOKIE={0xc, 0xf, 0x9}]}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x4000) (async) sendmsg$L2TP_CMD_SESSION_GET(r3, &(0x7f0000000240)={&(0x7f0000000180), 0xffffffaa, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r2, 0x100}, 0x14}}, 0x0) (async) sendmsg$L2TP_CMD_TUNNEL_GET(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r2, 0x200, 0x70bd25, 0x25dfdbfd, {}, [@L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000050}, 0x20040000) (async) r6 = shmget$private(0x0, 0x4000, 0x3040, &(0x7f0000ffb000/0x4000)=nil) shmctl$SHM_LOCK(r6, 0xb) (async) shmctl$IPC_RMID(r6, 0x0) (async) ioctl$SOUND_MIXER_READ_RECMASK(0xffffffffffffffff, 0x80044dfd, &(0x7f0000001380)) (async, rerun: 64) shmctl$SHM_STAT(r6, 0xd, &(0x7f0000000380)=""/4096) (rerun: 64) 09:32:02 executing program 1: r0 = socket(0x25, 0x1, 0x0) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_GET(r2, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r1, 0xb09}, 0x14}}, 0x0) sendmsg$L2TP_CMD_NOOP(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, r1, 0x201, 0x70bd28, 0x25dfdbff, {}, [@L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e21}, @L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x7}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x3}, @L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x40004}, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000), r0) socket(0x25, 0x1, 0x0) (async) syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$L2TP_CMD_SESSION_GET(r2, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r1, 0xb09}, 0x14}}, 0x0) (async) sendmsg$L2TP_CMD_NOOP(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, r1, 0x201, 0x70bd28, 0x25dfdbff, {}, [@L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e21}, @L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x7}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x3}, @L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x40004}, 0x0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000), r0) (async) [ 1194.651942] hfsplus: creator requires a 4 character value [ 1194.666881] FAULT_INJECTION: forcing a failure. [ 1194.666881] name failslab, interval 1, probability 0, space 0, times 0 [ 1194.682697] hfsplus: unable to parse mount options [ 1194.691226] CPU: 0 PID: 29476 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1194.699123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1194.708471] Call Trace: [ 1194.711045] dump_stack+0x1b2/0x281 [ 1194.714652] should_fail.cold+0x10a/0x149 [ 1194.718780] should_failslab+0xd6/0x130 [ 1194.722736] kmem_cache_alloc_node+0x263/0x410 [ 1194.727298] __alloc_skb+0x5c/0x510 [ 1194.730905] kobject_uevent_env+0x882/0xf30 [ 1194.735228] lo_ioctl+0x11a6/0x1cd0 [ 1194.738841] ? loop_set_status64+0xe0/0xe0 [ 1194.743056] blkdev_ioctl+0x540/0x1830 [ 1194.746928] ? blkpg_ioctl+0x8d0/0x8d0 [ 1194.750792] ? trace_hardirqs_on+0x10/0x10 [ 1194.755015] ? __switch_to_xtra+0x93/0x12f0 [ 1194.759322] ? finish_task_switch+0x178/0x610 [ 1194.763812] block_ioctl+0xd9/0x120 [ 1194.767427] ? blkdev_fallocate+0x3a0/0x3a0 [ 1194.771727] do_vfs_ioctl+0x75a/0xff0 [ 1194.775508] ? lock_acquire+0x170/0x3f0 [ 1194.779456] ? ioctl_preallocate+0x1a0/0x1a0 [ 1194.783842] ? __fget+0x265/0x3e0 [ 1194.787274] ? do_vfs_ioctl+0xff0/0xff0 [ 1194.791227] ? security_file_ioctl+0x83/0xb0 [ 1194.795627] SyS_ioctl+0x7f/0xb0 [ 1194.798980] ? do_vfs_ioctl+0xff0/0xff0 [ 1194.802959] do_syscall_64+0x1d5/0x640 [ 1194.806830] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1194.811999] RIP: 0033:0x7f463664cea7 [ 1194.815698] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1194.823389] RAX: ffffffffffffffda RBX: 00007f4636696a20 RCX: 00007f463664cea7 [ 1194.830644] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1194.837896] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1194.845156] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 09:32:03 executing program 4: bind$l2tp(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @private=0xa010100, 0x3}, 0x10) (async) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) r1 = socket$nl_generic(0x10, 0x3, 0x10) (async) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) (rerun: 64) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_GET(r5, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r4, 0xb09}, 0x14}}, 0x0) (async, rerun: 32) sendmsg$L2TP_CMD_TUNNEL_GET(r3, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x20, r4, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@L2TP_ATTR_COOKIE={0xc, 0xf, 0x9}]}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x4000) (async, rerun: 32) sendmsg$L2TP_CMD_SESSION_GET(r3, &(0x7f0000000240)={&(0x7f0000000180), 0xffffffaa, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r2, 0x100}, 0x14}}, 0x0) (async) sendmsg$L2TP_CMD_TUNNEL_GET(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r2, 0x200, 0x70bd25, 0x25dfdbfd, {}, [@L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000050}, 0x20040000) r6 = shmget$private(0x0, 0x4000, 0x3040, &(0x7f0000ffb000/0x4000)=nil) shmctl$SHM_LOCK(r6, 0xb) (async) shmctl$IPC_RMID(r6, 0x0) (async) ioctl$SOUND_MIXER_READ_RECMASK(0xffffffffffffffff, 0x80044dfd, &(0x7f0000001380)) shmctl$SHM_STAT(r6, 0xd, &(0x7f0000000380)=""/4096) 09:32:03 executing program 1: r0 = socket(0x25, 0x1, 0x0) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000000c0)={0x8}, 0x8) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuacct.usage_all\x00', 0x0, 0x0) write$P9_RWALK(r1, &(0x7f0000000080)={0x30, 0x6f, 0x2, {0x3, [{0x0, 0x3, 0x6}, {0x10, 0x1, 0x1}, {0x2, 0x4, 0x7}]}}, 0x30) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) socket(0x21, 0x2, 0xff) [ 1194.852408] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1194.871877] FAULT_INJECTION: forcing a failure. [ 1194.871877] name failslab, interval 1, probability 0, space 0, times 0 [ 1194.885009] hfsplus: creator requires a 4 character value [ 1194.892974] CPU: 0 PID: 29474 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1194.900870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1194.910217] Call Trace: [ 1194.910238] dump_stack+0x1b2/0x281 [ 1194.910255] should_fail.cold+0x10a/0x149 [ 1194.910269] should_failslab+0xd6/0x130 [ 1194.910282] kmem_cache_alloc_node_trace+0x25a/0x400 [ 1194.910295] __kmalloc_node_track_caller+0x38/0x70 [ 1194.910305] __alloc_skb+0x96/0x510 [ 1194.910318] kobject_uevent_env+0x882/0xf30 [ 1194.910336] lo_ioctl+0x11a6/0x1cd0 [ 1194.946334] ? loop_set_status64+0xe0/0xe0 [ 1194.950663] blkdev_ioctl+0x540/0x1830 [ 1194.954605] ? blkpg_ioctl+0x8d0/0x8d0 [ 1194.958495] ? trace_hardirqs_on+0x10/0x10 [ 1194.960144] hfsplus: unable to parse mount options [ 1194.962732] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1194.962745] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1194.962760] block_ioctl+0xd9/0x120 [ 1194.962769] ? blkdev_fallocate+0x3a0/0x3a0 [ 1194.962780] do_vfs_ioctl+0x75a/0xff0 [ 1194.962789] ? lock_acquire+0x170/0x3f0 [ 1194.962800] ? ioctl_preallocate+0x1a0/0x1a0 [ 1194.998186] ? __fget+0x265/0x3e0 [ 1195.001621] ? do_vfs_ioctl+0xff0/0xff0 [ 1195.005583] ? security_file_ioctl+0x83/0xb0 [ 1195.010067] SyS_ioctl+0x7f/0xb0 [ 1195.013410] ? do_vfs_ioctl+0xff0/0xff0 [ 1195.017368] do_syscall_64+0x1d5/0x640 [ 1195.021239] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1195.026405] RIP: 0033:0x7f322b2faea7 [ 1195.030098] RSP: 002b:00007f3229c6ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1195.037803] RAX: ffffffffffffffda RBX: 00007f322b344a20 RCX: 00007f322b2faea7 [ 1195.045060] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1195.052316] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1195.059585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1195.066834] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1195.080392] hfsplus: creator requires a 4 character value [ 1195.085915] hfsplus: unable to parse mount options [ 1195.086214] hfsplus: unable to parse mount options 09:32:03 executing program 1: r0 = socket(0x25, 0x1, 0x0) (async) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000000c0)={0x8}, 0x8) (async) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuacct.usage_all\x00', 0x0, 0x0) write$P9_RWALK(r1, &(0x7f0000000080)={0x30, 0x6f, 0x2, {0x3, [{0x0, 0x3, 0x6}, {0x10, 0x1, 0x1}, {0x2, 0x4, 0x7}]}}, 0x30) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) socket(0x21, 0x2, 0xff) 09:32:03 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (async) syz_mount_image$xfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8, 0x9, &(0x7f00000006c0)=[{&(0x7f00000001c0)="d62f2d19ce770a980ee40a8cb113a4afba5d5a8123089db0a792562aa8506d20692dbd56827e98832562921aebcd6efafeac08642c23f6717a986ba5a767afeb9bd7cc0dca15b8ab6b5d27dc8e66e444a72600462ea83a369646e43759162bd21c1f7be1d53494767c0b9041d634297456f805c2c3bc51639121ff21373d04d617c36b6d5f7ddffdb8be5ceb1751d961599fe2615923a848a9ccf43ac8baff5e6eb3b66585ee359d998ee6c90af310b9f59ce5a8271cc25578254206b2b123989b8875", 0xc3, 0x80000000}, {&(0x7f0000000080)="28152ab54667d189db5e0ee541ee29e710effc1101a71a2e5dc4769fce14ed880a40c1f48f1b49f921760e95967f58ce14c762ed4b7efbd53dde0a3970441c10617459d021aef8d2932ee10042a431602314e42da156c183616c1500aa7bcc0b", 0x60, 0x4}, {&(0x7f00000002c0)="4a9a166c93bd3215831b6bf314cf50c9521c7575a234d4b90071dfacc48b1c1630a3b8e1487099658c9f62cb6395ecfddf6a3e913da83bc8f25f562a597bf0025ff07b79ee92c3639c51c0a68f1141fd964ca072997ce738ba080dfd069006fac6ec79be04f69452bf44be921dcf57872483d0e1d9d4257947f0f7830af99c155e0a4534827e45f27b4ba78642ae8d0d4529", 0x92, 0x1}, {&(0x7f0000000380)="dcdbf1e0cbff7fe1ac142c4cf6ff6625d6619bd3e36bf7a42a902013ebd04e74fb4134db8d3e45f5ec14018e6eacf47793f851971565fc87241e71ebb8993f68ce8aad565e57806dbfccd2933064658736e484a7c4b15ab1f202844e78145948467475e6db50113aa1faa148a3d006eb6a8aa1c8236edf513df548d91ab22a61809ecba6316ede22a3db38d790a7b6eb991c", 0x92, 0x1}, {&(0x7f0000000440)="ae51f02c7b2617a0431186c0ef6e20e807ee39d0fe657142cc779487394785dd89fe9f5125dd4e69bfbba53b19a62aba4311ec32e88cdf21b8f999de5c14c4dca5242a621e70e12528023944d09eb5cdbe06781fb95dd25d1cc99f2a747eeb939ebbb18d0f87c8b0741bdd3bb44fd1027b18e26c1c6a61d0e0b108a3366cde5e8b12e50b53eb7d77afc3f573c5cc50c8d3d9cadfdf0b172ffba0a38f43a4cae421b19a1d5475fe", 0xa7, 0x5}, {&(0x7f0000000100)="24a4e674ea11fba0f119f12248df", 0xe, 0x1ff}, {&(0x7f0000000500)="c48e9d619aca0f963b361000e7c53ca1fb6a374385778df57e6eff18996f5c9058112b2b7e30e46c6700c74c8bde5872803f28188c17252c431c00ad15a81bacb7185ff2edc331ed8ac91389ae93945edc4a2b8471b2dd8272cf8cfd0899b49c", 0x60, 0x40}, {&(0x7f0000000580)="e29c4a1cbcd167a8f9b95dd38af5056bc3a02fe646c0ebe8febfce7d84b5f48db77dbeed95c4c7ab0f43f18b972641af08f35efbaeb3e8acbc29887545902dd36f660c8d4e75f0abd88957032c1e384b9c71741595caa4d7736fcee7410f9efd58581d8f09795d132f3b0acc924dfae94f20a9acaeef5827fc0eb205993fa5a2ae0f18", 0x83, 0xfffffffffffffeff}, {&(0x7f0000000640)="d4414137d9f53191333b8e7ccc0bd1ee475eb563e77e716f5649869bef39357d35063a66c73113d3958a16f7ab6c1f13b5d2ea6a8201a7071b5108ec097dc39495e1f48c1f3937447897db4ec9d56eea6fa69a02e9d241460d8134eefce39ab2", 0x60, 0x3}], 0x2008000, &(0x7f00000008c0)=ANY=[@ANYBLOB="6c6f676273697a653d32f72c6e6f757569642c716e6f656e666f7263652c6d7470742c6c6f676465763d2e2f66696c65302c61747472322c7571756f74612c736d61636b66735e2c646f6e745f6d656173757a652c61707072616973655f747970653d696d617369672c736d61636b66737472616e736d7574653d6673706c7573002c646566636f6e746578743d757365725f752c66736d616769633d1478303030303030303030303030376666662c663e0000000000", @ANYRESDEC, @ANYBLOB=',uid>', @ANYRESDEC=0xee01, @ANYBLOB=',\x00']) 09:32:03 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 30) 09:32:03 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 29) 09:32:03 executing program 4: sendmsg$NLBL_CALIPSO_C_LIST(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000100), 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x34, 0x0, 0x300, 0x70bd2d, 0x25dfdbfc, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x448c4) syz_open_dev$ndb(&(0x7f0000000140), 0x0, 0x40a00) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) ioctl$SNAPSHOT_SET_SWAP_AREA(0xffffffffffffffff, 0x400c330d, &(0x7f00000001c0)={0xbcb, 0x5}) r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) r3 = accept$netrom(r2, 0x0, 0x0) syz_mount_image$hfsplus(&(0x7f0000000400), &(0x7f0000000440)='./file0\x00', 0x401, 0x5, &(0x7f00000016c0)=[{&(0x7f0000000480)="b2628a1f043650716ca2bbb450098cbf983a41d797031c65ba6e177cfc989b5c532ac4d7faa9f9477039ce974cd2342d2bdd3724bafeb5a0bf40b16bfaf9ab5fdc3b19c9a5b8246ddfa54042b42bea04bd2507d24008254a6c3477fb5103fbab34824baea4c53463a1e729cad1a8b8326c742d", 0x73}, {&(0x7f0000000500)="b9a7d28ef6f0c2cf958e7b19cd255d1177f881b7873320bc811da6eda25ac7ca50e56689fa82f3d5e8f843e59a431f796df933b8272a34b7bd89dfc0978a03d371239f68e95b33f17f4badb91a6fcce947caef5358dbc387acaea28e5c4c4f15fedf1546aa9f239bd75a37115de464a78a380c3c740eb13282a15d915975dad74281103314af050914ed56a28342afdac5a0ec34c98454ec451dd1288767319acf5bb7312be4cd14428831331979fa83bcd4202d2ad6fc607d325186920060f242ea00087faa9f8bcbc51b5290fdad3a26c3dac60385596d4a05a57c4d485c8df14ccfbd46e9e9954abbe07ec9afebfc3bcccc2410d2916c", 0xf8, 0x7}, {&(0x7f0000000600)="ff7c5b794e27c6030827c1341d1413fa471cefd925d51da843c764d1c968c2669af3f32042d51eab773b48c6dd6d5ec52984cc12750cfd6fbadde681da65ba486a048308b94110435e2d03f76b98c4ee18604a9b838e", 0x56, 0xdb}, {&(0x7f0000000680)="f88585b74ab8e69030831b047fab7648eaf11e0ae142deab2b96d7dd64135c461bbb71cbd43e794ab706278c3947e7ce793e462d77c7dea3f49e8837314c82cbafb676e1baecf1b00b80bab47aa8e6b70aa9253aad13a546efbfab42bfcff82dd92408c1fb3853b83bff873fc7af93bf4308b44aeccfbdbbce21442bca2c0ae7b5ac1474436239b6e8e38c4e3bf6eeb9eb184142555b7cde242a6de2befce3831e03783764688064fd5544b6a4268055a72597c82dae7b52a33b2de1bfeabdd353acb216e98485b258c20d6d1cf5374867a7dda81e0a469244b34a7c51ec28da923d24d6cf0e20417fba6981acb63e07a17235d52bc0ebae84703cfc9ad03110bca7c033d891735006fbfd945de1c283c76f7e076ed2ec064db2a1c2f221053e133bd78594dcc5d281148f1ac3fe567bbf88b5a584fc68ae01748f074cd1d2eaa1ea61e5956023119574ea36f14cbc4eb5f781663512c7b437b82e5c43d6f535cc09883a8157b3c8e1c619e3541cb35dd5645c15fe704604ebbda1e4d121246e96858ac57e007fc2c5e20f9bcd4e6ebac27b4d01a90ce68ea32d015e77c35d2053bb73f87481404af366b39e15d776de06dad899658e3e7cc57a87953d3726e048e90f97d0ad581ade6e00483450e76b0e7a708ddced0ade1fa2c8b2ea693e93d559f3ac6565f42f288f6e2afa1a9c13d6ce09f1fae0e0b2ae3bb696b9912394071ecdae245286efb6ab31711aaee32c58d8979959aeaf1c94ce60cf5dc5a4291eba639f4943f0977e89fa68a05f7fcb679707e9fba1d9348c5efb11f528b99fe5c40cbd5ec60cac0d2f778772e495c0020234fc6824978981adb8fed31802b4d43bafcc1f1ba3f83853bcad07ba1fdf26eb146a7d6003df5fb9a47df6b162cf194630315377bafe0a1249da2cb8ef9eacddb3018d5ca373614d1a41e750191e70385d07ed9bbdf20e5de27b075d7b68c978f6210c19c72f099ea9726d0e0550030f9bd4d1b8477a7c4cba4f44d0f769e9fd34fb678e68263c239acb743e389d1822efb3ef15a4f2c2acf103a8d82229ab179c4808e244185a96712d27de9dba174f066e597b45dd07f2f25abc3ae7cbb99ee6fb5ca0a42a2ae38cf15cd88137d80aee811ede6007dfa23b7cc5940d0bd0fb6281a990d6344bc8054c54c83a12088b6dd7f71be259eff5dfa8c733305a111a9a377d4a74901c4a2c1158a4f55168c3350d8edc759d857f4115e0959cc92452421d9e0b22f1aada15aecf0cf8321afe71a946423284f3eed3677c4d2c2258ceebb42dbc26bc729a1a95abfea391890ec24862b16e39e84b840b8da49fcf16f29f921ab550f4aa3db92652fc92487252b37779bfe1a8f62282fe8f216bdab560249a4417bc33371d318b71693f8def73c2b2fce6502d084cbe6819e3f8fa19652398c0d6a34720c30a68c705f976e41f1010c9482c377f0e3487059dbda494efe86bfd98f80b588f872f92e31a2fb4c936b7a8b5ba83992a2cc04144448fb14897ca6e29bd80aaa75425e60328e364c3a7c8e79ec0ffc4b9f30067f1db11e0127d68b8d8cd9095a58c9939ebc73779dec9be8a04392b3b4ebc47c03cd04d29005c8fbc3df80a6be54e9fda84beba8488f18c618fa3a07aa442b50e4ed760ca22e76c4a2077bee2efffc99035ec12e6648b4a7a396833ecea228c7a40bfa693bd0b2a6df93bf0e6a04a57248f59730ac5bfbeadbdad894767ebc1e171dcb93486bc31d77c9e41619ba078aff1f08521e5917712fe16c74580f85d446007ec6aa275500fa059b27b228da6b833026933766c10347dc8b2a5033e12c5426dc2efda401c29917736d52881a2950aeec0b330c3b9234512755812dfcc00894d032ce8c49d4511dbf7a633f6a1ff7ae15cb1a0fc87e0121b7f2c9babfdfe092dd4fa000cafaa2bb71b9535e61ade05abf360e680d6e3feb5d583870049d321b681d65fda255e2f2f630fc840181f4173a85818817b6d1d45d8aca6621334e88f8eb5e70a9b1c38c4ef697ff1977d4960e0ec37f9df882d7a66b4c297c7fcc190fd2c809c0994eec9857d18fb7a3170922869c9cb9a07e296c06f27b52bedc0597ec64de35dcad0af57635d15baced9a4f7b7a53003730a01923035031cc5db1448530d99bf3438bb88625f16a45ce7f190fb2debd7017ed942fe002e1b4a5802185bd20986c5847273ef5f2a910e588adf14a352b9dc0b396e59582610c401e5a320d7cb07d1e0784992899e50353f173d77ef9bc083963fe444649c0f85f774fbc1d539bc5d845a3c4237047203f77f12f30a10d6f8d7623629cabcebb89ba940e249517d6fdc090e650ab7922dee506a4a0c1783da19b2c88e3c89825c63d124f1f0e3f0a42a9def7f01cc48175ccbf4525daff13add3788a85d805888595a41f269a0b1b756bd0f0c415cd1b2c4f809dcf63f260dce1a05d4395fbbb601bdbb29c65887d800ec02a6bdc790afac7ade06b8d944ed6e7129fca5122409a63a6e199f127a24ebc9e48230fe9452b1edfaadde5714f89c6ba77284ec91e41c8d844e065759d03c6ebfe2485852aba4cc0dde1b91b744730db9dada200b02eb12be66d1d42a367b4c9b09f9d0d502b4860788b14fdd06e7a8beca8be7e3b03d2c82e0ec3faa61dd48bb07d10a55438860a7712ee56d3a263600408149cab571b96fed34273a676f0d385eab6d52f6a65b5d71a50375c38151612044d7b71c7bf17d530eaa5c94b61158fc84de88fc3ec083c5ed77c303c0a9ca8b2affca514430c5f55e0d5a1cf1f8ccbe8f775e5e334cbb27734083af6c2c40970c8b30f26845cf69b61b9d553d3229cd14527ffd2aaa16d4aa41c5a41dd899a908d1fb793f3a30c51054f67db15edaa9ee3d906d698626a6137e9aa89e527ea719f7fb55e2af1a7b49e8ec03c222e9bf6eff1d017744f74e1aa15f3b67fddde7987445130423935ac1795c87f4ca7017ef95eee5a7e3c96497d54834370e7cd10c1596b116fdd91422708315c1700a1ee12f43cba2ce27afccc341283a1f47bc36ed55ad46a1bc7a7ab5abf1ac9926606a1258223f50ce123fee0345a1dd669085bc3153dc4a7c343cacd4563bcbe4eabf950df733b8696ceecf2df3d49b55bc9894637f70398258fea9d5475efcec018f9d02c1d15624d0063405317e2722967b7a30fa08742e0479f1af60b87a914b4f9fb81e43d38fdc8039f6b70705c0655796aee2cf4e9b06b79be5f0420d579a7551e85745348d8d75028ed3b43906372946c5eac8ab798f46c435f165ae5ebf03eba9bf4eec8b10ba70f6ba1dc8f6231f2ab61fbf326dbda6a2795f2869a39bae2823f28de22a4b330666cbf81dc7162a149e951f16fc687612f933fe1c90acd0a067479f11aab86b3769208168e38f0a72146059271d2e0725947d97f90190148998f979537fd80c32fa1fff6673018175154335feb7a0e76a247f923de75f615bbfe5dae3d32d8419b3bcfef9956fd2a2464b23b59955ac98300b3c90a227c7eed7ece018abb03e6be4fb7e5f3c6d4a5a52737b404458f7409b753eb786cd03cd71d75665e5d408efb430b11a9bd52206bb3310c0269e86ddceadc860024544df92eda35213887e7a9fa5990c98829940a22d880b29eb9bcf1e80cc80f895af88a5f93683d2edcfca74a21da6466a4a34dd12041d55422c58c533ec46950b759e28e0c9d50618fe6c469637c213ac6da9a2632cbda83ba02a831729d3c7b554ba81081b45bd10e711ba98857cc3aaa4cbf54af6b98cf4a0583a2b436a28528f28738ba4507537cf6661fb7a74e19a045a9c9c1d0cad415168b9eee9707d6396705abc26fe634e752f9f5c8d0f0ef375f70dd6e3b3f8f69e072e742d0817769f166de8194b656519edc16b2a834cd8141c9b1e8d9d922665ea5c9095a4bfa67fa37c92c449538446fb863c53a5470c8935214e21d29a2181dd45effc96055b6a30feefec792d156eb4d0a3481e1d9bd9a75f032725ab113254c2fda2860d281f9c017384addb2f20a0009da7ee177310df83ad6d65884cde7f2b2d1daef29509025321e694f9d67b230fcd39adaceca12481f72f64dcbdb4e45c89a38e5d89fe5601e797ba4b1d3d2ffd3851300bf1fc19a449b395d504d41c032047e43bc7954d8b433682ca4764961257f3398d477d464733be120d1cd948c58a651e108fc3284c297f4758e148b734b20bb186a777350579d32367da616f639d781dbbdf94dd3face78e6c642d0828afdd109822e9b376c71036796c8aad6b58642c136162ac1615710c759e585f095cf608a5401c95e6b2907ce93aee6b7a18793a05a867481afb32f5001e3b349943e89106d7fdb07b22a585cfdaae9fbf0c33eb45e489b1943f1bd2d5ea7d1650415cdef35882710f7cb4c806d270bc163f542ebb1b4182b6d9125339903b93afdc47b884159cc53663e10d327fb34ad0d82d3bf2f0cc3411244a43ed5b385389f6953c11f7c9a1838af2c1a5e6ec5cafc9b84ac6ba79a113dbcd8682a5ce49be20c68d4f86fb736090608cc4f79f2ac9ff9e894503e5a5271109c52b0c8820defc4c78cb7d39658b79e72882f90bcbcf5e85d366da62f93e20bf90334eec1b07e9193cc760ab8928366674820cbc67336b1a0563274a5d3f1b17856d48d2eca8e6cd46c717bcfe4933221f4dc607114df3cc746b3cb076520db0f4cb5f698ec80727882e7b9f751efeaf2aeb9e2669a8c74c0008a5ed6b99946d0aebe8c76f0aea8f80c35a0025cf21ddaef83bd4daa7e5e51c8573fbff03d4c6074d4dcdf6f969e49c3a455062d0d8abac74ba6d8183ab734d13ef459ab422dd0f22a13383ed18f64ad7cc982b383849f6551faffb512b7ca3653093cb150737cdf1c687ecf957b8d0bdd69afc4e804156d36124f976dcceb92259894f9446245a62401aaff703ac4a76e627669d5675e583dff1e4a9828baa02cad33b4c23333245bf280903218e90c462f40743f2b59494086bef3b4ecd55045dad36cd5fb831bbe7a2cfbe27a5a74ce06e9290fd2d25a1469097760e05ddd68a3f0828c97a7a00967e3cc359a4521ce372b5f0253118ce2ccecc2b4024e367c258df21068c1b8e18a64f1985d8e522f1596432a9cbe776769533c86f17a3e12607173b412d524c509bde369ded8b5ca208e2b19450b0413bb8470f73a4ea45a28d6b5d02ceaccbafef07c46c3d7924119fc1bd5aa8ade9d040f38f21033c2f617d2c6a530b1fe0d236ff3cae0a6ffce7a2a348c9d03ea061829d2b4e8573ebfe5951d661d37ae60ff4d4d6bd9453cebf1ebfb3765457d9158aeb87253e9f3b431b398ae89a6340bb337ada3fbf9ca1cb6b57c53fe4d919311bd7d3bc6b544a3e0407e21179383a63512a0f02dc1cdb00d00ec72eeb7c285b116cce5db1eaaa328695a399c2583229676f94c387d15b0fefcb820ff1fd740c614e9a492c0a2d7eddb0d6b0b56567ba47d5b6457dec43134c8115877a0e274b80daba348b3b0c6c4e987f4a2f382f48623e1995b5debb9d24514a5d607b195462e8d1021259c80c195af062881b0fabca804f36fbd265e517ac690c2db94bf21997ce116c451e127d39552b649395b13f4bdd1fa1c79730864d4e4801035ab5addde422ca90e3f7e7a5770fd11d8b6e587c0710ebc0b83c612a2a820e483554907780490aa842135ad3e2908576f80d9878037e70166bd46e5372d4deef83f0b784a657e324cd3597805ffd0dd5a0a01e152f8b8c292be53b528823674c995e5dc706debbff75654f6555eb884ebd", 0x1000, 0x8}, {&(0x7f0000001680)="d1d29923eb197e4638230e10f11f6d899b2f4a3ceeb64236bd9c15657029d9f16d228520a28c454a", 0x28, 0x2}], 0x2000000, &(0x7f0000001740)={[{@uid}], [{@rootcontext={'rootcontext', 0x3d, 'root'}}, {@permit_directio}, {@measure}, {@appraise}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@measure}, {@appraise_type}, {@fsmagic={'fsmagic', 0x3d, 0x7ff}}]}) sendmsg$SEG6_CMD_SET_TUNSRC(r0, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES32=r3, @ANYBLOB="00022a2000000000df250300000014000100fe8000010000f282c41f0000000000c00e0000430500050000000000", @ANYRES16=r3, @ANYBLOB="2879cb80e38497a6f5391d619d314b67c4470d2a2c79563d425a43cd0419d9be9eaeb57edbe43a915b02232e06a02656aed2fbdc255857ffcdea592ac64d6ccf6847b83b4d7216c5fe90d9cbf08c6330073f2e040befc1b31d266e9026eabc39e094d3f5475fecfbfa8a9329aa41cd1c9c0d86356b3da1389623917b7e0d8da38d47373a85064886ba5196f6578d253dcc0c2f", @ANYRESHEX=r1], 0x30}, 0x1, 0x0, 0x0, 0x44410}, 0xc894) syz_open_dev$ndb(&(0x7f0000001800), 0x0, 0x400800) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r4, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) openat$cuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) 09:32:03 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="6561c431d0746f723dd7ce"]) 09:32:03 executing program 1: r0 = socket(0x25, 0x1, 0x0) (async) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000000c0)={0x8}, 0x8) (async) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuacct.usage_all\x00', 0x0, 0x0) write$P9_RWALK(r1, &(0x7f0000000080)={0x30, 0x6f, 0x2, {0x3, [{0x0, 0x3, 0x6}, {0x10, 0x1, 0x1}, {0x2, 0x4, 0x7}]}}, 0x30) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) socket(0x21, 0x2, 0xff) [ 1195.190038] hfsplus: creator requires a 4 character value [ 1195.205898] hfsplus: unable to parse mount options [ 1195.222547] FAULT_INJECTION: forcing a failure. [ 1195.222547] name failslab, interval 1, probability 0, space 0, times 0 [ 1195.239735] CPU: 1 PID: 29532 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1195.247639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1195.256993] Call Trace: [ 1195.259588] dump_stack+0x1b2/0x281 [ 1195.263216] should_fail.cold+0x10a/0x149 [ 1195.267365] should_failslab+0xd6/0x130 [ 1195.271330] kmem_cache_alloc_node+0x263/0x410 [ 1195.275893] __alloc_skb+0x5c/0x510 [ 1195.279513] kobject_uevent_env+0x882/0xf30 [ 1195.283840] lo_ioctl+0x11a6/0x1cd0 [ 1195.287463] ? loop_set_status64+0xe0/0xe0 [ 1195.291692] blkdev_ioctl+0x540/0x1830 [ 1195.295581] ? blkpg_ioctl+0x8d0/0x8d0 [ 1195.299455] ? trace_hardirqs_on+0x10/0x10 [ 1195.303681] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1195.308767] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1195.313774] block_ioctl+0xd9/0x120 [ 1195.317399] ? blkdev_fallocate+0x3a0/0x3a0 [ 1195.321724] do_vfs_ioctl+0x75a/0xff0 [ 1195.325513] ? lock_acquire+0x170/0x3f0 [ 1195.329466] ? ioctl_preallocate+0x1a0/0x1a0 [ 1195.333853] ? __fget+0x265/0x3e0 [ 1195.337298] ? do_vfs_ioctl+0xff0/0xff0 [ 1195.341262] ? security_file_ioctl+0x83/0xb0 [ 1195.345653] SyS_ioctl+0x7f/0xb0 [ 1195.349011] ? do_vfs_ioctl+0xff0/0xff0 [ 1195.352963] do_syscall_64+0x1d5/0x640 [ 1195.356855] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1195.362041] RIP: 0033:0x7f463664cea7 [ 1195.365736] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1195.373424] RAX: ffffffffffffffda RBX: 00007f4636696a20 RCX: 00007f463664cea7 [ 1195.380687] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 09:32:03 executing program 1: r0 = socket(0x2, 0x80000, 0xa8) ioctl$LOOP_SET_BLOCK_SIZE(0xffffffffffffffff, 0x4c09, 0x5) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r1) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) [ 1195.387942] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1195.395196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1195.402450] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1195.421854] FAULT_INJECTION: forcing a failure. [ 1195.421854] name failslab, interval 1, probability 0, space 0, times 0 [ 1195.443151] hfsplus: creator requires a 4 character value [ 1195.455476] CPU: 1 PID: 29533 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1195.463382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1195.472736] Call Trace: [ 1195.475332] dump_stack+0x1b2/0x281 [ 1195.478969] should_fail.cold+0x10a/0x149 [ 1195.483125] should_failslab+0xd6/0x130 [ 1195.484833] hfsplus: unable to parse mount options [ 1195.487103] kmem_cache_alloc_node+0x263/0x410 [ 1195.487118] __alloc_skb+0x5c/0x510 [ 1195.487134] kobject_uevent_env+0x882/0xf30 [ 1195.487153] lo_ioctl+0x11a6/0x1cd0 [ 1195.487163] ? loop_set_status64+0xe0/0xe0 [ 1195.487174] blkdev_ioctl+0x540/0x1830 [ 1195.487183] ? blkpg_ioctl+0x8d0/0x8d0 [ 1195.487193] ? trace_hardirqs_on+0x10/0x10 [ 1195.487207] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1195.487217] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1195.487230] block_ioctl+0xd9/0x120 [ 1195.487238] ? blkdev_fallocate+0x3a0/0x3a0 [ 1195.487246] do_vfs_ioctl+0x75a/0xff0 [ 1195.487262] ? lock_acquire+0x170/0x3f0 [ 1195.487274] ? ioctl_preallocate+0x1a0/0x1a0 [ 1195.554525] ? __fget+0x265/0x3e0 [ 1195.557971] ? do_vfs_ioctl+0xff0/0xff0 [ 1195.561950] ? security_file_ioctl+0x83/0xb0 [ 1195.566349] SyS_ioctl+0x7f/0xb0 [ 1195.569704] ? do_vfs_ioctl+0xff0/0xff0 [ 1195.573663] do_syscall_64+0x1d5/0x640 [ 1195.577548] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1195.582992] RIP: 0033:0x7f322b2faea7 [ 1195.586682] RSP: 002b:00007f3229c6ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1195.594373] RAX: ffffffffffffffda RBX: 00007f322b344a20 RCX: 00007f322b2faea7 [ 1195.601624] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1195.608885] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1195.616149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1195.623405] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1195.631997] hfsplus: creator requires a 4 character value [ 1195.637913] hfsplus: unable to parse mount options 09:32:03 executing program 1: r0 = socket(0x2, 0x80000, 0xa8) ioctl$LOOP_SET_BLOCK_SIZE(0xffffffffffffffff, 0x4c09, 0x5) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r1) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) 09:32:03 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (async) syz_mount_image$xfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8, 0x9, &(0x7f00000006c0)=[{&(0x7f00000001c0)="d62f2d19ce770a980ee40a8cb113a4afba5d5a8123089db0a792562aa8506d20692dbd56827e98832562921aebcd6efafeac08642c23f6717a986ba5a767afeb9bd7cc0dca15b8ab6b5d27dc8e66e444a72600462ea83a369646e43759162bd21c1f7be1d53494767c0b9041d634297456f805c2c3bc51639121ff21373d04d617c36b6d5f7ddffdb8be5ceb1751d961599fe2615923a848a9ccf43ac8baff5e6eb3b66585ee359d998ee6c90af310b9f59ce5a8271cc25578254206b2b123989b8875", 0xc3, 0x80000000}, {&(0x7f0000000080)="28152ab54667d189db5e0ee541ee29e710effc1101a71a2e5dc4769fce14ed880a40c1f48f1b49f921760e95967f58ce14c762ed4b7efbd53dde0a3970441c10617459d021aef8d2932ee10042a431602314e42da156c183616c1500aa7bcc0b", 0x60, 0x4}, {&(0x7f00000002c0)="4a9a166c93bd3215831b6bf314cf50c9521c7575a234d4b90071dfacc48b1c1630a3b8e1487099658c9f62cb6395ecfddf6a3e913da83bc8f25f562a597bf0025ff07b79ee92c3639c51c0a68f1141fd964ca072997ce738ba080dfd069006fac6ec79be04f69452bf44be921dcf57872483d0e1d9d4257947f0f7830af99c155e0a4534827e45f27b4ba78642ae8d0d4529", 0x92, 0x1}, {&(0x7f0000000380)="dcdbf1e0cbff7fe1ac142c4cf6ff6625d6619bd3e36bf7a42a902013ebd04e74fb4134db8d3e45f5ec14018e6eacf47793f851971565fc87241e71ebb8993f68ce8aad565e57806dbfccd2933064658736e484a7c4b15ab1f202844e78145948467475e6db50113aa1faa148a3d006eb6a8aa1c8236edf513df548d91ab22a61809ecba6316ede22a3db38d790a7b6eb991c", 0x92, 0x1}, {&(0x7f0000000440)="ae51f02c7b2617a0431186c0ef6e20e807ee39d0fe657142cc779487394785dd89fe9f5125dd4e69bfbba53b19a62aba4311ec32e88cdf21b8f999de5c14c4dca5242a621e70e12528023944d09eb5cdbe06781fb95dd25d1cc99f2a747eeb939ebbb18d0f87c8b0741bdd3bb44fd1027b18e26c1c6a61d0e0b108a3366cde5e8b12e50b53eb7d77afc3f573c5cc50c8d3d9cadfdf0b172ffba0a38f43a4cae421b19a1d5475fe", 0xa7, 0x5}, {&(0x7f0000000100)="24a4e674ea11fba0f119f12248df", 0xe, 0x1ff}, {&(0x7f0000000500)="c48e9d619aca0f963b361000e7c53ca1fb6a374385778df57e6eff18996f5c9058112b2b7e30e46c6700c74c8bde5872803f28188c17252c431c00ad15a81bacb7185ff2edc331ed8ac91389ae93945edc4a2b8471b2dd8272cf8cfd0899b49c", 0x60, 0x40}, {&(0x7f0000000580)="e29c4a1cbcd167a8f9b95dd38af5056bc3a02fe646c0ebe8febfce7d84b5f48db77dbeed95c4c7ab0f43f18b972641af08f35efbaeb3e8acbc29887545902dd36f660c8d4e75f0abd88957032c1e384b9c71741595caa4d7736fcee7410f9efd58581d8f09795d132f3b0acc924dfae94f20a9acaeef5827fc0eb205993fa5a2ae0f18", 0x83, 0xfffffffffffffeff}, {&(0x7f0000000640)="d4414137d9f53191333b8e7ccc0bd1ee475eb563e77e716f5649869bef39357d35063a66c73113d3958a16f7ab6c1f13b5d2ea6a8201a7071b5108ec097dc39495e1f48c1f3937447897db4ec9d56eea6fa69a02e9d241460d8134eefce39ab2", 0x60, 0x3}], 0x2008000, &(0x7f00000008c0)=ANY=[@ANYBLOB="6c6f676273697a653d32f72c6e6f757569642c716e6f656e666f7263652c6d7470742c6c6f676465763d2e2f66696c65302c61747472322c7571756f74612c736d61636b66735e2c646f6e745f6d656173757a652c61707072616973655f747970653d696d617369672c736d61636b66737472616e736d7574653d6673706c7573002c646566636f6e746578743d757365725f752c66736d616769633d1478303030303030303030303030376666662c663e0000000000", @ANYRESDEC, @ANYBLOB=',uid>', @ANYRESDEC=0xee01, @ANYBLOB=',\x00']) 09:32:03 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 31) 09:32:03 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 30) [ 1195.638554] hfsplus: unable to parse mount options [ 1195.645254] hfsplus: unable to parse mount options 09:32:03 executing program 4: sendmsg$NLBL_CALIPSO_C_LIST(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000100), 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x34, 0x0, 0x300, 0x70bd2d, 0x25dfdbfc, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x448c4) syz_open_dev$ndb(&(0x7f0000000140), 0x0, 0x40a00) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) ioctl$SNAPSHOT_SET_SWAP_AREA(0xffffffffffffffff, 0x400c330d, &(0x7f00000001c0)={0xbcb, 0x5}) r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) r3 = accept$netrom(r2, 0x0, 0x0) syz_mount_image$hfsplus(&(0x7f0000000400), &(0x7f0000000440)='./file0\x00', 0x401, 0x5, &(0x7f00000016c0)=[{&(0x7f0000000480)="b2628a1f043650716ca2bbb450098cbf983a41d797031c65ba6e177cfc989b5c532ac4d7faa9f9477039ce974cd2342d2bdd3724bafeb5a0bf40b16bfaf9ab5fdc3b19c9a5b8246ddfa54042b42bea04bd2507d24008254a6c3477fb5103fbab34824baea4c53463a1e729cad1a8b8326c742d", 0x73}, {&(0x7f0000000500)="b9a7d28ef6f0c2cf958e7b19cd255d1177f881b7873320bc811da6eda25ac7ca50e56689fa82f3d5e8f843e59a431f796df933b8272a34b7bd89dfc0978a03d371239f68e95b33f17f4badb91a6fcce947caef5358dbc387acaea28e5c4c4f15fedf1546aa9f239bd75a37115de464a78a380c3c740eb13282a15d915975dad74281103314af050914ed56a28342afdac5a0ec34c98454ec451dd1288767319acf5bb7312be4cd14428831331979fa83bcd4202d2ad6fc607d325186920060f242ea00087faa9f8bcbc51b5290fdad3a26c3dac60385596d4a05a57c4d485c8df14ccfbd46e9e9954abbe07ec9afebfc3bcccc2410d2916c", 0xf8, 0x7}, {&(0x7f0000000600)="ff7c5b794e27c6030827c1341d1413fa471cefd925d51da843c764d1c968c2669af3f32042d51eab773b48c6dd6d5ec52984cc12750cfd6fbadde681da65ba486a048308b94110435e2d03f76b98c4ee18604a9b838e", 0x56, 0xdb}, {&(0x7f0000000680)="f88585b74ab8e69030831b047fab7648eaf11e0ae142deab2b96d7dd64135c461bbb71cbd43e794ab706278c3947e7ce793e462d77c7dea3f49e8837314c82cbafb676e1baecf1b00b80bab47aa8e6b70aa9253aad13a546efbfab42bfcff82dd92408c1fb3853b83bff873fc7af93bf4308b44aeccfbdbbce21442bca2c0ae7b5ac1474436239b6e8e38c4e3bf6eeb9eb184142555b7cde242a6de2befce3831e03783764688064fd5544b6a4268055a72597c82dae7b52a33b2de1bfeabdd353acb216e98485b258c20d6d1cf5374867a7dda81e0a469244b34a7c51ec28da923d24d6cf0e20417fba6981acb63e07a17235d52bc0ebae84703cfc9ad03110bca7c033d891735006fbfd945de1c283c76f7e076ed2ec064db2a1c2f221053e133bd78594dcc5d281148f1ac3fe567bbf88b5a584fc68ae01748f074cd1d2eaa1ea61e5956023119574ea36f14cbc4eb5f781663512c7b437b82e5c43d6f535cc09883a8157b3c8e1c619e3541cb35dd5645c15fe704604ebbda1e4d121246e96858ac57e007fc2c5e20f9bcd4e6ebac27b4d01a90ce68ea32d015e77c35d2053bb73f87481404af366b39e15d776de06dad899658e3e7cc57a87953d3726e048e90f97d0ad581ade6e00483450e76b0e7a708ddced0ade1fa2c8b2ea693e93d559f3ac6565f42f288f6e2afa1a9c13d6ce09f1fae0e0b2ae3bb696b9912394071ecdae245286efb6ab31711aaee32c58d8979959aeaf1c94ce60cf5dc5a4291eba639f4943f0977e89fa68a05f7fcb679707e9fba1d9348c5efb11f528b99fe5c40cbd5ec60cac0d2f778772e495c0020234fc6824978981adb8fed31802b4d43bafcc1f1ba3f83853bcad07ba1fdf26eb146a7d6003df5fb9a47df6b162cf194630315377bafe0a1249da2cb8ef9eacddb3018d5ca373614d1a41e750191e70385d07ed9bbdf20e5de27b075d7b68c978f6210c19c72f099ea9726d0e0550030f9bd4d1b8477a7c4cba4f44d0f769e9fd34fb678e68263c239acb743e389d1822efb3ef15a4f2c2acf103a8d82229ab179c4808e244185a96712d27de9dba174f066e597b45dd07f2f25abc3ae7cbb99ee6fb5ca0a42a2ae38cf15cd88137d80aee811ede6007dfa23b7cc5940d0bd0fb6281a990d6344bc8054c54c83a12088b6dd7f71be259eff5dfa8c733305a111a9a377d4a74901c4a2c1158a4f55168c3350d8edc759d857f4115e0959cc92452421d9e0b22f1aada15aecf0cf8321afe71a946423284f3eed3677c4d2c2258ceebb42dbc26bc729a1a95abfea391890ec24862b16e39e84b840b8da49fcf16f29f921ab550f4aa3db92652fc92487252b37779bfe1a8f62282fe8f216bdab560249a4417bc33371d318b71693f8def73c2b2fce6502d084cbe6819e3f8fa19652398c0d6a34720c30a68c705f976e41f1010c9482c377f0e3487059dbda494efe86bfd98f80b588f872f92e31a2fb4c936b7a8b5ba83992a2cc04144448fb14897ca6e29bd80aaa75425e60328e364c3a7c8e79ec0ffc4b9f30067f1db11e0127d68b8d8cd9095a58c9939ebc73779dec9be8a04392b3b4ebc47c03cd04d29005c8fbc3df80a6be54e9fda84beba8488f18c618fa3a07aa442b50e4ed760ca22e76c4a2077bee2efffc99035ec12e6648b4a7a396833ecea228c7a40bfa693bd0b2a6df93bf0e6a04a57248f59730ac5bfbeadbdad894767ebc1e171dcb93486bc31d77c9e41619ba078aff1f08521e5917712fe16c74580f85d446007ec6aa275500fa059b27b228da6b833026933766c10347dc8b2a5033e12c5426dc2efda401c29917736d52881a2950aeec0b330c3b9234512755812dfcc00894d032ce8c49d4511dbf7a633f6a1ff7ae15cb1a0fc87e0121b7f2c9babfdfe092dd4fa000cafaa2bb71b9535e61ade05abf360e680d6e3feb5d583870049d321b681d65fda255e2f2f630fc840181f4173a85818817b6d1d45d8aca6621334e88f8eb5e70a9b1c38c4ef697ff1977d4960e0ec37f9df882d7a66b4c297c7fcc190fd2c809c0994eec9857d18fb7a3170922869c9cb9a07e296c06f27b52bedc0597ec64de35dcad0af57635d15baced9a4f7b7a53003730a01923035031cc5db1448530d99bf3438bb88625f16a45ce7f190fb2debd7017ed942fe002e1b4a5802185bd20986c5847273ef5f2a910e588adf14a352b9dc0b396e59582610c401e5a320d7cb07d1e0784992899e50353f173d77ef9bc083963fe444649c0f85f774fbc1d539bc5d845a3c4237047203f77f12f30a10d6f8d7623629cabcebb89ba940e249517d6fdc090e650ab7922dee506a4a0c1783da19b2c88e3c89825c63d124f1f0e3f0a42a9def7f01cc48175ccbf4525daff13add3788a85d805888595a41f269a0b1b756bd0f0c415cd1b2c4f809dcf63f260dce1a05d4395fbbb601bdbb29c65887d800ec02a6bdc790afac7ade06b8d944ed6e7129fca5122409a63a6e199f127a24ebc9e48230fe9452b1edfaadde5714f89c6ba77284ec91e41c8d844e065759d03c6ebfe2485852aba4cc0dde1b91b744730db9dada200b02eb12be66d1d42a367b4c9b09f9d0d502b4860788b14fdd06e7a8beca8be7e3b03d2c82e0ec3faa61dd48bb07d10a55438860a7712ee56d3a263600408149cab571b96fed34273a676f0d385eab6d52f6a65b5d71a50375c38151612044d7b71c7bf17d530eaa5c94b61158fc84de88fc3ec083c5ed77c303c0a9ca8b2affca514430c5f55e0d5a1cf1f8ccbe8f775e5e334cbb27734083af6c2c40970c8b30f26845cf69b61b9d553d3229cd14527ffd2aaa16d4aa41c5a41dd899a908d1fb793f3a30c51054f67db15edaa9ee3d906d698626a6137e9aa89e527ea719f7fb55e2af1a7b49e8ec03c222e9bf6eff1d017744f74e1aa15f3b67fddde7987445130423935ac1795c87f4ca7017ef95eee5a7e3c96497d54834370e7cd10c1596b116fdd91422708315c1700a1ee12f43cba2ce27afccc341283a1f47bc36ed55ad46a1bc7a7ab5abf1ac9926606a1258223f50ce123fee0345a1dd669085bc3153dc4a7c343cacd4563bcbe4eabf950df733b8696ceecf2df3d49b55bc9894637f70398258fea9d5475efcec018f9d02c1d15624d0063405317e2722967b7a30fa08742e0479f1af60b87a914b4f9fb81e43d38fdc8039f6b70705c0655796aee2cf4e9b06b79be5f0420d579a7551e85745348d8d75028ed3b43906372946c5eac8ab798f46c435f165ae5ebf03eba9bf4eec8b10ba70f6ba1dc8f6231f2ab61fbf326dbda6a2795f2869a39bae2823f28de22a4b330666cbf81dc7162a149e951f16fc687612f933fe1c90acd0a067479f11aab86b3769208168e38f0a72146059271d2e0725947d97f90190148998f979537fd80c32fa1fff6673018175154335feb7a0e76a247f923de75f615bbfe5dae3d32d8419b3bcfef9956fd2a2464b23b59955ac98300b3c90a227c7eed7ece018abb03e6be4fb7e5f3c6d4a5a52737b404458f7409b753eb786cd03cd71d75665e5d408efb430b11a9bd52206bb3310c0269e86ddceadc860024544df92eda35213887e7a9fa5990c98829940a22d880b29eb9bcf1e80cc80f895af88a5f93683d2edcfca74a21da6466a4a34dd12041d55422c58c533ec46950b759e28e0c9d50618fe6c469637c213ac6da9a2632cbda83ba02a831729d3c7b554ba81081b45bd10e711ba98857cc3aaa4cbf54af6b98cf4a0583a2b436a28528f28738ba4507537cf6661fb7a74e19a045a9c9c1d0cad415168b9eee9707d6396705abc26fe634e752f9f5c8d0f0ef375f70dd6e3b3f8f69e072e742d0817769f166de8194b656519edc16b2a834cd8141c9b1e8d9d922665ea5c9095a4bfa67fa37c92c449538446fb863c53a5470c8935214e21d29a2181dd45effc96055b6a30feefec792d156eb4d0a3481e1d9bd9a75f032725ab113254c2fda2860d281f9c017384addb2f20a0009da7ee177310df83ad6d65884cde7f2b2d1daef29509025321e694f9d67b230fcd39adaceca12481f72f64dcbdb4e45c89a38e5d89fe5601e797ba4b1d3d2ffd3851300bf1fc19a449b395d504d41c032047e43bc7954d8b433682ca4764961257f3398d477d464733be120d1cd948c58a651e108fc3284c297f4758e148b734b20bb186a777350579d32367da616f639d781dbbdf94dd3face78e6c642d0828afdd109822e9b376c71036796c8aad6b58642c136162ac1615710c759e585f095cf608a5401c95e6b2907ce93aee6b7a18793a05a867481afb32f5001e3b349943e89106d7fdb07b22a585cfdaae9fbf0c33eb45e489b1943f1bd2d5ea7d1650415cdef35882710f7cb4c806d270bc163f542ebb1b4182b6d9125339903b93afdc47b884159cc53663e10d327fb34ad0d82d3bf2f0cc3411244a43ed5b385389f6953c11f7c9a1838af2c1a5e6ec5cafc9b84ac6ba79a113dbcd8682a5ce49be20c68d4f86fb736090608cc4f79f2ac9ff9e894503e5a5271109c52b0c8820defc4c78cb7d39658b79e72882f90bcbcf5e85d366da62f93e20bf90334eec1b07e9193cc760ab8928366674820cbc67336b1a0563274a5d3f1b17856d48d2eca8e6cd46c717bcfe4933221f4dc607114df3cc746b3cb076520db0f4cb5f698ec80727882e7b9f751efeaf2aeb9e2669a8c74c0008a5ed6b99946d0aebe8c76f0aea8f80c35a0025cf21ddaef83bd4daa7e5e51c8573fbff03d4c6074d4dcdf6f969e49c3a455062d0d8abac74ba6d8183ab734d13ef459ab422dd0f22a13383ed18f64ad7cc982b383849f6551faffb512b7ca3653093cb150737cdf1c687ecf957b8d0bdd69afc4e804156d36124f976dcceb92259894f9446245a62401aaff703ac4a76e627669d5675e583dff1e4a9828baa02cad33b4c23333245bf280903218e90c462f40743f2b59494086bef3b4ecd55045dad36cd5fb831bbe7a2cfbe27a5a74ce06e9290fd2d25a1469097760e05ddd68a3f0828c97a7a00967e3cc359a4521ce372b5f0253118ce2ccecc2b4024e367c258df21068c1b8e18a64f1985d8e522f1596432a9cbe776769533c86f17a3e12607173b412d524c509bde369ded8b5ca208e2b19450b0413bb8470f73a4ea45a28d6b5d02ceaccbafef07c46c3d7924119fc1bd5aa8ade9d040f38f21033c2f617d2c6a530b1fe0d236ff3cae0a6ffce7a2a348c9d03ea061829d2b4e8573ebfe5951d661d37ae60ff4d4d6bd9453cebf1ebfb3765457d9158aeb87253e9f3b431b398ae89a6340bb337ada3fbf9ca1cb6b57c53fe4d919311bd7d3bc6b544a3e0407e21179383a63512a0f02dc1cdb00d00ec72eeb7c285b116cce5db1eaaa328695a399c2583229676f94c387d15b0fefcb820ff1fd740c614e9a492c0a2d7eddb0d6b0b56567ba47d5b6457dec43134c8115877a0e274b80daba348b3b0c6c4e987f4a2f382f48623e1995b5debb9d24514a5d607b195462e8d1021259c80c195af062881b0fabca804f36fbd265e517ac690c2db94bf21997ce116c451e127d39552b649395b13f4bdd1fa1c79730864d4e4801035ab5addde422ca90e3f7e7a5770fd11d8b6e587c0710ebc0b83c612a2a820e483554907780490aa842135ad3e2908576f80d9878037e70166bd46e5372d4deef83f0b784a657e324cd3597805ffd0dd5a0a01e152f8b8c292be53b528823674c995e5dc706debbff75654f6555eb884ebd", 0x1000, 0x8}, {&(0x7f0000001680)="d1d29923eb197e4638230e10f11f6d899b2f4a3ceeb64236bd9c15657029d9f16d228520a28c454a", 0x28, 0x2}], 0x2000000, &(0x7f0000001740)={[{@uid}], [{@rootcontext={'rootcontext', 0x3d, 'root'}}, {@permit_directio}, {@measure}, {@appraise}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@measure}, {@appraise_type}, {@fsmagic={'fsmagic', 0x3d, 0x7ff}}]}) sendmsg$SEG6_CMD_SET_TUNSRC(r0, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES32=r3, @ANYBLOB="00022a2000000000df250300000014000100fe8000010000f282c41f0000000000c00e0000430500050000000000", @ANYRES16=r3, @ANYBLOB="2879cb80e38497a6f5391d619d314b67c4470d2a2c79563d425a43cd0419d9be9eaeb57edbe43a915b02232e06a02656aed2fbdc255857ffcdea592ac64d6ccf6847b83b4d7216c5fe90d9cbf08c6330073f2e040befc1b31d266e9026eabc39e094d3f5475fecfbfa8a9329aa41cd1c9c0d86356b3da1389623917b7e0d8da38d47373a85064886ba5196f6578d253dcc0c2f", @ANYRESHEX=r1], 0x30}, 0x1, 0x0, 0x0, 0x44410}, 0xc894) syz_open_dev$ndb(&(0x7f0000001800), 0x0, 0x400800) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r4, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) openat$cuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) sendmsg$NLBL_CALIPSO_C_LIST(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000100), 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x34, 0x0, 0x300, 0x70bd2d, 0x25dfdbfc, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x448c4) (async) syz_open_dev$ndb(&(0x7f0000000140), 0x0, 0x40a00) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(0xffffffffffffffff, 0x400c330d, &(0x7f00000001c0)={0xbcb, 0x5}) (async) syz_init_net_socket$netrom(0x6, 0x5, 0x0) (async) accept$netrom(r2, 0x0, 0x0) (async) syz_mount_image$hfsplus(&(0x7f0000000400), &(0x7f0000000440)='./file0\x00', 0x401, 0x5, &(0x7f00000016c0)=[{&(0x7f0000000480)="b2628a1f043650716ca2bbb450098cbf983a41d797031c65ba6e177cfc989b5c532ac4d7faa9f9477039ce974cd2342d2bdd3724bafeb5a0bf40b16bfaf9ab5fdc3b19c9a5b8246ddfa54042b42bea04bd2507d24008254a6c3477fb5103fbab34824baea4c53463a1e729cad1a8b8326c742d", 0x73}, {&(0x7f0000000500)="b9a7d28ef6f0c2cf958e7b19cd255d1177f881b7873320bc811da6eda25ac7ca50e56689fa82f3d5e8f843e59a431f796df933b8272a34b7bd89dfc0978a03d371239f68e95b33f17f4badb91a6fcce947caef5358dbc387acaea28e5c4c4f15fedf1546aa9f239bd75a37115de464a78a380c3c740eb13282a15d915975dad74281103314af050914ed56a28342afdac5a0ec34c98454ec451dd1288767319acf5bb7312be4cd14428831331979fa83bcd4202d2ad6fc607d325186920060f242ea00087faa9f8bcbc51b5290fdad3a26c3dac60385596d4a05a57c4d485c8df14ccfbd46e9e9954abbe07ec9afebfc3bcccc2410d2916c", 0xf8, 0x7}, {&(0x7f0000000600)="ff7c5b794e27c6030827c1341d1413fa471cefd925d51da843c764d1c968c2669af3f32042d51eab773b48c6dd6d5ec52984cc12750cfd6fbadde681da65ba486a048308b94110435e2d03f76b98c4ee18604a9b838e", 0x56, 0xdb}, {&(0x7f0000000680)="f88585b74ab8e69030831b047fab7648eaf11e0ae142deab2b96d7dd64135c461bbb71cbd43e794ab706278c3947e7ce793e462d77c7dea3f49e8837314c82cbafb676e1baecf1b00b80bab47aa8e6b70aa9253aad13a546efbfab42bfcff82dd92408c1fb3853b83bff873fc7af93bf4308b44aeccfbdbbce21442bca2c0ae7b5ac1474436239b6e8e38c4e3bf6eeb9eb184142555b7cde242a6de2befce3831e03783764688064fd5544b6a4268055a72597c82dae7b52a33b2de1bfeabdd353acb216e98485b258c20d6d1cf5374867a7dda81e0a469244b34a7c51ec28da923d24d6cf0e20417fba6981acb63e07a17235d52bc0ebae84703cfc9ad03110bca7c033d891735006fbfd945de1c283c76f7e076ed2ec064db2a1c2f221053e133bd78594dcc5d281148f1ac3fe567bbf88b5a584fc68ae01748f074cd1d2eaa1ea61e5956023119574ea36f14cbc4eb5f781663512c7b437b82e5c43d6f535cc09883a8157b3c8e1c619e3541cb35dd5645c15fe704604ebbda1e4d121246e96858ac57e007fc2c5e20f9bcd4e6ebac27b4d01a90ce68ea32d015e77c35d2053bb73f87481404af366b39e15d776de06dad899658e3e7cc57a87953d3726e048e90f97d0ad581ade6e00483450e76b0e7a708ddced0ade1fa2c8b2ea693e93d559f3ac6565f42f288f6e2afa1a9c13d6ce09f1fae0e0b2ae3bb696b9912394071ecdae245286efb6ab31711aaee32c58d8979959aeaf1c94ce60cf5dc5a4291eba639f4943f0977e89fa68a05f7fcb679707e9fba1d9348c5efb11f528b99fe5c40cbd5ec60cac0d2f778772e495c0020234fc6824978981adb8fed31802b4d43bafcc1f1ba3f83853bcad07ba1fdf26eb146a7d6003df5fb9a47df6b162cf194630315377bafe0a1249da2cb8ef9eacddb3018d5ca373614d1a41e750191e70385d07ed9bbdf20e5de27b075d7b68c978f6210c19c72f099ea9726d0e0550030f9bd4d1b8477a7c4cba4f44d0f769e9fd34fb678e68263c239acb743e389d1822efb3ef15a4f2c2acf103a8d82229ab179c4808e244185a96712d27de9dba174f066e597b45dd07f2f25abc3ae7cbb99ee6fb5ca0a42a2ae38cf15cd88137d80aee811ede6007dfa23b7cc5940d0bd0fb6281a990d6344bc8054c54c83a12088b6dd7f71be259eff5dfa8c733305a111a9a377d4a74901c4a2c1158a4f55168c3350d8edc759d857f4115e0959cc92452421d9e0b22f1aada15aecf0cf8321afe71a946423284f3eed3677c4d2c2258ceebb42dbc26bc729a1a95abfea391890ec24862b16e39e84b840b8da49fcf16f29f921ab550f4aa3db92652fc92487252b37779bfe1a8f62282fe8f216bdab560249a4417bc33371d318b71693f8def73c2b2fce6502d084cbe6819e3f8fa19652398c0d6a34720c30a68c705f976e41f1010c9482c377f0e3487059dbda494efe86bfd98f80b588f872f92e31a2fb4c936b7a8b5ba83992a2cc04144448fb14897ca6e29bd80aaa75425e60328e364c3a7c8e79ec0ffc4b9f30067f1db11e0127d68b8d8cd9095a58c9939ebc73779dec9be8a04392b3b4ebc47c03cd04d29005c8fbc3df80a6be54e9fda84beba8488f18c618fa3a07aa442b50e4ed760ca22e76c4a2077bee2efffc99035ec12e6648b4a7a396833ecea228c7a40bfa693bd0b2a6df93bf0e6a04a57248f59730ac5bfbeadbdad894767ebc1e171dcb93486bc31d77c9e41619ba078aff1f08521e5917712fe16c74580f85d446007ec6aa275500fa059b27b228da6b833026933766c10347dc8b2a5033e12c5426dc2efda401c29917736d52881a2950aeec0b330c3b9234512755812dfcc00894d032ce8c49d4511dbf7a633f6a1ff7ae15cb1a0fc87e0121b7f2c9babfdfe092dd4fa000cafaa2bb71b9535e61ade05abf360e680d6e3feb5d583870049d321b681d65fda255e2f2f630fc840181f4173a85818817b6d1d45d8aca6621334e88f8eb5e70a9b1c38c4ef697ff1977d4960e0ec37f9df882d7a66b4c297c7fcc190fd2c809c0994eec9857d18fb7a3170922869c9cb9a07e296c06f27b52bedc0597ec64de35dcad0af57635d15baced9a4f7b7a53003730a01923035031cc5db1448530d99bf3438bb88625f16a45ce7f190fb2debd7017ed942fe002e1b4a5802185bd20986c5847273ef5f2a910e588adf14a352b9dc0b396e59582610c401e5a320d7cb07d1e0784992899e50353f173d77ef9bc083963fe444649c0f85f774fbc1d539bc5d845a3c4237047203f77f12f30a10d6f8d7623629cabcebb89ba940e249517d6fdc090e650ab7922dee506a4a0c1783da19b2c88e3c89825c63d124f1f0e3f0a42a9def7f01cc48175ccbf4525daff13add3788a85d805888595a41f269a0b1b756bd0f0c415cd1b2c4f809dcf63f260dce1a05d4395fbbb601bdbb29c65887d800ec02a6bdc790afac7ade06b8d944ed6e7129fca5122409a63a6e199f127a24ebc9e48230fe9452b1edfaadde5714f89c6ba77284ec91e41c8d844e065759d03c6ebfe2485852aba4cc0dde1b91b744730db9dada200b02eb12be66d1d42a367b4c9b09f9d0d502b4860788b14fdd06e7a8beca8be7e3b03d2c82e0ec3faa61dd48bb07d10a55438860a7712ee56d3a263600408149cab571b96fed34273a676f0d385eab6d52f6a65b5d71a50375c38151612044d7b71c7bf17d530eaa5c94b61158fc84de88fc3ec083c5ed77c303c0a9ca8b2affca514430c5f55e0d5a1cf1f8ccbe8f775e5e334cbb27734083af6c2c40970c8b30f26845cf69b61b9d553d3229cd14527ffd2aaa16d4aa41c5a41dd899a908d1fb793f3a30c51054f67db15edaa9ee3d906d698626a6137e9aa89e527ea719f7fb55e2af1a7b49e8ec03c222e9bf6eff1d017744f74e1aa15f3b67fddde7987445130423935ac1795c87f4ca7017ef95eee5a7e3c96497d54834370e7cd10c1596b116fdd91422708315c1700a1ee12f43cba2ce27afccc341283a1f47bc36ed55ad46a1bc7a7ab5abf1ac9926606a1258223f50ce123fee0345a1dd669085bc3153dc4a7c343cacd4563bcbe4eabf950df733b8696ceecf2df3d49b55bc9894637f70398258fea9d5475efcec018f9d02c1d15624d0063405317e2722967b7a30fa08742e0479f1af60b87a914b4f9fb81e43d38fdc8039f6b70705c0655796aee2cf4e9b06b79be5f0420d579a7551e85745348d8d75028ed3b43906372946c5eac8ab798f46c435f165ae5ebf03eba9bf4eec8b10ba70f6ba1dc8f6231f2ab61fbf326dbda6a2795f2869a39bae2823f28de22a4b330666cbf81dc7162a149e951f16fc687612f933fe1c90acd0a067479f11aab86b3769208168e38f0a72146059271d2e0725947d97f90190148998f979537fd80c32fa1fff6673018175154335feb7a0e76a247f923de75f615bbfe5dae3d32d8419b3bcfef9956fd2a2464b23b59955ac98300b3c90a227c7eed7ece018abb03e6be4fb7e5f3c6d4a5a52737b404458f7409b753eb786cd03cd71d75665e5d408efb430b11a9bd52206bb3310c0269e86ddceadc860024544df92eda35213887e7a9fa5990c98829940a22d880b29eb9bcf1e80cc80f895af88a5f93683d2edcfca74a21da6466a4a34dd12041d55422c58c533ec46950b759e28e0c9d50618fe6c469637c213ac6da9a2632cbda83ba02a831729d3c7b554ba81081b45bd10e711ba98857cc3aaa4cbf54af6b98cf4a0583a2b436a28528f28738ba4507537cf6661fb7a74e19a045a9c9c1d0cad415168b9eee9707d6396705abc26fe634e752f9f5c8d0f0ef375f70dd6e3b3f8f69e072e742d0817769f166de8194b656519edc16b2a834cd8141c9b1e8d9d922665ea5c9095a4bfa67fa37c92c449538446fb863c53a5470c8935214e21d29a2181dd45effc96055b6a30feefec792d156eb4d0a3481e1d9bd9a75f032725ab113254c2fda2860d281f9c017384addb2f20a0009da7ee177310df83ad6d65884cde7f2b2d1daef29509025321e694f9d67b230fcd39adaceca12481f72f64dcbdb4e45c89a38e5d89fe5601e797ba4b1d3d2ffd3851300bf1fc19a449b395d504d41c032047e43bc7954d8b433682ca4764961257f3398d477d464733be120d1cd948c58a651e108fc3284c297f4758e148b734b20bb186a777350579d32367da616f639d781dbbdf94dd3face78e6c642d0828afdd109822e9b376c71036796c8aad6b58642c136162ac1615710c759e585f095cf608a5401c95e6b2907ce93aee6b7a18793a05a867481afb32f5001e3b349943e89106d7fdb07b22a585cfdaae9fbf0c33eb45e489b1943f1bd2d5ea7d1650415cdef35882710f7cb4c806d270bc163f542ebb1b4182b6d9125339903b93afdc47b884159cc53663e10d327fb34ad0d82d3bf2f0cc3411244a43ed5b385389f6953c11f7c9a1838af2c1a5e6ec5cafc9b84ac6ba79a113dbcd8682a5ce49be20c68d4f86fb736090608cc4f79f2ac9ff9e894503e5a5271109c52b0c8820defc4c78cb7d39658b79e72882f90bcbcf5e85d366da62f93e20bf90334eec1b07e9193cc760ab8928366674820cbc67336b1a0563274a5d3f1b17856d48d2eca8e6cd46c717bcfe4933221f4dc607114df3cc746b3cb076520db0f4cb5f698ec80727882e7b9f751efeaf2aeb9e2669a8c74c0008a5ed6b99946d0aebe8c76f0aea8f80c35a0025cf21ddaef83bd4daa7e5e51c8573fbff03d4c6074d4dcdf6f969e49c3a455062d0d8abac74ba6d8183ab734d13ef459ab422dd0f22a13383ed18f64ad7cc982b383849f6551faffb512b7ca3653093cb150737cdf1c687ecf957b8d0bdd69afc4e804156d36124f976dcceb92259894f9446245a62401aaff703ac4a76e627669d5675e583dff1e4a9828baa02cad33b4c23333245bf280903218e90c462f40743f2b59494086bef3b4ecd55045dad36cd5fb831bbe7a2cfbe27a5a74ce06e9290fd2d25a1469097760e05ddd68a3f0828c97a7a00967e3cc359a4521ce372b5f0253118ce2ccecc2b4024e367c258df21068c1b8e18a64f1985d8e522f1596432a9cbe776769533c86f17a3e12607173b412d524c509bde369ded8b5ca208e2b19450b0413bb8470f73a4ea45a28d6b5d02ceaccbafef07c46c3d7924119fc1bd5aa8ade9d040f38f21033c2f617d2c6a530b1fe0d236ff3cae0a6ffce7a2a348c9d03ea061829d2b4e8573ebfe5951d661d37ae60ff4d4d6bd9453cebf1ebfb3765457d9158aeb87253e9f3b431b398ae89a6340bb337ada3fbf9ca1cb6b57c53fe4d919311bd7d3bc6b544a3e0407e21179383a63512a0f02dc1cdb00d00ec72eeb7c285b116cce5db1eaaa328695a399c2583229676f94c387d15b0fefcb820ff1fd740c614e9a492c0a2d7eddb0d6b0b56567ba47d5b6457dec43134c8115877a0e274b80daba348b3b0c6c4e987f4a2f382f48623e1995b5debb9d24514a5d607b195462e8d1021259c80c195af062881b0fabca804f36fbd265e517ac690c2db94bf21997ce116c451e127d39552b649395b13f4bdd1fa1c79730864d4e4801035ab5addde422ca90e3f7e7a5770fd11d8b6e587c0710ebc0b83c612a2a820e483554907780490aa842135ad3e2908576f80d9878037e70166bd46e5372d4deef83f0b784a657e324cd3597805ffd0dd5a0a01e152f8b8c292be53b528823674c995e5dc706debbff75654f6555eb884ebd", 0x1000, 0x8}, {&(0x7f0000001680)="d1d29923eb197e4638230e10f11f6d899b2f4a3ceeb64236bd9c15657029d9f16d228520a28c454a", 0x28, 0x2}], 0x2000000, &(0x7f0000001740)={[{@uid}], [{@rootcontext={'rootcontext', 0x3d, 'root'}}, {@permit_directio}, {@measure}, {@appraise}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@measure}, {@appraise_type}, {@fsmagic={'fsmagic', 0x3d, 0x7ff}}]}) (async) sendmsg$SEG6_CMD_SET_TUNSRC(r0, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES32=r3, @ANYBLOB="00022a2000000000df250300000014000100fe8000010000f282c41f0000000000c00e0000430500050000000000", @ANYRES16=r3, @ANYBLOB="2879cb80e38497a6f5391d619d314b67c4470d2a2c79563d425a43cd0419d9be9eaeb57edbe43a915b02232e06a02656aed2fbdc255857ffcdea592ac64d6ccf6847b83b4d7216c5fe90d9cbf08c6330073f2e040befc1b31d266e9026eabc39e094d3f5475fecfbfa8a9329aa41cd1c9c0d86356b3da1389623917b7e0d8da38d47373a85064886ba5196f6578d253dcc0c2f", @ANYRESHEX=r1], 0x30}, 0x1, 0x0, 0x0, 0x44410}, 0xc894) (async) syz_open_dev$ndb(&(0x7f0000001800), 0x0, 0x400800) (async) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r4, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) openat$cuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) (async) 09:32:03 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="6561c431d0746f723dd7ce"]) 09:32:03 executing program 1: r0 = socket(0x2, 0x80000, 0xa8) (async) ioctl$LOOP_SET_BLOCK_SIZE(0xffffffffffffffff, 0x4c09, 0x5) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r1) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) [ 1195.742175] FAULT_INJECTION: forcing a failure. [ 1195.742175] name failslab, interval 1, probability 0, space 0, times 0 [ 1195.753826] CPU: 0 PID: 29572 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1195.761713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1195.771162] Call Trace: [ 1195.773755] dump_stack+0x1b2/0x281 [ 1195.777393] should_fail.cold+0x10a/0x149 [ 1195.781550] should_failslab+0xd6/0x130 [ 1195.785538] kmem_cache_alloc_node+0x263/0x410 09:32:04 executing program 1: r0 = socket(0x25, 0x1, 0x0) sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x28}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x50, 0x0, 0x200, 0x70bd29, 0x25dfdbfc, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x5}, @SEG6_ATTR_DSTLEN={0x8}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x5}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x29}, @SEG6_ATTR_DST={0x14, 0x1, @empty}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x85}]}, 0x50}, 0x1, 0x0, 0x0, 0x40840}, 0x800) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.io_wait_time_recursive\x00', 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r0) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r3) sendto$l2tp(r3, &(0x7f0000000200)="aa13848221d510d8a7554024205b8f2711a7be9b355b75068ffc27ead223d796602f7564ef87ff0a93fe04952036db667bb2da39b4e0736b3e6ffb2abf77873b339fb143360def7299b29152191a3b8764bdba2171a621574d76c611e535b372962b8d7185cf96e3b31f2189d550d6", 0x6f, 0x4c8c5, &(0x7f0000000280)={0x2, 0x0, @rand_addr=0x64010102, 0x2}, 0x10) sendmsg$NL80211_CMD_DEL_PMK(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r2, 0x4, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x805}, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), r4) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sys/net/ipv4/vs/ignore_tunneled\x00', 0x2, 0x0) getsockname$l2tp(r6, &(0x7f0000000400)={0x2, 0x0, @remote}, &(0x7f0000000440)=0x10) r7 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$SEG6_CMD_DUMPHMAC(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="db"], 0x44}}, 0x0) sendmsg$SEG6_CMD_GET_TUNSRC(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x2c, r7, 0x8, 0x70bd2d, 0x25dfdbfd, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0x3}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x2}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4cc05}, 0x0) [ 1195.790126] __alloc_skb+0x5c/0x510 [ 1195.793766] kobject_uevent_env+0x882/0xf30 [ 1195.793788] lo_ioctl+0x11a6/0x1cd0 [ 1195.793800] ? loop_set_status64+0xe0/0xe0 [ 1195.793812] blkdev_ioctl+0x540/0x1830 [ 1195.809808] ? blkpg_ioctl+0x8d0/0x8d0 [ 1195.813688] ? trace_hardirqs_on+0x10/0x10 [ 1195.817924] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1195.823023] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1195.828025] block_ioctl+0xd9/0x120 [ 1195.831632] ? blkdev_fallocate+0x3a0/0x3a0 [ 1195.835931] do_vfs_ioctl+0x75a/0xff0 [ 1195.839719] ? lock_acquire+0x170/0x3f0 [ 1195.843673] ? ioctl_preallocate+0x1a0/0x1a0 [ 1195.848064] ? __fget+0x265/0x3e0 [ 1195.851501] ? do_vfs_ioctl+0xff0/0xff0 [ 1195.855461] ? security_file_ioctl+0x83/0xb0 [ 1195.859860] SyS_ioctl+0x7f/0xb0 [ 1195.863216] ? do_vfs_ioctl+0xff0/0xff0 [ 1195.867171] do_syscall_64+0x1d5/0x640 [ 1195.871043] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1195.876214] RIP: 0033:0x7f322b2faea7 [ 1195.879911] RSP: 002b:00007f3229c6ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1195.887598] RAX: ffffffffffffffda RBX: 00007f322b344a20 RCX: 00007f322b2faea7 [ 1195.894846] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1195.902096] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1195.909345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1195.916593] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1195.936490] hfsplus: creator requires a 4 character value 09:32:04 executing program 1: r0 = socket(0x25, 0x1, 0x0) sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x28}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x50, 0x0, 0x200, 0x70bd29, 0x25dfdbfc, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x5}, @SEG6_ATTR_DSTLEN={0x8}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x5}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x29}, @SEG6_ATTR_DST={0x14, 0x1, @empty}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x85}]}, 0x50}, 0x1, 0x0, 0x0, 0x40840}, 0x800) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.io_wait_time_recursive\x00', 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r0) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r3) sendto$l2tp(r3, &(0x7f0000000200)="aa13848221d510d8a7554024205b8f2711a7be9b355b75068ffc27ead223d796602f7564ef87ff0a93fe04952036db667bb2da39b4e0736b3e6ffb2abf77873b339fb143360def7299b29152191a3b8764bdba2171a621574d76c611e535b372962b8d7185cf96e3b31f2189d550d6", 0x6f, 0x4c8c5, &(0x7f0000000280)={0x2, 0x0, @rand_addr=0x64010102, 0x2}, 0x10) sendmsg$NL80211_CMD_DEL_PMK(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r2, 0x4, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x805}, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), r4) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sys/net/ipv4/vs/ignore_tunneled\x00', 0x2, 0x0) getsockname$l2tp(r6, &(0x7f0000000400)={0x2, 0x0, @remote}, &(0x7f0000000440)=0x10) r7 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$SEG6_CMD_DUMPHMAC(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="db"], 0x44}}, 0x0) sendmsg$SEG6_CMD_GET_TUNSRC(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x2c, r7, 0x8, 0x70bd2d, 0x25dfdbfd, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0x3}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x2}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4cc05}, 0x0) socket(0x25, 0x1, 0x0) (async) sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x28}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x50, 0x0, 0x200, 0x70bd29, 0x25dfdbfc, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x5}, @SEG6_ATTR_DSTLEN={0x8}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x5}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x29}, @SEG6_ATTR_DST={0x14, 0x1, @empty}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x85}]}, 0x50}, 0x1, 0x0, 0x0, 0x40840}, 0x800) (async) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.io_wait_time_recursive\x00', 0x0, 0x0) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r0) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r3) (async) sendto$l2tp(r3, &(0x7f0000000200)="aa13848221d510d8a7554024205b8f2711a7be9b355b75068ffc27ead223d796602f7564ef87ff0a93fe04952036db667bb2da39b4e0736b3e6ffb2abf77873b339fb143360def7299b29152191a3b8764bdba2171a621574d76c611e535b372962b8d7185cf96e3b31f2189d550d6", 0x6f, 0x4c8c5, &(0x7f0000000280)={0x2, 0x0, @rand_addr=0x64010102, 0x2}, 0x10) (async) sendmsg$NL80211_CMD_DEL_PMK(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r2, 0x4, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x805}, 0x0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), r4) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sys/net/ipv4/vs/ignore_tunneled\x00', 0x2, 0x0) (async) getsockname$l2tp(r6, &(0x7f0000000400)={0x2, 0x0, @remote}, &(0x7f0000000440)=0x10) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) (async) sendmsg$SEG6_CMD_DUMPHMAC(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="db"], 0x44}}, 0x0) (async) sendmsg$SEG6_CMD_GET_TUNSRC(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x2c, r7, 0x8, 0x70bd2d, 0x25dfdbfd, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0x3}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x2}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4cc05}, 0x0) (async) [ 1195.938523] hfsplus: unable to parse mount options [ 1195.942882] hfsplus: unable to parse mount options [ 1195.947332] FAULT_INJECTION: forcing a failure. [ 1195.947332] name failslab, interval 1, probability 0, space 0, times 0 [ 1195.983718] CPU: 1 PID: 29573 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1195.991619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1196.000973] Call Trace: [ 1196.003608] dump_stack+0x1b2/0x281 [ 1196.007246] should_fail.cold+0x10a/0x149 [ 1196.011399] should_failslab+0xd6/0x130 [ 1196.015381] kmem_cache_alloc_node_trace+0x25a/0x400 [ 1196.020498] __kmalloc_node_track_caller+0x38/0x70 [ 1196.025438] __alloc_skb+0x96/0x510 [ 1196.029077] kobject_uevent_env+0x882/0xf30 [ 1196.033414] lo_ioctl+0x11a6/0x1cd0 [ 1196.037054] ? loop_set_status64+0xe0/0xe0 [ 1196.041296] blkdev_ioctl+0x540/0x1830 [ 1196.045173] ? blkpg_ioctl+0x8d0/0x8d0 [ 1196.045183] ? trace_hardirqs_on+0x10/0x10 [ 1196.045198] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1196.045209] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1196.045224] block_ioctl+0xd9/0x120 [ 1196.045233] ? blkdev_fallocate+0x3a0/0x3a0 [ 1196.045243] do_vfs_ioctl+0x75a/0xff0 [ 1196.045252] ? lock_acquire+0x170/0x3f0 [ 1196.079056] ? ioctl_preallocate+0x1a0/0x1a0 [ 1196.083718] ? __fget+0x265/0x3e0 [ 1196.087168] ? do_vfs_ioctl+0xff0/0xff0 [ 1196.091141] ? security_file_ioctl+0x83/0xb0 [ 1196.095539] SyS_ioctl+0x7f/0xb0 [ 1196.098885] ? do_vfs_ioctl+0xff0/0xff0 [ 1196.102842] do_syscall_64+0x1d5/0x640 [ 1196.106714] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1196.111885] RIP: 0033:0x7f463664cea7 [ 1196.115574] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1196.123276] RAX: ffffffffffffffda RBX: 00007f4636696a20 RCX: 00007f463664cea7 09:32:04 executing program 1: r0 = socket(0x25, 0x1, 0x0) sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x28}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x50, 0x0, 0x200, 0x70bd29, 0x25dfdbfc, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x5}, @SEG6_ATTR_DSTLEN={0x8}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x5}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x29}, @SEG6_ATTR_DST={0x14, 0x1, @empty}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x85}]}, 0x50}, 0x1, 0x0, 0x0, 0x40840}, 0x800) (async) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.io_wait_time_recursive\x00', 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r0) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r3) (async) sendto$l2tp(r3, &(0x7f0000000200)="aa13848221d510d8a7554024205b8f2711a7be9b355b75068ffc27ead223d796602f7564ef87ff0a93fe04952036db667bb2da39b4e0736b3e6ffb2abf77873b339fb143360def7299b29152191a3b8764bdba2171a621574d76c611e535b372962b8d7185cf96e3b31f2189d550d6", 0x6f, 0x4c8c5, &(0x7f0000000280)={0x2, 0x0, @rand_addr=0x64010102, 0x2}, 0x10) (async) sendmsg$NL80211_CMD_DEL_PMK(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r2, 0x4, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x805}, 0x0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), r4) (async) r5 = socket$nl_generic(0x10, 0x3, 0x10) (async) r6 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sys/net/ipv4/vs/ignore_tunneled\x00', 0x2, 0x0) getsockname$l2tp(r6, &(0x7f0000000400)={0x2, 0x0, @remote}, &(0x7f0000000440)=0x10) r7 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$SEG6_CMD_DUMPHMAC(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="db"], 0x44}}, 0x0) (async) sendmsg$SEG6_CMD_GET_TUNSRC(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x2c, r7, 0x8, 0x70bd2d, 0x25dfdbfd, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0x3}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x2}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4cc05}, 0x0) [ 1196.130539] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1196.137891] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1196.145145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1196.152399] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 09:32:04 executing program 4: sendmsg$NLBL_CALIPSO_C_LIST(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000100), 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x34, 0x0, 0x300, 0x70bd2d, 0x25dfdbfc, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x448c4) syz_open_dev$ndb(&(0x7f0000000140), 0x0, 0x40a00) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) ioctl$SNAPSHOT_SET_SWAP_AREA(0xffffffffffffffff, 0x400c330d, &(0x7f00000001c0)={0xbcb, 0x5}) r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) r3 = accept$netrom(r2, 0x0, 0x0) syz_mount_image$hfsplus(&(0x7f0000000400), &(0x7f0000000440)='./file0\x00', 0x401, 0x5, &(0x7f00000016c0)=[{&(0x7f0000000480)="b2628a1f043650716ca2bbb450098cbf983a41d797031c65ba6e177cfc989b5c532ac4d7faa9f9477039ce974cd2342d2bdd3724bafeb5a0bf40b16bfaf9ab5fdc3b19c9a5b8246ddfa54042b42bea04bd2507d24008254a6c3477fb5103fbab34824baea4c53463a1e729cad1a8b8326c742d", 0x73}, {&(0x7f0000000500)="b9a7d28ef6f0c2cf958e7b19cd255d1177f881b7873320bc811da6eda25ac7ca50e56689fa82f3d5e8f843e59a431f796df933b8272a34b7bd89dfc0978a03d371239f68e95b33f17f4badb91a6fcce947caef5358dbc387acaea28e5c4c4f15fedf1546aa9f239bd75a37115de464a78a380c3c740eb13282a15d915975dad74281103314af050914ed56a28342afdac5a0ec34c98454ec451dd1288767319acf5bb7312be4cd14428831331979fa83bcd4202d2ad6fc607d325186920060f242ea00087faa9f8bcbc51b5290fdad3a26c3dac60385596d4a05a57c4d485c8df14ccfbd46e9e9954abbe07ec9afebfc3bcccc2410d2916c", 0xf8, 0x7}, {&(0x7f0000000600)="ff7c5b794e27c6030827c1341d1413fa471cefd925d51da843c764d1c968c2669af3f32042d51eab773b48c6dd6d5ec52984cc12750cfd6fbadde681da65ba486a048308b94110435e2d03f76b98c4ee18604a9b838e", 0x56, 0xdb}, {&(0x7f0000000680)="f88585b74ab8e69030831b047fab7648eaf11e0ae142deab2b96d7dd64135c461bbb71cbd43e794ab706278c3947e7ce793e462d77c7dea3f49e8837314c82cbafb676e1baecf1b00b80bab47aa8e6b70aa9253aad13a546efbfab42bfcff82dd92408c1fb3853b83bff873fc7af93bf4308b44aeccfbdbbce21442bca2c0ae7b5ac1474436239b6e8e38c4e3bf6eeb9eb184142555b7cde242a6de2befce3831e03783764688064fd5544b6a4268055a72597c82dae7b52a33b2de1bfeabdd353acb216e98485b258c20d6d1cf5374867a7dda81e0a469244b34a7c51ec28da923d24d6cf0e20417fba6981acb63e07a17235d52bc0ebae84703cfc9ad03110bca7c033d891735006fbfd945de1c283c76f7e076ed2ec064db2a1c2f221053e133bd78594dcc5d281148f1ac3fe567bbf88b5a584fc68ae01748f074cd1d2eaa1ea61e5956023119574ea36f14cbc4eb5f781663512c7b437b82e5c43d6f535cc09883a8157b3c8e1c619e3541cb35dd5645c15fe704604ebbda1e4d121246e96858ac57e007fc2c5e20f9bcd4e6ebac27b4d01a90ce68ea32d015e77c35d2053bb73f87481404af366b39e15d776de06dad899658e3e7cc57a87953d3726e048e90f97d0ad581ade6e00483450e76b0e7a708ddced0ade1fa2c8b2ea693e93d559f3ac6565f42f288f6e2afa1a9c13d6ce09f1fae0e0b2ae3bb696b9912394071ecdae245286efb6ab31711aaee32c58d8979959aeaf1c94ce60cf5dc5a4291eba639f4943f0977e89fa68a05f7fcb679707e9fba1d9348c5efb11f528b99fe5c40cbd5ec60cac0d2f778772e495c0020234fc6824978981adb8fed31802b4d43bafcc1f1ba3f83853bcad07ba1fdf26eb146a7d6003df5fb9a47df6b162cf194630315377bafe0a1249da2cb8ef9eacddb3018d5ca373614d1a41e750191e70385d07ed9bbdf20e5de27b075d7b68c978f6210c19c72f099ea9726d0e0550030f9bd4d1b8477a7c4cba4f44d0f769e9fd34fb678e68263c239acb743e389d1822efb3ef15a4f2c2acf103a8d82229ab179c4808e244185a96712d27de9dba174f066e597b45dd07f2f25abc3ae7cbb99ee6fb5ca0a42a2ae38cf15cd88137d80aee811ede6007dfa23b7cc5940d0bd0fb6281a990d6344bc8054c54c83a12088b6dd7f71be259eff5dfa8c733305a111a9a377d4a74901c4a2c1158a4f55168c3350d8edc759d857f4115e0959cc92452421d9e0b22f1aada15aecf0cf8321afe71a946423284f3eed3677c4d2c2258ceebb42dbc26bc729a1a95abfea391890ec24862b16e39e84b840b8da49fcf16f29f921ab550f4aa3db92652fc92487252b37779bfe1a8f62282fe8f216bdab560249a4417bc33371d318b71693f8def73c2b2fce6502d084cbe6819e3f8fa19652398c0d6a34720c30a68c705f976e41f1010c9482c377f0e3487059dbda494efe86bfd98f80b588f872f92e31a2fb4c936b7a8b5ba83992a2cc04144448fb14897ca6e29bd80aaa75425e60328e364c3a7c8e79ec0ffc4b9f30067f1db11e0127d68b8d8cd9095a58c9939ebc73779dec9be8a04392b3b4ebc47c03cd04d29005c8fbc3df80a6be54e9fda84beba8488f18c618fa3a07aa442b50e4ed760ca22e76c4a2077bee2efffc99035ec12e6648b4a7a396833ecea228c7a40bfa693bd0b2a6df93bf0e6a04a57248f59730ac5bfbeadbdad894767ebc1e171dcb93486bc31d77c9e41619ba078aff1f08521e5917712fe16c74580f85d446007ec6aa275500fa059b27b228da6b833026933766c10347dc8b2a5033e12c5426dc2efda401c29917736d52881a2950aeec0b330c3b9234512755812dfcc00894d032ce8c49d4511dbf7a633f6a1ff7ae15cb1a0fc87e0121b7f2c9babfdfe092dd4fa000cafaa2bb71b9535e61ade05abf360e680d6e3feb5d583870049d321b681d65fda255e2f2f630fc840181f4173a85818817b6d1d45d8aca6621334e88f8eb5e70a9b1c38c4ef697ff1977d4960e0ec37f9df882d7a66b4c297c7fcc190fd2c809c0994eec9857d18fb7a3170922869c9cb9a07e296c06f27b52bedc0597ec64de35dcad0af57635d15baced9a4f7b7a53003730a01923035031cc5db1448530d99bf3438bb88625f16a45ce7f190fb2debd7017ed942fe002e1b4a5802185bd20986c5847273ef5f2a910e588adf14a352b9dc0b396e59582610c401e5a320d7cb07d1e0784992899e50353f173d77ef9bc083963fe444649c0f85f774fbc1d539bc5d845a3c4237047203f77f12f30a10d6f8d7623629cabcebb89ba940e249517d6fdc090e650ab7922dee506a4a0c1783da19b2c88e3c89825c63d124f1f0e3f0a42a9def7f01cc48175ccbf4525daff13add3788a85d805888595a41f269a0b1b756bd0f0c415cd1b2c4f809dcf63f260dce1a05d4395fbbb601bdbb29c65887d800ec02a6bdc790afac7ade06b8d944ed6e7129fca5122409a63a6e199f127a24ebc9e48230fe9452b1edfaadde5714f89c6ba77284ec91e41c8d844e065759d03c6ebfe2485852aba4cc0dde1b91b744730db9dada200b02eb12be66d1d42a367b4c9b09f9d0d502b4860788b14fdd06e7a8beca8be7e3b03d2c82e0ec3faa61dd48bb07d10a55438860a7712ee56d3a263600408149cab571b96fed34273a676f0d385eab6d52f6a65b5d71a50375c38151612044d7b71c7bf17d530eaa5c94b61158fc84de88fc3ec083c5ed77c303c0a9ca8b2affca514430c5f55e0d5a1cf1f8ccbe8f775e5e334cbb27734083af6c2c40970c8b30f26845cf69b61b9d553d3229cd14527ffd2aaa16d4aa41c5a41dd899a908d1fb793f3a30c51054f67db15edaa9ee3d906d698626a6137e9aa89e527ea719f7fb55e2af1a7b49e8ec03c222e9bf6eff1d017744f74e1aa15f3b67fddde7987445130423935ac1795c87f4ca7017ef95eee5a7e3c96497d54834370e7cd10c1596b116fdd91422708315c1700a1ee12f43cba2ce27afccc341283a1f47bc36ed55ad46a1bc7a7ab5abf1ac9926606a1258223f50ce123fee0345a1dd669085bc3153dc4a7c343cacd4563bcbe4eabf950df733b8696ceecf2df3d49b55bc9894637f70398258fea9d5475efcec018f9d02c1d15624d0063405317e2722967b7a30fa08742e0479f1af60b87a914b4f9fb81e43d38fdc8039f6b70705c0655796aee2cf4e9b06b79be5f0420d579a7551e85745348d8d75028ed3b43906372946c5eac8ab798f46c435f165ae5ebf03eba9bf4eec8b10ba70f6ba1dc8f6231f2ab61fbf326dbda6a2795f2869a39bae2823f28de22a4b330666cbf81dc7162a149e951f16fc687612f933fe1c90acd0a067479f11aab86b3769208168e38f0a72146059271d2e0725947d97f90190148998f979537fd80c32fa1fff6673018175154335feb7a0e76a247f923de75f615bbfe5dae3d32d8419b3bcfef9956fd2a2464b23b59955ac98300b3c90a227c7eed7ece018abb03e6be4fb7e5f3c6d4a5a52737b404458f7409b753eb786cd03cd71d75665e5d408efb430b11a9bd52206bb3310c0269e86ddceadc860024544df92eda35213887e7a9fa5990c98829940a22d880b29eb9bcf1e80cc80f895af88a5f93683d2edcfca74a21da6466a4a34dd12041d55422c58c533ec46950b759e28e0c9d50618fe6c469637c213ac6da9a2632cbda83ba02a831729d3c7b554ba81081b45bd10e711ba98857cc3aaa4cbf54af6b98cf4a0583a2b436a28528f28738ba4507537cf6661fb7a74e19a045a9c9c1d0cad415168b9eee9707d6396705abc26fe634e752f9f5c8d0f0ef375f70dd6e3b3f8f69e072e742d0817769f166de8194b656519edc16b2a834cd8141c9b1e8d9d922665ea5c9095a4bfa67fa37c92c449538446fb863c53a5470c8935214e21d29a2181dd45effc96055b6a30feefec792d156eb4d0a3481e1d9bd9a75f032725ab113254c2fda2860d281f9c017384addb2f20a0009da7ee177310df83ad6d65884cde7f2b2d1daef29509025321e694f9d67b230fcd39adaceca12481f72f64dcbdb4e45c89a38e5d89fe5601e797ba4b1d3d2ffd3851300bf1fc19a449b395d504d41c032047e43bc7954d8b433682ca4764961257f3398d477d464733be120d1cd948c58a651e108fc3284c297f4758e148b734b20bb186a777350579d32367da616f639d781dbbdf94dd3face78e6c642d0828afdd109822e9b376c71036796c8aad6b58642c136162ac1615710c759e585f095cf608a5401c95e6b2907ce93aee6b7a18793a05a867481afb32f5001e3b349943e89106d7fdb07b22a585cfdaae9fbf0c33eb45e489b1943f1bd2d5ea7d1650415cdef35882710f7cb4c806d270bc163f542ebb1b4182b6d9125339903b93afdc47b884159cc53663e10d327fb34ad0d82d3bf2f0cc3411244a43ed5b385389f6953c11f7c9a1838af2c1a5e6ec5cafc9b84ac6ba79a113dbcd8682a5ce49be20c68d4f86fb736090608cc4f79f2ac9ff9e894503e5a5271109c52b0c8820defc4c78cb7d39658b79e72882f90bcbcf5e85d366da62f93e20bf90334eec1b07e9193cc760ab8928366674820cbc67336b1a0563274a5d3f1b17856d48d2eca8e6cd46c717bcfe4933221f4dc607114df3cc746b3cb076520db0f4cb5f698ec80727882e7b9f751efeaf2aeb9e2669a8c74c0008a5ed6b99946d0aebe8c76f0aea8f80c35a0025cf21ddaef83bd4daa7e5e51c8573fbff03d4c6074d4dcdf6f969e49c3a455062d0d8abac74ba6d8183ab734d13ef459ab422dd0f22a13383ed18f64ad7cc982b383849f6551faffb512b7ca3653093cb150737cdf1c687ecf957b8d0bdd69afc4e804156d36124f976dcceb92259894f9446245a62401aaff703ac4a76e627669d5675e583dff1e4a9828baa02cad33b4c23333245bf280903218e90c462f40743f2b59494086bef3b4ecd55045dad36cd5fb831bbe7a2cfbe27a5a74ce06e9290fd2d25a1469097760e05ddd68a3f0828c97a7a00967e3cc359a4521ce372b5f0253118ce2ccecc2b4024e367c258df21068c1b8e18a64f1985d8e522f1596432a9cbe776769533c86f17a3e12607173b412d524c509bde369ded8b5ca208e2b19450b0413bb8470f73a4ea45a28d6b5d02ceaccbafef07c46c3d7924119fc1bd5aa8ade9d040f38f21033c2f617d2c6a530b1fe0d236ff3cae0a6ffce7a2a348c9d03ea061829d2b4e8573ebfe5951d661d37ae60ff4d4d6bd9453cebf1ebfb3765457d9158aeb87253e9f3b431b398ae89a6340bb337ada3fbf9ca1cb6b57c53fe4d919311bd7d3bc6b544a3e0407e21179383a63512a0f02dc1cdb00d00ec72eeb7c285b116cce5db1eaaa328695a399c2583229676f94c387d15b0fefcb820ff1fd740c614e9a492c0a2d7eddb0d6b0b56567ba47d5b6457dec43134c8115877a0e274b80daba348b3b0c6c4e987f4a2f382f48623e1995b5debb9d24514a5d607b195462e8d1021259c80c195af062881b0fabca804f36fbd265e517ac690c2db94bf21997ce116c451e127d39552b649395b13f4bdd1fa1c79730864d4e4801035ab5addde422ca90e3f7e7a5770fd11d8b6e587c0710ebc0b83c612a2a820e483554907780490aa842135ad3e2908576f80d9878037e70166bd46e5372d4deef83f0b784a657e324cd3597805ffd0dd5a0a01e152f8b8c292be53b528823674c995e5dc706debbff75654f6555eb884ebd", 0x1000, 0x8}, {&(0x7f0000001680)="d1d29923eb197e4638230e10f11f6d899b2f4a3ceeb64236bd9c15657029d9f16d228520a28c454a", 0x28, 0x2}], 0x2000000, &(0x7f0000001740)={[{@uid}], [{@rootcontext={'rootcontext', 0x3d, 'root'}}, {@permit_directio}, {@measure}, {@appraise}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@measure}, {@appraise_type}, {@fsmagic={'fsmagic', 0x3d, 0x7ff}}]}) sendmsg$SEG6_CMD_SET_TUNSRC(r0, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES32=r3, @ANYBLOB="00022a2000000000df250300000014000100fe8000010000f282c41f0000000000c00e0000430500050000000000", @ANYRES16=r3, @ANYBLOB="2879cb80e38497a6f5391d619d314b67c4470d2a2c79563d425a43cd0419d9be9eaeb57edbe43a915b02232e06a02656aed2fbdc255857ffcdea592ac64d6ccf6847b83b4d7216c5fe90d9cbf08c6330073f2e040befc1b31d266e9026eabc39e094d3f5475fecfbfa8a9329aa41cd1c9c0d86356b3da1389623917b7e0d8da38d47373a85064886ba5196f6578d253dcc0c2f", @ANYRESHEX=r1], 0x30}, 0x1, 0x0, 0x0, 0x44410}, 0xc894) syz_open_dev$ndb(&(0x7f0000001800), 0x0, 0x400800) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r4, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) openat$cuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) sendmsg$NLBL_CALIPSO_C_LIST(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000100), 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x34, 0x0, 0x300, 0x70bd2d, 0x25dfdbfc, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x448c4) (async) syz_open_dev$ndb(&(0x7f0000000140), 0x0, 0x40a00) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(0xffffffffffffffff, 0x400c330d, &(0x7f00000001c0)={0xbcb, 0x5}) (async) syz_init_net_socket$netrom(0x6, 0x5, 0x0) (async) accept$netrom(r2, 0x0, 0x0) (async) syz_mount_image$hfsplus(&(0x7f0000000400), &(0x7f0000000440)='./file0\x00', 0x401, 0x5, &(0x7f00000016c0)=[{&(0x7f0000000480)="b2628a1f043650716ca2bbb450098cbf983a41d797031c65ba6e177cfc989b5c532ac4d7faa9f9477039ce974cd2342d2bdd3724bafeb5a0bf40b16bfaf9ab5fdc3b19c9a5b8246ddfa54042b42bea04bd2507d24008254a6c3477fb5103fbab34824baea4c53463a1e729cad1a8b8326c742d", 0x73}, {&(0x7f0000000500)="b9a7d28ef6f0c2cf958e7b19cd255d1177f881b7873320bc811da6eda25ac7ca50e56689fa82f3d5e8f843e59a431f796df933b8272a34b7bd89dfc0978a03d371239f68e95b33f17f4badb91a6fcce947caef5358dbc387acaea28e5c4c4f15fedf1546aa9f239bd75a37115de464a78a380c3c740eb13282a15d915975dad74281103314af050914ed56a28342afdac5a0ec34c98454ec451dd1288767319acf5bb7312be4cd14428831331979fa83bcd4202d2ad6fc607d325186920060f242ea00087faa9f8bcbc51b5290fdad3a26c3dac60385596d4a05a57c4d485c8df14ccfbd46e9e9954abbe07ec9afebfc3bcccc2410d2916c", 0xf8, 0x7}, {&(0x7f0000000600)="ff7c5b794e27c6030827c1341d1413fa471cefd925d51da843c764d1c968c2669af3f32042d51eab773b48c6dd6d5ec52984cc12750cfd6fbadde681da65ba486a048308b94110435e2d03f76b98c4ee18604a9b838e", 0x56, 0xdb}, {&(0x7f0000000680)="f88585b74ab8e69030831b047fab7648eaf11e0ae142deab2b96d7dd64135c461bbb71cbd43e794ab706278c3947e7ce793e462d77c7dea3f49e8837314c82cbafb676e1baecf1b00b80bab47aa8e6b70aa9253aad13a546efbfab42bfcff82dd92408c1fb3853b83bff873fc7af93bf4308b44aeccfbdbbce21442bca2c0ae7b5ac1474436239b6e8e38c4e3bf6eeb9eb184142555b7cde242a6de2befce3831e03783764688064fd5544b6a4268055a72597c82dae7b52a33b2de1bfeabdd353acb216e98485b258c20d6d1cf5374867a7dda81e0a469244b34a7c51ec28da923d24d6cf0e20417fba6981acb63e07a17235d52bc0ebae84703cfc9ad03110bca7c033d891735006fbfd945de1c283c76f7e076ed2ec064db2a1c2f221053e133bd78594dcc5d281148f1ac3fe567bbf88b5a584fc68ae01748f074cd1d2eaa1ea61e5956023119574ea36f14cbc4eb5f781663512c7b437b82e5c43d6f535cc09883a8157b3c8e1c619e3541cb35dd5645c15fe704604ebbda1e4d121246e96858ac57e007fc2c5e20f9bcd4e6ebac27b4d01a90ce68ea32d015e77c35d2053bb73f87481404af366b39e15d776de06dad899658e3e7cc57a87953d3726e048e90f97d0ad581ade6e00483450e76b0e7a708ddced0ade1fa2c8b2ea693e93d559f3ac6565f42f288f6e2afa1a9c13d6ce09f1fae0e0b2ae3bb696b9912394071ecdae245286efb6ab31711aaee32c58d8979959aeaf1c94ce60cf5dc5a4291eba639f4943f0977e89fa68a05f7fcb679707e9fba1d9348c5efb11f528b99fe5c40cbd5ec60cac0d2f778772e495c0020234fc6824978981adb8fed31802b4d43bafcc1f1ba3f83853bcad07ba1fdf26eb146a7d6003df5fb9a47df6b162cf194630315377bafe0a1249da2cb8ef9eacddb3018d5ca373614d1a41e750191e70385d07ed9bbdf20e5de27b075d7b68c978f6210c19c72f099ea9726d0e0550030f9bd4d1b8477a7c4cba4f44d0f769e9fd34fb678e68263c239acb743e389d1822efb3ef15a4f2c2acf103a8d82229ab179c4808e244185a96712d27de9dba174f066e597b45dd07f2f25abc3ae7cbb99ee6fb5ca0a42a2ae38cf15cd88137d80aee811ede6007dfa23b7cc5940d0bd0fb6281a990d6344bc8054c54c83a12088b6dd7f71be259eff5dfa8c733305a111a9a377d4a74901c4a2c1158a4f55168c3350d8edc759d857f4115e0959cc92452421d9e0b22f1aada15aecf0cf8321afe71a946423284f3eed3677c4d2c2258ceebb42dbc26bc729a1a95abfea391890ec24862b16e39e84b840b8da49fcf16f29f921ab550f4aa3db92652fc92487252b37779bfe1a8f62282fe8f216bdab560249a4417bc33371d318b71693f8def73c2b2fce6502d084cbe6819e3f8fa19652398c0d6a34720c30a68c705f976e41f1010c9482c377f0e3487059dbda494efe86bfd98f80b588f872f92e31a2fb4c936b7a8b5ba83992a2cc04144448fb14897ca6e29bd80aaa75425e60328e364c3a7c8e79ec0ffc4b9f30067f1db11e0127d68b8d8cd9095a58c9939ebc73779dec9be8a04392b3b4ebc47c03cd04d29005c8fbc3df80a6be54e9fda84beba8488f18c618fa3a07aa442b50e4ed760ca22e76c4a2077bee2efffc99035ec12e6648b4a7a396833ecea228c7a40bfa693bd0b2a6df93bf0e6a04a57248f59730ac5bfbeadbdad894767ebc1e171dcb93486bc31d77c9e41619ba078aff1f08521e5917712fe16c74580f85d446007ec6aa275500fa059b27b228da6b833026933766c10347dc8b2a5033e12c5426dc2efda401c29917736d52881a2950aeec0b330c3b9234512755812dfcc00894d032ce8c49d4511dbf7a633f6a1ff7ae15cb1a0fc87e0121b7f2c9babfdfe092dd4fa000cafaa2bb71b9535e61ade05abf360e680d6e3feb5d583870049d321b681d65fda255e2f2f630fc840181f4173a85818817b6d1d45d8aca6621334e88f8eb5e70a9b1c38c4ef697ff1977d4960e0ec37f9df882d7a66b4c297c7fcc190fd2c809c0994eec9857d18fb7a3170922869c9cb9a07e296c06f27b52bedc0597ec64de35dcad0af57635d15baced9a4f7b7a53003730a01923035031cc5db1448530d99bf3438bb88625f16a45ce7f190fb2debd7017ed942fe002e1b4a5802185bd20986c5847273ef5f2a910e588adf14a352b9dc0b396e59582610c401e5a320d7cb07d1e0784992899e50353f173d77ef9bc083963fe444649c0f85f774fbc1d539bc5d845a3c4237047203f77f12f30a10d6f8d7623629cabcebb89ba940e249517d6fdc090e650ab7922dee506a4a0c1783da19b2c88e3c89825c63d124f1f0e3f0a42a9def7f01cc48175ccbf4525daff13add3788a85d805888595a41f269a0b1b756bd0f0c415cd1b2c4f809dcf63f260dce1a05d4395fbbb601bdbb29c65887d800ec02a6bdc790afac7ade06b8d944ed6e7129fca5122409a63a6e199f127a24ebc9e48230fe9452b1edfaadde5714f89c6ba77284ec91e41c8d844e065759d03c6ebfe2485852aba4cc0dde1b91b744730db9dada200b02eb12be66d1d42a367b4c9b09f9d0d502b4860788b14fdd06e7a8beca8be7e3b03d2c82e0ec3faa61dd48bb07d10a55438860a7712ee56d3a263600408149cab571b96fed34273a676f0d385eab6d52f6a65b5d71a50375c38151612044d7b71c7bf17d530eaa5c94b61158fc84de88fc3ec083c5ed77c303c0a9ca8b2affca514430c5f55e0d5a1cf1f8ccbe8f775e5e334cbb27734083af6c2c40970c8b30f26845cf69b61b9d553d3229cd14527ffd2aaa16d4aa41c5a41dd899a908d1fb793f3a30c51054f67db15edaa9ee3d906d698626a6137e9aa89e527ea719f7fb55e2af1a7b49e8ec03c222e9bf6eff1d017744f74e1aa15f3b67fddde7987445130423935ac1795c87f4ca7017ef95eee5a7e3c96497d54834370e7cd10c1596b116fdd91422708315c1700a1ee12f43cba2ce27afccc341283a1f47bc36ed55ad46a1bc7a7ab5abf1ac9926606a1258223f50ce123fee0345a1dd669085bc3153dc4a7c343cacd4563bcbe4eabf950df733b8696ceecf2df3d49b55bc9894637f70398258fea9d5475efcec018f9d02c1d15624d0063405317e2722967b7a30fa08742e0479f1af60b87a914b4f9fb81e43d38fdc8039f6b70705c0655796aee2cf4e9b06b79be5f0420d579a7551e85745348d8d75028ed3b43906372946c5eac8ab798f46c435f165ae5ebf03eba9bf4eec8b10ba70f6ba1dc8f6231f2ab61fbf326dbda6a2795f2869a39bae2823f28de22a4b330666cbf81dc7162a149e951f16fc687612f933fe1c90acd0a067479f11aab86b3769208168e38f0a72146059271d2e0725947d97f90190148998f979537fd80c32fa1fff6673018175154335feb7a0e76a247f923de75f615bbfe5dae3d32d8419b3bcfef9956fd2a2464b23b59955ac98300b3c90a227c7eed7ece018abb03e6be4fb7e5f3c6d4a5a52737b404458f7409b753eb786cd03cd71d75665e5d408efb430b11a9bd52206bb3310c0269e86ddceadc860024544df92eda35213887e7a9fa5990c98829940a22d880b29eb9bcf1e80cc80f895af88a5f93683d2edcfca74a21da6466a4a34dd12041d55422c58c533ec46950b759e28e0c9d50618fe6c469637c213ac6da9a2632cbda83ba02a831729d3c7b554ba81081b45bd10e711ba98857cc3aaa4cbf54af6b98cf4a0583a2b436a28528f28738ba4507537cf6661fb7a74e19a045a9c9c1d0cad415168b9eee9707d6396705abc26fe634e752f9f5c8d0f0ef375f70dd6e3b3f8f69e072e742d0817769f166de8194b656519edc16b2a834cd8141c9b1e8d9d922665ea5c9095a4bfa67fa37c92c449538446fb863c53a5470c8935214e21d29a2181dd45effc96055b6a30feefec792d156eb4d0a3481e1d9bd9a75f032725ab113254c2fda2860d281f9c017384addb2f20a0009da7ee177310df83ad6d65884cde7f2b2d1daef29509025321e694f9d67b230fcd39adaceca12481f72f64dcbdb4e45c89a38e5d89fe5601e797ba4b1d3d2ffd3851300bf1fc19a449b395d504d41c032047e43bc7954d8b433682ca4764961257f3398d477d464733be120d1cd948c58a651e108fc3284c297f4758e148b734b20bb186a777350579d32367da616f639d781dbbdf94dd3face78e6c642d0828afdd109822e9b376c71036796c8aad6b58642c136162ac1615710c759e585f095cf608a5401c95e6b2907ce93aee6b7a18793a05a867481afb32f5001e3b349943e89106d7fdb07b22a585cfdaae9fbf0c33eb45e489b1943f1bd2d5ea7d1650415cdef35882710f7cb4c806d270bc163f542ebb1b4182b6d9125339903b93afdc47b884159cc53663e10d327fb34ad0d82d3bf2f0cc3411244a43ed5b385389f6953c11f7c9a1838af2c1a5e6ec5cafc9b84ac6ba79a113dbcd8682a5ce49be20c68d4f86fb736090608cc4f79f2ac9ff9e894503e5a5271109c52b0c8820defc4c78cb7d39658b79e72882f90bcbcf5e85d366da62f93e20bf90334eec1b07e9193cc760ab8928366674820cbc67336b1a0563274a5d3f1b17856d48d2eca8e6cd46c717bcfe4933221f4dc607114df3cc746b3cb076520db0f4cb5f698ec80727882e7b9f751efeaf2aeb9e2669a8c74c0008a5ed6b99946d0aebe8c76f0aea8f80c35a0025cf21ddaef83bd4daa7e5e51c8573fbff03d4c6074d4dcdf6f969e49c3a455062d0d8abac74ba6d8183ab734d13ef459ab422dd0f22a13383ed18f64ad7cc982b383849f6551faffb512b7ca3653093cb150737cdf1c687ecf957b8d0bdd69afc4e804156d36124f976dcceb92259894f9446245a62401aaff703ac4a76e627669d5675e583dff1e4a9828baa02cad33b4c23333245bf280903218e90c462f40743f2b59494086bef3b4ecd55045dad36cd5fb831bbe7a2cfbe27a5a74ce06e9290fd2d25a1469097760e05ddd68a3f0828c97a7a00967e3cc359a4521ce372b5f0253118ce2ccecc2b4024e367c258df21068c1b8e18a64f1985d8e522f1596432a9cbe776769533c86f17a3e12607173b412d524c509bde369ded8b5ca208e2b19450b0413bb8470f73a4ea45a28d6b5d02ceaccbafef07c46c3d7924119fc1bd5aa8ade9d040f38f21033c2f617d2c6a530b1fe0d236ff3cae0a6ffce7a2a348c9d03ea061829d2b4e8573ebfe5951d661d37ae60ff4d4d6bd9453cebf1ebfb3765457d9158aeb87253e9f3b431b398ae89a6340bb337ada3fbf9ca1cb6b57c53fe4d919311bd7d3bc6b544a3e0407e21179383a63512a0f02dc1cdb00d00ec72eeb7c285b116cce5db1eaaa328695a399c2583229676f94c387d15b0fefcb820ff1fd740c614e9a492c0a2d7eddb0d6b0b56567ba47d5b6457dec43134c8115877a0e274b80daba348b3b0c6c4e987f4a2f382f48623e1995b5debb9d24514a5d607b195462e8d1021259c80c195af062881b0fabca804f36fbd265e517ac690c2db94bf21997ce116c451e127d39552b649395b13f4bdd1fa1c79730864d4e4801035ab5addde422ca90e3f7e7a5770fd11d8b6e587c0710ebc0b83c612a2a820e483554907780490aa842135ad3e2908576f80d9878037e70166bd46e5372d4deef83f0b784a657e324cd3597805ffd0dd5a0a01e152f8b8c292be53b528823674c995e5dc706debbff75654f6555eb884ebd", 0x1000, 0x8}, {&(0x7f0000001680)="d1d29923eb197e4638230e10f11f6d899b2f4a3ceeb64236bd9c15657029d9f16d228520a28c454a", 0x28, 0x2}], 0x2000000, &(0x7f0000001740)={[{@uid}], [{@rootcontext={'rootcontext', 0x3d, 'root'}}, {@permit_directio}, {@measure}, {@appraise}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@measure}, {@appraise_type}, {@fsmagic={'fsmagic', 0x3d, 0x7ff}}]}) (async) sendmsg$SEG6_CMD_SET_TUNSRC(r0, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES32=r3, @ANYBLOB="00022a2000000000df250300000014000100fe8000010000f282c41f0000000000c00e0000430500050000000000", @ANYRES16=r3, @ANYBLOB="2879cb80e38497a6f5391d619d314b67c4470d2a2c79563d425a43cd0419d9be9eaeb57edbe43a915b02232e06a02656aed2fbdc255857ffcdea592ac64d6ccf6847b83b4d7216c5fe90d9cbf08c6330073f2e040befc1b31d266e9026eabc39e094d3f5475fecfbfa8a9329aa41cd1c9c0d86356b3da1389623917b7e0d8da38d47373a85064886ba5196f6578d253dcc0c2f", @ANYRESHEX=r1], 0x30}, 0x1, 0x0, 0x0, 0x44410}, 0xc894) (async) syz_open_dev$ndb(&(0x7f0000001800), 0x0, 0x400800) (async) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r4, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) openat$cuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) (async) [ 1196.197470] hfsplus: creator requires a 4 character value [ 1196.203461] hfsplus: unable to parse mount options 09:32:04 executing program 2: r0 = syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="66726561746fd5df0e6f5235f55fa27b7116f70fb766ee1600881afa8a3dd1cdc4b4b0ee0c1a98d6f07fba7f4c679c81fa3f6c3897e4c5a0235e54d484e1d413"]) r1 = fanotify_init(0x8, 0x141000) fanotify_mark(r1, 0x0, 0x0, r0, &(0x7f0000000000)='./file0\x00') 09:32:04 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 31) 09:32:04 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0xe0048, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) [ 1196.240767] hfsplus: creator requires a 4 character value [ 1196.246328] hfsplus: unable to parse mount options [ 1196.292039] FAULT_INJECTION: forcing a failure. [ 1196.292039] name failslab, interval 1, probability 0, space 0, times 0 [ 1196.308195] CPU: 1 PID: 29646 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1196.316100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1196.325451] Call Trace: [ 1196.328039] dump_stack+0x1b2/0x281 [ 1196.331675] should_fail.cold+0x10a/0x149 [ 1196.335828] should_failslab+0xd6/0x130 [ 1196.339807] kmem_cache_alloc_node_trace+0x25a/0x400 [ 1196.344920] __kmalloc_node_track_caller+0x38/0x70 [ 1196.349855] __alloc_skb+0x96/0x510 [ 1196.353485] kobject_uevent_env+0x882/0xf30 [ 1196.357797] lo_ioctl+0x11a6/0x1cd0 [ 1196.361407] ? loop_set_status64+0xe0/0xe0 [ 1196.365623] blkdev_ioctl+0x540/0x1830 [ 1196.369497] ? blkpg_ioctl+0x8d0/0x8d0 [ 1196.373371] ? trace_hardirqs_on+0x10/0x10 [ 1196.377596] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1196.383207] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1196.388421] block_ioctl+0xd9/0x120 [ 1196.392045] ? blkdev_fallocate+0x3a0/0x3a0 [ 1196.396353] do_vfs_ioctl+0x75a/0xff0 [ 1196.400141] ? lock_acquire+0x170/0x3f0 [ 1196.404099] ? ioctl_preallocate+0x1a0/0x1a0 [ 1196.408506] ? __fget+0x265/0x3e0 [ 1196.411961] ? do_vfs_ioctl+0xff0/0xff0 [ 1196.415928] ? security_file_ioctl+0x83/0xb0 [ 1196.420319] SyS_ioctl+0x7f/0xb0 [ 1196.423662] ? do_vfs_ioctl+0xff0/0xff0 [ 1196.427623] do_syscall_64+0x1d5/0x640 [ 1196.431502] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1196.436668] RIP: 0033:0x7f322b2faea7 [ 1196.440355] RSP: 002b:00007f3229c6ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1196.448053] RAX: ffffffffffffffda RBX: 00007f322b344a20 RCX: 00007f322b2faea7 [ 1196.455324] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1196.462587] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1196.469846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1196.477112] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 09:32:04 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 32) 09:32:04 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) 09:32:04 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0xb2c80, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) 09:32:04 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0xe0048, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0xe0048, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (async) 09:32:04 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) (async) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) [ 1196.556991] hfsplus: unable to parse mount options [ 1196.571820] hfsplus: creator requires a 4 character value [ 1196.587013] hfsplus: unable to parse mount options 09:32:04 executing program 2: r0 = syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="66726561746fd5df0e6f5235f55fa27b7116f70fb766ee1600881afa8a3dd1cdc4b4b0ee0c1a98d6f07fba7f4c679c81fa3f6c3897e4c5a0235e54d484e1d413"]) r1 = fanotify_init(0x8, 0x141000) fanotify_mark(r1, 0x0, 0x0, r0, &(0x7f0000000000)='./file0\x00') syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="66726561746fd5df0e6f5235f55fa27b7116f70fb766ee1600881afa8a3dd1cdc4b4b0ee0c1a98d6f07fba7f4c679c81fa3f6c3897e4c5a0235e54d484e1d413"]) (async) fanotify_init(0x8, 0x141000) (async) fanotify_mark(r1, 0x0, 0x0, r0, &(0x7f0000000000)='./file0\x00') (async) [ 1196.613601] FAULT_INJECTION: forcing a failure. [ 1196.613601] name failslab, interval 1, probability 0, space 0, times 0 [ 1196.651172] CPU: 0 PID: 29687 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 09:32:04 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) (async) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) 09:32:04 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) sendmsg$L2TP_CMD_SESSION_CREATE(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x81004845}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="852beb4547abbb8d01f72cf5e3ace000", @ANYRES16=0x0, @ANYBLOB="000227bd7000fbdb00000008001800640101010c00160003000000000000000600010005000000"], 0x30}, 0x1, 0x0, 0x0, 0x80c5}, 0x8cd4) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$SMC_PNETID_DEL(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x14, r2, 0x1}, 0x14}}, 0x0) sendmsg$SMC_PNETID_DEL(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x6c, r2, 0x100, 0x70bd2c, 0x25dfdbfc, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond_slave_0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'veth0_to_hsr\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4040}, 0x810) [ 1196.659085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1196.668440] Call Trace: [ 1196.671029] dump_stack+0x1b2/0x281 [ 1196.674668] should_fail.cold+0x10a/0x149 [ 1196.678812] should_failslab+0xd6/0x130 [ 1196.682772] kmem_cache_alloc_node_trace+0x25a/0x400 [ 1196.687856] __kmalloc_node_track_caller+0x38/0x70 [ 1196.692778] __alloc_skb+0x96/0x510 [ 1196.696412] kobject_uevent_env+0x882/0xf30 [ 1196.700744] lo_ioctl+0x11a6/0x1cd0 [ 1196.704381] ? loop_set_status64+0xe0/0xe0 [ 1196.708624] blkdev_ioctl+0x540/0x1830 [ 1196.712509] ? blkpg_ioctl+0x8d0/0x8d0 [ 1196.712520] ? trace_hardirqs_on+0x10/0x10 [ 1196.712535] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1196.712547] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1196.730736] block_ioctl+0xd9/0x120 [ 1196.734343] ? blkdev_fallocate+0x3a0/0x3a0 [ 1196.738642] do_vfs_ioctl+0x75a/0xff0 [ 1196.742424] ? lock_acquire+0x170/0x3f0 [ 1196.746375] ? ioctl_preallocate+0x1a0/0x1a0 [ 1196.750760] ? __fget+0x265/0x3e0 [ 1196.754201] ? do_vfs_ioctl+0xff0/0xff0 [ 1196.758169] ? security_file_ioctl+0x83/0xb0 [ 1196.762580] SyS_ioctl+0x7f/0xb0 [ 1196.765931] ? do_vfs_ioctl+0xff0/0xff0 [ 1196.769884] do_syscall_64+0x1d5/0x640 [ 1196.773754] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1196.778932] RIP: 0033:0x7f463664cea7 [ 1196.782628] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1196.790319] RAX: ffffffffffffffda RBX: 00007f4636696a20 RCX: 00007f463664cea7 [ 1196.797570] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1196.804818] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f4634fc21d0 09:32:05 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0xb2c80, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0xb2c80, 0x0) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) 09:32:05 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0xb2c80, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) 09:32:05 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 32) 09:32:05 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) sendmsg$L2TP_CMD_SESSION_CREATE(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x81004845}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="852beb4547abbb8d01f72cf5e3ace000", @ANYRES16=0x0, @ANYBLOB="000227bd7000fbdb00000008001800640101010c00160003000000000000000600010005000000"], 0x30}, 0x1, 0x0, 0x0, 0x80c5}, 0x8cd4) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$SMC_PNETID_DEL(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x14, r2, 0x1}, 0x14}}, 0x0) sendmsg$SMC_PNETID_DEL(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x6c, r2, 0x100, 0x70bd2c, 0x25dfdbfc, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond_slave_0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'veth0_to_hsr\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4040}, 0x810) socket(0x25, 0x1, 0x0) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) sendmsg$L2TP_CMD_SESSION_CREATE(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x81004845}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="852beb4547abbb8d01f72cf5e3ace000", @ANYRES16=0x0, @ANYBLOB="000227bd7000fbdb00000008001800640101010c00160003000000000000000600010005000000"], 0x30}, 0x1, 0x0, 0x0, 0x80c5}, 0x8cd4) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$smc(&(0x7f0000000280), 0xffffffffffffffff) (async) sendmsg$SMC_PNETID_DEL(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x14, r2, 0x1}, 0x14}}, 0x0) (async) sendmsg$SMC_PNETID_DEL(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x6c, r2, 0x100, 0x70bd2c, 0x25dfdbfc, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond_slave_0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'veth0_to_hsr\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4040}, 0x810) (async) 09:32:05 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 33) 09:32:05 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0xe0048, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0xe0048, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (async) [ 1196.812065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1196.819313] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1196.833253] hfsplus: creator requires a 4 character value [ 1196.843120] hfsplus: unable to parse mount options [ 1196.843294] hfsplus: unable to parse mount options 09:32:05 executing program 2: r0 = syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="66726561746fd5df0e6f5235f55fa27b7116f70fb766ee1600881afa8a3dd1cdc4b4b0ee0c1a98d6f07fba7f4c679c81fa3f6c3897e4c5a0235e54d484e1d413"]) (async) r1 = fanotify_init(0x8, 0x141000) fanotify_mark(r1, 0x0, 0x0, r0, &(0x7f0000000000)='./file0\x00') 09:32:05 executing program 4: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000140), 0x440000, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x109700, 0x0) ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000240)={0x1, 0x1, [@multicast]}) openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='cpuset.effective_mems\x00', 0x0, 0x0) ioctl$SOUND_MIXER_READ_DEVMASK(r0, 0x80044dfe, &(0x7f0000000180)) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r3) sendmsg$SMC_PNETID_GET(r3, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x20, 0x0, 0x400, 0x70bd2c, 0x25dfdbfc, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4804}, 0x40000) write$snapshot(r3, &(0x7f0000000080)="9cf9ff40e90841c0fe5572309593d1d166757025593972cb3e3c6fb9b3e7fbecaa38b99fac22f60713e207000000154a36e0533bd1525873282d273f7c780d2ae7c3eb0f3f0c9ec9cabfa901d45cff40337d4f522e3d557f28480964c8d18139b6a1aa62f248d25019b29284f610876ffaeb595e6bfc33d36d905fcf9b6caae97e2eb3b37598d9514d43c64fd243ecf15bf501500a2e83a7ca8ca08e9d", 0x9d) ioctl$SNAPSHOT_SET_SWAP_AREA(r2, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) [ 1196.914373] FAULT_INJECTION: forcing a failure. [ 1196.914373] name failslab, interval 1, probability 0, space 0, times 0 [ 1196.932549] CPU: 0 PID: 29729 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1196.940461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1196.949903] Call Trace: [ 1196.952517] dump_stack+0x1b2/0x281 [ 1196.956146] should_fail.cold+0x10a/0x149 [ 1196.960298] should_failslab+0xd6/0x130 [ 1196.964279] kmem_cache_alloc_node+0x263/0x410 [ 1196.968872] __alloc_skb+0x5c/0x510 [ 1196.972515] kobject_uevent_env+0x882/0xf30 [ 1196.976838] lo_ioctl+0x11a6/0x1cd0 [ 1196.980451] ? loop_set_status64+0xe0/0xe0 [ 1196.984673] blkdev_ioctl+0x540/0x1830 [ 1196.988549] ? blkpg_ioctl+0x8d0/0x8d0 [ 1196.992443] ? trace_hardirqs_on+0x10/0x10 [ 1196.996676] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1197.001772] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1197.006778] block_ioctl+0xd9/0x120 [ 1197.010383] ? blkdev_fallocate+0x3a0/0x3a0 [ 1197.014855] do_vfs_ioctl+0x75a/0xff0 [ 1197.018662] ? lock_acquire+0x170/0x3f0 [ 1197.022622] ? ioctl_preallocate+0x1a0/0x1a0 [ 1197.027010] ? __fget+0x265/0x3e0 [ 1197.030450] ? do_vfs_ioctl+0xff0/0xff0 [ 1197.034409] ? security_file_ioctl+0x83/0xb0 [ 1197.038805] SyS_ioctl+0x7f/0xb0 [ 1197.042167] ? do_vfs_ioctl+0xff0/0xff0 [ 1197.046132] do_syscall_64+0x1d5/0x640 [ 1197.050012] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1197.055274] RIP: 0033:0x7f322b2faea7 09:32:05 executing program 4: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000140), 0x440000, 0x0) (async, rerun: 64) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x109700, 0x0) (rerun: 64) ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000240)={0x1, 0x1, [@multicast]}) openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='cpuset.effective_mems\x00', 0x0, 0x0) ioctl$SOUND_MIXER_READ_DEVMASK(r0, 0x80044dfe, &(0x7f0000000180)) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async, rerun: 32) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (rerun: 32) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r3) (async) sendmsg$SMC_PNETID_GET(r3, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x20, 0x0, 0x400, 0x70bd2c, 0x25dfdbfc, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4804}, 0x40000) (async) write$snapshot(r3, &(0x7f0000000080)="9cf9ff40e90841c0fe5572309593d1d166757025593972cb3e3c6fb9b3e7fbecaa38b99fac22f60713e207000000154a36e0533bd1525873282d273f7c780d2ae7c3eb0f3f0c9ec9cabfa901d45cff40337d4f522e3d557f28480964c8d18139b6a1aa62f248d25019b29284f610876ffaeb595e6bfc33d36d905fcf9b6caae97e2eb3b37598d9514d43c64fd243ecf15bf501500a2e83a7ca8ca08e9d", 0x9d) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r2, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) 09:32:05 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) sendmsg$L2TP_CMD_SESSION_CREATE(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x81004845}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="852beb4547abbb8d01f72cf5e3ace000", @ANYRES16=0x0, @ANYBLOB="000227bd7000fbdb00000008001800640101010c00160003000000000000000600010005000000"], 0x30}, 0x1, 0x0, 0x0, 0x80c5}, 0x8cd4) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) (async) r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$SMC_PNETID_DEL(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x14, r2, 0x1}, 0x14}}, 0x0) (async) sendmsg$SMC_PNETID_DEL(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x6c, r2, 0x100, 0x70bd2c, 0x25dfdbfc, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond_slave_0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'veth0_to_hsr\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4040}, 0x810) [ 1197.058964] RSP: 002b:00007f3229c6ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1197.066656] RAX: ffffffffffffffda RBX: 00007f322b344a20 RCX: 00007f322b2faea7 [ 1197.073910] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1197.081158] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1197.088429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1197.095696] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1197.113105] hfsplus: creator requires a 4 character value [ 1197.121425] hfsplus: unable to parse mount options [ 1197.130869] hfsplus: unable to parse mount options [ 1197.134600] FAULT_INJECTION: forcing a failure. [ 1197.134600] name failslab, interval 1, probability 0, space 0, times 0 [ 1197.153116] CPU: 0 PID: 29741 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1197.161013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1197.170368] Call Trace: [ 1197.172957] dump_stack+0x1b2/0x281 [ 1197.176592] should_fail.cold+0x10a/0x149 [ 1197.180750] should_failslab+0xd6/0x130 [ 1197.184743] kmem_cache_alloc_node_trace+0x25a/0x400 [ 1197.189859] __kmalloc_node_track_caller+0x38/0x70 [ 1197.194792] __alloc_skb+0x96/0x510 [ 1197.198429] kobject_uevent_env+0x882/0xf30 [ 1197.202764] lo_ioctl+0x11a6/0x1cd0 [ 1197.206398] ? loop_set_status64+0xe0/0xe0 [ 1197.210641] blkdev_ioctl+0x540/0x1830 09:32:05 executing program 1: r0 = socket(0x2a, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/am_droprate\x00', 0x2, 0x0) r2 = syz_genetlink_get_family_id$SEG6(&(0x7f00000000c0), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r3, 0x0, 0x0) sendmsg$NL80211_CMD_LEAVE_MESH(r3, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x14, 0x0, 0x300, 0x70bd27, 0x25dfdbfc, {{}, {@void, @void}}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x1000) sendmsg$SEG6_CMD_GET_TUNSRC(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, r2, 0x2, 0x70bd28, 0x25dfdbfc, {}, [@SEG6_ATTR_SECRET={0x4}, @SEG6_ATTR_SECRET={0x14, 0x4, [0x1, 0x6, 0x20, 0x3]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4040080}, 0x2404c040) 09:32:05 executing program 1: r0 = socket(0x2a, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/am_droprate\x00', 0x2, 0x0) r2 = syz_genetlink_get_family_id$SEG6(&(0x7f00000000c0), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r3, 0x0, 0x0) sendmsg$NL80211_CMD_LEAVE_MESH(r3, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x14, 0x0, 0x300, 0x70bd27, 0x25dfdbfc, {{}, {@void, @void}}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x1000) sendmsg$SEG6_CMD_GET_TUNSRC(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, r2, 0x2, 0x70bd28, 0x25dfdbfc, {}, [@SEG6_ATTR_SECRET={0x4}, @SEG6_ATTR_SECRET={0x14, 0x4, [0x1, 0x6, 0x20, 0x3]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4040080}, 0x2404c040) socket(0x2a, 0x1, 0x0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/am_droprate\x00', 0x2, 0x0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f00000000c0), 0xffffffffffffffff) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$SMC_PNETID_DEL(r3, 0x0, 0x0) (async) sendmsg$NL80211_CMD_LEAVE_MESH(r3, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x14, 0x0, 0x300, 0x70bd27, 0x25dfdbfc, {{}, {@void, @void}}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x1000) (async) sendmsg$SEG6_CMD_GET_TUNSRC(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, r2, 0x2, 0x70bd28, 0x25dfdbfc, {}, [@SEG6_ATTR_SECRET={0x4}, @SEG6_ATTR_SECRET={0x14, 0x4, [0x1, 0x6, 0x20, 0x3]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4040080}, 0x2404c040) (async) 09:32:05 executing program 1: r0 = socket(0x2a, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/am_droprate\x00', 0x2, 0x0) r2 = syz_genetlink_get_family_id$SEG6(&(0x7f00000000c0), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r3, 0x0, 0x0) sendmsg$NL80211_CMD_LEAVE_MESH(r3, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x14, 0x0, 0x300, 0x70bd27, 0x25dfdbfc, {{}, {@void, @void}}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x1000) sendmsg$SEG6_CMD_GET_TUNSRC(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, r2, 0x2, 0x70bd28, 0x25dfdbfc, {}, [@SEG6_ATTR_SECRET={0x4}, @SEG6_ATTR_SECRET={0x14, 0x4, [0x1, 0x6, 0x20, 0x3]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4040080}, 0x2404c040) socket(0x2a, 0x1, 0x0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/am_droprate\x00', 0x2, 0x0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f00000000c0), 0xffffffffffffffff) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$SMC_PNETID_DEL(r3, 0x0, 0x0) (async) sendmsg$NL80211_CMD_LEAVE_MESH(r3, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x14, 0x0, 0x300, 0x70bd27, 0x25dfdbfc, {{}, {@void, @void}}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x1000) (async) sendmsg$SEG6_CMD_GET_TUNSRC(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, r2, 0x2, 0x70bd28, 0x25dfdbfc, {}, [@SEG6_ATTR_SECRET={0x4}, @SEG6_ATTR_SECRET={0x14, 0x4, [0x1, 0x6, 0x20, 0x3]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4040080}, 0x2404c040) (async) [ 1197.214538] ? blkpg_ioctl+0x8d0/0x8d0 [ 1197.218431] ? trace_hardirqs_on+0x10/0x10 [ 1197.222674] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1197.227780] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1197.232807] block_ioctl+0xd9/0x120 [ 1197.236439] ? blkdev_fallocate+0x3a0/0x3a0 [ 1197.240762] do_vfs_ioctl+0x75a/0xff0 [ 1197.244569] ? lock_acquire+0x170/0x3f0 [ 1197.248545] ? ioctl_preallocate+0x1a0/0x1a0 [ 1197.252956] ? __fget+0x265/0x3e0 [ 1197.256421] ? do_vfs_ioctl+0xff0/0xff0 [ 1197.260400] ? security_file_ioctl+0x83/0xb0 09:32:05 executing program 1: r0 = socket(0x25, 0x2, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) write$P9_RLERROR(r1, &(0x7f0000000000)={0xe, 0x7, 0x1, {0x5, 'SEG6\x00'}}, 0xe) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$smc(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x14, r3, 0x1}, 0x14}}, 0x0) sendmsg$SMC_PNETID_FLUSH(r1, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="02002bbd7000fedbdf2504000009fd00010073797a3100000000fb2e11500e1ec303af35bb3dc905000400010000000900030073797a3200000000140002006d6163766c616e30000000275c2268a5628a361cbf7421eadc6a96e60b7de13aa24b3887ea13c8c5a7acacb103a8457b045a2b0bce70430eb4b939c8363fbad92e419e"], 0x50}}, 0x4984) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r4, 0x0, 0x0) r5 = syz_genetlink_get_family_id$l2tp(&(0x7f00000000c0), r0) sendmsg$L2TP_CMD_SESSION_MODIFY(r4, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x38, r5, 0x400, 0x70bd28, 0x25dfdbfb, {}, [@L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @private2}, @L2TP_ATTR_MRU={0x6, 0x1d, 0x1f}, @L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000001}, 0x24000094) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) [ 1197.264820] SyS_ioctl+0x7f/0xb0 [ 1197.268188] ? do_vfs_ioctl+0xff0/0xff0 [ 1197.272167] do_syscall_64+0x1d5/0x640 [ 1197.276063] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1197.281513] RIP: 0033:0x7f463664cea7 [ 1197.285219] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1197.292934] RAX: ffffffffffffffda RBX: 00007f4636696a20 RCX: 00007f463664cea7 [ 1197.300206] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1197.307474] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f4634fc21d0 09:32:05 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 33) 09:32:05 executing program 1: r0 = socket(0x25, 0x2, 0x0) (async) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) (async) write$P9_RLERROR(r1, &(0x7f0000000000)={0xe, 0x7, 0x1, {0x5, 'SEG6\x00'}}, 0xe) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = syz_genetlink_get_family_id$smc(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x14, r3, 0x1}, 0x14}}, 0x0) sendmsg$SMC_PNETID_FLUSH(r1, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="02002bbd7000fedbdf2504000009fd00010073797a3100000000fb2e11500e1ec303af35bb3dc905000400010000000900030073797a3200000000140002006d6163766c616e30000000275c2268a5628a361cbf7421eadc6a96e60b7de13aa24b3887ea13c8c5a7acacb103a8457b045a2b0bce70430eb4b939c8363fbad92e419e"], 0x50}}, 0x4984) (async) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r4, 0x0, 0x0) r5 = syz_genetlink_get_family_id$l2tp(&(0x7f00000000c0), r0) sendmsg$L2TP_CMD_SESSION_MODIFY(r4, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x38, r5, 0x400, 0x70bd28, 0x25dfdbfb, {}, [@L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @private2}, @L2TP_ATTR_MRU={0x6, 0x1d, 0x1f}, @L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000001}, 0x24000094) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) [ 1197.314757] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1197.322007] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1197.331919] hfsplus: creator requires a 4 character value [ 1197.337590] hfsplus: unable to parse mount options 09:32:05 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 34) [ 1197.370996] FAULT_INJECTION: forcing a failure. [ 1197.370996] name failslab, interval 1, probability 0, space 0, times 0 [ 1197.382861] CPU: 0 PID: 29804 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1197.390751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1197.400101] Call Trace: [ 1197.402686] dump_stack+0x1b2/0x281 [ 1197.406314] should_fail.cold+0x10a/0x149 [ 1197.410468] should_failslab+0xd6/0x130 [ 1197.414451] kmem_cache_alloc_node_trace+0x25a/0x400 [ 1197.419555] __kmalloc_node_track_caller+0x38/0x70 [ 1197.424466] __alloc_skb+0x96/0x510 [ 1197.428072] kobject_uevent_env+0x882/0xf30 [ 1197.432377] lo_ioctl+0x11a6/0x1cd0 [ 1197.435986] ? loop_set_status64+0xe0/0xe0 [ 1197.440199] blkdev_ioctl+0x540/0x1830 [ 1197.444064] ? blkpg_ioctl+0x8d0/0x8d0 [ 1197.447931] ? trace_hardirqs_on+0x10/0x10 [ 1197.452152] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1197.457231] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1197.462228] block_ioctl+0xd9/0x120 [ 1197.465832] ? blkdev_fallocate+0x3a0/0x3a0 [ 1197.470131] do_vfs_ioctl+0x75a/0xff0 [ 1197.473911] ? lock_acquire+0x170/0x3f0 [ 1197.477863] ? ioctl_preallocate+0x1a0/0x1a0 [ 1197.482268] ? __fget+0x265/0x3e0 [ 1197.485699] ? do_vfs_ioctl+0xff0/0xff0 [ 1197.489655] ? security_file_ioctl+0x83/0xb0 [ 1197.494042] SyS_ioctl+0x7f/0xb0 [ 1197.497391] ? do_vfs_ioctl+0xff0/0xff0 [ 1197.501344] do_syscall_64+0x1d5/0x640 [ 1197.505216] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1197.510399] RIP: 0033:0x7f322b2faea7 [ 1197.514084] RSP: 002b:00007f3229c6ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1197.521769] RAX: ffffffffffffffda RBX: 00007f322b344a20 RCX: 00007f322b2faea7 [ 1197.529015] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1197.536262] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1197.543530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1197.550779] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1197.560926] hfsplus: creator requires a 4 character value [ 1197.566564] hfsplus: unable to parse mount options [ 1197.572257] FAULT_INJECTION: forcing a failure. [ 1197.572257] name failslab, interval 1, probability 0, space 0, times 0 [ 1197.585728] CPU: 1 PID: 29812 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1197.593620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1197.602964] Call Trace: [ 1197.605536] dump_stack+0x1b2/0x281 [ 1197.609183] should_fail.cold+0x10a/0x149 [ 1197.613331] should_failslab+0xd6/0x130 [ 1197.617289] kmem_cache_alloc_node_trace+0x25a/0x400 [ 1197.622380] __kmalloc_node_track_caller+0x38/0x70 [ 1197.627305] __alloc_skb+0x96/0x510 [ 1197.630941] kobject_uevent_env+0x882/0xf30 [ 1197.635254] lo_ioctl+0x11a6/0x1cd0 [ 1197.638879] ? loop_set_status64+0xe0/0xe0 [ 1197.643100] blkdev_ioctl+0x540/0x1830 [ 1197.646977] ? blkpg_ioctl+0x8d0/0x8d0 [ 1197.650854] ? trace_hardirqs_on+0x10/0x10 [ 1197.655078] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1197.660166] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1197.665285] block_ioctl+0xd9/0x120 [ 1197.668905] ? blkdev_fallocate+0x3a0/0x3a0 [ 1197.673226] do_vfs_ioctl+0x75a/0xff0 [ 1197.677014] ? lock_acquire+0x170/0x3f0 [ 1197.680969] ? ioctl_preallocate+0x1a0/0x1a0 [ 1197.685369] ? __fget+0x265/0x3e0 [ 1197.688819] ? do_vfs_ioctl+0xff0/0xff0 [ 1197.692783] ? security_file_ioctl+0x83/0xb0 [ 1197.697172] SyS_ioctl+0x7f/0xb0 [ 1197.700516] ? do_vfs_ioctl+0xff0/0xff0 [ 1197.704471] do_syscall_64+0x1d5/0x640 [ 1197.708362] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1197.713542] RIP: 0033:0x7f463664cea7 [ 1197.717234] RSP: 002b:00007f4634fc1f28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1197.724925] RAX: ffffffffffffffda RBX: 00007f4636696a20 RCX: 00007f463664cea7 [ 1197.732175] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1197.739438] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1197.746693] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1197.753951] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1197.763338] hfsplus: creator requires a 4 character value 09:32:06 executing program 5: getsockopt$netrom_NETROM_N2(0xffffffffffffffff, 0x103, 0x3, &(0x7f0000000000)=0xe210, &(0x7f0000000040)=0x4) 09:32:06 executing program 4: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000140), 0x440000, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x109700, 0x0) ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000240)={0x1, 0x1, [@multicast]}) (async, rerun: 64) openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='cpuset.effective_mems\x00', 0x0, 0x0) (rerun: 64) ioctl$SOUND_MIXER_READ_DEVMASK(r0, 0x80044dfe, &(0x7f0000000180)) (async) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r3) (async) sendmsg$SMC_PNETID_GET(r3, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x20, 0x0, 0x400, 0x70bd2c, 0x25dfdbfc, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4804}, 0x40000) (async) write$snapshot(r3, &(0x7f0000000080)="9cf9ff40e90841c0fe5572309593d1d166757025593972cb3e3c6fb9b3e7fbecaa38b99fac22f60713e207000000154a36e0533bd1525873282d273f7c780d2ae7c3eb0f3f0c9ec9cabfa901d45cff40337d4f522e3d557f28480964c8d18139b6a1aa62f248d25019b29284f610876ffaeb595e6bfc33d36d905fcf9b6caae97e2eb3b37598d9514d43c64fd243ecf15bf501500a2e83a7ca8ca08e9d", 0x9d) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r2, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) 09:32:06 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0xe0000000, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) 09:32:06 executing program 1: r0 = socket(0x25, 0x2, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) write$P9_RLERROR(r1, &(0x7f0000000000)={0xe, 0x7, 0x1, {0x5, 'SEG6\x00'}}, 0xe) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$smc(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x14, r3, 0x1}, 0x14}}, 0x0) sendmsg$SMC_PNETID_FLUSH(r1, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="02002bbd7000fedbdf2504000009fd00010073797a3100000000fb2e11500e1ec303af35bb3dc905000400010000000900030073797a3200000000140002006d6163766c616e30000000275c2268a5628a361cbf7421eadc6a96e60b7de13aa24b3887ea13c8c5a7acacb103a8457b045a2b0bce70430eb4b939c8363fbad92e419e"], 0x50}}, 0x4984) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r4, 0x0, 0x0) r5 = syz_genetlink_get_family_id$l2tp(&(0x7f00000000c0), r0) sendmsg$L2TP_CMD_SESSION_MODIFY(r4, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x38, r5, 0x400, 0x70bd28, 0x25dfdbfb, {}, [@L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @private2}, @L2TP_ATTR_MRU={0x6, 0x1d, 0x1f}, @L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000001}, 0x24000094) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) socket(0x25, 0x2, 0x0) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) (async) write$P9_RLERROR(r1, &(0x7f0000000000)={0xe, 0x7, 0x1, {0x5, 'SEG6\x00'}}, 0xe) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$smc(&(0x7f0000000280), 0xffffffffffffffff) (async) sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x14, r3, 0x1}, 0x14}}, 0x0) (async) sendmsg$SMC_PNETID_FLUSH(r1, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="02002bbd7000fedbdf2504000009fd00010073797a3100000000fb2e11500e1ec303af35bb3dc905000400010000000900030073797a3200000000140002006d6163766c616e30000000275c2268a5628a361cbf7421eadc6a96e60b7de13aa24b3887ea13c8c5a7acacb103a8457b045a2b0bce70430eb4b939c8363fbad92e419e"], 0x50}}, 0x4984) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$SMC_PNETID_DEL(r4, 0x0, 0x0) (async) syz_genetlink_get_family_id$l2tp(&(0x7f00000000c0), r0) (async) sendmsg$L2TP_CMD_SESSION_MODIFY(r4, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x38, r5, 0x400, 0x70bd28, 0x25dfdbfb, {}, [@L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @private2}, @L2TP_ATTR_MRU={0x6, 0x1d, 0x1f}, @L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000001}, 0x24000094) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) 09:32:06 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 34) [ 1197.773009] hfsplus: unable to parse mount options 09:32:06 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 35) 09:32:06 executing program 5: getsockopt$netrom_NETROM_N2(0xffffffffffffffff, 0x103, 0x3, &(0x7f0000000000)=0xe210, &(0x7f0000000040)=0x4) 09:32:06 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000000)='io.pressure\x00', 0x2, 0x0) 09:32:06 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) r1 = syz_genetlink_get_family_id$smc(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$SMC_PNETID_ADD(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x38, r1, 0x10, 0x70bd28, 0x25dfdbff, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}]}, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x0) sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x30, 0x0, 0x10, 0x70bd26, 0x25dfdbfc, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0x5}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x7020}, @SEG6_ATTR_SECRET={0x4}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x40004) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r2, 0x0, 0x0) sendmsg$L2TP_CMD_SESSION_GET(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x54, 0x0, 0x4, 0x70bd2d, 0x25dfdbfb, {}, [@L2TP_ATTR_RECV_TIMEOUT={0xc, 0x16, 0x3}, @L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x5}, @L2TP_ATTR_MTU={0x6}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @initdev={0xac, 0x1e, 0x0, 0x0}}, @L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x9}, @L2TP_ATTR_MRU={0x6, 0x1d, 0x3af3}, @L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x100000001}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0xc000) [ 1197.835956] hfsplus: creator requires a 4 character value [ 1197.856825] FAULT_INJECTION: forcing a failure. [ 1197.856825] name failslab, interval 1, probability 0, space 0, times 0 [ 1197.859246] hfsplus: unable to parse mount options 09:32:06 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000000)='io.pressure\x00', 0x2, 0x0) socket(0x25, 0x1, 0x0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000000)='io.pressure\x00', 0x2, 0x0) (async) 09:32:06 executing program 5: getsockopt$netrom_NETROM_N2(0xffffffffffffffff, 0x103, 0x3, &(0x7f0000000000)=0xe210, &(0x7f0000000040)=0x4) [ 1197.890834] FAULT_INJECTION: forcing a failure. [ 1197.890834] name failslab, interval 1, probability 0, space 0, times 0 [ 1197.919141] CPU: 1 PID: 29832 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1197.927043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1197.936405] Call Trace: 09:32:06 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) r1 = syz_genetlink_get_family_id$smc(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$SMC_PNETID_ADD(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x38, r1, 0x10, 0x70bd28, 0x25dfdbff, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}]}, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x0) (async) sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x30, 0x0, 0x10, 0x70bd26, 0x25dfdbfc, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0x5}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x7020}, @SEG6_ATTR_SECRET={0x4}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x40004) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r2, 0x0, 0x0) sendmsg$L2TP_CMD_SESSION_GET(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x54, 0x0, 0x4, 0x70bd2d, 0x25dfdbfb, {}, [@L2TP_ATTR_RECV_TIMEOUT={0xc, 0x16, 0x3}, @L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x5}, @L2TP_ATTR_MTU={0x6}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @initdev={0xac, 0x1e, 0x0, 0x0}}, @L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x9}, @L2TP_ATTR_MRU={0x6, 0x1d, 0x3af3}, @L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x100000001}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0xc000) 09:32:06 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63586561746f723db6ce6751d4"]) [ 1197.939001] dump_stack+0x1b2/0x281 [ 1197.942633] should_fail.cold+0x10a/0x149 [ 1197.946786] should_failslab+0xd6/0x130 [ 1197.950764] kmem_cache_alloc_trace+0x29a/0x3d0 [ 1197.955430] ? kobj_ns_drop+0x80/0x80 [ 1197.959237] call_usermodehelper_setup+0x73/0x2e0 [ 1197.964090] kobject_uevent_env+0xc21/0xf30 [ 1197.968425] lo_ioctl+0x11a6/0x1cd0 [ 1197.972055] ? loop_set_status64+0xe0/0xe0 [ 1197.976292] blkdev_ioctl+0x540/0x1830 [ 1197.980183] ? blkpg_ioctl+0x8d0/0x8d0 [ 1197.982874] hfsplus: unable to parse mount options 09:32:06 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) r1 = syz_genetlink_get_family_id$smc(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$SMC_PNETID_ADD(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x38, r1, 0x10, 0x70bd28, 0x25dfdbff, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}]}, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x0) (async) sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x30, 0x0, 0x10, 0x70bd26, 0x25dfdbfc, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0x5}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x7020}, @SEG6_ATTR_SECRET={0x4}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x40004) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r2, 0x0, 0x0) (async) sendmsg$L2TP_CMD_SESSION_GET(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x54, 0x0, 0x4, 0x70bd2d, 0x25dfdbfb, {}, [@L2TP_ATTR_RECV_TIMEOUT={0xc, 0x16, 0x3}, @L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x5}, @L2TP_ATTR_MTU={0x6}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @initdev={0xac, 0x1e, 0x0, 0x0}}, @L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x9}, @L2TP_ATTR_MRU={0x6, 0x1d, 0x3af3}, @L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x100000001}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0xc000) [ 1197.984067] ? trace_hardirqs_on+0x10/0x10 [ 1197.993203] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1197.998313] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1198.003335] block_ioctl+0xd9/0x120 [ 1198.006958] ? blkdev_fallocate+0x3a0/0x3a0 [ 1198.011278] do_vfs_ioctl+0x75a/0xff0 [ 1198.015073] ? lock_acquire+0x170/0x3f0 [ 1198.019045] ? ioctl_preallocate+0x1a0/0x1a0 [ 1198.023454] ? __fget+0x265/0x3e0 [ 1198.026904] ? do_vfs_ioctl+0xff0/0xff0 [ 1198.030869] ? security_file_ioctl+0x83/0xb0 [ 1198.035266] SyS_ioctl+0x7f/0xb0 [ 1198.038617] ? do_vfs_ioctl+0xff0/0xff0 [ 1198.042576] do_syscall_64+0x1d5/0x640 [ 1198.046448] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1198.051617] RIP: 0033:0x7f322b2faea7 [ 1198.055306] RSP: 002b:00007f3229c6ff28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1198.063002] RAX: ffffffffffffffda RBX: 00007f322b344a20 RCX: 00007f322b2faea7 [ 1198.070264] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 1198.077529] RBP: 0000000000000005 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1198.084794] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 1198.092059] R13: 0000000000000004 R14: 00000000200012c0 R15: 0000000000000000 [ 1198.099332] CPU: 0 PID: 29838 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1198.107217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1198.115791] hfsplus: creator requires a 4 character value [ 1198.116561] Call Trace: [ 1198.116578] dump_stack+0x1b2/0x281 [ 1198.116592] should_fail.cold+0x10a/0x149 [ 1198.116605] should_failslab+0xd6/0x130 [ 1198.116616] kmem_cache_alloc+0x28e/0x3c0 09:32:06 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0xe0000000, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) 09:32:06 executing program 4: syz_mount_image$xfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x7, &(0x7f0000000680)=[{&(0x7f0000000240)="18b82b1073111f8d83388cf372255040d93ea1ea779391c52be3db815d1b9e7ad9bddc51add6b4d571b9aeb01b10525de0a753c79488f887216246b10593923feea914d4870fd0537f950494e9a175e38b2c364204c5edcfab1b2b9b828371694dba2a2d64e28d", 0x67, 0x8}, {&(0x7f00000002c0)="a73ce62ef599d83e7f01992f66ae7abcda40f0cc351e47d2838fd14d7cb3c91fb4b80b916722873e4be473c03fc04c2f52cbd443aed019cb613bac073b1363771881b0668c491824c1b3fd9c5347faf27c37b06c6f542e043c9923de580de8b71aa1b6583ed56ca596", 0x69, 0x7b}, {&(0x7f0000000340)="ec6b563178bd9bf5660904590b1c2a97687988a38b13a39123e0e9a7d8550e3319127a5bf3795c1276828cdc846a615517f33c8ecf63207c", 0x38, 0xc27a}, {&(0x7f0000000380)="3113794c6a89de", 0x7, 0x3}, {&(0x7f00000003c0)="1e011b14f9f579ad422537533818604a2ec3482722b55d298732f0d03415d35e4d0abac5e7e06282ee2493f4ca3fbe5100d3046548f1f73a20ca8e8c5756d18cbdeaac5360bb685ff6bbd5121da3d930ed9b0e1ebe5a728ea66306f9dbc6d0e0bf52ab321e872364b72730d77ca28d6aca1e9eac729c7c7c76998aed621cb9e6d92a281b61579dccf2b458f11f48250b7e04e86c977167baae7acf367956c6cedb25f4e9c0e1784a63a817eaad93fbfb3425dea12a6ebfcf0dfa63a065568dc04e82e2d13ebe5bb99449dcf65565ede5539becfa274f07ef1beeeb7383264a9900d4c1bf816baf1833b2b01b7821fbad", 0xf0, 0x80000001}, {&(0x7f00000004c0)="a587ff60693efbdd68563a7e067f82d199607a01e6e1ad6fb4394fdb4730d747d807b4df49a0028f19039f3d805aa8cf1c5424949b2d8b895d7ecce475639a0fe197b8450b18fcf3ea4a98f70d1cda16a228a92ad2308e680e988208362c220ea6d7e6657a838184b42f9716457bd4d55868998c1bb579f594d9bb027106b9684c10d24d602dbaa10c236399414797a7111c0d5ecc697411078e0aa9a5b2be1a586ec1985c2f530017dc27eb990a97215cf5", 0xb2}, {&(0x7f0000000580)="6dc76c50b2c5c61772369e669f8c6256ac1ded0fe17f0ecd4792f3312bd06e1e9bae32796a63f4a7ad530fd71654729cb410bcda4da44363e9ddefbad7b7095402c6fc1a8f8e71409a67361ad853ecee6aed3f6401294678f5967e9956a9520fe113d5746d88862aa47da5994e5b35133f4cf36c6a10c0eeb15dc31363b37deb0c7cfb4ff7dc34aba1bf85eab321c8182ce1ed617d6219b72d6cb25f920b0324fec4e46197fbb21f4688dc10c24f8f8422917882e46f4746fa10ffc6c4b144ccdc524d736e0306c5289daf5f7a0284af59c19c65f4f5ddfc41da110bb22e8ea6716b55917c6861369e74642f58275ebd5beec61205a97aef6a8c", 0xfa, 0xffffffffffffffff}], 0x80, &(0x7f0000000740)={[{@noattr2}, {}], [{@obj_user={'obj_user', 0x3d, '\x8b:)'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '/dev/snapshot\x00'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}]}) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) ioctl$SNAPSHOT_CREATE_IMAGE(0xffffffffffffffff, 0x40043311, &(0x7f0000000080)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x80, 0x6, 0x0, 0x9, 0x18, 0x1c, "d4e6d9b423b283d9b1be8d378aeb5e319703d94b2c16ec671b04e7794b488c3b9146ac1ddebbd10c89cd9d5b237f4ca507b0dd7bee7e634a972ab9859592dd3b", "bfddc5dce1597dcd9fcbbdc829ea24cbfedb16470e8761178c9fc500bfc32d40d79d4a49c34deb2263569b3c635ef80e02ccabd03b65e6c147648df25306bc2f", "b69a5800090a1ab0b5d865aaa60858149444e155754e086b8c331847ba88715d", [0x7, 0x642]}) [ 1198.116629] getname_flags+0xc8/0x550 [ 1198.122232] hfsplus: unable to parse mount options [ 1198.124727] SyS_mkdirat+0x83/0x270 [ 1198.124739] ? SyS_mknod+0x30/0x30 [ 1198.124748] ? fput_many+0xe/0x140 [ 1198.124759] ? do_syscall_64+0x4c/0x640 [ 1198.149544] hfsplus: creator requires a 4 character value [ 1198.152877] ? SyS_mknod+0x30/0x30 [ 1198.152891] do_syscall_64+0x1d5/0x640 [ 1198.152909] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1198.152918] RIP: 0033:0x7f463664c1f7 [ 1198.156567] hfsplus: unable to parse mount options [ 1198.159955] RSP: 002b:00007f4634fc1f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 1198.159966] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f463664c1f7 [ 1198.159971] RDX: 00000000000001ff RSI: 0000000020000180 RDI: 00000000ffffff9c [ 1198.159977] RBP: 00007f4634fc21d0 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1198.159983] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000140 [ 1198.159989] R13: 0000000020000180 R14: 00007f4634fc1fe0 R15: 0000000020001340 [ 1198.172161] XFS (loop4): unknown mount option [obj_user=‹:)]. 09:32:06 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 35) 09:32:06 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 36) 09:32:06 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000000)='io.pressure\x00', 0x2, 0x0) 09:32:06 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63586561746f723db6ce6751d4"]) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63586561746f723db6ce6751d4"]) (async) 09:32:06 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0xe0000000, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) syz_mount_image$hfsplus(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0xe0000000, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (async) 09:32:06 executing program 4: syz_mount_image$xfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x7, &(0x7f0000000680)=[{&(0x7f0000000240)="18b82b1073111f8d83388cf372255040d93ea1ea779391c52be3db815d1b9e7ad9bddc51add6b4d571b9aeb01b10525de0a753c79488f887216246b10593923feea914d4870fd0537f950494e9a175e38b2c364204c5edcfab1b2b9b828371694dba2a2d64e28d", 0x67, 0x8}, {&(0x7f00000002c0)="a73ce62ef599d83e7f01992f66ae7abcda40f0cc351e47d2838fd14d7cb3c91fb4b80b916722873e4be473c03fc04c2f52cbd443aed019cb613bac073b1363771881b0668c491824c1b3fd9c5347faf27c37b06c6f542e043c9923de580de8b71aa1b6583ed56ca596", 0x69, 0x7b}, {&(0x7f0000000340)="ec6b563178bd9bf5660904590b1c2a97687988a38b13a39123e0e9a7d8550e3319127a5bf3795c1276828cdc846a615517f33c8ecf63207c", 0x38, 0xc27a}, {&(0x7f0000000380)="3113794c6a89de", 0x7, 0x3}, {&(0x7f00000003c0)="1e011b14f9f579ad422537533818604a2ec3482722b55d298732f0d03415d35e4d0abac5e7e06282ee2493f4ca3fbe5100d3046548f1f73a20ca8e8c5756d18cbdeaac5360bb685ff6bbd5121da3d930ed9b0e1ebe5a728ea66306f9dbc6d0e0bf52ab321e872364b72730d77ca28d6aca1e9eac729c7c7c76998aed621cb9e6d92a281b61579dccf2b458f11f48250b7e04e86c977167baae7acf367956c6cedb25f4e9c0e1784a63a817eaad93fbfb3425dea12a6ebfcf0dfa63a065568dc04e82e2d13ebe5bb99449dcf65565ede5539becfa274f07ef1beeeb7383264a9900d4c1bf816baf1833b2b01b7821fbad", 0xf0, 0x80000001}, {&(0x7f00000004c0)="a587ff60693efbdd68563a7e067f82d199607a01e6e1ad6fb4394fdb4730d747d807b4df49a0028f19039f3d805aa8cf1c5424949b2d8b895d7ecce475639a0fe197b8450b18fcf3ea4a98f70d1cda16a228a92ad2308e680e988208362c220ea6d7e6657a838184b42f9716457bd4d55868998c1bb579f594d9bb027106b9684c10d24d602dbaa10c236399414797a7111c0d5ecc697411078e0aa9a5b2be1a586ec1985c2f530017dc27eb990a97215cf5", 0xb2}, {&(0x7f0000000580)="6dc76c50b2c5c61772369e669f8c6256ac1ded0fe17f0ecd4792f3312bd06e1e9bae32796a63f4a7ad530fd71654729cb410bcda4da44363e9ddefbad7b7095402c6fc1a8f8e71409a67361ad853ecee6aed3f6401294678f5967e9956a9520fe113d5746d88862aa47da5994e5b35133f4cf36c6a10c0eeb15dc31363b37deb0c7cfb4ff7dc34aba1bf85eab321c8182ce1ed617d6219b72d6cb25f920b0324fec4e46197fbb21f4688dc10c24f8f8422917882e46f4746fa10ffc6c4b144ccdc524d736e0306c5289daf5f7a0284af59c19c65f4f5ddfc41da110bb22e8ea6716b55917c6861369e74642f58275ebd5beec61205a97aef6a8c", 0xfa, 0xffffffffffffffff}], 0x80, &(0x7f0000000740)={[{@noattr2}, {}], [{@obj_user={'obj_user', 0x3d, '\x8b:)'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '/dev/snapshot\x00'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}]}) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) ioctl$SNAPSHOT_CREATE_IMAGE(0xffffffffffffffff, 0x40043311, &(0x7f0000000080)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x80, 0x6, 0x0, 0x9, 0x18, 0x1c, "d4e6d9b423b283d9b1be8d378aeb5e319703d94b2c16ec671b04e7794b488c3b9146ac1ddebbd10c89cd9d5b237f4ca507b0dd7bee7e634a972ab9859592dd3b", "bfddc5dce1597dcd9fcbbdc829ea24cbfedb16470e8761178c9fc500bfc32d40d79d4a49c34deb2263569b3c635ef80e02ccabd03b65e6c147648df25306bc2f", "b69a5800090a1ab0b5d865aaa60858149444e155754e086b8c331847ba88715d", [0x7, 0x642]}) syz_mount_image$xfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x7, &(0x7f0000000680)=[{&(0x7f0000000240)="18b82b1073111f8d83388cf372255040d93ea1ea779391c52be3db815d1b9e7ad9bddc51add6b4d571b9aeb01b10525de0a753c79488f887216246b10593923feea914d4870fd0537f950494e9a175e38b2c364204c5edcfab1b2b9b828371694dba2a2d64e28d", 0x67, 0x8}, {&(0x7f00000002c0)="a73ce62ef599d83e7f01992f66ae7abcda40f0cc351e47d2838fd14d7cb3c91fb4b80b916722873e4be473c03fc04c2f52cbd443aed019cb613bac073b1363771881b0668c491824c1b3fd9c5347faf27c37b06c6f542e043c9923de580de8b71aa1b6583ed56ca596", 0x69, 0x7b}, {&(0x7f0000000340)="ec6b563178bd9bf5660904590b1c2a97687988a38b13a39123e0e9a7d8550e3319127a5bf3795c1276828cdc846a615517f33c8ecf63207c", 0x38, 0xc27a}, {&(0x7f0000000380)="3113794c6a89de", 0x7, 0x3}, {&(0x7f00000003c0)="1e011b14f9f579ad422537533818604a2ec3482722b55d298732f0d03415d35e4d0abac5e7e06282ee2493f4ca3fbe5100d3046548f1f73a20ca8e8c5756d18cbdeaac5360bb685ff6bbd5121da3d930ed9b0e1ebe5a728ea66306f9dbc6d0e0bf52ab321e872364b72730d77ca28d6aca1e9eac729c7c7c76998aed621cb9e6d92a281b61579dccf2b458f11f48250b7e04e86c977167baae7acf367956c6cedb25f4e9c0e1784a63a817eaad93fbfb3425dea12a6ebfcf0dfa63a065568dc04e82e2d13ebe5bb99449dcf65565ede5539becfa274f07ef1beeeb7383264a9900d4c1bf816baf1833b2b01b7821fbad", 0xf0, 0x80000001}, {&(0x7f00000004c0)="a587ff60693efbdd68563a7e067f82d199607a01e6e1ad6fb4394fdb4730d747d807b4df49a0028f19039f3d805aa8cf1c5424949b2d8b895d7ecce475639a0fe197b8450b18fcf3ea4a98f70d1cda16a228a92ad2308e680e988208362c220ea6d7e6657a838184b42f9716457bd4d55868998c1bb579f594d9bb027106b9684c10d24d602dbaa10c236399414797a7111c0d5ecc697411078e0aa9a5b2be1a586ec1985c2f530017dc27eb990a97215cf5", 0xb2}, {&(0x7f0000000580)="6dc76c50b2c5c61772369e669f8c6256ac1ded0fe17f0ecd4792f3312bd06e1e9bae32796a63f4a7ad530fd71654729cb410bcda4da44363e9ddefbad7b7095402c6fc1a8f8e71409a67361ad853ecee6aed3f6401294678f5967e9956a9520fe113d5746d88862aa47da5994e5b35133f4cf36c6a10c0eeb15dc31363b37deb0c7cfb4ff7dc34aba1bf85eab321c8182ce1ed617d6219b72d6cb25f920b0324fec4e46197fbb21f4688dc10c24f8f8422917882e46f4746fa10ffc6c4b144ccdc524d736e0306c5289daf5f7a0284af59c19c65f4f5ddfc41da110bb22e8ea6716b55917c6861369e74642f58275ebd5beec61205a97aef6a8c", 0xfa, 0xffffffffffffffff}], 0x80, &(0x7f0000000740)={[{@noattr2}, {}], [{@obj_user={'obj_user', 0x3d, '\x8b:)'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '/dev/snapshot\x00'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}]}) (async) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) ioctl$SNAPSHOT_CREATE_IMAGE(0xffffffffffffffff, 0x40043311, &(0x7f0000000080)) (async) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x80, 0x6, 0x0, 0x9, 0x18, 0x1c, "d4e6d9b423b283d9b1be8d378aeb5e319703d94b2c16ec671b04e7794b488c3b9146ac1ddebbd10c89cd9d5b237f4ca507b0dd7bee7e634a972ab9859592dd3b", "bfddc5dce1597dcd9fcbbdc829ea24cbfedb16470e8761178c9fc500bfc32d40d79d4a49c34deb2263569b3c635ef80e02ccabd03b65e6c147648df25306bc2f", "b69a5800090a1ab0b5d865aaa60858149444e155754e086b8c331847ba88715d", [0x7, 0x642]}) (async) [ 1198.350251] FAULT_INJECTION: forcing a failure. [ 1198.350251] name failslab, interval 1, probability 0, space 0, times 0 [ 1198.353567] FAULT_INJECTION: forcing a failure. [ 1198.353567] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1198.369095] hfsplus: unable to parse mount options [ 1198.373237] CPU: 1 PID: 29918 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1198.373244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1198.373250] Call Trace: [ 1198.397946] dump_stack+0x1b2/0x281 [ 1198.401573] should_fail.cold+0x10a/0x149 [ 1198.405725] __alloc_pages_nodemask+0x22c/0x2720 [ 1198.410477] ? kobject_uevent_env+0x274/0xf30 [ 1198.414977] ? __lock_acquire+0x5fc/0x3f20 [ 1198.419212] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1198.424071] ? blkdev_ioctl+0xf4/0x1830 [ 1198.428045] ? blkpg_ioctl+0x8d0/0x8d0 [ 1198.431928] ? trace_hardirqs_on+0x10/0x10 [ 1198.436166] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1198.441273] cache_grow_begin+0x91/0x700 [ 1198.445338] ? fs_reclaim_release+0xd0/0x110 [ 1198.449746] ? check_preemption_disabled+0x35/0x240 [ 1198.454761] cache_alloc_refill+0x273/0x350 [ 1198.459081] kmem_cache_alloc+0x333/0x3c0 [ 1198.463223] getname_flags+0xc8/0x550 [ 1198.467019] SyS_mkdirat+0x83/0x270 [ 1198.470642] ? SyS_mknod+0x30/0x30 [ 1198.474179] ? fput_many+0xe/0x140 [ 1198.477714] ? do_syscall_64+0x4c/0x640 [ 1198.481681] ? SyS_mknod+0x30/0x30 [ 1198.485215] do_syscall_64+0x1d5/0x640 [ 1198.489107] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1198.494288] RIP: 0033:0x7f463664c1f7 [ 1198.497990] RSP: 002b:00007f4634fc1f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 1198.505692] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f463664c1f7 [ 1198.512956] RDX: 00000000000001ff RSI: 0000000020000180 RDI: 00000000ffffff9c [ 1198.520223] RBP: 00007f4634fc21d0 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1198.527495] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000140 [ 1198.534764] R13: 0000000020000180 R14: 00007f4634fc1fe0 R15: 0000000020001340 [ 1198.542038] CPU: 0 PID: 29899 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 09:32:06 executing program 1: r0 = socket(0x25, 0x1, 0x0) getsockopt$netrom_NETROM_T4(r0, 0x103, 0x6, &(0x7f0000000000)=0x200, &(0x7f0000000080)=0x4) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r1, &(0x7f0000000880)={&(0x7f0000000240), 0xc, &(0x7f0000000840)={&(0x7f00000002c0)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TX_RATES={0x8, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x4}]}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_DEL_PMK(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x40, r2, 0x100, 0x70bd2a, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}]}, 0x40}, 0x1, 0x0, 0x0, 0x20040000}, 0x40000) ioctl$LOOP_GET_STATUS(0xffffffffffffffff, 0x4c03, &(0x7f00000000c0)) [ 1198.549921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1198.559268] Call Trace: [ 1198.561856] dump_stack+0x1b2/0x281 [ 1198.565483] should_fail.cold+0x10a/0x149 [ 1198.569628] should_failslab+0xd6/0x130 [ 1198.573603] kmem_cache_alloc+0x28e/0x3c0 [ 1198.574029] hfsplus: creator requires a 4 character value [ 1198.577748] getname_flags+0xc8/0x550 [ 1198.577762] SyS_mkdirat+0x83/0x270 [ 1198.577774] ? SyS_mknod+0x30/0x30 [ 1198.577784] ? fput_many+0xe/0x140 [ 1198.577794] ? do_syscall_64+0x4c/0x640 [ 1198.577802] ? SyS_mknod+0x30/0x30 [ 1198.577815] do_syscall_64+0x1d5/0x640 [ 1198.577835] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1198.583517] hfsplus: unable to parse mount options [ 1198.587138] RIP: 0033:0x7f322b2fa1f7 [ 1198.587144] RSP: 002b:00007f3229c6ff88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 1198.587155] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f322b2fa1f7 [ 1198.587161] RDX: 00000000000001ff RSI: 0000000020000180 RDI: 00000000ffffff9c 09:32:06 executing program 4: syz_mount_image$xfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x7, &(0x7f0000000680)=[{&(0x7f0000000240)="18b82b1073111f8d83388cf372255040d93ea1ea779391c52be3db815d1b9e7ad9bddc51add6b4d571b9aeb01b10525de0a753c79488f887216246b10593923feea914d4870fd0537f950494e9a175e38b2c364204c5edcfab1b2b9b828371694dba2a2d64e28d", 0x67, 0x8}, {&(0x7f00000002c0)="a73ce62ef599d83e7f01992f66ae7abcda40f0cc351e47d2838fd14d7cb3c91fb4b80b916722873e4be473c03fc04c2f52cbd443aed019cb613bac073b1363771881b0668c491824c1b3fd9c5347faf27c37b06c6f542e043c9923de580de8b71aa1b6583ed56ca596", 0x69, 0x7b}, {&(0x7f0000000340)="ec6b563178bd9bf5660904590b1c2a97687988a38b13a39123e0e9a7d8550e3319127a5bf3795c1276828cdc846a615517f33c8ecf63207c", 0x38, 0xc27a}, {&(0x7f0000000380)="3113794c6a89de", 0x7, 0x3}, {&(0x7f00000003c0)="1e011b14f9f579ad422537533818604a2ec3482722b55d298732f0d03415d35e4d0abac5e7e06282ee2493f4ca3fbe5100d3046548f1f73a20ca8e8c5756d18cbdeaac5360bb685ff6bbd5121da3d930ed9b0e1ebe5a728ea66306f9dbc6d0e0bf52ab321e872364b72730d77ca28d6aca1e9eac729c7c7c76998aed621cb9e6d92a281b61579dccf2b458f11f48250b7e04e86c977167baae7acf367956c6cedb25f4e9c0e1784a63a817eaad93fbfb3425dea12a6ebfcf0dfa63a065568dc04e82e2d13ebe5bb99449dcf65565ede5539becfa274f07ef1beeeb7383264a9900d4c1bf816baf1833b2b01b7821fbad", 0xf0, 0x80000001}, {&(0x7f00000004c0)="a587ff60693efbdd68563a7e067f82d199607a01e6e1ad6fb4394fdb4730d747d807b4df49a0028f19039f3d805aa8cf1c5424949b2d8b895d7ecce475639a0fe197b8450b18fcf3ea4a98f70d1cda16a228a92ad2308e680e988208362c220ea6d7e6657a838184b42f9716457bd4d55868998c1bb579f594d9bb027106b9684c10d24d602dbaa10c236399414797a7111c0d5ecc697411078e0aa9a5b2be1a586ec1985c2f530017dc27eb990a97215cf5", 0xb2}, {&(0x7f0000000580)="6dc76c50b2c5c61772369e669f8c6256ac1ded0fe17f0ecd4792f3312bd06e1e9bae32796a63f4a7ad530fd71654729cb410bcda4da44363e9ddefbad7b7095402c6fc1a8f8e71409a67361ad853ecee6aed3f6401294678f5967e9956a9520fe113d5746d88862aa47da5994e5b35133f4cf36c6a10c0eeb15dc31363b37deb0c7cfb4ff7dc34aba1bf85eab321c8182ce1ed617d6219b72d6cb25f920b0324fec4e46197fbb21f4688dc10c24f8f8422917882e46f4746fa10ffc6c4b144ccdc524d736e0306c5289daf5f7a0284af59c19c65f4f5ddfc41da110bb22e8ea6716b55917c6861369e74642f58275ebd5beec61205a97aef6a8c", 0xfa, 0xffffffffffffffff}], 0x80, &(0x7f0000000740)={[{@noattr2}, {}], [{@obj_user={'obj_user', 0x3d, '\x8b:)'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '/dev/snapshot\x00'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}]}) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) ioctl$SNAPSHOT_CREATE_IMAGE(0xffffffffffffffff, 0x40043311, &(0x7f0000000080)) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x80, 0x6, 0x0, 0x9, 0x18, 0x1c, "d4e6d9b423b283d9b1be8d378aeb5e319703d94b2c16ec671b04e7794b488c3b9146ac1ddebbd10c89cd9d5b237f4ca507b0dd7bee7e634a972ab9859592dd3b", "bfddc5dce1597dcd9fcbbdc829ea24cbfedb16470e8761178c9fc500bfc32d40d79d4a49c34deb2263569b3c635ef80e02ccabd03b65e6c147648df25306bc2f", "b69a5800090a1ab0b5d865aaa60858149444e155754e086b8c331847ba88715d", [0x7, 0x642]}) syz_mount_image$xfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x7, &(0x7f0000000680)=[{&(0x7f0000000240)="18b82b1073111f8d83388cf372255040d93ea1ea779391c52be3db815d1b9e7ad9bddc51add6b4d571b9aeb01b10525de0a753c79488f887216246b10593923feea914d4870fd0537f950494e9a175e38b2c364204c5edcfab1b2b9b828371694dba2a2d64e28d", 0x67, 0x8}, {&(0x7f00000002c0)="a73ce62ef599d83e7f01992f66ae7abcda40f0cc351e47d2838fd14d7cb3c91fb4b80b916722873e4be473c03fc04c2f52cbd443aed019cb613bac073b1363771881b0668c491824c1b3fd9c5347faf27c37b06c6f542e043c9923de580de8b71aa1b6583ed56ca596", 0x69, 0x7b}, {&(0x7f0000000340)="ec6b563178bd9bf5660904590b1c2a97687988a38b13a39123e0e9a7d8550e3319127a5bf3795c1276828cdc846a615517f33c8ecf63207c", 0x38, 0xc27a}, {&(0x7f0000000380)="3113794c6a89de", 0x7, 0x3}, {&(0x7f00000003c0)="1e011b14f9f579ad422537533818604a2ec3482722b55d298732f0d03415d35e4d0abac5e7e06282ee2493f4ca3fbe5100d3046548f1f73a20ca8e8c5756d18cbdeaac5360bb685ff6bbd5121da3d930ed9b0e1ebe5a728ea66306f9dbc6d0e0bf52ab321e872364b72730d77ca28d6aca1e9eac729c7c7c76998aed621cb9e6d92a281b61579dccf2b458f11f48250b7e04e86c977167baae7acf367956c6cedb25f4e9c0e1784a63a817eaad93fbfb3425dea12a6ebfcf0dfa63a065568dc04e82e2d13ebe5bb99449dcf65565ede5539becfa274f07ef1beeeb7383264a9900d4c1bf816baf1833b2b01b7821fbad", 0xf0, 0x80000001}, {&(0x7f00000004c0)="a587ff60693efbdd68563a7e067f82d199607a01e6e1ad6fb4394fdb4730d747d807b4df49a0028f19039f3d805aa8cf1c5424949b2d8b895d7ecce475639a0fe197b8450b18fcf3ea4a98f70d1cda16a228a92ad2308e680e988208362c220ea6d7e6657a838184b42f9716457bd4d55868998c1bb579f594d9bb027106b9684c10d24d602dbaa10c236399414797a7111c0d5ecc697411078e0aa9a5b2be1a586ec1985c2f530017dc27eb990a97215cf5", 0xb2}, {&(0x7f0000000580)="6dc76c50b2c5c61772369e669f8c6256ac1ded0fe17f0ecd4792f3312bd06e1e9bae32796a63f4a7ad530fd71654729cb410bcda4da44363e9ddefbad7b7095402c6fc1a8f8e71409a67361ad853ecee6aed3f6401294678f5967e9956a9520fe113d5746d88862aa47da5994e5b35133f4cf36c6a10c0eeb15dc31363b37deb0c7cfb4ff7dc34aba1bf85eab321c8182ce1ed617d6219b72d6cb25f920b0324fec4e46197fbb21f4688dc10c24f8f8422917882e46f4746fa10ffc6c4b144ccdc524d736e0306c5289daf5f7a0284af59c19c65f4f5ddfc41da110bb22e8ea6716b55917c6861369e74642f58275ebd5beec61205a97aef6a8c", 0xfa, 0xffffffffffffffff}], 0x80, &(0x7f0000000740)={[{@noattr2}, {}], [{@obj_user={'obj_user', 0x3d, '\x8b:)'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '/dev/snapshot\x00'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}]}) (async) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) ioctl$SNAPSHOT_CREATE_IMAGE(0xffffffffffffffff, 0x40043311, &(0x7f0000000080)) (async) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x80, 0x6, 0x0, 0x9, 0x18, 0x1c, "d4e6d9b423b283d9b1be8d378aeb5e319703d94b2c16ec671b04e7794b488c3b9146ac1ddebbd10c89cd9d5b237f4ca507b0dd7bee7e634a972ab9859592dd3b", "bfddc5dce1597dcd9fcbbdc829ea24cbfedb16470e8761178c9fc500bfc32d40d79d4a49c34deb2263569b3c635ef80e02ccabd03b65e6c147648df25306bc2f", "b69a5800090a1ab0b5d865aaa60858149444e155754e086b8c331847ba88715d", [0x7, 0x642]}) (async) [ 1198.587167] RBP: 00007f3229c701d0 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1198.587172] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000140 [ 1198.587178] R13: 0000000020000180 R14: 00007f3229c6ffe0 R15: 0000000020001340 [ 1198.598940] hfsplus: creator requires a 4 character value [ 1198.619070] XFS (loop4): unknown mount option [obj_user=‹:)]. [ 1198.694266] hfsplus: unable to parse mount options 09:32:06 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="031a3960b358ae3a7efdc78fa9000000ffe6a81b03222d47fd3395921efab22098a073897a557fc22bd7e0bef119c0bf18ef5051b4713377ae790a812baee4b378f1f96578f4baa5f00b620b74cd9dab24e9d2274fef9751ca2fbf8ec82007b975eedaae"]) 09:32:06 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 37) 09:32:06 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) ioctl$SNAPSHOT_S2RAM(r0, 0x330b) r2 = openat$cgroup_ro(r1, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x0, 0x0) ioctl$SNAPSHOT_FREE_SWAP_PAGES(r2, 0x3309) 09:32:06 executing program 1: r0 = socket(0x25, 0x1, 0x0) getsockopt$netrom_NETROM_T4(r0, 0x103, 0x6, &(0x7f0000000000)=0x200, &(0x7f0000000080)=0x4) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r1, &(0x7f0000000880)={&(0x7f0000000240), 0xc, &(0x7f0000000840)={&(0x7f00000002c0)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TX_RATES={0x8, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x4}]}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_DEL_PMK(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x40, r2, 0x100, 0x70bd2a, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}]}, 0x40}, 0x1, 0x0, 0x0, 0x20040000}, 0x40000) ioctl$LOOP_GET_STATUS(0xffffffffffffffff, 0x4c03, &(0x7f00000000c0)) socket(0x25, 0x1, 0x0) (async) getsockopt$netrom_NETROM_T4(r0, 0x103, 0x6, &(0x7f0000000000)=0x200, &(0x7f0000000080)=0x4) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) (async) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r1, &(0x7f0000000880)={&(0x7f0000000240), 0xc, &(0x7f0000000840)={&(0x7f00000002c0)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TX_RATES={0x8, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x4}]}]}, 0x24}}, 0x0) (async) sendmsg$NL80211_CMD_DEL_PMK(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x40, r2, 0x100, 0x70bd2a, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}]}, 0x40}, 0x1, 0x0, 0x0, 0x20040000}, 0x40000) (async) ioctl$LOOP_GET_STATUS(0xffffffffffffffff, 0x4c03, &(0x7f00000000c0)) (async) [ 1198.695136] hfsplus: unable to parse mount options 09:32:06 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 36) 09:32:07 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) (async) ioctl$SNAPSHOT_S2RAM(r0, 0x330b) r2 = openat$cgroup_ro(r1, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x0, 0x0) ioctl$SNAPSHOT_FREE_SWAP_PAGES(r2, 0x3309) 09:32:07 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63586561746f723db6ce6751d4"]) 09:32:07 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="031a3960b358ae3a7efdc78fa9000000ffe6a81b03222d47fd3395921efab22098a073897a557fc22bd7e0bef119c0bf18ef5051b4713377ae790a812baee4b378f1f96578f4baa5f00b620b74cd9dab24e9d2274fef9751ca2fbf8ec82007b975eedaae"]) 09:32:07 executing program 1: r0 = socket(0x25, 0x1, 0x0) getsockopt$netrom_NETROM_T4(r0, 0x103, 0x6, &(0x7f0000000000)=0x200, &(0x7f0000000080)=0x4) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r1, &(0x7f0000000880)={&(0x7f0000000240), 0xc, &(0x7f0000000840)={&(0x7f00000002c0)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TX_RATES={0x8, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x4}]}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_DEL_PMK(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x40, r2, 0x100, 0x70bd2a, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}]}, 0x40}, 0x1, 0x0, 0x0, 0x20040000}, 0x40000) (async) ioctl$LOOP_GET_STATUS(0xffffffffffffffff, 0x4c03, &(0x7f00000000c0)) 09:32:07 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) ioctl$SNAPSHOT_S2RAM(r0, 0x330b) (async) r2 = openat$cgroup_ro(r1, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x0, 0x0) ioctl$SNAPSHOT_FREE_SWAP_PAGES(r2, 0x3309) [ 1198.805211] FAULT_INJECTION: forcing a failure. [ 1198.805211] name failslab, interval 1, probability 0, space 0, times 0 [ 1198.819447] CPU: 1 PID: 29960 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1198.827342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1198.836692] Call Trace: [ 1198.839287] dump_stack+0x1b2/0x281 [ 1198.842919] should_fail.cold+0x10a/0x149 [ 1198.844668] hfsplus: unable to parse mount options [ 1198.847066] should_failslab+0xd6/0x130 [ 1198.847077] kmem_cache_alloc+0x28e/0x3c0 [ 1198.847089] __d_alloc+0x2a/0xa20 [ 1198.847098] ? d_lookup+0x172/0x220 [ 1198.847109] d_alloc+0x46/0x240 [ 1198.847121] __lookup_hash+0x101/0x270 [ 1198.874299] filename_create+0x156/0x3f0 [ 1198.878363] ? kern_path_mountpoint+0x40/0x40 [ 1198.882868] SyS_mkdirat+0x95/0x270 [ 1198.886495] ? SyS_mknod+0x30/0x30 [ 1198.890027] ? fput_many+0xe/0x140 [ 1198.893564] ? do_syscall_64+0x4c/0x640 [ 1198.897532] ? SyS_mknod+0x30/0x30 [ 1198.901069] do_syscall_64+0x1d5/0x640 [ 1198.904963] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1198.910148] RIP: 0033:0x7f463664c1f7 [ 1198.913859] RSP: 002b:00007f4634fc1f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 1198.921566] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f463664c1f7 [ 1198.928831] RDX: 00000000000001ff RSI: 0000000020000180 RDI: 00000000ffffff9c [ 1198.936096] RBP: 00007f4634fc21d0 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1198.943362] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000140 09:32:07 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x40001, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) ioctl$SNAPSHOT_FREE(r0, 0x3305) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r3) ioctl$SOUND_MIXER_READ_DEVMASK(r3, 0x80044dfe, &(0x7f0000000000)) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r2) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r2, 0x330f, 0x6b2) syz_open_dev$loop(&(0x7f00000000c0), 0xffff, 0x80000) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r1, 0x330f, 0x40) 09:32:07 executing program 1: socket(0x25, 0x1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r0, 0x0, 0xb85910a0c67f5742) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r1) 09:32:07 executing program 5: r0 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000040)='syz1\x00', 0x200002, 0x0) openat$cgroup_ro(r0, &(0x7f0000000080)='net_prio.prioidx\x00', 0x0, 0x0) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="63726561746f7289f440ec1e4dbf2678ec27612924a7d23dd7ce6751d4"]) syz_mount_image$xfs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x24d, 0x5, &(0x7f0000000500)=[{&(0x7f00000001c0)="c47caaee3bf141239d29323cf028bcb4812223a59036740825835fc8b4edbe14634379ed340acfc50756cffa64ee95177b4c69b67ed75815f2a71702ba4ffc15217d471c4cf8736acff145b1880335c6c92133665543c7a9ed1cba2bdbe198eb120bb9", 0x63, 0xffffffffffffff4e}, {&(0x7f0000000240)="a41609d5d5b51309550e8e1ce25de12ef641db194020ea3f61d739eded5b60c084b7c788a24285110b2c44c02413220c95327f03dddad672030818457ca32c5177abe64eea4bda9daff7f8e54f53f908ade82f637cd42c52f666781b9838d1dbdf8ea5255784cd95560012db66ac758a5f6b98d0806e2d6eff0b8614e3af82178ae09087f39edf9b044b8658ceca2decdfbed46bb9f345aed5326302e4f711b3896d44a73c13853d05c7b00e0ccfcc3fd9fafdfb8ea457938d190ebb9b0fff458085953b0b311f10f3ac39120b448d0f2e1ddac3e407f12b6ef58ac4b10f83c392351f4c8f791046e37d7870c8c66cc028db3c", 0xf3, 0x89}, {&(0x7f0000000340)="2b08946040b1460624f6971e4dd7a3305effb4aa0387aed582ee0f", 0x1b, 0x3}, {&(0x7f0000000380)="1093265cedba8d935f00d7a5d47933b3be66a008180f06f9c67e3e7493095e4777fd0b1379712ac7190fca424c29a86753e35f9ecdb3b6377660b5874928f30ee32f5578b25fa1e3acac88b7359b31bc4c148ed16643d3f5202cf2d41587001ae9897a58cf1593c2352cbab23a2e57e50684512adb833a9440248e515b34af2867fc78135a99c74a44ba3f90f65b9288fdaa261c918de7559c7a7df2e6fecd3347b9673b2422a261b329e424c7b8034cd3aec234e3a904ae8afe", 0xba, 0x8}, {&(0x7f0000000440)="4b3c92bb7c00a6d3a6cbdc44a0e1d879b6cff5f99bf67eb50188071ba2a205b6947cdc5c5f605b29405c79cb9c7bf3bd821e5514897f112ba1ed13dff9005864a23f1b02fa3e386ce65ba7e8d2a39d75608f3c7d6b01aadf57744274c6bee43cc29c67d139426c4f0946e761b0c48a225895f725852afdc19c3aae18b77cba5bf8f96973a269ca41cc6e44a32c86d43cda713092f2808c230d84c2a523f7927dd0", 0xa1, 0x4}], 0x22010, &(0x7f0000000580)={[{@quota}, {@bsdgroups}, {@dax}], [{@fsmagic={'fsmagic', 0x3d, 0x7}}, {@dont_appraise}, {@func={'func', 0x3d, 'MODULE_CHECK'}}, {@audit}, {@obj_user={'obj_user', 0x3d, 'hfsplus\x00'}}, {@audit}]}) [ 1198.950630] R13: 0000000020000180 R14: 00007f4634fc1fe0 R15: 0000000020001340 [ 1198.961116] FAULT_INJECTION: forcing a failure. [ 1198.961116] name failslab, interval 1, probability 0, space 0, times 0 [ 1198.981693] hfsplus: unable to parse mount options 09:32:07 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 38) 09:32:07 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="031a3960b358ae3a7efdc78fa9000000ffe6a81b03222d47fd3395921efab22098a073897a557fc22bd7e0bef119c0bf18ef5051b4713377ae790a812baee4b378f1f96578f4baa5f00b620b74cd9dab24e9d2274fef9751ca2fbf8ec82007b975eedaae"]) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="031a3960b358ae3a7efdc78fa9000000ffe6a81b03222d47fd3395921efab22098a073897a557fc22bd7e0bef119c0bf18ef5051b4713377ae790a812baee4b378f1f96578f4baa5f00b620b74cd9dab24e9d2274fef9751ca2fbf8ec82007b975eedaae"]) (async) [ 1199.012324] Restarting kernel threads ... done. 09:32:07 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x40001, 0x0) (async) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) ioctl$SNAPSHOT_FREE(r0, 0x3305) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r3) (async) ioctl$SOUND_MIXER_READ_DEVMASK(r3, 0x80044dfe, &(0x7f0000000000)) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r2) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r2, 0x330f, 0x6b2) (async) syz_open_dev$loop(&(0x7f00000000c0), 0xffff, 0x80000) (async) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r1, 0x330f, 0x40) [ 1199.053063] CPU: 0 PID: 29972 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1199.060966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1199.066055] hfsplus: unable to parse mount options [ 1199.070322] Call Trace: [ 1199.070340] dump_stack+0x1b2/0x281 [ 1199.070355] should_fail.cold+0x10a/0x149 [ 1199.070369] should_failslab+0xd6/0x130 [ 1199.070389] kmem_cache_alloc+0x28e/0x3c0 [ 1199.070403] getname_flags+0xc8/0x550 [ 1199.078759] hfsplus: unable to parse mount options [ 1199.081509] SyS_mkdirat+0x83/0x270 [ 1199.081522] ? SyS_mknod+0x30/0x30 [ 1199.081532] ? fput_many+0xe/0x140 [ 1199.081541] ? do_syscall_64+0x4c/0x640 [ 1199.081551] ? SyS_mknod+0x30/0x30 [ 1199.092989] Restarting kernel threads ... [ 1199.093761] do_syscall_64+0x1d5/0x640 [ 1199.093779] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1199.093787] RIP: 0033:0x7f322b2fa1f7 [ 1199.093792] RSP: 002b:00007f3229c6ff88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 1199.098854] done. [ 1199.102489] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f322b2fa1f7 [ 1199.102495] RDX: 00000000000001ff RSI: 0000000020000180 RDI: 00000000ffffff9c [ 1199.102501] RBP: 00007f3229c701d0 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1199.102507] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000140 [ 1199.102513] R13: 0000000020000180 R14: 00007f3229c6ffe0 R15: 0000000020001340 [ 1199.189523] FAULT_INJECTION: forcing a failure. [ 1199.189523] name failslab, interval 1, probability 0, space 0, times 0 [ 1199.205933] CPU: 0 PID: 30019 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1199.213825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1199.223175] Call Trace: [ 1199.225760] dump_stack+0x1b2/0x281 [ 1199.229402] should_fail.cold+0x10a/0x149 [ 1199.233554] should_failslab+0xd6/0x130 [ 1199.237532] kmem_cache_alloc+0x28e/0x3c0 [ 1199.241684] ? ext4_sync_fs+0x7e0/0x7e0 [ 1199.245658] ext4_alloc_inode+0x1a/0x640 [ 1199.249721] ? ext4_sync_fs+0x7e0/0x7e0 [ 1199.253690] alloc_inode+0x5d/0x170 [ 1199.257311] new_inode+0x1d/0xf0 [ 1199.260675] __ext4_new_inode+0x360/0x4eb0 [ 1199.264909] ? kmem_cache_free+0x7c/0x2b0 [ 1199.269052] ? putname+0xcd/0x110 [ 1199.272503] ? SyS_mkdirat+0x95/0x270 [ 1199.276303] ? entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1199.282121] ? ext4_free_inode+0x1460/0x1460 [ 1199.286532] ? lock_downgrade+0x740/0x740 [ 1199.290679] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1199.295781] ? dquot_initialize_needed+0x240/0x240 [ 1199.300715] ext4_mkdir+0x2e4/0xbd0 [ 1199.304349] ? ext4_init_dot_dotdot+0x5a0/0x5a0 [ 1199.309019] ? security_inode_mkdir+0xca/0x100 [ 1199.313598] vfs_mkdir+0x463/0x6e0 [ 1199.317153] SyS_mkdirat+0x1fd/0x270 [ 1199.320869] ? SyS_mknod+0x30/0x30 [ 1199.324404] ? fput_many+0xe/0x140 [ 1199.327945] ? do_syscall_64+0x4c/0x640 [ 1199.331915] ? SyS_mknod+0x30/0x30 [ 1199.335451] do_syscall_64+0x1d5/0x640 [ 1199.339340] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1199.344526] RIP: 0033:0x7f463664c1f7 [ 1199.348230] RSP: 002b:00007f4634fc1f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 09:32:07 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 37) 09:32:07 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x40001, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) ioctl$SNAPSHOT_FREE(r0, 0x3305) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r3) (async) ioctl$SOUND_MIXER_READ_DEVMASK(r3, 0x80044dfe, &(0x7f0000000000)) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r2) (async) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r2, 0x330f, 0x6b2) syz_open_dev$loop(&(0x7f00000000c0), 0xffff, 0x80000) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r1, 0x330f, 0x40) 09:32:07 executing program 1: socket(0x25, 0x1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r0, 0x0, 0xb85910a0c67f5742) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r1) socket(0x25, 0x1, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$SMC_PNETID_DEL(r0, 0x0, 0xb85910a0c67f5742) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r1) (async) 09:32:07 executing program 5: r0 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000040)='syz1\x00', 0x200002, 0x0) openat$cgroup_ro(r0, &(0x7f0000000080)='net_prio.prioidx\x00', 0x0, 0x0) (async) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="63726561746f7289f440ec1e4dbf2678ec27612924a7d23dd7ce6751d4"]) syz_mount_image$xfs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x24d, 0x5, &(0x7f0000000500)=[{&(0x7f00000001c0)="c47caaee3bf141239d29323cf028bcb4812223a59036740825835fc8b4edbe14634379ed340acfc50756cffa64ee95177b4c69b67ed75815f2a71702ba4ffc15217d471c4cf8736acff145b1880335c6c92133665543c7a9ed1cba2bdbe198eb120bb9", 0x63, 0xffffffffffffff4e}, {&(0x7f0000000240)="a41609d5d5b51309550e8e1ce25de12ef641db194020ea3f61d739eded5b60c084b7c788a24285110b2c44c02413220c95327f03dddad672030818457ca32c5177abe64eea4bda9daff7f8e54f53f908ade82f637cd42c52f666781b9838d1dbdf8ea5255784cd95560012db66ac758a5f6b98d0806e2d6eff0b8614e3af82178ae09087f39edf9b044b8658ceca2decdfbed46bb9f345aed5326302e4f711b3896d44a73c13853d05c7b00e0ccfcc3fd9fafdfb8ea457938d190ebb9b0fff458085953b0b311f10f3ac39120b448d0f2e1ddac3e407f12b6ef58ac4b10f83c392351f4c8f791046e37d7870c8c66cc028db3c", 0xf3, 0x89}, {&(0x7f0000000340)="2b08946040b1460624f6971e4dd7a3305effb4aa0387aed582ee0f", 0x1b, 0x3}, {&(0x7f0000000380)="1093265cedba8d935f00d7a5d47933b3be66a008180f06f9c67e3e7493095e4777fd0b1379712ac7190fca424c29a86753e35f9ecdb3b6377660b5874928f30ee32f5578b25fa1e3acac88b7359b31bc4c148ed16643d3f5202cf2d41587001ae9897a58cf1593c2352cbab23a2e57e50684512adb833a9440248e515b34af2867fc78135a99c74a44ba3f90f65b9288fdaa261c918de7559c7a7df2e6fecd3347b9673b2422a261b329e424c7b8034cd3aec234e3a904ae8afe", 0xba, 0x8}, {&(0x7f0000000440)="4b3c92bb7c00a6d3a6cbdc44a0e1d879b6cff5f99bf67eb50188071ba2a205b6947cdc5c5f605b29405c79cb9c7bf3bd821e5514897f112ba1ed13dff9005864a23f1b02fa3e386ce65ba7e8d2a39d75608f3c7d6b01aadf57744274c6bee43cc29c67d139426c4f0946e761b0c48a225895f725852afdc19c3aae18b77cba5bf8f96973a269ca41cc6e44a32c86d43cda713092f2808c230d84c2a523f7927dd0", 0xa1, 0x4}], 0x22010, &(0x7f0000000580)={[{@quota}, {@bsdgroups}, {@dax}], [{@fsmagic={'fsmagic', 0x3d, 0x7}}, {@dont_appraise}, {@func={'func', 0x3d, 'MODULE_CHECK'}}, {@audit}, {@obj_user={'obj_user', 0x3d, 'hfsplus\x00'}}, {@audit}]}) 09:32:07 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 39) [ 1199.355933] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f463664c1f7 [ 1199.363195] RDX: 00000000000001ff RSI: 0000000020000180 RDI: 00000000ffffff9c [ 1199.370462] RBP: 00007f4634fc21d0 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1199.377729] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000140 [ 1199.385493] R13: 0000000020000180 R14: 00007f4634fc1fe0 R15: 0000000020001340 09:32:07 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d478226968b464bad7fb4f1b209df7c8e008cdf6b81fb6b7ac2716adfea8d3358621b526920178b6b7dcd1a3d43e6005f5889e0f2a2c1c2f70eac2241dcd565c9695f29076d4770ec99a6819f0bc7b8af82ff70a437fcd7d51eb9c9286cb1562cf5297c8e985d9d318177a13fb26a7730eceda78238b2b5f950a8020a590d68091338a84cf0e"]) [ 1199.458629] Restarting kernel threads ... done. [ 1199.474786] hfsplus: unable to parse mount options [ 1199.478510] FAULT_INJECTION: forcing a failure. [ 1199.478510] name failslab, interval 1, probability 0, space 0, times 0 09:32:07 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x94140, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) [ 1199.545471] CPU: 0 PID: 30039 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1199.553369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1199.553374] Call Trace: [ 1199.553391] dump_stack+0x1b2/0x281 [ 1199.553407] should_fail.cold+0x10a/0x149 [ 1199.573054] should_failslab+0xd6/0x130 [ 1199.573123] FAULT_INJECTION: forcing a failure. [ 1199.573123] name failslab, interval 1, probability 0, space 0, times 0 [ 1199.577023] kmem_cache_alloc+0x28e/0x3c0 [ 1199.577036] __d_alloc+0x2a/0xa20 [ 1199.577044] ? d_lookup+0x172/0x220 [ 1199.577054] d_alloc+0x46/0x240 [ 1199.577070] __lookup_hash+0x101/0x270 [ 1199.593507] hfsplus: unable to parse mount options [ 1199.595913] filename_create+0x156/0x3f0 [ 1199.595925] ? kern_path_mountpoint+0x40/0x40 [ 1199.595941] SyS_mkdirat+0x95/0x270 [ 1199.613049] hfsplus: creator requires a 4 character value [ 1199.615646] ? SyS_mknod+0x30/0x30 [ 1199.615657] ? fput_many+0xe/0x140 [ 1199.615667] ? do_syscall_64+0x4c/0x640 [ 1199.615678] ? SyS_mknod+0x30/0x30 [ 1199.643823] do_syscall_64+0x1d5/0x640 [ 1199.646512] hfsplus: unable to parse mount options [ 1199.647711] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1199.647720] RIP: 0033:0x7f322b2fa1f7 [ 1199.647724] RSP: 002b:00007f3229c6ff88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 1199.669200] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f322b2fa1f7 [ 1199.676465] RDX: 00000000000001ff RSI: 0000000020000180 RDI: 00000000ffffff9c [ 1199.683732] RBP: 00007f3229c701d0 R08: 0000000000000000 R09: 00007f3229c701d0 09:32:07 executing program 1: socket(0x25, 0x1, 0x0) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r0, 0x0, 0xb85910a0c67f5742) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r1) 09:32:07 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x94140, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) 09:32:07 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x94140, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) 09:32:07 executing program 1: r0 = socket(0x25, 0x1, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f0000000000)=0x6, 0x4) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) 09:32:07 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 38) [ 1199.691003] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000140 [ 1199.698272] R13: 0000000020000180 R14: 00007f3229c6ffe0 R15: 0000000020001340 [ 1199.752801] CPU: 1 PID: 30054 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1199.760702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1199.770047] Call Trace: [ 1199.772616] dump_stack+0x1b2/0x281 [ 1199.776224] should_fail.cold+0x10a/0x149 [ 1199.780353] should_failslab+0xd6/0x130 [ 1199.784322] __kmalloc+0x2c1/0x400 [ 1199.787865] ? ext4_find_extent+0x879/0xbc0 [ 1199.792191] ext4_find_extent+0x879/0xbc0 [ 1199.796323] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 1199.801751] ext4_ext_map_blocks+0x19a/0x6b10 [ 1199.806228] ? __lock_acquire+0x5fc/0x3f20 [ 1199.810444] ? __lock_acquire+0x5fc/0x3f20 [ 1199.814662] ? mark_buffer_dirty+0x95/0x480 [ 1199.818966] ? trace_hardirqs_on+0x10/0x10 [ 1199.823181] ? __ext4_handle_dirty_metadata+0x120/0x480 [ 1199.828522] ? ext4_find_delalloc_cluster+0x180/0x180 [ 1199.833690] ? trace_hardirqs_on+0x10/0x10 [ 1199.837907] ? ext4_mark_iloc_dirty+0x1822/0x26a0 [ 1199.842742] ? ext4_es_lookup_extent+0x321/0xac0 [ 1199.847486] ? lock_acquire+0x170/0x3f0 [ 1199.851460] ? lock_acquire+0x170/0x3f0 [ 1199.855416] ? ext4_map_blocks+0x29f/0x1730 [ 1199.859727] ext4_map_blocks+0xb19/0x1730 [ 1199.863858] ? ext4_issue_zeroout+0x150/0x150 [ 1199.868441] ? __ext4_new_inode+0x27c/0x4eb0 [ 1199.872830] ext4_getblk+0x98/0x3f0 [ 1199.876448] ? ext4_iomap_begin+0x7f0/0x7f0 [ 1199.880757] ext4_bread+0x6c/0x1a0 [ 1199.884274] ? ext4_getblk+0x3f0/0x3f0 [ 1199.888141] ? dquot_initialize_needed+0x240/0x240 [ 1199.893048] ext4_append+0x143/0x350 [ 1199.896759] ext4_mkdir+0x4c9/0xbd0 [ 1199.900373] ? ext4_init_dot_dotdot+0x5a0/0x5a0 [ 1199.905025] ? security_inode_mkdir+0xca/0x100 [ 1199.909587] vfs_mkdir+0x463/0x6e0 [ 1199.913110] SyS_mkdirat+0x1fd/0x270 [ 1199.916809] ? SyS_mknod+0x30/0x30 [ 1199.920331] ? fput_many+0xe/0x140 [ 1199.923850] ? do_syscall_64+0x4c/0x640 [ 1199.927800] ? SyS_mknod+0x30/0x30 [ 1199.931327] do_syscall_64+0x1d5/0x640 [ 1199.935203] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1199.940371] RIP: 0033:0x7f463664c1f7 [ 1199.944058] RSP: 002b:00007f4634fc1f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 1199.951745] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f463664c1f7 [ 1199.959003] RDX: 00000000000001ff RSI: 0000000020000180 RDI: 00000000ffffff9c [ 1199.966259] RBP: 00007f4634fc21d0 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1199.973603] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000140 [ 1199.980854] R13: 0000000020000180 R14: 00007f4634fc1fe0 R15: 0000000020001340 [ 1200.012439] FAULT_INJECTION: forcing a failure. [ 1200.012439] name failslab, interval 1, probability 0, space 0, times 0 [ 1200.028380] CPU: 1 PID: 30088 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1200.036287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1200.044029] hfsplus: creator requires a 4 character value [ 1200.045637] Call Trace: [ 1200.045657] dump_stack+0x1b2/0x281 [ 1200.045673] should_fail.cold+0x10a/0x149 09:32:08 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d478226968b464bad7fb4f1b209df7c8e008cdf6b81fb6b7ac2716adfea8d3358621b526920178b6b7dcd1a3d43e6005f5889e0f2a2c1c2f70eac2241dcd565c9695f29076d4770ec99a6819f0bc7b8af82ff70a437fcd7d51eb9c9286cb1562cf5297c8e985d9d318177a13fb26a7730eceda78238b2b5f950a8020a590d68091338a84cf0e"]) 09:32:08 executing program 5: r0 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000040)='syz1\x00', 0x200002, 0x0) openat$cgroup_ro(r0, &(0x7f0000000080)='net_prio.prioidx\x00', 0x0, 0x0) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="63726561746f7289f440ec1e4dbf2678ec27612924a7d23dd7ce6751d4"]) syz_mount_image$xfs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x24d, 0x5, &(0x7f0000000500)=[{&(0x7f00000001c0)="c47caaee3bf141239d29323cf028bcb4812223a59036740825835fc8b4edbe14634379ed340acfc50756cffa64ee95177b4c69b67ed75815f2a71702ba4ffc15217d471c4cf8736acff145b1880335c6c92133665543c7a9ed1cba2bdbe198eb120bb9", 0x63, 0xffffffffffffff4e}, {&(0x7f0000000240)="a41609d5d5b51309550e8e1ce25de12ef641db194020ea3f61d739eded5b60c084b7c788a24285110b2c44c02413220c95327f03dddad672030818457ca32c5177abe64eea4bda9daff7f8e54f53f908ade82f637cd42c52f666781b9838d1dbdf8ea5255784cd95560012db66ac758a5f6b98d0806e2d6eff0b8614e3af82178ae09087f39edf9b044b8658ceca2decdfbed46bb9f345aed5326302e4f711b3896d44a73c13853d05c7b00e0ccfcc3fd9fafdfb8ea457938d190ebb9b0fff458085953b0b311f10f3ac39120b448d0f2e1ddac3e407f12b6ef58ac4b10f83c392351f4c8f791046e37d7870c8c66cc028db3c", 0xf3, 0x89}, {&(0x7f0000000340)="2b08946040b1460624f6971e4dd7a3305effb4aa0387aed582ee0f", 0x1b, 0x3}, {&(0x7f0000000380)="1093265cedba8d935f00d7a5d47933b3be66a008180f06f9c67e3e7493095e4777fd0b1379712ac7190fca424c29a86753e35f9ecdb3b6377660b5874928f30ee32f5578b25fa1e3acac88b7359b31bc4c148ed16643d3f5202cf2d41587001ae9897a58cf1593c2352cbab23a2e57e50684512adb833a9440248e515b34af2867fc78135a99c74a44ba3f90f65b9288fdaa261c918de7559c7a7df2e6fecd3347b9673b2422a261b329e424c7b8034cd3aec234e3a904ae8afe", 0xba, 0x8}, {&(0x7f0000000440)="4b3c92bb7c00a6d3a6cbdc44a0e1d879b6cff5f99bf67eb50188071ba2a205b6947cdc5c5f605b29405c79cb9c7bf3bd821e5514897f112ba1ed13dff9005864a23f1b02fa3e386ce65ba7e8d2a39d75608f3c7d6b01aadf57744274c6bee43cc29c67d139426c4f0946e761b0c48a225895f725852afdc19c3aae18b77cba5bf8f96973a269ca41cc6e44a32c86d43cda713092f2808c230d84c2a523f7927dd0", 0xa1, 0x4}], 0x22010, &(0x7f0000000580)={[{@quota}, {@bsdgroups}, {@dax}], [{@fsmagic={'fsmagic', 0x3d, 0x7}}, {@dont_appraise}, {@func={'func', 0x3d, 'MODULE_CHECK'}}, {@audit}, {@obj_user={'obj_user', 0x3d, 'hfsplus\x00'}}, {@audit}]}) openat$cgroup(0xffffffffffffffff, &(0x7f0000000040)='syz1\x00', 0x200002, 0x0) (async) openat$cgroup_ro(r0, &(0x7f0000000080)='net_prio.prioidx\x00', 0x0, 0x0) (async) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="63726561746f7289f440ec1e4dbf2678ec27612924a7d23dd7ce6751d4"]) (async) syz_mount_image$xfs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x24d, 0x5, &(0x7f0000000500)=[{&(0x7f00000001c0)="c47caaee3bf141239d29323cf028bcb4812223a59036740825835fc8b4edbe14634379ed340acfc50756cffa64ee95177b4c69b67ed75815f2a71702ba4ffc15217d471c4cf8736acff145b1880335c6c92133665543c7a9ed1cba2bdbe198eb120bb9", 0x63, 0xffffffffffffff4e}, {&(0x7f0000000240)="a41609d5d5b51309550e8e1ce25de12ef641db194020ea3f61d739eded5b60c084b7c788a24285110b2c44c02413220c95327f03dddad672030818457ca32c5177abe64eea4bda9daff7f8e54f53f908ade82f637cd42c52f666781b9838d1dbdf8ea5255784cd95560012db66ac758a5f6b98d0806e2d6eff0b8614e3af82178ae09087f39edf9b044b8658ceca2decdfbed46bb9f345aed5326302e4f711b3896d44a73c13853d05c7b00e0ccfcc3fd9fafdfb8ea457938d190ebb9b0fff458085953b0b311f10f3ac39120b448d0f2e1ddac3e407f12b6ef58ac4b10f83c392351f4c8f791046e37d7870c8c66cc028db3c", 0xf3, 0x89}, {&(0x7f0000000340)="2b08946040b1460624f6971e4dd7a3305effb4aa0387aed582ee0f", 0x1b, 0x3}, {&(0x7f0000000380)="1093265cedba8d935f00d7a5d47933b3be66a008180f06f9c67e3e7493095e4777fd0b1379712ac7190fca424c29a86753e35f9ecdb3b6377660b5874928f30ee32f5578b25fa1e3acac88b7359b31bc4c148ed16643d3f5202cf2d41587001ae9897a58cf1593c2352cbab23a2e57e50684512adb833a9440248e515b34af2867fc78135a99c74a44ba3f90f65b9288fdaa261c918de7559c7a7df2e6fecd3347b9673b2422a261b329e424c7b8034cd3aec234e3a904ae8afe", 0xba, 0x8}, {&(0x7f0000000440)="4b3c92bb7c00a6d3a6cbdc44a0e1d879b6cff5f99bf67eb50188071ba2a205b6947cdc5c5f605b29405c79cb9c7bf3bd821e5514897f112ba1ed13dff9005864a23f1b02fa3e386ce65ba7e8d2a39d75608f3c7d6b01aadf57744274c6bee43cc29c67d139426c4f0946e761b0c48a225895f725852afdc19c3aae18b77cba5bf8f96973a269ca41cc6e44a32c86d43cda713092f2808c230d84c2a523f7927dd0", 0xa1, 0x4}], 0x22010, &(0x7f0000000580)={[{@quota}, {@bsdgroups}, {@dax}], [{@fsmagic={'fsmagic', 0x3d, 0x7}}, {@dont_appraise}, {@func={'func', 0x3d, 'MODULE_CHECK'}}, {@audit}, {@obj_user={'obj_user', 0x3d, 'hfsplus\x00'}}, {@audit}]}) (async) [ 1200.045687] should_failslab+0xd6/0x130 [ 1200.045702] kmem_cache_alloc+0x28e/0x3c0 [ 1200.069626] __d_alloc+0x2a/0xa20 [ 1200.069637] ? d_lookup+0x172/0x220 [ 1200.069649] d_alloc+0x46/0x240 [ 1200.069662] __lookup_hash+0x101/0x270 [ 1200.069673] filename_create+0x156/0x3f0 [ 1200.075507] hfsplus: unable to parse mount options [ 1200.076721] ? kern_path_mountpoint+0x40/0x40 [ 1200.076737] SyS_mkdirat+0x95/0x270 [ 1200.076747] ? SyS_mknod+0x30/0x30 [ 1200.076757] ? fput_many+0xe/0x140 [ 1200.076767] ? do_syscall_64+0x4c/0x640 09:32:08 executing program 1: r0 = socket(0x25, 0x1, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f0000000000)=0x6, 0x4) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) socket(0x25, 0x1, 0x0) (async) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f0000000000)=0x6, 0x4) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) 09:32:08 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) r2 = syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$SEG6_CMD_DUMPHMAC(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="db"], 0x44}}, 0x0) sendmsg$SEG6_CMD_DUMPHMAC(r3, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x44, r5, 0x8, 0x70bd2d, 0x25dfdbfb, {}, [@SEG6_ATTR_SECRET={0xc, 0x4, [0x20000000, 0x1ff]}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x5}, @SEG6_ATTR_SECRETLEN={0x5}, @SEG6_ATTR_DST={0x14, 0x1, @private0}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000080}, 0x3dec907fb06e1462) sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, r2, 0x400, 0x70bd2b, 0x25dfdbfd, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}]}, 0x30}}, 0x40) write$P9_RFSYNC(r1, &(0x7f0000000080)={0x7, 0x33, 0x2}, 0x7) [ 1200.076777] ? SyS_mknod+0x30/0x30 [ 1200.076788] do_syscall_64+0x1d5/0x640 [ 1200.076803] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1200.076811] RIP: 0033:0x7f322b2fa1f7 [ 1200.076816] RSP: 002b:00007f3229c6ff88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 1200.076826] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f322b2fa1f7 [ 1200.076831] RDX: 00000000000001ff RSI: 0000000020000180 RDI: 00000000ffffff9c [ 1200.076836] RBP: 00007f3229c701d0 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1200.076841] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000140 [ 1200.076846] R13: 0000000020000180 R14: 00007f3229c6ffe0 R15: 0000000020001340 [ 1200.100140] hfsplus: unable to parse mount options [ 1200.190271] hfsplus: creator requires a 4 character value [ 1200.204536] hfsplus: unable to parse mount options 09:32:08 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 40) 09:32:08 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) r2 = syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) (async) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0) (async) r4 = socket$nl_generic(0x10, 0x3, 0x10) (async) r5 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$SEG6_CMD_DUMPHMAC(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="db"], 0x44}}, 0x0) (async) sendmsg$SEG6_CMD_DUMPHMAC(r3, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x44, r5, 0x8, 0x70bd2d, 0x25dfdbfb, {}, [@SEG6_ATTR_SECRET={0xc, 0x4, [0x20000000, 0x1ff]}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x5}, @SEG6_ATTR_SECRETLEN={0x5}, @SEG6_ATTR_DST={0x14, 0x1, @private0}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000080}, 0x3dec907fb06e1462) (async) sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, r2, 0x400, 0x70bd2b, 0x25dfdbfd, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}]}, 0x30}}, 0x40) write$P9_RFSYNC(r1, &(0x7f0000000080)={0x7, 0x33, 0x2}, 0x7) 09:32:08 executing program 1: r0 = socket(0x25, 0x1, 0x0) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f0000000000)=0x6, 0x4) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) socket(0x25, 0x1, 0x0) (async) setsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f0000000000)=0x6, 0x4) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) 09:32:08 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x40000000000, 0x0, &(0x7f0000000000), 0x4, &(0x7f0000001340)=ANY=[@ANYBLOB="63726569846f723dd7ce5a51d4"]) 09:32:08 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 39) 09:32:08 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d478226968b464bad7fb4f1b209df7c8e008cdf6b81fb6b7ac2716adfea8d3358621b526920178b6b7dcd1a3d43e6005f5889e0f2a2c1c2f70eac2241dcd565c9695f29076d4770ec99a6819f0bc7b8af82ff70a437fcd7d51eb9c9286cb1562cf5297c8e985d9d318177a13fb26a7730eceda78238b2b5f950a8020a590d68091338a84cf0e"]) 09:32:08 executing program 1: r0 = socket(0x25, 0x1, 0x0) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) sendmsg$SEG6_CMD_GET_TUNSRC(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="10002dbd7000fddbdf25040000000500060009000000050006000600000008000200ff7f000014000100200100000000000000000000000000314d6b49bb51bc780005001600010000000800020000000800"], 0x58}, 0x1, 0x0, 0x0, 0x400c5}, 0x4000000) [ 1200.309949] hfsplus: unable to parse mount options 09:32:08 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) r2 = syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$SEG6_CMD_DUMPHMAC(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="db"], 0x44}}, 0x0) sendmsg$SEG6_CMD_DUMPHMAC(r3, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x44, r5, 0x8, 0x70bd2d, 0x25dfdbfb, {}, [@SEG6_ATTR_SECRET={0xc, 0x4, [0x20000000, 0x1ff]}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x5}, @SEG6_ATTR_SECRETLEN={0x5}, @SEG6_ATTR_DST={0x14, 0x1, @private0}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000080}, 0x3dec907fb06e1462) sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, r2, 0x400, 0x70bd2b, 0x25dfdbfd, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}]}, 0x30}}, 0x40) write$P9_RFSYNC(r1, &(0x7f0000000080)={0x7, 0x33, 0x2}, 0x7) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) (async) sendmsg$SEG6_CMD_DUMPHMAC(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="db"], 0x44}}, 0x0) (async) sendmsg$SEG6_CMD_DUMPHMAC(r3, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x44, r5, 0x8, 0x70bd2d, 0x25dfdbfb, {}, [@SEG6_ATTR_SECRET={0xc, 0x4, [0x20000000, 0x1ff]}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x5}, @SEG6_ATTR_SECRETLEN={0x5}, @SEG6_ATTR_DST={0x14, 0x1, @private0}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000080}, 0x3dec907fb06e1462) (async) sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, r2, 0x400, 0x70bd2b, 0x25dfdbfd, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}]}, 0x30}}, 0x40) (async) write$P9_RFSYNC(r1, &(0x7f0000000080)={0x7, 0x33, 0x2}, 0x7) (async) 09:32:08 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x40000000000, 0x0, &(0x7f0000000000), 0x4, &(0x7f0000001340)=ANY=[@ANYBLOB="63726569846f723dd7ce5a51d4"]) [ 1200.336257] hfsplus: creator requires a 4 character value [ 1200.353601] hfsplus: unable to parse mount options [ 1200.356610] FAULT_INJECTION: forcing a failure. [ 1200.356610] name failslab, interval 1, probability 0, space 0, times 0 09:32:08 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_GET_IMAGE_SIZE(r0, 0x8008330e, &(0x7f0000000180)) recvfrom$netrom(0xffffffffffffffff, &(0x7f0000000080)=""/245, 0xf5, 0x10040, 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) 09:32:08 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_GET_IMAGE_SIZE(r0, 0x8008330e, &(0x7f0000000180)) recvfrom$netrom(0xffffffffffffffff, &(0x7f0000000080)=""/245, 0xf5, 0x10040, 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$SNAPSHOT_GET_IMAGE_SIZE(r0, 0x8008330e, &(0x7f0000000180)) (async) recvfrom$netrom(0xffffffffffffffff, &(0x7f0000000080)=""/245, 0xf5, 0x10040, 0x0, 0x0) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) [ 1200.385614] hfsplus: unable to parse mount options [ 1200.392090] FAULT_INJECTION: forcing a failure. [ 1200.392090] name failslab, interval 1, probability 0, space 0, times 0 [ 1200.403392] CPU: 1 PID: 30141 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1200.411267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1200.420613] Call Trace: [ 1200.423202] dump_stack+0x1b2/0x281 [ 1200.426834] should_fail.cold+0x10a/0x149 [ 1200.430986] should_failslab+0xd6/0x130 09:32:08 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_GET_IMAGE_SIZE(r0, 0x8008330e, &(0x7f0000000180)) recvfrom$netrom(0xffffffffffffffff, &(0x7f0000000080)=""/245, 0xf5, 0x10040, 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$SNAPSHOT_GET_IMAGE_SIZE(r0, 0x8008330e, &(0x7f0000000180)) (async) recvfrom$netrom(0xffffffffffffffff, &(0x7f0000000080)=""/245, 0xf5, 0x10040, 0x0, 0x0) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) [ 1200.434957] kmem_cache_alloc+0x40/0x3c0 [ 1200.439020] __es_insert_extent+0x338/0x1360 [ 1200.443436] ? __es_shrink+0x8c0/0x8c0 [ 1200.447320] ? lock_acquire+0x170/0x3f0 [ 1200.451289] ? ext4_es_insert_extent+0x11f/0x530 [ 1200.456055] ext4_es_insert_extent+0x1b9/0x530 [ 1200.460638] ? ext4_es_find_delayed_extent_range+0x930/0x930 [ 1200.466435] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 1200.471885] ? ext4_es_find_delayed_extent_range+0x646/0x930 [ 1200.477683] ext4_ext_map_blocks+0x1e2c/0x6b10 [ 1200.482267] ? __lock_acquire+0x5fc/0x3f20 [ 1200.486505] ? __lock_acquire+0x5fc/0x3f20 [ 1200.490740] ? mark_buffer_dirty+0x95/0x480 [ 1200.495059] ? trace_hardirqs_on+0x10/0x10 [ 1200.499293] ? __ext4_handle_dirty_metadata+0x120/0x480 [ 1200.504660] ? ext4_find_delalloc_cluster+0x180/0x180 [ 1200.509860] ? trace_hardirqs_on+0x10/0x10 [ 1200.514093] ? ext4_mark_iloc_dirty+0x1822/0x26a0 [ 1200.518944] ? ext4_es_lookup_extent+0x321/0xac0 [ 1200.523706] ? lock_acquire+0x170/0x3f0 [ 1200.527686] ? lock_acquire+0x170/0x3f0 [ 1200.531663] ? ext4_map_blocks+0x29f/0x1730 [ 1200.535993] ext4_map_blocks+0xb19/0x1730 [ 1200.540150] ? ext4_issue_zeroout+0x150/0x150 [ 1200.544644] ? __ext4_new_inode+0x27c/0x4eb0 [ 1200.549065] ext4_getblk+0x98/0x3f0 [ 1200.552696] ? ext4_iomap_begin+0x7f0/0x7f0 [ 1200.557026] ext4_bread+0x6c/0x1a0 [ 1200.560572] ? ext4_getblk+0x3f0/0x3f0 [ 1200.564460] ? dquot_initialize_needed+0x240/0x240 [ 1200.569392] ext4_append+0x143/0x350 [ 1200.573108] ext4_mkdir+0x4c9/0xbd0 [ 1200.576746] ? ext4_init_dot_dotdot+0x5a0/0x5a0 [ 1200.581418] ? security_inode_mkdir+0xca/0x100 [ 1200.585999] vfs_mkdir+0x463/0x6e0 [ 1200.589538] SyS_mkdirat+0x1fd/0x270 [ 1200.593255] ? SyS_mknod+0x30/0x30 [ 1200.596792] ? fput_many+0xe/0x140 [ 1200.600328] ? do_syscall_64+0x4c/0x640 [ 1200.604296] ? SyS_mknod+0x30/0x30 [ 1200.607834] do_syscall_64+0x1d5/0x640 [ 1200.611725] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1200.616910] RIP: 0033:0x7f463664c1f7 [ 1200.620614] RSP: 002b:00007f4634fc1f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 1200.628319] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f463664c1f7 [ 1200.635583] RDX: 00000000000001ff RSI: 0000000020000180 RDI: 00000000ffffff9c [ 1200.642843] RBP: 00007f4634fc21d0 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1200.650114] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000140 [ 1200.657395] R13: 0000000020000180 R14: 00007f4634fc1fe0 R15: 0000000020001340 [ 1200.679726] CPU: 0 PID: 30140 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1200.687636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1200.696983] Call Trace: [ 1200.697013] hfsplus: creator requires a 4 character value [ 1200.699573] dump_stack+0x1b2/0x281 [ 1200.699591] should_fail.cold+0x10a/0x149 [ 1200.699604] should_failslab+0xd6/0x130 [ 1200.710439] hfsplus: unable to parse mount options [ 1200.712874] __kmalloc+0x2c1/0x400 [ 1200.712886] ? ext4_find_extent+0x879/0xbc0 [ 1200.712896] ext4_find_extent+0x879/0xbc0 [ 1200.712910] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 1200.739169] ext4_ext_map_blocks+0x19a/0x6b10 [ 1200.743686] ? __lock_acquire+0x5fc/0x3f20 [ 1200.747927] ? __lock_acquire+0x5fc/0x3f20 [ 1200.752155] ? mark_buffer_dirty+0x95/0x480 [ 1200.756455] ? trace_hardirqs_on+0x10/0x10 [ 1200.760675] ? __ext4_handle_dirty_metadata+0x120/0x480 [ 1200.766024] ? ext4_find_delalloc_cluster+0x180/0x180 [ 1200.771190] ? trace_hardirqs_on+0x10/0x10 [ 1200.775401] ? ext4_mark_iloc_dirty+0x1822/0x26a0 [ 1200.780227] ? ext4_es_lookup_extent+0x321/0xac0 [ 1200.784969] ? lock_acquire+0x170/0x3f0 [ 1200.788928] ? lock_acquire+0x170/0x3f0 [ 1200.792879] ? ext4_map_blocks+0x29f/0x1730 [ 1200.797180] ext4_map_blocks+0xb19/0x1730 [ 1200.801309] ? ext4_issue_zeroout+0x150/0x150 [ 1200.805781] ? __ext4_new_inode+0x27c/0x4eb0 [ 1200.810229] ext4_getblk+0x98/0x3f0 [ 1200.813853] ? ext4_iomap_begin+0x7f0/0x7f0 [ 1200.818176] ext4_bread+0x6c/0x1a0 [ 1200.821708] ? ext4_getblk+0x3f0/0x3f0 [ 1200.825574] ? dquot_initialize_needed+0x240/0x240 [ 1200.830486] ext4_append+0x143/0x350 [ 1200.834180] ext4_mkdir+0x4c9/0xbd0 [ 1200.837788] ? ext4_init_dot_dotdot+0x5a0/0x5a0 [ 1200.842437] ? security_inode_mkdir+0xca/0x100 [ 1200.847006] vfs_mkdir+0x463/0x6e0 [ 1200.850525] SyS_mkdirat+0x1fd/0x270 [ 1200.854217] ? SyS_mknod+0x30/0x30 [ 1200.857730] ? fput_many+0xe/0x140 [ 1200.861254] ? do_syscall_64+0x4c/0x640 [ 1200.865212] ? SyS_mknod+0x30/0x30 [ 1200.868727] do_syscall_64+0x1d5/0x640 [ 1200.872594] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1200.877758] RIP: 0033:0x7f322b2fa1f7 [ 1200.881455] RSP: 002b:00007f3229c6ff88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 1200.889140] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f322b2fa1f7 [ 1200.896385] RDX: 00000000000001ff RSI: 0000000020000180 RDI: 00000000ffffff9c [ 1200.903631] RBP: 00007f3229c701d0 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1200.910887] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000140 [ 1200.918140] R13: 0000000020000180 R14: 00007f3229c6ffe0 R15: 0000000020001340 09:32:09 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 41) 09:32:09 executing program 1: r0 = socket(0x25, 0x1, 0x0) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) sendmsg$SEG6_CMD_GET_TUNSRC(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="10002dbd7000fddbdf25040000000500060009000000050006000600000008000200ff7f000014000100200100000000000000000000000000314d6b49bb51bc780005001600010000000800020000000800"], 0x58}, 0x1, 0x0, 0x0, 0x400c5}, 0x4000000) 09:32:09 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) read$snapshot(r1, &(0x7f00000001c0), 0x0) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x80, 0x0) write$snapshot(r2, &(0x7f0000000100)="74c58fb4b0605b05bd4762ab20ba2e8311577b90a8b1ab032a5d7bfd8ff83a48c73768b0d3163b534b197ce3a0d94468771b71312cbf96b3dd437f59a920dbb59b0b1be487773a8681090f9db4367d99763c04656f464b806c4b62f14218b107512ee68f9d08d0d8f48728cccf39f5122d7922708ca7337057f752", 0x7b) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r3) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x581000, 0x0) r5 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000180), 0x10002, 0x0) write$snapshot(r5, &(0x7f00000001c0), 0x0) ioctl$SNAPSHOT_S2RAM(r4, 0x330b) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f00000001c0)={0x7, 0x3}) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) 09:32:09 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='freezer.state\x00', 0x0, 0x0) write$snapshot(r0, &(0x7f0000000080)="132f6d230704f885c1bd3a1175444b791f5aa7b4ad06127b437729d8d6c9f04ddaf901d5a2ee02f3c22fc39273b846f9a706edc659bc7aff58e836aacfecd74c283bf7f6a3da41bd0aafb692921ad9160a0e5c1b5ea1c8fe86d2cadbff627900e08c20dc8f3aae93d6eac4d21509c7d297b3321c48363aabf520a7777913263db718e045bc4ec69c4d1938c6feeda29702fa074fa78a83d594db3a0231ac24d2f66766da85b50548ca5f161d26ea7afea49b7b8549ee80e4d288dbf11a7595939b1b2fcea74d55e73b73dc2983120a14e54d75f6bf3ae07da0b986ef1885af971315e6a730d01abfd31aee74e150a29262771c00d84357eceb970ca8799684", 0xff) ioctl$SOUND_MIXER_WRITE_VOLUME(0xffffffffffffffff, 0xc0044d16, &(0x7f0000000000)=0x26) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) openat$cgroup_int(r1, &(0x7f0000000180)='cpuset.mem_hardwall\x00', 0x2, 0x0) 09:32:09 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 40) 09:32:09 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x40000000000, 0x0, &(0x7f0000000000), 0x4, &(0x7f0000001340)=ANY=[@ANYBLOB="63726569846f723dd7ce5a51d4"]) [ 1200.934793] hfsplus: creator requires a 4 character value [ 1200.948144] hfsplus: unable to parse mount options 09:32:09 executing program 1: r0 = socket(0x25, 0x1, 0x0) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) sendmsg$SEG6_CMD_GET_TUNSRC(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="10002dbd7000fddbdf25040000000500060009000000050006000600000008000200ff7f000014000100200100000000000000000000000000314d6b49bb51bc780005001600010000000800020000000800"], 0x58}, 0x1, 0x0, 0x0, 0x400c5}, 0x4000000) 09:32:09 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) read$snapshot(r1, &(0x7f00000001c0), 0x0) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x80, 0x0) write$snapshot(r2, &(0x7f0000000100)="74c58fb4b0605b05bd4762ab20ba2e8311577b90a8b1ab032a5d7bfd8ff83a48c73768b0d3163b534b197ce3a0d94468771b71312cbf96b3dd437f59a920dbb59b0b1be487773a8681090f9db4367d99763c04656f464b806c4b62f14218b107512ee68f9d08d0d8f48728cccf39f5122d7922708ca7337057f752", 0x7b) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r3) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x581000, 0x0) r5 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000180), 0x10002, 0x0) write$snapshot(r5, &(0x7f00000001c0), 0x0) ioctl$SNAPSHOT_S2RAM(r4, 0x330b) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f00000001c0)={0x7, 0x3}) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) (async) read$snapshot(r1, &(0x7f00000001c0), 0x0) (async) openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x80, 0x0) (async) write$snapshot(r2, &(0x7f0000000100)="74c58fb4b0605b05bd4762ab20ba2e8311577b90a8b1ab032a5d7bfd8ff83a48c73768b0d3163b534b197ce3a0d94468771b71312cbf96b3dd437f59a920dbb59b0b1be487773a8681090f9db4367d99763c04656f464b806c4b62f14218b107512ee68f9d08d0d8f48728cccf39f5122d7922708ca7337057f752", 0x7b) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r3) (async) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x581000, 0x0) (async) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000180), 0x10002, 0x0) (async) write$snapshot(r5, &(0x7f00000001c0), 0x0) (async) ioctl$SNAPSHOT_S2RAM(r4, 0x330b) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f00000001c0)={0x7, 0x3}) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) [ 1201.040136] FAULT_INJECTION: forcing a failure. [ 1201.040136] name failslab, interval 1, probability 0, space 0, times 0 [ 1201.046144] FAULT_INJECTION: forcing a failure. [ 1201.046144] name failslab, interval 1, probability 0, space 0, times 0 09:32:09 executing program 1: shmat(0xffffffffffffffff, &(0x7f0000ffa000/0x3000)=nil, 0x5000) r0 = shmget$private(0x0, 0x3000, 0x4, &(0x7f0000ff8000/0x3000)=nil) r1 = geteuid() r2 = geteuid() r3 = gettid() setpgid(r3, 0x0) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000080)={{0x0, r1, 0xee01, r2, 0x0, 0x12, 0x6}, 0xfdb3, 0x9, 0x80, 0x9, 0x0, r3, 0x6}) r4 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r4) 09:32:09 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='freezer.state\x00', 0x0, 0x0) write$snapshot(r0, &(0x7f0000000080)="132f6d230704f885c1bd3a1175444b791f5aa7b4ad06127b437729d8d6c9f04ddaf901d5a2ee02f3c22fc39273b846f9a706edc659bc7aff58e836aacfecd74c283bf7f6a3da41bd0aafb692921ad9160a0e5c1b5ea1c8fe86d2cadbff627900e08c20dc8f3aae93d6eac4d21509c7d297b3321c48363aabf520a7777913263db718e045bc4ec69c4d1938c6feeda29702fa074fa78a83d594db3a0231ac24d2f66766da85b50548ca5f161d26ea7afea49b7b8549ee80e4d288dbf11a7595939b1b2fcea74d55e73b73dc2983120a14e54d75f6bf3ae07da0b986ef1885af971315e6a730d01abfd31aee74e150a29262771c00d84357eceb970ca8799684", 0xff) (async) ioctl$SOUND_MIXER_WRITE_VOLUME(0xffffffffffffffff, 0xc0044d16, &(0x7f0000000000)=0x26) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) openat$cgroup_int(r1, &(0x7f0000000180)='cpuset.mem_hardwall\x00', 0x2, 0x0) [ 1201.081725] CPU: 0 PID: 30201 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1201.089627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1201.098997] Call Trace: [ 1201.101585] dump_stack+0x1b2/0x281 [ 1201.105215] should_fail.cold+0x10a/0x149 [ 1201.109367] should_failslab+0xd6/0x130 [ 1201.113336] kmem_cache_alloc+0x28e/0x3c0 [ 1201.113350] __d_alloc+0x2a/0xa20 [ 1201.113359] ? d_lookup+0x172/0x220 [ 1201.113371] d_alloc+0x46/0x240 [ 1201.113383] __lookup_hash+0x101/0x270 [ 1201.131687] filename_create+0x156/0x3f0 [ 1201.135735] ? kern_path_mountpoint+0x40/0x40 [ 1201.140217] SyS_mkdirat+0x95/0x270 [ 1201.143823] ? SyS_mknod+0x30/0x30 [ 1201.147344] ? fput_many+0xe/0x140 [ 1201.150872] ? do_syscall_64+0x4c/0x640 [ 1201.154833] ? SyS_mknod+0x30/0x30 [ 1201.158357] do_syscall_64+0x1d5/0x640 [ 1201.162235] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1201.167413] RIP: 0033:0x7f322b2fa1f7 [ 1201.171106] RSP: 002b:00007f3229c6ff88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 1201.178793] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f322b2fa1f7 [ 1201.186046] RDX: 00000000000001ff RSI: 0000000020000180 RDI: 00000000ffffff9c [ 1201.193297] RBP: 00007f3229c701d0 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1201.200546] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000140 [ 1201.207798] R13: 0000000020000180 R14: 00007f3229c6ffe0 R15: 0000000020001340 [ 1201.215060] CPU: 1 PID: 30199 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1201.222945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1201.232301] Call Trace: [ 1201.234888] dump_stack+0x1b2/0x281 [ 1201.238523] should_fail.cold+0x10a/0x149 [ 1201.242676] should_failslab+0xd6/0x130 [ 1201.246647] kmem_cache_alloc+0x28e/0x3c0 [ 1201.250798] ext4_mb_new_blocks+0x514/0x3db0 [ 1201.255209] ? ext4_find_extent+0x6f7/0xbc0 [ 1201.259524] ? ext4_ext_search_right+0x2bc/0xaa0 [ 1201.264278] ? ext4_inode_to_goal_block+0x29a/0x3b0 [ 1201.269297] ext4_ext_map_blocks+0x2845/0x6b10 [ 1201.273892] ? __lock_acquire+0x5fc/0x3f20 [ 1201.278132] ? mark_buffer_dirty+0x95/0x480 [ 1201.281527] hfsplus: unable to parse mount options [ 1201.282449] ? trace_hardirqs_on+0x10/0x10 [ 1201.291574] ? __ext4_handle_dirty_metadata+0x120/0x480 [ 1201.296934] ? ext4_find_delalloc_cluster+0x180/0x180 [ 1201.302130] ? trace_hardirqs_on+0x10/0x10 [ 1201.306362] ? ext4_mark_iloc_dirty+0x1822/0x26a0 [ 1201.311208] ? ext4_es_lookup_extent+0x321/0xac0 [ 1201.315966] ? lock_acquire+0x170/0x3f0 [ 1201.319951] ext4_map_blocks+0x675/0x1730 [ 1201.324105] ? ext4_issue_zeroout+0x150/0x150 [ 1201.328595] ? __ext4_new_inode+0x27c/0x4eb0 [ 1201.333008] ext4_getblk+0x98/0x3f0 [ 1201.336633] ? ext4_iomap_begin+0x7f0/0x7f0 [ 1201.340955] ext4_bread+0x6c/0x1a0 [ 1201.344489] ? ext4_getblk+0x3f0/0x3f0 [ 1201.348359] ? dquot_initialize_needed+0x240/0x240 [ 1201.353270] ext4_append+0x143/0x350 [ 1201.356968] ext4_mkdir+0x4c9/0xbd0 [ 1201.360581] ? ext4_init_dot_dotdot+0x5a0/0x5a0 [ 1201.365233] ? security_inode_mkdir+0xca/0x100 [ 1201.369798] vfs_mkdir+0x463/0x6e0 [ 1201.373320] SyS_mkdirat+0x1fd/0x270 [ 1201.377014] ? SyS_mknod+0x30/0x30 [ 1201.380533] ? fput_many+0xe/0x140 [ 1201.384059] ? do_syscall_64+0x4c/0x640 [ 1201.388017] ? SyS_mknod+0x30/0x30 [ 1201.391537] do_syscall_64+0x1d5/0x640 [ 1201.395409] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1201.400579] RIP: 0033:0x7f463664c1f7 [ 1201.404267] RSP: 002b:00007f4634fc1f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 1201.411963] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f463664c1f7 [ 1201.419212] RDX: 00000000000001ff RSI: 0000000020000180 RDI: 00000000ffffff9c 09:32:09 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) (async) read$snapshot(r1, &(0x7f00000001c0), 0x0) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x80, 0x0) write$snapshot(r2, &(0x7f0000000100)="74c58fb4b0605b05bd4762ab20ba2e8311577b90a8b1ab032a5d7bfd8ff83a48c73768b0d3163b534b197ce3a0d94468771b71312cbf96b3dd437f59a920dbb59b0b1be487773a8681090f9db4367d99763c04656f464b806c4b62f14218b107512ee68f9d08d0d8f48728cccf39f5122d7922708ca7337057f752", 0x7b) (async) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r3) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x581000, 0x0) (async) r5 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000180), 0x10002, 0x0) write$snapshot(r5, &(0x7f00000001c0), 0x0) ioctl$SNAPSHOT_S2RAM(r4, 0x330b) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f00000001c0)={0x7, 0x3}) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) 09:32:09 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='freezer.state\x00', 0x0, 0x0) write$snapshot(r0, &(0x7f0000000080)="132f6d230704f885c1bd3a1175444b791f5aa7b4ad06127b437729d8d6c9f04ddaf901d5a2ee02f3c22fc39273b846f9a706edc659bc7aff58e836aacfecd74c283bf7f6a3da41bd0aafb692921ad9160a0e5c1b5ea1c8fe86d2cadbff627900e08c20dc8f3aae93d6eac4d21509c7d297b3321c48363aabf520a7777913263db718e045bc4ec69c4d1938c6feeda29702fa074fa78a83d594db3a0231ac24d2f66766da85b50548ca5f161d26ea7afea49b7b8549ee80e4d288dbf11a7595939b1b2fcea74d55e73b73dc2983120a14e54d75f6bf3ae07da0b986ef1885af971315e6a730d01abfd31aee74e150a29262771c00d84357eceb970ca8799684", 0xff) ioctl$SOUND_MIXER_WRITE_VOLUME(0xffffffffffffffff, 0xc0044d16, &(0x7f0000000000)=0x26) (async) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) (async) openat$cgroup_int(r1, &(0x7f0000000180)='cpuset.mem_hardwall\x00', 0x2, 0x0) [ 1201.426465] RBP: 00007f4634fc21d0 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1201.433715] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000140 [ 1201.440969] R13: 0000000020000180 R14: 00007f4634fc1fe0 R15: 0000000020001340 09:32:09 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 42) 09:32:09 executing program 1: shmat(0xffffffffffffffff, &(0x7f0000ffa000/0x3000)=nil, 0x5000) r0 = shmget$private(0x0, 0x3000, 0x4, &(0x7f0000ff8000/0x3000)=nil) r1 = geteuid() r2 = geteuid() r3 = gettid() setpgid(r3, 0x0) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000080)={{0x0, r1, 0xee01, r2, 0x0, 0x12, 0x6}, 0xfdb3, 0x9, 0x80, 0x9, 0x0, r3, 0x6}) r4 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r4) shmat(0xffffffffffffffff, &(0x7f0000ffa000/0x3000)=nil, 0x5000) (async) shmget$private(0x0, 0x3000, 0x4, &(0x7f0000ff8000/0x3000)=nil) (async) geteuid() (async) geteuid() (async) gettid() (async) setpgid(r3, 0x0) (async) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000080)={{0x0, r1, 0xee01, r2, 0x0, 0x12, 0x6}, 0xfdb3, 0x9, 0x80, 0x9, 0x0, r3, 0x6}) (async) socket(0x25, 0x1, 0x0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r4) (async) 09:32:09 executing program 5: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) ioctl$SOUND_OLD_MIXER_INFO(r0, 0x80304d65, &(0x7f0000000000)) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="636500000000000000ce6751d4"]) 09:32:09 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0xc100c3, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) 09:32:09 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 41) 09:32:09 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="6372656174480fcdda6c693fc7"]) syz_mount_image$hfsplus(&(0x7f0000000880), &(0x7f0000000480)='./file0\x00', 0x6, 0x4, &(0x7f00000006c0)=[{&(0x7f00000004c0)="2d1a7d2a0ad9aa3ce3acabe19006b11bcf48956bbb2963be9b0d5880a737de336547cb89ce3fa076506b404295e049ffbc145cbc50c3278635edba4450af2eaa6899f478f4fd3f626ccd84abd5", 0x4d, 0x2}, {&(0x7f0000000540)="f33dd154d90ecf3ddbe0af16f37c59882624c3eefc", 0x15, 0x4}, {&(0x7f00000008c0)="69e230373a7b3399549a4db6195aabb6d4980e9d6aac6c192109de2dd671b07591a3f4f3c02af95666ed4e0b3e4c6c493d0ae28c52c36335e898252297094e0a6e8cb09e5b09d392369da6046c48864c5694efa3fcf1a8ae9e110345e42a0f89f39215569c10969cbd3f4a3fcc773bd7e454a595fee3731e712b56250e134e0c86b551c0a789fae829c09c87b70fd3af8d1afc605d9cf1d4c2f45121764fad94f6fc7e788ddda632622e0b5e4454e14e443d427f4ab5e5d5a84d0a0caed8b624", 0xc0, 0x1ff}, {&(0x7f0000000640)="ab5f15699ab9f184af4a1d219affc55e9af3f1d91f71fa0affd940063f2eb0dd8ebcac100ebb52025a86ee6f4110860a6e0cec5e0b82a6a61303ccbe1a5477631d85d5b4fe36", 0x46, 0x4}], 0x40, &(0x7f0000000740)={[{@gid={'gid', 0x3d, 0xee01}}, {}, {@umask={'umask', 0x3d, 0x2}}, {@umask={'umask', 0x3d, 0x1}}, {@nls={'nls', 0x3d, 'cp865'}}, {@part}], [{@seclabel}, {@smackfshat={'smackfshat', 0x3d, '*).{(@*^&)'}}, {@appraise_type}, {@dont_appraise}, {@obj_user={'obj_user', 0x3d, '[&[}{'}}, {@subj_role={'subj_role', 0x3d, '(*%'}}, {@context={'context', 0x3d, 'sysadm_u'}}, {@obj_type}, {@uid_gt={'uid>', 0xee00}}]}) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x4, &(0x7f0000000380)=[{&(0x7f0000000080)="bceb77402e434428b8daf6d1dab663d018e5cbad71e250aefa134d06ef26ca4bd23f30fcdea793", 0x27, 0x20}, {&(0x7f00000001c0)="0b64bb6963bba47e9ed8df2699d79fffa05c5b9c8493c6399d5e849a5f4b5b9165e6f58625f8bce3b5ea28b15f99312dd7ab13ff3b94a7661552809e7fba510fca4d86c091634c5ade917e8a72e115526e1c0fdc2120e2eb527957eed0117338a8b6e5201b5669a8a5fe1a8d4b1d6925c9534e8988390a209beffcf5c9e11a8ec71a32266973626f3f1dea77b3d4861801364e0a59af235b42266573acddc8208e1cf7c9e5cac99cac32cceccbf8c29390911a569ade12c487a68165b5e4f881162f7713f8b4eb1bf9464f524a9cf82c84bebfe61d1cc8024f2f320c2e6a7aa6c08301", 0xe3, 0x2}, {&(0x7f00000002c0)="f99d0c4b5ce979a2447c4bfc27779bc8fa995ed577fc38f336ff8347d068648055f9b8aa3b45169d92bd576ba40094864555d6ea1650e3d926982b5f525ff1b6b693a520533df472fe2f09d21865e6f525ae7d673f34c5c7c8aeb6f2e2f0ffe5cc1f725fa2acd24aa0ddcab655c83999268f98e9f25d1e82d8604e19cec138aa08e9", 0x82, 0x4a7}, {&(0x7f00000000c0)="90aabe449b0764e8f2bef7ce5292413eb68dd052661b1452230a6258c86001954cf06fd6f2d24f48890336", 0x2b, 0xffffffffffff0000}], 0x1040, &(0x7f0000000400)={[{}], [{@euid_lt={'euid<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x8000000000000001}}, {@fowner_gt={'fowner>', 0xee00}}, {@euid_lt={'euid<', 0xee00}}]}) 09:32:09 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0xc100c3, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) [ 1201.585405] FAULT_INJECTION: forcing a failure. [ 1201.585405] name failslab, interval 1, probability 0, space 0, times 0 [ 1201.587342] hfsplus: unable to parse mount options [ 1201.596724] CPU: 0 PID: 30256 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1201.609496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1201.609500] Call Trace: [ 1201.609515] dump_stack+0x1b2/0x281 [ 1201.609531] should_fail.cold+0x10a/0x149 [ 1201.609544] should_failslab+0xd6/0x130 [ 1201.609554] kmem_cache_alloc+0x40/0x3c0 [ 1201.609565] __es_insert_extent+0x338/0x1360 [ 1201.609572] ? __es_shrink+0x8c0/0x8c0 [ 1201.609581] ? lock_acquire+0x170/0x3f0 [ 1201.609589] ? ext4_es_insert_extent+0x11f/0x530 [ 1201.609603] ext4_es_insert_extent+0x1b9/0x530 [ 1201.625874] FAULT_INJECTION: forcing a failure. [ 1201.625874] name failslab, interval 1, probability 0, space 0, times 0 [ 1201.629268] ? ext4_es_find_delayed_extent_range+0x930/0x930 [ 1201.629281] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 1201.629293] ? ext4_es_find_delayed_extent_range+0x646/0x930 [ 1201.629303] ext4_ext_map_blocks+0x1e2c/0x6b10 [ 1201.629315] ? __lock_acquire+0x5fc/0x3f20 [ 1201.629327] ? __lock_acquire+0x5fc/0x3f20 [ 1201.629340] ? trace_hardirqs_on+0x10/0x10 [ 1201.629351] ? ext4_find_delalloc_cluster+0x180/0x180 [ 1201.709267] ? trace_hardirqs_on+0x10/0x10 [ 1201.713486] ? check_preemption_disabled+0x35/0x240 [ 1201.718485] ? ext4_es_lookup_extent+0x321/0xac0 [ 1201.723220] ? lock_acquire+0x170/0x3f0 [ 1201.727178] ? lock_acquire+0x170/0x3f0 [ 1201.731137] ? ext4_map_blocks+0x29f/0x1730 [ 1201.735449] ext4_map_blocks+0xb19/0x1730 [ 1201.739586] ? mark_held_locks+0xa6/0xf0 [ 1201.743625] ? ext4_issue_zeroout+0x150/0x150 [ 1201.748102] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1201.753102] ext4_getblk+0x98/0x3f0 [ 1201.756711] ? ext4_iomap_begin+0x7f0/0x7f0 [ 1201.761020] ? ext4_bread+0x5b/0x1a0 [ 1201.764718] ext4_bread+0x6c/0x1a0 [ 1201.768239] ? ext4_getblk+0x3f0/0x3f0 [ 1201.772106] ? dquot_initialize_needed+0x240/0x240 [ 1201.777019] ext4_append+0x143/0x350 [ 1201.780714] ext4_mkdir+0x4c9/0xbd0 [ 1201.784328] ? ext4_init_dot_dotdot+0x5a0/0x5a0 [ 1201.788986] ? security_inode_mkdir+0xca/0x100 [ 1201.793549] vfs_mkdir+0x463/0x6e0 [ 1201.797072] SyS_mkdirat+0x1fd/0x270 [ 1201.800770] ? SyS_mknod+0x30/0x30 [ 1201.804291] ? fput_many+0xe/0x140 [ 1201.807811] ? do_syscall_64+0x4c/0x640 [ 1201.811762] ? SyS_mknod+0x30/0x30 [ 1201.815284] do_syscall_64+0x1d5/0x640 [ 1201.819165] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1201.824340] RIP: 0033:0x7f463664c1f7 [ 1201.828033] RSP: 002b:00007f4634fc1f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 09:32:10 executing program 1: shmat(0xffffffffffffffff, &(0x7f0000ffa000/0x3000)=nil, 0x5000) (async) r0 = shmget$private(0x0, 0x3000, 0x4, &(0x7f0000ff8000/0x3000)=nil) (async) r1 = geteuid() r2 = geteuid() (async) r3 = gettid() setpgid(r3, 0x0) (async) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000080)={{0x0, r1, 0xee01, r2, 0x0, 0x12, 0x6}, 0xfdb3, 0x9, 0x80, 0x9, 0x0, r3, 0x6}) r4 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r4) [ 1201.835998] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f463664c1f7 [ 1201.843259] RDX: 00000000000001ff RSI: 0000000020000180 RDI: 00000000ffffff9c [ 1201.850512] RBP: 00007f4634fc21d0 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1201.857770] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000140 [ 1201.865026] R13: 0000000020000180 R14: 00007f4634fc1fe0 R15: 0000000020001340 [ 1201.886228] CPU: 1 PID: 30270 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1201.894214] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1201.903565] Call Trace: [ 1201.906158] dump_stack+0x1b2/0x281 [ 1201.909795] should_fail.cold+0x10a/0x149 [ 1201.913955] should_failslab+0xd6/0x130 [ 1201.917937] __kmalloc+0x2c1/0x400 [ 1201.921558] ? ext4_find_extent+0x879/0xbc0 [ 1201.925892] ext4_find_extent+0x879/0xbc0 [ 1201.930072] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 1201.935535] ext4_ext_map_blocks+0x19a/0x6b10 [ 1201.940051] ? __lock_acquire+0x5fc/0x3f20 [ 1201.944297] ? mark_buffer_dirty+0x95/0x480 [ 1201.948630] ? trace_hardirqs_on+0x10/0x10 [ 1201.952867] ? __ext4_handle_dirty_metadata+0x120/0x480 [ 1201.958239] ? ext4_find_delalloc_cluster+0x180/0x180 [ 1201.963435] ? trace_hardirqs_on+0x10/0x10 [ 1201.967674] ? ext4_mark_iloc_dirty+0x1822/0x26a0 [ 1201.972524] ? ext4_es_lookup_extent+0x321/0xac0 [ 1201.977279] ? lock_acquire+0x170/0x3f0 [ 1201.981251] ? lock_acquire+0x170/0x3f0 [ 1201.985231] ? ext4_map_blocks+0x623/0x1730 [ 1201.989567] ext4_map_blocks+0x675/0x1730 [ 1201.993720] ? ext4_issue_zeroout+0x150/0x150 [ 1201.998301] ? __ext4_new_inode+0x27c/0x4eb0 [ 1202.002727] ext4_getblk+0x98/0x3f0 [ 1202.006369] ? ext4_iomap_begin+0x7f0/0x7f0 [ 1202.010695] ext4_bread+0x6c/0x1a0 [ 1202.014233] ? ext4_getblk+0x3f0/0x3f0 [ 1202.018119] ? dquot_initialize_needed+0x240/0x240 [ 1202.023059] ext4_append+0x143/0x350 [ 1202.026775] ext4_mkdir+0x4c9/0xbd0 [ 1202.030411] ? ext4_init_dot_dotdot+0x5a0/0x5a0 [ 1202.035083] ? security_inode_mkdir+0xca/0x100 [ 1202.039668] vfs_mkdir+0x463/0x6e0 [ 1202.043209] SyS_mkdirat+0x1fd/0x270 [ 1202.046930] ? SyS_mknod+0x30/0x30 [ 1202.050470] ? fput_many+0xe/0x140 [ 1202.054011] ? do_syscall_64+0x4c/0x640 [ 1202.058018] ? SyS_mknod+0x30/0x30 [ 1202.061560] do_syscall_64+0x1d5/0x640 [ 1202.065455] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1202.070639] RIP: 0033:0x7f322b2fa1f7 [ 1202.074361] RSP: 002b:00007f3229c6ff88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 09:32:10 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0xc100c3, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0xc100c3, 0x0) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) 09:32:10 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x1ff, 0x9}) [ 1202.082060] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f322b2fa1f7 [ 1202.082066] RDX: 00000000000001ff RSI: 0000000020000180 RDI: 00000000ffffff9c [ 1202.082071] RBP: 00007f3229c701d0 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1202.082075] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000140 [ 1202.082079] R13: 0000000020000180 R14: 00007f3229c6ffe0 R15: 0000000020001340 09:32:10 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="6372656174480fcdda6c693fc7"]) (async) syz_mount_image$hfsplus(&(0x7f0000000880), &(0x7f0000000480)='./file0\x00', 0x6, 0x4, &(0x7f00000006c0)=[{&(0x7f00000004c0)="2d1a7d2a0ad9aa3ce3acabe19006b11bcf48956bbb2963be9b0d5880a737de336547cb89ce3fa076506b404295e049ffbc145cbc50c3278635edba4450af2eaa6899f478f4fd3f626ccd84abd5", 0x4d, 0x2}, {&(0x7f0000000540)="f33dd154d90ecf3ddbe0af16f37c59882624c3eefc", 0x15, 0x4}, {&(0x7f00000008c0)="69e230373a7b3399549a4db6195aabb6d4980e9d6aac6c192109de2dd671b07591a3f4f3c02af95666ed4e0b3e4c6c493d0ae28c52c36335e898252297094e0a6e8cb09e5b09d392369da6046c48864c5694efa3fcf1a8ae9e110345e42a0f89f39215569c10969cbd3f4a3fcc773bd7e454a595fee3731e712b56250e134e0c86b551c0a789fae829c09c87b70fd3af8d1afc605d9cf1d4c2f45121764fad94f6fc7e788ddda632622e0b5e4454e14e443d427f4ab5e5d5a84d0a0caed8b624", 0xc0, 0x1ff}, {&(0x7f0000000640)="ab5f15699ab9f184af4a1d219affc55e9af3f1d91f71fa0affd940063f2eb0dd8ebcac100ebb52025a86ee6f4110860a6e0cec5e0b82a6a61303ccbe1a5477631d85d5b4fe36", 0x46, 0x4}], 0x40, &(0x7f0000000740)={[{@gid={'gid', 0x3d, 0xee01}}, {}, {@umask={'umask', 0x3d, 0x2}}, {@umask={'umask', 0x3d, 0x1}}, {@nls={'nls', 0x3d, 'cp865'}}, {@part}], [{@seclabel}, {@smackfshat={'smackfshat', 0x3d, '*).{(@*^&)'}}, {@appraise_type}, {@dont_appraise}, {@obj_user={'obj_user', 0x3d, '[&[}{'}}, {@subj_role={'subj_role', 0x3d, '(*%'}}, {@context={'context', 0x3d, 'sysadm_u'}}, {@obj_type}, {@uid_gt={'uid>', 0xee00}}]}) (async) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x4, &(0x7f0000000380)=[{&(0x7f0000000080)="bceb77402e434428b8daf6d1dab663d018e5cbad71e250aefa134d06ef26ca4bd23f30fcdea793", 0x27, 0x20}, {&(0x7f00000001c0)="0b64bb6963bba47e9ed8df2699d79fffa05c5b9c8493c6399d5e849a5f4b5b9165e6f58625f8bce3b5ea28b15f99312dd7ab13ff3b94a7661552809e7fba510fca4d86c091634c5ade917e8a72e115526e1c0fdc2120e2eb527957eed0117338a8b6e5201b5669a8a5fe1a8d4b1d6925c9534e8988390a209beffcf5c9e11a8ec71a32266973626f3f1dea77b3d4861801364e0a59af235b42266573acddc8208e1cf7c9e5cac99cac32cceccbf8c29390911a569ade12c487a68165b5e4f881162f7713f8b4eb1bf9464f524a9cf82c84bebfe61d1cc8024f2f320c2e6a7aa6c08301", 0xe3, 0x2}, {&(0x7f00000002c0)="f99d0c4b5ce979a2447c4bfc27779bc8fa995ed577fc38f336ff8347d068648055f9b8aa3b45169d92bd576ba40094864555d6ea1650e3d926982b5f525ff1b6b693a520533df472fe2f09d21865e6f525ae7d673f34c5c7c8aeb6f2e2f0ffe5cc1f725fa2acd24aa0ddcab655c83999268f98e9f25d1e82d8604e19cec138aa08e9", 0x82, 0x4a7}, {&(0x7f00000000c0)="90aabe449b0764e8f2bef7ce5292413eb68dd052661b1452230a6258c86001954cf06fd6f2d24f48890336", 0x2b, 0xffffffffffff0000}], 0x1040, &(0x7f0000000400)={[{}], [{@euid_lt={'euid<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x8000000000000001}}, {@fowner_gt={'fowner>', 0xee00}}, {@euid_lt={'euid<', 0xee00}}]}) 09:32:10 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 42) [ 1202.157702] hfsplus: unable to parse mount options [ 1202.168731] hfsplus: creator requires a 4 character value [ 1202.174279] hfsplus: unable to parse mount options 09:32:10 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 43) 09:32:10 executing program 5: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) (async) ioctl$SOUND_OLD_MIXER_INFO(r0, 0x80304d65, &(0x7f0000000000)) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="636500000000000000ce6751d4"]) 09:32:10 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x1ff, 0x9}) [ 1202.242721] FAULT_INJECTION: forcing a failure. [ 1202.242721] name failslab, interval 1, probability 0, space 0, times 0 [ 1202.259522] hfsplus: unable to parse mount options [ 1202.280170] CPU: 1 PID: 30302 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 09:32:10 executing program 1: r0 = socket(0x25, 0x1, 0x0) r1 = socket(0x23, 0x5, 0x1) getsockopt$netrom_NETROM_N2(r1, 0x103, 0x3, &(0x7f0000000d00)=0x20, &(0x7f0000000d40)=0x4) sendto$l2tp(r0, &(0x7f0000000980)="271ed75ab25f3c2193b627afc2122bee69911fb01d43", 0x16, 0x800, &(0x7f0000000cc0)={0x2, 0x0, @remote}, 0x10) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r2, 0x0, 0x0) r3 = socket(0x9, 0x80800, 0x2) sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000b00)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x20, 0x0, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x20000080) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r2, &(0x7f0000000a00)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000009c0)={&(0x7f00000000c0)={0x874, 0x0, 0x400, 0x70bd27, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_TX_RATES={0x21c, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x7c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HT={0x41, 0x2, [{0x3, 0x8}, {0x2}, {0x1, 0x2}, {0x7, 0x3}, {0x6, 0x8}, {0x0, 0x6}, {0x7, 0x7}, {0x3, 0x2}, {0x4, 0x7}, {0x2}, {0x1, 0x4}, {0x4, 0x9}, {0x0, 0x7}, {0x1, 0x7}, {0x1, 0x6}, {0x2, 0x1}, {0x0, 0x9}, {0x2, 0x6}, {0x3, 0x2}, {0x0, 0x8}, {0x5, 0x5}, {0x3, 0x2}, {0x3, 0x3}, {0x0, 0x9}, {0x2, 0x2}, {0x0, 0x2}, {0x7, 0x2}, {0x5, 0xa}, {0x3, 0x7}, {0x0, 0x9}, {0x6}, {0x1, 0x9}, {0x3, 0x3}, {0x2, 0x3}, {0x3, 0x1}, {0x0, 0x2}, {0x1, 0x8}, {0x0, 0x9}, {0x0, 0x4}, {0x7, 0x7}, {0x4, 0xa}, {0x6, 0x4}, {0x0, 0x7}, {0x0, 0x7}, {0x6, 0x2}, {0x0, 0xa}, {0x4, 0x4}, {0x0, 0x9}, {0x1, 0x9}, {0x4, 0xa}, {0x1, 0x4}, {0x7, 0x1}, {0x1, 0x4}, {0x2, 0x5}, {0x1, 0x6}, {0x4, 0x4}, {0x3, 0x9}, {0x7, 0x1}, {0x2, 0x2}, {0x1, 0xa}, {0x3, 0x8}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x7fff, 0x9, 0x3ff, 0x4, 0x7, 0x803, 0x6]}}]}, @NL80211_BAND_6GHZ={0x38, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x81, 0x8000, 0x6, 0x1000, 0x1, 0x9, 0x1, 0x3f]}}, @NL80211_TXRATE_LEGACY={0xc, 0x1, [0xc, 0x9, 0x12, 0x16, 0x30, 0x12, 0x16, 0x6c]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x5, 0x100, 0x4, 0x0, 0x1000, 0x3, 0xffff, 0x3fc0]}}]}, @NL80211_BAND_2GHZ={0x78, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x2d, 0x2, [{0x6, 0x5}, {0x0, 0xa}, {0x0, 0x9}, {0x7, 0x1}, {0x4, 0x7}, {}, {0x4, 0x2}, {0x1, 0x5}, {0x3, 0x9}, {0x3, 0x1}, {0x2, 0x7}, {0x6, 0x3}, {0x5, 0x4}, {0x3, 0xa}, {0x3, 0x8}, {0x3, 0x8}, {0x0, 0x6}, {0x2}, {0x3, 0x6}, {0x6, 0x2}, {0x6, 0x2}, {0x2, 0x6}, {0x1, 0x9}, {0x6, 0x6}, {0x4, 0x6}, {0x2, 0x9}, {0x6, 0x2}, {0x2, 0x5}, {0x0, 0x7}, {0x6, 0x4}, {0x1, 0x4}, {0x7, 0x4}, {0x1, 0x9}, {0x0, 0x1}, {0x1, 0x9}, {0x0, 0x6}, {0x3, 0x2}, {0x4, 0x7}, {0x4, 0x3}, {0x7, 0x1}, {0x6, 0x1}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x1, 0x4, 0xae3, 0x4, 0x6, 0xe0, 0x200]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x800, 0xfffc, 0x7f, 0x81, 0x1, 0x1, 0x3ff, 0x20]}}, @NL80211_TXRATE_LEGACY={0x1c, 0x1, [0xb, 0xc, 0xb, 0x4, 0x24, 0x18, 0xc, 0x6, 0x6c, 0xb, 0x9, 0x4, 0x7a, 0x5, 0x24, 0x4, 0x48, 0x12, 0x3, 0x2c, 0x30, 0xc, 0xb, 0x36]}]}, @NL80211_BAND_6GHZ={0x4}, @NL80211_BAND_2GHZ={0x90, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1d, 0x1, [0x5, 0xc, 0x30, 0x36, 0x48, 0x36, 0x6, 0x18, 0x27, 0x4, 0x60, 0x16, 0x48, 0x2, 0xc, 0x36, 0x34, 0x12, 0x30, 0x36, 0x6, 0x3, 0x3, 0x4, 0x60]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HT={0x32, 0x2, [{0x1}, {0x7, 0x9}, {0x4, 0x6}, {0x4, 0x7}, {0x0, 0x8}, {0x3, 0x4}, {0x4, 0x3}, {0x2, 0x6}, {0x5, 0x6}, {0x2, 0x3}, {0x5, 0x1}, {0x7, 0x3}, {0x1, 0x6}, {0x5, 0x8}, {0x5, 0x3}, {0x2, 0x9}, {0x7, 0x4}, {0x1, 0x9}, {0x5, 0xa}, {0x6, 0x9}, {0x2}, {0x1}, {0x5}, {0x3, 0x3}, {0x0, 0x5}, {0x2, 0x6}, {0x3, 0x3}, {0x5, 0x2}, {0x5, 0x9}, {0x3, 0x6}, {0x2, 0xa}, {0x1, 0x3}, {0x7, 0x1}, {0x0, 0x7}, {0x5, 0x2}, {0x0, 0x1}, {0x2, 0x8}, {0x3, 0x1}, {0x7, 0x2}, {0x4, 0x3}, {0x2, 0x3}, {0x7, 0x5}, {0x2, 0x4}, {0x0, 0x7}, {0x0, 0x9}, {0x5, 0x1}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x6edd, 0x4, 0x6, 0x100, 0x0, 0x8, 0x81]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x1, 0xc25, 0x9, 0x2, 0x1ff, 0x2, 0x9]}}]}, @NL80211_BAND_6GHZ={0x20, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x81, 0x7fff, 0x5, 0x4, 0xffff, 0xff80, 0x0, 0x1]}}]}, @NL80211_BAND_6GHZ={0x38, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xe, 0x1, [0x68, 0x60, 0x5, 0x16, 0x60, 0x0, 0x6c, 0x24, 0x3, 0x18]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xfc88, 0x2, 0x36, 0x8, 0x71ba, 0x400, 0xff4d, 0x8001]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}]}, @NL80211_ATTR_TX_RATES={0xa4, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x8c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x20, 0x1, [0x12, 0x16, 0x2, 0x5, 0x1b, 0x14, 0x4, 0xc, 0x6, 0x3, 0xb, 0xc, 0x2, 0x6, 0x58, 0x3, 0x24, 0x30, 0x24, 0x5, 0x5, 0x6c, 0x3, 0x18, 0x48, 0x48, 0xb, 0x36]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x3f, 0x4, 0x3, 0xc072, 0x3, 0xa99e, 0xfffb]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1000, 0x0, 0x800, 0x84, 0x0, 0x71, 0x2, 0x1]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x82b, 0x200, 0x200, 0x3f, 0xe2, 0x0, 0x40, 0x591]}}, @NL80211_TXRATE_LEGACY={0x12, 0x1, [0x59, 0x6c, 0x1b, 0x9, 0x30, 0x18, 0x6, 0x48, 0x30, 0x9, 0x3, 0x6, 0x12, 0x1b]}]}, @NL80211_BAND_2GHZ={0x14, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}]}, @NL80211_ATTR_TX_RATES={0x1f8, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x98, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x26, 0x2, [{0x1, 0x1}, {0x0, 0x1}, {0x5, 0x4}, {0x3, 0x6}, {0x1, 0x8}, {0x7, 0x3}, {0x6, 0x6}, {0x2, 0x6}, {0x4, 0x9}, {0x4, 0xa}, {0x0, 0x8}, {0x3, 0x9}, {0x1, 0xa}, {0x7, 0x6}, {0x5, 0x5}, {0x3, 0x9}, {0x0, 0x2}, {0x7, 0x4}, {0x5, 0x1}, {0x0, 0x2}, {0x1, 0x2}, {0x3, 0x2}, {0x1, 0x8}, {0x6, 0x9}, {0x7, 0x8}, {0x4, 0x4}, {0x4, 0x1}, {0x0, 0x8}, {0x0, 0x1}, {0x3, 0x1}, {0x1, 0x4}, {0x4, 0x8}, {0x0, 0x8}, {0x0, 0xa}]}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x200, 0xa8, 0x2, 0x0, 0x0, 0x40, 0xfffa]}}, @NL80211_TXRATE_HT={0x26, 0x2, [{0x5, 0xa}, {0x5, 0x5}, {0x5, 0x8}, {0x4, 0x3}, {0x0, 0x3}, {0x7, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x3}, {0x2, 0x6}, {0x7, 0x7}, {0x4, 0x7}, {0x3, 0x8}, {0x0, 0x5}, {0x2}, {0x0, 0xa}, {0x3, 0x3}, {0x1, 0x1}, {0x3, 0x1}, {0x2, 0x7}, {0x5, 0x4}, {0x5, 0x2}, {0x0, 0x1}, {0x0, 0x5}, {0x4, 0x3}, {0x0, 0x4}, {0x0, 0x6}, {0x1, 0x9}, {0x5, 0x4}, {0x1, 0x5}, {0x2, 0xa}, {0x0, 0x6}, {0x4, 0x9}, {0x6, 0x3}]}, @NL80211_TXRATE_LEGACY={0x1d, 0x1, [0x30, 0x3, 0x16, 0x4, 0x9, 0x1b, 0x18, 0x30, 0x24, 0x0, 0xcc336d9a653a9a2f, 0x30, 0x0, 0x6, 0x30, 0x3, 0x12, 0x44, 0x18, 0x36, 0x6c, 0x5, 0x1, 0x9, 0x36]}]}, @NL80211_BAND_6GHZ={0x40, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x4, 0x1, 0x1f, 0x7, 0x2, 0x3, 0x1000]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0x8, 0x1, [0x48, 0x48, 0x7, 0x7f]}]}, @NL80211_BAND_6GHZ={0x18, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x7f, 0x40, 0x6, 0x7f, 0x3f, 0x680f, 0x6]}}]}, @NL80211_BAND_60GHZ={0x60, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HT={0x44, 0x2, [{0x4, 0x9}, {0x3, 0x6}, {0x0, 0x7}, {0x3, 0x9}, {0x0, 0x1}, {0x3, 0x5}, {0x3, 0x4}, {0x4, 0xa}, {0x1, 0x1}, {0x7, 0xa}, {0x0, 0x3}, {0x1, 0x9}, {0x1, 0x6}, {0x4, 0x7}, {0x6, 0x8}, {}, {0x7, 0x2}, {0x1, 0x7}, {0x7, 0x9}, {}, {0x0, 0xa}, {0x6, 0x7}, {0x7, 0xa}, {}, {0x1, 0x1}, {0x7, 0xa}, {0x0, 0x3}, {0x5, 0x2}, {0x1, 0x2}, {0x3, 0x7}, {0x7, 0x4}, {0x5, 0x1}, {0x2, 0x2}, {0x2, 0x1}, {0x2, 0x7}, {0x6, 0x9}, {0x4}, {0x1, 0x7}, {0x0, 0x7}, {0x3, 0x4}, {0x7, 0x6}, {0x1, 0x9}, {0x0, 0x6}, {0x2, 0x8}, {0x5, 0x2}, {0x4, 0x7}, {0x1, 0x6}, {0x4, 0x6}, {0x0, 0x1}, {0x2}, {0x5, 0x9}, {0x6, 0x2}, {0x1, 0x7}, {0x6, 0x3}, {0x6, 0x12}, {0x2, 0x1}, {0x2, 0x9}, {0x7, 0x6}, {0x0, 0x2}, {0x2, 0x7}, {0x4, 0x4}, {0x0, 0x1}, {0x0, 0x8}, {0x6, 0x4}]}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_6GHZ={0xa4, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x0, 0x8, 0x5, 0x6887, 0x400, 0x200, 0x7ff]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x1000, 0x2, 0x2, 0x6, 0x100, 0x101, 0x80]}}, @NL80211_TXRATE_HT={0x3e, 0x2, [{0x3, 0x7}, {0x5, 0x6}, {0x5, 0x4}, {0x3, 0x8}, {0x5, 0x9}, {0x7, 0xa}, {0x3, 0x7}, {0x3, 0x3}, {0x2, 0x7}, {0x3, 0xa}, {0x3, 0x2}, {0x6, 0x1}, {0x7, 0x2}, {0x3, 0x2}, {0x7, 0x9}, {0x0, 0x5}, {0x0, 0x3}, {0x7, 0xa}, {0x7, 0x1}, {0x0, 0x6}, {0x5, 0x8}, {0x7, 0x1}, {0x5, 0x4}, {0x2, 0x4}, {0x7}, {0x0, 0xa}, {0x3, 0x6}, {0x6, 0x2}, {0x6, 0x8}, {0x1}, {0x7, 0x3}, {0x1, 0x2}, {0x6, 0x1}, {0x5, 0x7}, {0x6, 0x4}, {0x6, 0x5}, {0x6, 0x6}, {0x6, 0x1}, {0x0, 0xa}, {0x6, 0x8}, {0x6, 0x3}, {0x7}, {0x5, 0x3}, {0x3}, {0x1}, {0x0, 0x2}, {0x4, 0x5}, {0x2, 0x2}, {0x6, 0x6}, {0x1, 0xa}, {0x0, 0x5}, {0x1, 0x9}, {0x5, 0xa}, {0x3, 0x9}, {0x0, 0x9}, {0x7, 0x2}, {0x4, 0x1}, {0x1, 0x8}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_LEGACY={0x1f, 0x1, [0x24, 0xc, 0x6, 0xc, 0x24, 0x9, 0x5, 0x16, 0x18, 0x9, 0x18, 0x6c, 0x19, 0x1, 0x60, 0x3, 0x1, 0x30, 0x1b, 0x16, 0x0, 0x9, 0x36, 0x1b, 0x18, 0x6, 0x5]}, @NL80211_TXRATE_HE_GI={0x5}]}]}, @NL80211_ATTR_TX_RATES={0x68, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x64, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x4}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x1, 0x3f, 0xf3e1, 0x0, 0x8, 0x0, 0x1]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x400, 0xff, 0xcb38, 0x59, 0x8, 0x3cd7]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0xa, 0x1, [0x2, 0x6c, 0x1b, 0x24, 0x4, 0x12]}, @NL80211_TXRATE_GI={0x5}]}]}, @NL80211_ATTR_TX_RATES={0x104, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0xe0, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x35, 0x2, [{0x1, 0x5}, {0x3, 0x7}, {0x0, 0x5}, {0x6, 0x8}, {0x5, 0x9}, {0x0, 0x3}, {0x7, 0xa}, {0x3, 0x3}, {0x6}, {0x3, 0x9}, {0x1}, {0x7, 0xa}, {0x2, 0x2}, {0x3, 0x3}, {0x3, 0x4}, {0x5, 0x7}, {0x0, 0x2}, {0x3, 0xa}, {0x7, 0x7}, {0x7, 0x8}, {0x4, 0x3}, {0x2, 0x7}, {0x3, 0x4}, {0x4, 0x6}, {0x0, 0x9}, {0x3, 0x3}, {0x7, 0x4}, {0x7, 0x5}, {0x6, 0x9}, {0x4, 0x4}, {0x1}, {0x1, 0x9}, {0x3}, {0x2, 0x5}, {0x4, 0x2}, {0x4, 0x1}, {0x0, 0x6}, {0x5, 0xa}, {0x4, 0x3}, {0x1, 0x1}, {0x6, 0x6}, {0x6, 0x2}, {0x6, 0x1}, {0x7}, {0x3, 0x1}, {0x1}, {0x5, 0x7}, {0x6, 0x5}, {0x0, 0x2}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HT={0x43, 0x2, [{0x7}, {0x7, 0x3}, {0x3, 0x3}, {0x3, 0x6}, {0x0, 0x2}, {0x4, 0x8}, {}, {0x5, 0x6}, {0x5, 0x1}, {0x4, 0x1}, {0x0, 0x6}, {0x7, 0x6}, {0x4, 0x3}, {0x4, 0x5}, {0x1, 0x6}, {0x0, 0x6}, {0x0, 0x9}, {0x1}, {0x7}, {0x3, 0x2}, {0x7, 0x9}, {0x0, 0x8}, {0x6, 0x3}, {0x0, 0x2}, {0x3, 0x4}, {0x4, 0x5}, {0x6, 0x9}, {0x4, 0x2}, {0x3, 0x4}, {0x3, 0x7}, {0x4, 0x6}, {0x5, 0xa}, {0x6, 0x6}, {0x7, 0x8}, {0x4, 0x1}, {0x1, 0x3}, {0x2, 0x6}, {0x6, 0x2}, {0x0, 0x9}, {0x5, 0x4}, {0x1, 0x8}, {0x6, 0x7}, {0x5, 0x2}, {0x5, 0x3}, {0x5}, {0x7, 0x5}, {0x3, 0x3}, {0x3, 0x6}, {0x0, 0x5}, {0x6}, {0x7, 0x7}, {0x0, 0x3}, {0x0, 0x7}, {0x4, 0x9}, {0x7, 0x5}, {0x3, 0x6}, {0x2, 0x1}, {0x5, 0x1}, {0x3, 0x6}, {0x7, 0x9}, {0x1, 0x1}, {0x1, 0x7}, {0x2, 0x7}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_LEGACY={0x15, 0x1, [0x39, 0x2d, 0x4, 0x36, 0xc, 0x36, 0x18, 0x24, 0x24, 0x5, 0x4, 0x60, 0x1b, 0x5, 0x60, 0xc, 0x5]}, @NL80211_TXRATE_HT={0x5, 0x2, [{0x6, 0x9}]}, @NL80211_TXRATE_HT={0x1e, 0x2, [{0x4, 0x7}, {0x6, 0x7}, {0x2, 0x1}, {0x5, 0x5}, {0x0, 0x9}, {0x1, 0x4}, {0x0, 0x9}, {0x1, 0x2}, {0x0, 0x9}, {0x5, 0x9}, {0x1, 0x6}, {0x1}, {0x7, 0x9}, {0x3, 0x2}, {0x3, 0x7}, {0x7, 0x3}, {0x0, 0xa}, {0x0, 0x6}, {0x1, 0x8}, {0x1, 0x7}, {0x1, 0x1}, {0x0, 0xa}, {0x1, 0x8}, {0x5, 0x8}, {0x2, 0x5}, {0x2, 0x7}]}]}, @NL80211_BAND_60GHZ={0x20, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1c, 0x1, [0x1, 0x12, 0x1, 0xc, 0x6, 0x4, 0x48, 0x5, 0x5c, 0x0, 0x2b, 0x1, 0x48, 0x5, 0x6c, 0x9, 0x6, 0x12, 0x2, 0x30, 0x24, 0x36, 0x3, 0x36]}]}]}, @NL80211_ATTR_TX_RATES={0xf4, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x44, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x6, 0x9, 0x8, 0xff, 0x800, 0x2, 0x7]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x8, 0x1, 0x9, 0x7, 0x200, 0x6, 0x2]}}, @NL80211_TXRATE_HE_LTF={0x5}]}, @NL80211_BAND_60GHZ={0x70, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x8, 0x20, 0xabc, 0x101, 0x7, 0x5, 0x0, 0x2]}}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0x15, 0x1, [0x24, 0x6, 0x6c, 0x5, 0x12, 0x24, 0x60, 0x24, 0x1, 0x18, 0x18, 0x12, 0x24, 0x1, 0x6, 0x6, 0x2e]}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_2GHZ={0x3c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x20, 0x5, 0x6, 0x200, 0x20, 0x9, 0x9, 0x3f60]}}, @NL80211_TXRATE_HT={0x9, 0x2, [{0x4, 0xa}, {0x3, 0x4}, {0x6, 0x8}, {0x3, 0xa}, {0x3}]}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}]}, @NL80211_ATTR_TX_RATES={0x80, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_60GHZ={0x20, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1c, 0x1, [0x2, 0x16, 0x6, 0x6, 0x36, 0x2, 0x9, 0x60, 0x18, 0x1b, 0x1b, 0x12, 0x24, 0x6c, 0x7, 0x9, 0x0, 0x3, 0x19, 0x18, 0x12, 0x60, 0x16, 0x16]}]}, @NL80211_BAND_6GHZ={0x50, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x7fff, 0x660, 0x2, 0x80, 0x3f, 0x6, 0x4, 0x1]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_LEGACY={0x1e, 0x1, [0xb, 0x30, 0x4, 0xc, 0x30, 0x6, 0x60, 0x24, 0xc, 0x2, 0x1, 0x9, 0x0, 0x5, 0x60, 0x48, 0x4, 0x48, 0x24, 0x1b, 0x30, 0x9, 0x1, 0x1, 0x18, 0xb]}]}]}, @NL80211_ATTR_TX_RATES={0x24, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x20, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0xf17, 0x3, 0x2, 0x0, 0x7ff, 0x400, 0x1, 0x5]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}]}, @NL80211_ATTR_TX_RATES={0xa4, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x30, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x6, 0x8001, 0x102d, 0x81, 0x8, 0x9, 0x1, 0x2]}}, @NL80211_TXRATE_LEGACY={0x6, 0x1, [0x6c, 0x6c]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_6GHZ={0x70, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1f, 0x1, [0x18, 0x12, 0xe, 0x30, 0x7e, 0x5, 0x48, 0x1f, 0x70, 0x12, 0x1, 0x6, 0x36, 0x3, 0x30, 0x6c, 0x4b, 0xb, 0x1, 0x16, 0x16, 0x16, 0x16, 0x48, 0x6, 0x5, 0x5]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3ff, 0x20, 0x8001, 0xb8f, 0xffff, 0x7, 0x3]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HT={0x27, 0x2, [{0x7, 0x4}, {0x5, 0x8}, {0x3, 0x2}, {0x0, 0xa}, {0x0, 0x3}, {0x0, 0x8}, {0x7, 0x1}, {0x5, 0x9}, {0x4, 0xa}, {0x7, 0x2}, {0x0, 0xa}, {0x0, 0x6}, {0x0, 0x6}, {0x1, 0x4}, {}, {0x7, 0x7}, {0x0, 0x7}, {0x5}, {0x2, 0xa}, {0x1, 0x4}, {0x1, 0x9}, {0x0, 0x5}, {0x1, 0x2}, {0x5, 0x7}, {0x0, 0x9}, {0x0, 0x3}, {0x7, 0x9}, {0x4, 0x3}, {0x0, 0x3}, {0x1, 0x6}, {0x0, 0x4}, {0x6, 0x7}, {0x6, 0x2}, {0x4, 0xa}, {0x0, 0x4}]}]}]}]}, 0x874}, 0x1, 0x0, 0x0, 0x68810}, 0x14) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) write$snapshot(0xffffffffffffffff, &(0x7f0000000c40)="1fc18fe233a30483305fab414f8e2e7208c3bf9b6edb24a9c2303f8a79fd3897f55e6b7bfddee395bc17918ffe63818a54b8345e59a0e29429eeb6e9f446a4b2bdef24b73fd7f36e", 0x48) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r4, &(0x7f0000000880)={&(0x7f0000000240), 0xc, &(0x7f0000000840)={&(0x7f00000002c0)={0x24, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TX_RATES={0x8, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x4}]}]}, 0x24}}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_LEAVE_MESH(r2, &(0x7f0000000c00)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x28, r5, 0x200, 0x70bd26, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x31a, 0x2d}}}}, ["", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) setsockopt$inet6_dccp_int(0xffffffffffffffff, 0x21, 0x5, &(0x7f0000000000)=0x1, 0x4) [ 1202.288088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1202.297441] Call Trace: [ 1202.300036] dump_stack+0x1b2/0x281 [ 1202.303666] should_fail.cold+0x10a/0x149 [ 1202.307821] should_failslab+0xd6/0x130 [ 1202.311796] kmem_cache_alloc+0x28e/0x3c0 [ 1202.315951] ext4_mb_new_blocks+0x514/0x3db0 [ 1202.320366] ? ext4_find_extent+0x6f7/0xbc0 [ 1202.324689] ? ext4_ext_search_right+0x2bc/0xaa0 [ 1202.329446] ? ext4_inode_to_goal_block+0x29a/0x3b0 [ 1202.334458] ext4_ext_map_blocks+0x2845/0x6b10 [ 1202.334477] ? __lock_acquire+0x5fc/0x3f20 [ 1202.334492] ? mark_buffer_dirty+0x95/0x480 [ 1202.334501] ? trace_hardirqs_on+0x10/0x10 [ 1202.351822] ? __ext4_handle_dirty_metadata+0x120/0x480 [ 1202.357190] ? ext4_find_delalloc_cluster+0x180/0x180 [ 1202.362381] ? trace_hardirqs_on+0x10/0x10 [ 1202.366627] ? ext4_mark_iloc_dirty+0x1822/0x26a0 [ 1202.371475] ? ext4_es_lookup_extent+0x321/0xac0 [ 1202.376234] ? lock_acquire+0x170/0x3f0 [ 1202.380222] ext4_map_blocks+0x675/0x1730 [ 1202.384377] ? ext4_issue_zeroout+0x150/0x150 [ 1202.388873] ? __ext4_new_inode+0x27c/0x4eb0 [ 1202.393290] ext4_getblk+0x98/0x3f0 [ 1202.396916] ? ext4_iomap_begin+0x7f0/0x7f0 [ 1202.401242] ext4_bread+0x6c/0x1a0 [ 1202.404780] ? ext4_getblk+0x3f0/0x3f0 [ 1202.408663] ? dquot_initialize_needed+0x240/0x240 [ 1202.413591] ext4_append+0x143/0x350 [ 1202.417310] ext4_mkdir+0x4c9/0xbd0 [ 1202.420940] ? ext4_init_dot_dotdot+0x5a0/0x5a0 [ 1202.425609] ? security_inode_mkdir+0xca/0x100 [ 1202.430190] vfs_mkdir+0x463/0x6e0 [ 1202.433730] SyS_mkdirat+0x1fd/0x270 [ 1202.437443] ? SyS_mknod+0x30/0x30 [ 1202.440983] ? fput_many+0xe/0x140 [ 1202.444525] ? do_syscall_64+0x4c/0x640 [ 1202.448495] ? SyS_mknod+0x30/0x30 [ 1202.452037] do_syscall_64+0x1d5/0x640 [ 1202.455932] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1202.461112] RIP: 0033:0x7f322b2fa1f7 [ 1202.464817] RSP: 002b:00007f3229c6ff88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 1202.472522] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f322b2fa1f7 [ 1202.479789] RDX: 00000000000001ff RSI: 0000000020000180 RDI: 00000000ffffff9c 09:32:10 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x1ff, 0x9}) [ 1202.487055] RBP: 00007f3229c701d0 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1202.494319] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000140 [ 1202.501580] R13: 0000000020000180 R14: 00007f3229c6ffe0 R15: 0000000020001340 [ 1202.516207] hfsplus: unable to parse mount options [ 1202.527646] FAULT_INJECTION: forcing a failure. [ 1202.527646] name failslab, interval 1, probability 0, space 0, times 0 09:32:10 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) openat$misdntimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x10000, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) r2 = syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000080)=0xffffffffffffffff, 0x4) ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r3, 0x0, 0x0) sendmsg$SMC_PNETID_GET(r3, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x54, r2, 0x406, 0x70bd2a, 0x25dfdbff, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000810}, 0x0) ioctl$LOOP_SET_FD(r1, 0x4c00, r0) 09:32:10 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) openat$misdntimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x10000, 0x0) (async) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) r2 = syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) (async) bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000080)=0xffffffffffffffff, 0x4) (async) ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r3, 0x0, 0x0) (async) sendmsg$SMC_PNETID_GET(r3, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x54, r2, 0x406, 0x70bd2a, 0x25dfdbff, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000810}, 0x0) (async) ioctl$LOOP_SET_FD(r1, 0x4c00, r0) [ 1202.538911] CPU: 0 PID: 30320 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1202.546786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1202.556135] Call Trace: [ 1202.558731] dump_stack+0x1b2/0x281 [ 1202.562374] should_fail.cold+0x10a/0x149 [ 1202.566522] should_failslab+0xd6/0x130 [ 1202.570511] kmem_cache_alloc+0x40/0x3c0 [ 1202.574573] __es_insert_extent+0x338/0x1360 [ 1202.578988] ext4_es_insert_extent+0x1b9/0x530 [ 1202.583569] ? ext4_es_find_delayed_extent_range+0x930/0x930 [ 1202.589373] ext4_map_blocks+0x887/0x1730 09:32:10 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) openat$misdntimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x10000, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) r2 = syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000080)=0xffffffffffffffff, 0x4) (async) ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r3, 0x0, 0x0) (async) sendmsg$SMC_PNETID_GET(r3, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x54, r2, 0x406, 0x70bd2a, 0x25dfdbff, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000810}, 0x0) (async) ioctl$LOOP_SET_FD(r1, 0x4c00, r0) 09:32:10 executing program 4: shmctl$IPC_STAT(0xffffffffffffffff, 0x2, &(0x7f0000000080)=""/64) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) 09:32:10 executing program 5: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) (async) ioctl$SOUND_OLD_MIXER_INFO(r0, 0x80304d65, &(0x7f0000000000)) (async) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="636500000000000000ce6751d4"]) [ 1202.593524] ? ext4_issue_zeroout+0x150/0x150 [ 1202.598015] ? __ext4_new_inode+0x27c/0x4eb0 [ 1202.602454] ext4_getblk+0x98/0x3f0 [ 1202.606171] ? ext4_iomap_begin+0x7f0/0x7f0 [ 1202.610502] ext4_bread+0x6c/0x1a0 [ 1202.614165] ? ext4_getblk+0x3f0/0x3f0 [ 1202.618054] ? dquot_initialize_needed+0x240/0x240 [ 1202.622984] ext4_append+0x143/0x350 [ 1202.626702] ext4_mkdir+0x4c9/0xbd0 [ 1202.630341] ? ext4_init_dot_dotdot+0x5a0/0x5a0 [ 1202.635044] ? security_inode_mkdir+0xca/0x100 [ 1202.639638] vfs_mkdir+0x463/0x6e0 [ 1202.643182] SyS_mkdirat+0x1fd/0x270 [ 1202.646895] ? SyS_mknod+0x30/0x30 [ 1202.650059] hfsplus: unable to parse mount options [ 1202.650432] ? fput_many+0xe/0x140 [ 1202.650444] ? do_syscall_64+0x4c/0x640 [ 1202.650454] ? SyS_mknod+0x30/0x30 [ 1202.650465] do_syscall_64+0x1d5/0x640 [ 1202.650483] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1202.650490] RIP: 0033:0x7f463664c1f7 [ 1202.650497] RSP: 002b:00007f4634fc1f88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 1202.686891] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f463664c1f7 [ 1202.694161] RDX: 00000000000001ff RSI: 0000000020000180 RDI: 00000000ffffff9c [ 1202.701426] RBP: 00007f4634fc21d0 R08: 0000000000000000 R09: 00007f4634fc21d0 [ 1202.708692] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000140 [ 1202.715954] R13: 0000000020000180 R14: 00007f4634fc1fe0 R15: 0000000020001340 09:32:10 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="6372656174480fcdda6c693fc7"]) syz_mount_image$hfsplus(&(0x7f0000000880), &(0x7f0000000480)='./file0\x00', 0x6, 0x4, &(0x7f00000006c0)=[{&(0x7f00000004c0)="2d1a7d2a0ad9aa3ce3acabe19006b11bcf48956bbb2963be9b0d5880a737de336547cb89ce3fa076506b404295e049ffbc145cbc50c3278635edba4450af2eaa6899f478f4fd3f626ccd84abd5", 0x4d, 0x2}, {&(0x7f0000000540)="f33dd154d90ecf3ddbe0af16f37c59882624c3eefc", 0x15, 0x4}, {&(0x7f00000008c0)="69e230373a7b3399549a4db6195aabb6d4980e9d6aac6c192109de2dd671b07591a3f4f3c02af95666ed4e0b3e4c6c493d0ae28c52c36335e898252297094e0a6e8cb09e5b09d392369da6046c48864c5694efa3fcf1a8ae9e110345e42a0f89f39215569c10969cbd3f4a3fcc773bd7e454a595fee3731e712b56250e134e0c86b551c0a789fae829c09c87b70fd3af8d1afc605d9cf1d4c2f45121764fad94f6fc7e788ddda632622e0b5e4454e14e443d427f4ab5e5d5a84d0a0caed8b624", 0xc0, 0x1ff}, {&(0x7f0000000640)="ab5f15699ab9f184af4a1d219affc55e9af3f1d91f71fa0affd940063f2eb0dd8ebcac100ebb52025a86ee6f4110860a6e0cec5e0b82a6a61303ccbe1a5477631d85d5b4fe36", 0x46, 0x4}], 0x40, &(0x7f0000000740)={[{@gid={'gid', 0x3d, 0xee01}}, {}, {@umask={'umask', 0x3d, 0x2}}, {@umask={'umask', 0x3d, 0x1}}, {@nls={'nls', 0x3d, 'cp865'}}, {@part}], [{@seclabel}, {@smackfshat={'smackfshat', 0x3d, '*).{(@*^&)'}}, {@appraise_type}, {@dont_appraise}, {@obj_user={'obj_user', 0x3d, '[&[}{'}}, {@subj_role={'subj_role', 0x3d, '(*%'}}, {@context={'context', 0x3d, 'sysadm_u'}}, {@obj_type}, {@uid_gt={'uid>', 0xee00}}]}) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x4, &(0x7f0000000380)=[{&(0x7f0000000080)="bceb77402e434428b8daf6d1dab663d018e5cbad71e250aefa134d06ef26ca4bd23f30fcdea793", 0x27, 0x20}, {&(0x7f00000001c0)="0b64bb6963bba47e9ed8df2699d79fffa05c5b9c8493c6399d5e849a5f4b5b9165e6f58625f8bce3b5ea28b15f99312dd7ab13ff3b94a7661552809e7fba510fca4d86c091634c5ade917e8a72e115526e1c0fdc2120e2eb527957eed0117338a8b6e5201b5669a8a5fe1a8d4b1d6925c9534e8988390a209beffcf5c9e11a8ec71a32266973626f3f1dea77b3d4861801364e0a59af235b42266573acddc8208e1cf7c9e5cac99cac32cceccbf8c29390911a569ade12c487a68165b5e4f881162f7713f8b4eb1bf9464f524a9cf82c84bebfe61d1cc8024f2f320c2e6a7aa6c08301", 0xe3, 0x2}, {&(0x7f00000002c0)="f99d0c4b5ce979a2447c4bfc27779bc8fa995ed577fc38f336ff8347d068648055f9b8aa3b45169d92bd576ba40094864555d6ea1650e3d926982b5f525ff1b6b693a520533df472fe2f09d21865e6f525ae7d673f34c5c7c8aeb6f2e2f0ffe5cc1f725fa2acd24aa0ddcab655c83999268f98e9f25d1e82d8604e19cec138aa08e9", 0x82, 0x4a7}, {&(0x7f00000000c0)="90aabe449b0764e8f2bef7ce5292413eb68dd052661b1452230a6258c86001954cf06fd6f2d24f48890336", 0x2b, 0xffffffffffff0000}], 0x1040, &(0x7f0000000400)={[{}], [{@euid_lt={'euid<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x8000000000000001}}, {@fowner_gt={'fowner>', 0xee00}}, {@euid_lt={'euid<', 0xee00}}]}) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="6372656174480fcdda6c693fc7"]) (async) syz_mount_image$hfsplus(&(0x7f0000000880), &(0x7f0000000480)='./file0\x00', 0x6, 0x4, &(0x7f00000006c0)=[{&(0x7f00000004c0)="2d1a7d2a0ad9aa3ce3acabe19006b11bcf48956bbb2963be9b0d5880a737de336547cb89ce3fa076506b404295e049ffbc145cbc50c3278635edba4450af2eaa6899f478f4fd3f626ccd84abd5", 0x4d, 0x2}, {&(0x7f0000000540)="f33dd154d90ecf3ddbe0af16f37c59882624c3eefc", 0x15, 0x4}, {&(0x7f00000008c0)="69e230373a7b3399549a4db6195aabb6d4980e9d6aac6c192109de2dd671b07591a3f4f3c02af95666ed4e0b3e4c6c493d0ae28c52c36335e898252297094e0a6e8cb09e5b09d392369da6046c48864c5694efa3fcf1a8ae9e110345e42a0f89f39215569c10969cbd3f4a3fcc773bd7e454a595fee3731e712b56250e134e0c86b551c0a789fae829c09c87b70fd3af8d1afc605d9cf1d4c2f45121764fad94f6fc7e788ddda632622e0b5e4454e14e443d427f4ab5e5d5a84d0a0caed8b624", 0xc0, 0x1ff}, {&(0x7f0000000640)="ab5f15699ab9f184af4a1d219affc55e9af3f1d91f71fa0affd940063f2eb0dd8ebcac100ebb52025a86ee6f4110860a6e0cec5e0b82a6a61303ccbe1a5477631d85d5b4fe36", 0x46, 0x4}], 0x40, &(0x7f0000000740)={[{@gid={'gid', 0x3d, 0xee01}}, {}, {@umask={'umask', 0x3d, 0x2}}, {@umask={'umask', 0x3d, 0x1}}, {@nls={'nls', 0x3d, 'cp865'}}, {@part}], [{@seclabel}, {@smackfshat={'smackfshat', 0x3d, '*).{(@*^&)'}}, {@appraise_type}, {@dont_appraise}, {@obj_user={'obj_user', 0x3d, '[&[}{'}}, {@subj_role={'subj_role', 0x3d, '(*%'}}, {@context={'context', 0x3d, 'sysadm_u'}}, {@obj_type}, {@uid_gt={'uid>', 0xee00}}]}) (async) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x4, &(0x7f0000000380)=[{&(0x7f0000000080)="bceb77402e434428b8daf6d1dab663d018e5cbad71e250aefa134d06ef26ca4bd23f30fcdea793", 0x27, 0x20}, {&(0x7f00000001c0)="0b64bb6963bba47e9ed8df2699d79fffa05c5b9c8493c6399d5e849a5f4b5b9165e6f58625f8bce3b5ea28b15f99312dd7ab13ff3b94a7661552809e7fba510fca4d86c091634c5ade917e8a72e115526e1c0fdc2120e2eb527957eed0117338a8b6e5201b5669a8a5fe1a8d4b1d6925c9534e8988390a209beffcf5c9e11a8ec71a32266973626f3f1dea77b3d4861801364e0a59af235b42266573acddc8208e1cf7c9e5cac99cac32cceccbf8c29390911a569ade12c487a68165b5e4f881162f7713f8b4eb1bf9464f524a9cf82c84bebfe61d1cc8024f2f320c2e6a7aa6c08301", 0xe3, 0x2}, {&(0x7f00000002c0)="f99d0c4b5ce979a2447c4bfc27779bc8fa995ed577fc38f336ff8347d068648055f9b8aa3b45169d92bd576ba40094864555d6ea1650e3d926982b5f525ff1b6b693a520533df472fe2f09d21865e6f525ae7d673f34c5c7c8aeb6f2e2f0ffe5cc1f725fa2acd24aa0ddcab655c83999268f98e9f25d1e82d8604e19cec138aa08e9", 0x82, 0x4a7}, {&(0x7f00000000c0)="90aabe449b0764e8f2bef7ce5292413eb68dd052661b1452230a6258c86001954cf06fd6f2d24f48890336", 0x2b, 0xffffffffffff0000}], 0x1040, &(0x7f0000000400)={[{}], [{@euid_lt={'euid<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x8000000000000001}}, {@fowner_gt={'fowner>', 0xee00}}, {@euid_lt={'euid<', 0xee00}}]}) (async) 09:32:10 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 43) [ 1202.741439] hfsplus: creator requires a 4 character value [ 1202.747320] hfsplus: unable to parse mount options [ 1202.769175] hfsplus: unable to parse mount options 09:32:11 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 44) 09:32:11 executing program 4: shmctl$IPC_STAT(0xffffffffffffffff, 0x2, &(0x7f0000000080)=""/64) (async, rerun: 64) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (rerun: 64) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) 09:32:11 executing program 1: r0 = socket(0x25, 0x1, 0x0) r1 = socket(0x23, 0x5, 0x1) getsockopt$netrom_NETROM_N2(r1, 0x103, 0x3, &(0x7f0000000d00)=0x20, &(0x7f0000000d40)=0x4) sendto$l2tp(r0, &(0x7f0000000980)="271ed75ab25f3c2193b627afc2122bee69911fb01d43", 0x16, 0x800, &(0x7f0000000cc0)={0x2, 0x0, @remote}, 0x10) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r2, 0x0, 0x0) r3 = socket(0x9, 0x80800, 0x2) sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000b00)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x20, 0x0, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x20000080) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r2, &(0x7f0000000a00)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000009c0)={&(0x7f00000000c0)={0x874, 0x0, 0x400, 0x70bd27, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_TX_RATES={0x21c, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x7c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HT={0x41, 0x2, [{0x3, 0x8}, {0x2}, {0x1, 0x2}, {0x7, 0x3}, {0x6, 0x8}, {0x0, 0x6}, {0x7, 0x7}, {0x3, 0x2}, {0x4, 0x7}, {0x2}, {0x1, 0x4}, {0x4, 0x9}, {0x0, 0x7}, {0x1, 0x7}, {0x1, 0x6}, {0x2, 0x1}, {0x0, 0x9}, {0x2, 0x6}, {0x3, 0x2}, {0x0, 0x8}, {0x5, 0x5}, {0x3, 0x2}, {0x3, 0x3}, {0x0, 0x9}, {0x2, 0x2}, {0x0, 0x2}, {0x7, 0x2}, {0x5, 0xa}, {0x3, 0x7}, {0x0, 0x9}, {0x6}, {0x1, 0x9}, {0x3, 0x3}, {0x2, 0x3}, {0x3, 0x1}, {0x0, 0x2}, {0x1, 0x8}, {0x0, 0x9}, {0x0, 0x4}, {0x7, 0x7}, {0x4, 0xa}, {0x6, 0x4}, {0x0, 0x7}, {0x0, 0x7}, {0x6, 0x2}, {0x0, 0xa}, {0x4, 0x4}, {0x0, 0x9}, {0x1, 0x9}, {0x4, 0xa}, {0x1, 0x4}, {0x7, 0x1}, {0x1, 0x4}, {0x2, 0x5}, {0x1, 0x6}, {0x4, 0x4}, {0x3, 0x9}, {0x7, 0x1}, {0x2, 0x2}, {0x1, 0xa}, {0x3, 0x8}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x7fff, 0x9, 0x3ff, 0x4, 0x7, 0x803, 0x6]}}]}, @NL80211_BAND_6GHZ={0x38, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x81, 0x8000, 0x6, 0x1000, 0x1, 0x9, 0x1, 0x3f]}}, @NL80211_TXRATE_LEGACY={0xc, 0x1, [0xc, 0x9, 0x12, 0x16, 0x30, 0x12, 0x16, 0x6c]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x5, 0x100, 0x4, 0x0, 0x1000, 0x3, 0xffff, 0x3fc0]}}]}, @NL80211_BAND_2GHZ={0x78, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x2d, 0x2, [{0x6, 0x5}, {0x0, 0xa}, {0x0, 0x9}, {0x7, 0x1}, {0x4, 0x7}, {}, {0x4, 0x2}, {0x1, 0x5}, {0x3, 0x9}, {0x3, 0x1}, {0x2, 0x7}, {0x6, 0x3}, {0x5, 0x4}, {0x3, 0xa}, {0x3, 0x8}, {0x3, 0x8}, {0x0, 0x6}, {0x2}, {0x3, 0x6}, {0x6, 0x2}, {0x6, 0x2}, {0x2, 0x6}, {0x1, 0x9}, {0x6, 0x6}, {0x4, 0x6}, {0x2, 0x9}, {0x6, 0x2}, {0x2, 0x5}, {0x0, 0x7}, {0x6, 0x4}, {0x1, 0x4}, {0x7, 0x4}, {0x1, 0x9}, {0x0, 0x1}, {0x1, 0x9}, {0x0, 0x6}, {0x3, 0x2}, {0x4, 0x7}, {0x4, 0x3}, {0x7, 0x1}, {0x6, 0x1}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x1, 0x4, 0xae3, 0x4, 0x6, 0xe0, 0x200]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x800, 0xfffc, 0x7f, 0x81, 0x1, 0x1, 0x3ff, 0x20]}}, @NL80211_TXRATE_LEGACY={0x1c, 0x1, [0xb, 0xc, 0xb, 0x4, 0x24, 0x18, 0xc, 0x6, 0x6c, 0xb, 0x9, 0x4, 0x7a, 0x5, 0x24, 0x4, 0x48, 0x12, 0x3, 0x2c, 0x30, 0xc, 0xb, 0x36]}]}, @NL80211_BAND_6GHZ={0x4}, @NL80211_BAND_2GHZ={0x90, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1d, 0x1, [0x5, 0xc, 0x30, 0x36, 0x48, 0x36, 0x6, 0x18, 0x27, 0x4, 0x60, 0x16, 0x48, 0x2, 0xc, 0x36, 0x34, 0x12, 0x30, 0x36, 0x6, 0x3, 0x3, 0x4, 0x60]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HT={0x32, 0x2, [{0x1}, {0x7, 0x9}, {0x4, 0x6}, {0x4, 0x7}, {0x0, 0x8}, {0x3, 0x4}, {0x4, 0x3}, {0x2, 0x6}, {0x5, 0x6}, {0x2, 0x3}, {0x5, 0x1}, {0x7, 0x3}, {0x1, 0x6}, {0x5, 0x8}, {0x5, 0x3}, {0x2, 0x9}, {0x7, 0x4}, {0x1, 0x9}, {0x5, 0xa}, {0x6, 0x9}, {0x2}, {0x1}, {0x5}, {0x3, 0x3}, {0x0, 0x5}, {0x2, 0x6}, {0x3, 0x3}, {0x5, 0x2}, {0x5, 0x9}, {0x3, 0x6}, {0x2, 0xa}, {0x1, 0x3}, {0x7, 0x1}, {0x0, 0x7}, {0x5, 0x2}, {0x0, 0x1}, {0x2, 0x8}, {0x3, 0x1}, {0x7, 0x2}, {0x4, 0x3}, {0x2, 0x3}, {0x7, 0x5}, {0x2, 0x4}, {0x0, 0x7}, {0x0, 0x9}, {0x5, 0x1}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x6edd, 0x4, 0x6, 0x100, 0x0, 0x8, 0x81]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x1, 0xc25, 0x9, 0x2, 0x1ff, 0x2, 0x9]}}]}, @NL80211_BAND_6GHZ={0x20, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x81, 0x7fff, 0x5, 0x4, 0xffff, 0xff80, 0x0, 0x1]}}]}, @NL80211_BAND_6GHZ={0x38, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xe, 0x1, [0x68, 0x60, 0x5, 0x16, 0x60, 0x0, 0x6c, 0x24, 0x3, 0x18]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xfc88, 0x2, 0x36, 0x8, 0x71ba, 0x400, 0xff4d, 0x8001]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}]}, @NL80211_ATTR_TX_RATES={0xa4, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x8c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x20, 0x1, [0x12, 0x16, 0x2, 0x5, 0x1b, 0x14, 0x4, 0xc, 0x6, 0x3, 0xb, 0xc, 0x2, 0x6, 0x58, 0x3, 0x24, 0x30, 0x24, 0x5, 0x5, 0x6c, 0x3, 0x18, 0x48, 0x48, 0xb, 0x36]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x3f, 0x4, 0x3, 0xc072, 0x3, 0xa99e, 0xfffb]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1000, 0x0, 0x800, 0x84, 0x0, 0x71, 0x2, 0x1]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x82b, 0x200, 0x200, 0x3f, 0xe2, 0x0, 0x40, 0x591]}}, @NL80211_TXRATE_LEGACY={0x12, 0x1, [0x59, 0x6c, 0x1b, 0x9, 0x30, 0x18, 0x6, 0x48, 0x30, 0x9, 0x3, 0x6, 0x12, 0x1b]}]}, @NL80211_BAND_2GHZ={0x14, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}]}, @NL80211_ATTR_TX_RATES={0x1f8, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x98, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x26, 0x2, [{0x1, 0x1}, {0x0, 0x1}, {0x5, 0x4}, {0x3, 0x6}, {0x1, 0x8}, {0x7, 0x3}, {0x6, 0x6}, {0x2, 0x6}, {0x4, 0x9}, {0x4, 0xa}, {0x0, 0x8}, {0x3, 0x9}, {0x1, 0xa}, {0x7, 0x6}, {0x5, 0x5}, {0x3, 0x9}, {0x0, 0x2}, {0x7, 0x4}, {0x5, 0x1}, {0x0, 0x2}, {0x1, 0x2}, {0x3, 0x2}, {0x1, 0x8}, {0x6, 0x9}, {0x7, 0x8}, {0x4, 0x4}, {0x4, 0x1}, {0x0, 0x8}, {0x0, 0x1}, {0x3, 0x1}, {0x1, 0x4}, {0x4, 0x8}, {0x0, 0x8}, {0x0, 0xa}]}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x200, 0xa8, 0x2, 0x0, 0x0, 0x40, 0xfffa]}}, @NL80211_TXRATE_HT={0x26, 0x2, [{0x5, 0xa}, {0x5, 0x5}, {0x5, 0x8}, {0x4, 0x3}, {0x0, 0x3}, {0x7, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x3}, {0x2, 0x6}, {0x7, 0x7}, {0x4, 0x7}, {0x3, 0x8}, {0x0, 0x5}, {0x2}, {0x0, 0xa}, {0x3, 0x3}, {0x1, 0x1}, {0x3, 0x1}, {0x2, 0x7}, {0x5, 0x4}, {0x5, 0x2}, {0x0, 0x1}, {0x0, 0x5}, {0x4, 0x3}, {0x0, 0x4}, {0x0, 0x6}, {0x1, 0x9}, {0x5, 0x4}, {0x1, 0x5}, {0x2, 0xa}, {0x0, 0x6}, {0x4, 0x9}, {0x6, 0x3}]}, @NL80211_TXRATE_LEGACY={0x1d, 0x1, [0x30, 0x3, 0x16, 0x4, 0x9, 0x1b, 0x18, 0x30, 0x24, 0x0, 0xcc336d9a653a9a2f, 0x30, 0x0, 0x6, 0x30, 0x3, 0x12, 0x44, 0x18, 0x36, 0x6c, 0x5, 0x1, 0x9, 0x36]}]}, @NL80211_BAND_6GHZ={0x40, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x4, 0x1, 0x1f, 0x7, 0x2, 0x3, 0x1000]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0x8, 0x1, [0x48, 0x48, 0x7, 0x7f]}]}, @NL80211_BAND_6GHZ={0x18, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x7f, 0x40, 0x6, 0x7f, 0x3f, 0x680f, 0x6]}}]}, @NL80211_BAND_60GHZ={0x60, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HT={0x44, 0x2, [{0x4, 0x9}, {0x3, 0x6}, {0x0, 0x7}, {0x3, 0x9}, {0x0, 0x1}, {0x3, 0x5}, {0x3, 0x4}, {0x4, 0xa}, {0x1, 0x1}, {0x7, 0xa}, {0x0, 0x3}, {0x1, 0x9}, {0x1, 0x6}, {0x4, 0x7}, {0x6, 0x8}, {}, {0x7, 0x2}, {0x1, 0x7}, {0x7, 0x9}, {}, {0x0, 0xa}, {0x6, 0x7}, {0x7, 0xa}, {}, {0x1, 0x1}, {0x7, 0xa}, {0x0, 0x3}, {0x5, 0x2}, {0x1, 0x2}, {0x3, 0x7}, {0x7, 0x4}, {0x5, 0x1}, {0x2, 0x2}, {0x2, 0x1}, {0x2, 0x7}, {0x6, 0x9}, {0x4}, {0x1, 0x7}, {0x0, 0x7}, {0x3, 0x4}, {0x7, 0x6}, {0x1, 0x9}, {0x0, 0x6}, {0x2, 0x8}, {0x5, 0x2}, {0x4, 0x7}, {0x1, 0x6}, {0x4, 0x6}, {0x0, 0x1}, {0x2}, {0x5, 0x9}, {0x6, 0x2}, {0x1, 0x7}, {0x6, 0x3}, {0x6, 0x12}, {0x2, 0x1}, {0x2, 0x9}, {0x7, 0x6}, {0x0, 0x2}, {0x2, 0x7}, {0x4, 0x4}, {0x0, 0x1}, {0x0, 0x8}, {0x6, 0x4}]}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_6GHZ={0xa4, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x0, 0x8, 0x5, 0x6887, 0x400, 0x200, 0x7ff]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x1000, 0x2, 0x2, 0x6, 0x100, 0x101, 0x80]}}, @NL80211_TXRATE_HT={0x3e, 0x2, [{0x3, 0x7}, {0x5, 0x6}, {0x5, 0x4}, {0x3, 0x8}, {0x5, 0x9}, {0x7, 0xa}, {0x3, 0x7}, {0x3, 0x3}, {0x2, 0x7}, {0x3, 0xa}, {0x3, 0x2}, {0x6, 0x1}, {0x7, 0x2}, {0x3, 0x2}, {0x7, 0x9}, {0x0, 0x5}, {0x0, 0x3}, {0x7, 0xa}, {0x7, 0x1}, {0x0, 0x6}, {0x5, 0x8}, {0x7, 0x1}, {0x5, 0x4}, {0x2, 0x4}, {0x7}, {0x0, 0xa}, {0x3, 0x6}, {0x6, 0x2}, {0x6, 0x8}, {0x1}, {0x7, 0x3}, {0x1, 0x2}, {0x6, 0x1}, {0x5, 0x7}, {0x6, 0x4}, {0x6, 0x5}, {0x6, 0x6}, {0x6, 0x1}, {0x0, 0xa}, {0x6, 0x8}, {0x6, 0x3}, {0x7}, {0x5, 0x3}, {0x3}, {0x1}, {0x0, 0x2}, {0x4, 0x5}, {0x2, 0x2}, {0x6, 0x6}, {0x1, 0xa}, {0x0, 0x5}, {0x1, 0x9}, {0x5, 0xa}, {0x3, 0x9}, {0x0, 0x9}, {0x7, 0x2}, {0x4, 0x1}, {0x1, 0x8}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_LEGACY={0x1f, 0x1, [0x24, 0xc, 0x6, 0xc, 0x24, 0x9, 0x5, 0x16, 0x18, 0x9, 0x18, 0x6c, 0x19, 0x1, 0x60, 0x3, 0x1, 0x30, 0x1b, 0x16, 0x0, 0x9, 0x36, 0x1b, 0x18, 0x6, 0x5]}, @NL80211_TXRATE_HE_GI={0x5}]}]}, @NL80211_ATTR_TX_RATES={0x68, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x64, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x4}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x1, 0x3f, 0xf3e1, 0x0, 0x8, 0x0, 0x1]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x400, 0xff, 0xcb38, 0x59, 0x8, 0x3cd7]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0xa, 0x1, [0x2, 0x6c, 0x1b, 0x24, 0x4, 0x12]}, @NL80211_TXRATE_GI={0x5}]}]}, @NL80211_ATTR_TX_RATES={0x104, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0xe0, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x35, 0x2, [{0x1, 0x5}, {0x3, 0x7}, {0x0, 0x5}, {0x6, 0x8}, {0x5, 0x9}, {0x0, 0x3}, {0x7, 0xa}, {0x3, 0x3}, {0x6}, {0x3, 0x9}, {0x1}, {0x7, 0xa}, {0x2, 0x2}, {0x3, 0x3}, {0x3, 0x4}, {0x5, 0x7}, {0x0, 0x2}, {0x3, 0xa}, {0x7, 0x7}, {0x7, 0x8}, {0x4, 0x3}, {0x2, 0x7}, {0x3, 0x4}, {0x4, 0x6}, {0x0, 0x9}, {0x3, 0x3}, {0x7, 0x4}, {0x7, 0x5}, {0x6, 0x9}, {0x4, 0x4}, {0x1}, {0x1, 0x9}, {0x3}, {0x2, 0x5}, {0x4, 0x2}, {0x4, 0x1}, {0x0, 0x6}, {0x5, 0xa}, {0x4, 0x3}, {0x1, 0x1}, {0x6, 0x6}, {0x6, 0x2}, {0x6, 0x1}, {0x7}, {0x3, 0x1}, {0x1}, {0x5, 0x7}, {0x6, 0x5}, {0x0, 0x2}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HT={0x43, 0x2, [{0x7}, {0x7, 0x3}, {0x3, 0x3}, {0x3, 0x6}, {0x0, 0x2}, {0x4, 0x8}, {}, {0x5, 0x6}, {0x5, 0x1}, {0x4, 0x1}, {0x0, 0x6}, {0x7, 0x6}, {0x4, 0x3}, {0x4, 0x5}, {0x1, 0x6}, {0x0, 0x6}, {0x0, 0x9}, {0x1}, {0x7}, {0x3, 0x2}, {0x7, 0x9}, {0x0, 0x8}, {0x6, 0x3}, {0x0, 0x2}, {0x3, 0x4}, {0x4, 0x5}, {0x6, 0x9}, {0x4, 0x2}, {0x3, 0x4}, {0x3, 0x7}, {0x4, 0x6}, {0x5, 0xa}, {0x6, 0x6}, {0x7, 0x8}, {0x4, 0x1}, {0x1, 0x3}, {0x2, 0x6}, {0x6, 0x2}, {0x0, 0x9}, {0x5, 0x4}, {0x1, 0x8}, {0x6, 0x7}, {0x5, 0x2}, {0x5, 0x3}, {0x5}, {0x7, 0x5}, {0x3, 0x3}, {0x3, 0x6}, {0x0, 0x5}, {0x6}, {0x7, 0x7}, {0x0, 0x3}, {0x0, 0x7}, {0x4, 0x9}, {0x7, 0x5}, {0x3, 0x6}, {0x2, 0x1}, {0x5, 0x1}, {0x3, 0x6}, {0x7, 0x9}, {0x1, 0x1}, {0x1, 0x7}, {0x2, 0x7}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_LEGACY={0x15, 0x1, [0x39, 0x2d, 0x4, 0x36, 0xc, 0x36, 0x18, 0x24, 0x24, 0x5, 0x4, 0x60, 0x1b, 0x5, 0x60, 0xc, 0x5]}, @NL80211_TXRATE_HT={0x5, 0x2, [{0x6, 0x9}]}, @NL80211_TXRATE_HT={0x1e, 0x2, [{0x4, 0x7}, {0x6, 0x7}, {0x2, 0x1}, {0x5, 0x5}, {0x0, 0x9}, {0x1, 0x4}, {0x0, 0x9}, {0x1, 0x2}, {0x0, 0x9}, {0x5, 0x9}, {0x1, 0x6}, {0x1}, {0x7, 0x9}, {0x3, 0x2}, {0x3, 0x7}, {0x7, 0x3}, {0x0, 0xa}, {0x0, 0x6}, {0x1, 0x8}, {0x1, 0x7}, {0x1, 0x1}, {0x0, 0xa}, {0x1, 0x8}, {0x5, 0x8}, {0x2, 0x5}, {0x2, 0x7}]}]}, @NL80211_BAND_60GHZ={0x20, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1c, 0x1, [0x1, 0x12, 0x1, 0xc, 0x6, 0x4, 0x48, 0x5, 0x5c, 0x0, 0x2b, 0x1, 0x48, 0x5, 0x6c, 0x9, 0x6, 0x12, 0x2, 0x30, 0x24, 0x36, 0x3, 0x36]}]}]}, @NL80211_ATTR_TX_RATES={0xf4, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x44, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x6, 0x9, 0x8, 0xff, 0x800, 0x2, 0x7]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x8, 0x1, 0x9, 0x7, 0x200, 0x6, 0x2]}}, @NL80211_TXRATE_HE_LTF={0x5}]}, @NL80211_BAND_60GHZ={0x70, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x8, 0x20, 0xabc, 0x101, 0x7, 0x5, 0x0, 0x2]}}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0x15, 0x1, [0x24, 0x6, 0x6c, 0x5, 0x12, 0x24, 0x60, 0x24, 0x1, 0x18, 0x18, 0x12, 0x24, 0x1, 0x6, 0x6, 0x2e]}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_2GHZ={0x3c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x20, 0x5, 0x6, 0x200, 0x20, 0x9, 0x9, 0x3f60]}}, @NL80211_TXRATE_HT={0x9, 0x2, [{0x4, 0xa}, {0x3, 0x4}, {0x6, 0x8}, {0x3, 0xa}, {0x3}]}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}]}, @NL80211_ATTR_TX_RATES={0x80, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_60GHZ={0x20, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1c, 0x1, [0x2, 0x16, 0x6, 0x6, 0x36, 0x2, 0x9, 0x60, 0x18, 0x1b, 0x1b, 0x12, 0x24, 0x6c, 0x7, 0x9, 0x0, 0x3, 0x19, 0x18, 0x12, 0x60, 0x16, 0x16]}]}, @NL80211_BAND_6GHZ={0x50, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x7fff, 0x660, 0x2, 0x80, 0x3f, 0x6, 0x4, 0x1]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_LEGACY={0x1e, 0x1, [0xb, 0x30, 0x4, 0xc, 0x30, 0x6, 0x60, 0x24, 0xc, 0x2, 0x1, 0x9, 0x0, 0x5, 0x60, 0x48, 0x4, 0x48, 0x24, 0x1b, 0x30, 0x9, 0x1, 0x1, 0x18, 0xb]}]}]}, @NL80211_ATTR_TX_RATES={0x24, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x20, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0xf17, 0x3, 0x2, 0x0, 0x7ff, 0x400, 0x1, 0x5]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}]}, @NL80211_ATTR_TX_RATES={0xa4, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x30, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x6, 0x8001, 0x102d, 0x81, 0x8, 0x9, 0x1, 0x2]}}, @NL80211_TXRATE_LEGACY={0x6, 0x1, [0x6c, 0x6c]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_6GHZ={0x70, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1f, 0x1, [0x18, 0x12, 0xe, 0x30, 0x7e, 0x5, 0x48, 0x1f, 0x70, 0x12, 0x1, 0x6, 0x36, 0x3, 0x30, 0x6c, 0x4b, 0xb, 0x1, 0x16, 0x16, 0x16, 0x16, 0x48, 0x6, 0x5, 0x5]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3ff, 0x20, 0x8001, 0xb8f, 0xffff, 0x7, 0x3]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HT={0x27, 0x2, [{0x7, 0x4}, {0x5, 0x8}, {0x3, 0x2}, {0x0, 0xa}, {0x0, 0x3}, {0x0, 0x8}, {0x7, 0x1}, {0x5, 0x9}, {0x4, 0xa}, {0x7, 0x2}, {0x0, 0xa}, {0x0, 0x6}, {0x0, 0x6}, {0x1, 0x4}, {}, {0x7, 0x7}, {0x0, 0x7}, {0x5}, {0x2, 0xa}, {0x1, 0x4}, {0x1, 0x9}, {0x0, 0x5}, {0x1, 0x2}, {0x5, 0x7}, {0x0, 0x9}, {0x0, 0x3}, {0x7, 0x9}, {0x4, 0x3}, {0x0, 0x3}, {0x1, 0x6}, {0x0, 0x4}, {0x6, 0x7}, {0x6, 0x2}, {0x4, 0xa}, {0x0, 0x4}]}]}]}]}, 0x874}, 0x1, 0x0, 0x0, 0x68810}, 0x14) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) [ 1202.798291] FAULT_INJECTION: forcing a failure. [ 1202.798291] name failslab, interval 1, probability 0, space 0, times 0 [ 1202.809786] CPU: 0 PID: 30370 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1202.817669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1202.827024] Call Trace: [ 1202.829637] dump_stack+0x1b2/0x281 [ 1202.833285] should_fail.cold+0x10a/0x149 [ 1202.837436] should_failslab+0xd6/0x130 [ 1202.841416] kmem_cache_alloc+0x40/0x3c0 [ 1202.845485] __es_insert_extent+0x338/0x1360 [ 1202.849904] ext4_es_insert_extent+0x1b9/0x530 [ 1202.854490] ? ext4_es_find_delayed_extent_range+0x930/0x930 [ 1202.856622] FAULT_INJECTION: forcing a failure. [ 1202.856622] name failslab, interval 1, probability 0, space 0, times 0 [ 1202.860296] ext4_map_blocks+0x887/0x1730 [ 1202.860314] ? ext4_issue_zeroout+0x150/0x150 [ 1202.860323] ? __ext4_new_inode+0x27c/0x4eb0 [ 1202.860348] ext4_getblk+0x98/0x3f0 [ 1202.888136] ? ext4_iomap_begin+0x7f0/0x7f0 [ 1202.892458] ext4_bread+0x6c/0x1a0 [ 1202.896077] ? ext4_getblk+0x3f0/0x3f0 [ 1202.899958] ? dquot_initialize_needed+0x240/0x240 [ 1202.904884] ext4_append+0x143/0x350 [ 1202.908600] ext4_mkdir+0x4c9/0xbd0 [ 1202.912223] ? ext4_init_dot_dotdot+0x5a0/0x5a0 [ 1202.916884] ? security_inode_mkdir+0xca/0x100 [ 1202.921458] vfs_mkdir+0x463/0x6e0 [ 1202.925000] SyS_mkdirat+0x1fd/0x270 [ 1202.928710] ? SyS_mknod+0x30/0x30 [ 1202.932238] ? fput_many+0xe/0x140 [ 1202.935774] ? do_syscall_64+0x4c/0x640 [ 1202.939741] ? SyS_mknod+0x30/0x30 [ 1202.943273] do_syscall_64+0x1d5/0x640 [ 1202.947157] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1202.952344] RIP: 0033:0x7f322b2fa1f7 [ 1202.956040] RSP: 002b:00007f3229c6ff88 EFLAGS: 00000213 ORIG_RAX: 0000000000000102 [ 1202.963741] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f322b2fa1f7 [ 1202.971176] RDX: 00000000000001ff RSI: 0000000020000180 RDI: 00000000ffffff9c [ 1202.978432] RBP: 00007f3229c701d0 R08: 0000000000000000 R09: 00007f3229c701d0 [ 1202.985697] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000140 write$snapshot(0xffffffffffffffff, &(0x7f0000000c40)="1fc18fe233a30483305fab414f8e2e7208c3bf9b6edb24a9c2303f8a79fd3897f55e6b7bfddee395bc17918ffe63818a54b8345e59a0e29429eeb6e9f446a4b2bdef24b73fd7f36e", 0x48) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r4, &(0x7f0000000880)={&(0x7f0000000240), 0xc, &(0x7f0000000840)={&(0x7f00000002c0)={0x24, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TX_RATES={0x8, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x4}]}]}, 0x24}}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_LEAVE_MESH(r2, &(0x7f0000000c00)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x28, r5, 0x200, 0x70bd26, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x31a, 0x2d}}}}, ["", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) setsockopt$inet6_dccp_int(0xffffffffffffffff, 0x21, 0x5, &(0x7f0000000000)=0x1, 0x4) socket(0x25, 0x1, 0x0) (async) socket(0x23, 0x5, 0x1) (async) getsockopt$netrom_NETROM_N2(r1, 0x103, 0x3, &(0x7f0000000d00)=0x20, &(0x7f0000000d40)=0x4) (async) sendto$l2tp(r0, &(0x7f0000000980)="271ed75ab25f3c2193b627afc2122bee69911fb01d43", 0x16, 0x800, &(0x7f0000000cc0)={0x2, 0x0, @remote}, 0x10) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$SMC_PNETID_DEL(r2, 0x0, 0x0) (async) socket(0x9, 0x80800, 0x2) (async) sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000b00)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x20, 0x0, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x20000080) (async) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r2, &(0x7f0000000a00)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000009c0)={&(0x7f00000000c0)={0x874, 0x0, 0x400, 0x70bd27, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_TX_RATES={0x21c, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x7c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HT={0x41, 0x2, [{0x3, 0x8}, {0x2}, {0x1, 0x2}, {0x7, 0x3}, {0x6, 0x8}, {0x0, 0x6}, {0x7, 0x7}, {0x3, 0x2}, {0x4, 0x7}, {0x2}, {0x1, 0x4}, {0x4, 0x9}, {0x0, 0x7}, {0x1, 0x7}, {0x1, 0x6}, {0x2, 0x1}, {0x0, 0x9}, {0x2, 0x6}, {0x3, 0x2}, {0x0, 0x8}, {0x5, 0x5}, {0x3, 0x2}, {0x3, 0x3}, {0x0, 0x9}, {0x2, 0x2}, {0x0, 0x2}, {0x7, 0x2}, {0x5, 0xa}, {0x3, 0x7}, {0x0, 0x9}, {0x6}, {0x1, 0x9}, {0x3, 0x3}, {0x2, 0x3}, {0x3, 0x1}, {0x0, 0x2}, {0x1, 0x8}, {0x0, 0x9}, {0x0, 0x4}, {0x7, 0x7}, {0x4, 0xa}, {0x6, 0x4}, {0x0, 0x7}, {0x0, 0x7}, {0x6, 0x2}, {0x0, 0xa}, {0x4, 0x4}, {0x0, 0x9}, {0x1, 0x9}, {0x4, 0xa}, {0x1, 0x4}, {0x7, 0x1}, {0x1, 0x4}, {0x2, 0x5}, {0x1, 0x6}, {0x4, 0x4}, {0x3, 0x9}, {0x7, 0x1}, {0x2, 0x2}, {0x1, 0xa}, {0x3, 0x8}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x7fff, 0x9, 0x3ff, 0x4, 0x7, 0x803, 0x6]}}]}, @NL80211_BAND_6GHZ={0x38, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x81, 0x8000, 0x6, 0x1000, 0x1, 0x9, 0x1, 0x3f]}}, @NL80211_TXRATE_LEGACY={0xc, 0x1, [0xc, 0x9, 0x12, 0x16, 0x30, 0x12, 0x16, 0x6c]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x5, 0x100, 0x4, 0x0, 0x1000, 0x3, 0xffff, 0x3fc0]}}]}, @NL80211_BAND_2GHZ={0x78, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x2d, 0x2, [{0x6, 0x5}, {0x0, 0xa}, {0x0, 0x9}, {0x7, 0x1}, {0x4, 0x7}, {}, {0x4, 0x2}, {0x1, 0x5}, {0x3, 0x9}, {0x3, 0x1}, {0x2, 0x7}, {0x6, 0x3}, {0x5, 0x4}, {0x3, 0xa}, {0x3, 0x8}, {0x3, 0x8}, {0x0, 0x6}, {0x2}, {0x3, 0x6}, {0x6, 0x2}, {0x6, 0x2}, {0x2, 0x6}, {0x1, 0x9}, {0x6, 0x6}, {0x4, 0x6}, {0x2, 0x9}, {0x6, 0x2}, {0x2, 0x5}, {0x0, 0x7}, {0x6, 0x4}, {0x1, 0x4}, {0x7, 0x4}, {0x1, 0x9}, {0x0, 0x1}, {0x1, 0x9}, {0x0, 0x6}, {0x3, 0x2}, {0x4, 0x7}, {0x4, 0x3}, {0x7, 0x1}, {0x6, 0x1}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x1, 0x4, 0xae3, 0x4, 0x6, 0xe0, 0x200]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x800, 0xfffc, 0x7f, 0x81, 0x1, 0x1, 0x3ff, 0x20]}}, @NL80211_TXRATE_LEGACY={0x1c, 0x1, [0xb, 0xc, 0xb, 0x4, 0x24, 0x18, 0xc, 0x6, 0x6c, 0xb, 0x9, 0x4, 0x7a, 0x5, 0x24, 0x4, 0x48, 0x12, 0x3, 0x2c, 0x30, 0xc, 0xb, 0x36]}]}, @NL80211_BAND_6GHZ={0x4}, @NL80211_BAND_2GHZ={0x90, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1d, 0x1, [0x5, 0xc, 0x30, 0x36, 0x48, 0x36, 0x6, 0x18, 0x27, 0x4, 0x60, 0x16, 0x48, 0x2, 0xc, 0x36, 0x34, 0x12, 0x30, 0x36, 0x6, 0x3, 0x3, 0x4, 0x60]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HT={0x32, 0x2, [{0x1}, {0x7, 0x9}, {0x4, 0x6}, {0x4, 0x7}, {0x0, 0x8}, {0x3, 0x4}, {0x4, 0x3}, {0x2, 0x6}, {0x5, 0x6}, {0x2, 0x3}, {0x5, 0x1}, {0x7, 0x3}, {0x1, 0x6}, {0x5, 0x8}, {0x5, 0x3}, {0x2, 0x9}, {0x7, 0x4}, {0x1, 0x9}, {0x5, 0xa}, {0x6, 0x9}, {0x2}, {0x1}, {0x5}, {0x3, 0x3}, {0x0, 0x5}, {0x2, 0x6}, {0x3, 0x3}, {0x5, 0x2}, {0x5, 0x9}, {0x3, 0x6}, {0x2, 0xa}, {0x1, 0x3}, {0x7, 0x1}, {0x0, 0x7}, {0x5, 0x2}, {0x0, 0x1}, {0x2, 0x8}, {0x3, 0x1}, {0x7, 0x2}, {0x4, 0x3}, {0x2, 0x3}, {0x7, 0x5}, {0x2, 0x4}, {0x0, 0x7}, {0x0, 0x9}, {0x5, 0x1}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x6edd, 0x4, 0x6, 0x100, 0x0, 0x8, 0x81]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x1, 0xc25, 0x9, 0x2, 0x1ff, 0x2, 0x9]}}]}, @NL80211_BAND_6GHZ={0x20, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x81, 0x7fff, 0x5, 0x4, 0xffff, 0xff80, 0x0, 0x1]}}]}, @NL80211_BAND_6GHZ={0x38, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xe, 0x1, [0x68, 0x60, 0x5, 0x16, 0x60, 0x0, 0x6c, 0x24, 0x3, 0x18]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xfc88, 0x2, 0x36, 0x8, 0x71ba, 0x400, 0xff4d, 0x8001]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}]}, @NL80211_ATTR_TX_RATES={0xa4, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x8c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x20, 0x1, [0x12, 0x16, 0x2, 0x5, 0x1b, 0x14, 0x4, 0xc, 0x6, 0x3, 0xb, 0xc, 0x2, 0x6, 0x58, 0x3, 0x24, 0x30, 0x24, 0x5, 0x5, 0x6c, 0x3, 0x18, 0x48, 0x48, 0xb, 0x36]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x3f, 0x4, 0x3, 0xc072, 0x3, 0xa99e, 0xfffb]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1000, 0x0, 0x800, 0x84, 0x0, 0x71, 0x2, 0x1]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x82b, 0x200, 0x200, 0x3f, 0xe2, 0x0, 0x40, 0x591]}}, @NL80211_TXRATE_LEGACY={0x12, 0x1, [0x59, 0x6c, 0x1b, 0x9, 0x30, 0x18, 0x6, 0x48, 0x30, 0x9, 0x3, 0x6, 0x12, 0x1b]}]}, @NL80211_BAND_2GHZ={0x14, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}]}, @NL80211_ATTR_TX_RATES={0x1f8, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x98, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x26, 0x2, [{0x1, 0x1}, {0x0, 0x1}, {0x5, 0x4}, {0x3, 0x6}, {0x1, 0x8}, {0x7, 0x3}, {0x6, 0x6}, {0x2, 0x6}, {0x4, 0x9}, {0x4, 0xa}, {0x0, 0x8}, {0x3, 0x9}, {0x1, 0xa}, {0x7, 0x6}, {0x5, 0x5}, {0x3, 0x9}, {0x0, 0x2}, {0x7, 0x4}, {0x5, 0x1}, {0x0, 0x2}, {0x1, 0x2}, {0x3, 0x2}, {0x1, 0x8}, {0x6, 0x9}, {0x7, 0x8}, {0x4, 0x4}, {0x4, 0x1}, {0x0, 0x8}, {0x0, 0x1}, {0x3, 0x1}, {0x1, 0x4}, {0x4, 0x8}, {0x0, 0x8}, {0x0, 0xa}]}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x200, 0xa8, 0x2, 0x0, 0x0, 0x40, 0xfffa]}}, @NL80211_TXRATE_HT={0x26, 0x2, [{0x5, 0xa}, {0x5, 0x5}, {0x5, 0x8}, {0x4, 0x3}, {0x0, 0x3}, {0x7, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x3}, {0x2, 0x6}, {0x7, 0x7}, {0x4, 0x7}, {0x3, 0x8}, {0x0, 0x5}, {0x2}, {0x0, 0xa}, {0x3, 0x3}, {0x1, 0x1}, {0x3, 0x1}, {0x2, 0x7}, {0x5, 0x4}, {0x5, 0x2}, {0x0, 0x1}, {0x0, 0x5}, {0x4, 0x3}, {0x0, 0x4}, {0x0, 0x6}, {0x1, 0x9}, {0x5, 0x4}, {0x1, 0x5}, {0x2, 0xa}, {0x0, 0x6}, {0x4, 0x9}, {0x6, 0x3}]}, @NL80211_TXRATE_LEGACY={0x1d, 0x1, [0x30, 0x3, 0x16, 0x4, 0x9, 0x1b, 0x18, 0x30, 0x24, 0x0, 0xcc336d9a653a9a2f, 0x30, 0x0, 0x6, 0x30, 0x3, 0x12, 0x44, 0x18, 0x36, 0x6c, 0x5, 0x1, 0x9, 0x36]}]}, @NL80211_BAND_6GHZ={0x40, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x4, 0x1, 0x1f, 0x7, 0x2, 0x3, 0x1000]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0x8, 0x1, [0x48, 0x48, 0x7, 0x7f]}]}, @NL80211_BAND_6GHZ={0x18, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x7f, 0x40, 0x6, 0x7f, 0x3f, 0x680f, 0x6]}}]}, @NL80211_BAND_60GHZ={0x60, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HT={0x44, 0x2, [{0x4, 0x9}, {0x3, 0x6}, {0x0, 0x7}, {0x3, 0x9}, {0x0, 0x1}, {0x3, 0x5}, {0x3, 0x4}, {0x4, 0xa}, {0x1, 0x1}, {0x7, 0xa}, {0x0, 0x3}, {0x1, 0x9}, {0x1, 0x6}, {0x4, 0x7}, {0x6, 0x8}, {}, {0x7, 0x2}, {0x1, 0x7}, {0x7, 0x9}, {}, {0x0, 0xa}, {0x6, 0x7}, {0x7, 0xa}, {}, {0x1, 0x1}, {0x7, 0xa}, {0x0, 0x3}, {0x5, 0x2}, {0x1, 0x2}, {0x3, 0x7}, {0x7, 0x4}, {0x5, 0x1}, {0x2, 0x2}, {0x2, 0x1}, {0x2, 0x7}, {0x6, 0x9}, {0x4}, {0x1, 0x7}, {0x0, 0x7}, {0x3, 0x4}, {0x7, 0x6}, {0x1, 0x9}, {0x0, 0x6}, {0x2, 0x8}, {0x5, 0x2}, {0x4, 0x7}, {0x1, 0x6}, {0x4, 0x6}, {0x0, 0x1}, {0x2}, {0x5, 0x9}, {0x6, 0x2}, {0x1, 0x7}, {0x6, 0x3}, {0x6, 0x12}, {0x2, 0x1}, {0x2, 0x9}, {0x7, 0x6}, {0x0, 0x2}, {0x2, 0x7}, {0x4, 0x4}, {0x0, 0x1}, {0x0, 0x8}, {0x6, 0x4}]}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_6GHZ={0xa4, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x0, 0x8, 0x5, 0x6887, 0x400, 0x200, 0x7ff]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x1000, 0x2, 0x2, 0x6, 0x100, 0x101, 0x80]}}, @NL80211_TXRATE_HT={0x3e, 0x2, [{0x3, 0x7}, {0x5, 0x6}, {0x5, 0x4}, {0x3, 0x8}, {0x5, 0x9}, {0x7, 0xa}, {0x3, 0x7}, {0x3, 0x3}, {0x2, 0x7}, {0x3, 0xa}, {0x3, 0x2}, {0x6, 0x1}, {0x7, 0x2}, {0x3, 0x2}, {0x7, 0x9}, {0x0, 0x5}, {0x0, 0x3}, {0x7, 0xa}, {0x7, 0x1}, {0x0, 0x6}, {0x5, 0x8}, {0x7, 0x1}, {0x5, 0x4}, {0x2, 0x4}, {0x7}, {0x0, 0xa}, {0x3, 0x6}, {0x6, 0x2}, {0x6, 0x8}, {0x1}, {0x7, 0x3}, {0x1, 0x2}, {0x6, 0x1}, {0x5, 0x7}, {0x6, 0x4}, {0x6, 0x5}, {0x6, 0x6}, {0x6, 0x1}, {0x0, 0xa}, {0x6, 0x8}, {0x6, 0x3}, {0x7}, {0x5, 0x3}, {0x3}, {0x1}, {0x0, 0x2}, {0x4, 0x5}, {0x2, 0x2}, {0x6, 0x6}, {0x1, 0xa}, {0x0, 0x5}, {0x1, 0x9}, {0x5, 0xa}, {0x3, 0x9}, {0x0, 0x9}, {0x7, 0x2}, {0x4, 0x1}, {0x1, 0x8}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_LEGACY={0x1f, 0x1, [0x24, 0xc, 0x6, 0xc, 0x24, 0x9, 0x5, 0x16, 0x18, 0x9, 0x18, 0x6c, 0x19, 0x1, 0x60, 0x3, 0x1, 0x30, 0x1b, 0x16, 0x0, 0x9, 0x36, 0x1b, 0x18, 0x6, 0x5]}, @NL80211_TXRATE_HE_GI={0x5}]}]}, @NL80211_ATTR_TX_RATES={0x68, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x64, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x4}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x1, 0x3f, 0xf3e1, 0x0, 0x8, 0x0, 0x1]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x400, 0xff, 0xcb38, 0x59, 0x8, 0x3cd7]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0xa, 0x1, [0x2, 0x6c, 0x1b, 0x24, 0x4, 0x12]}, @NL80211_TXRATE_GI={0x5}]}]}, @NL80211_ATTR_TX_RATES={0x104, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0xe0, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x35, 0x2, [{0x1, 0x5}, {0x3, 0x7}, {0x0, 0x5}, {0x6, 0x8}, {0x5, 0x9}, {0x0, 0x3}, {0x7, 0xa}, {0x3, 0x3}, {0x6}, {0x3, 0x9}, {0x1}, {0x7, 0xa}, {0x2, 0x2}, {0x3, 0x3}, {0x3, 0x4}, {0x5, 0x7}, {0x0, 0x2}, {0x3, 0xa}, {0x7, 0x7}, {0x7, 0x8}, {0x4, 0x3}, {0x2, 0x7}, {0x3, 0x4}, {0x4, 0x6}, {0x0, 0x9}, {0x3, 0x3}, {0x7, 0x4}, {0x7, 0x5}, {0x6, 0x9}, {0x4, 0x4}, {0x1}, {0x1, 0x9}, {0x3}, {0x2, 0x5}, {0x4, 0x2}, {0x4, 0x1}, {0x0, 0x6}, {0x5, 0xa}, {0x4, 0x3}, {0x1, 0x1}, {0x6, 0x6}, {0x6, 0x2}, {0x6, 0x1}, {0x7}, {0x3, 0x1}, {0x1}, {0x5, 0x7}, {0x6, 0x5}, {0x0, 0x2}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HT={0x43, 0x2, [{0x7}, {0x7, 0x3}, {0x3, 0x3}, {0x3, 0x6}, {0x0, 0x2}, {0x4, 0x8}, {}, {0x5, 0x6}, {0x5, 0x1}, {0x4, 0x1}, {0x0, 0x6}, {0x7, 0x6}, {0x4, 0x3}, {0x4, 0x5}, {0x1, 0x6}, {0x0, 0x6}, {0x0, 0x9}, {0x1}, {0x7}, {0x3, 0x2}, {0x7, 0x9}, {0x0, 0x8}, {0x6, 0x3}, {0x0, 0x2}, {0x3, 0x4}, {0x4, 0x5}, {0x6, 0x9}, {0x4, 0x2}, {0x3, 0x4}, {0x3, 0x7}, {0x4, 0x6}, {0x5, 0xa}, {0x6, 0x6}, {0x7, 0x8}, {0x4, 0x1}, {0x1, 0x3}, {0x2, 0x6}, {0x6, 0x2}, {0x0, 0x9}, {0x5, 0x4}, {0x1, 0x8}, {0x6, 0x7}, {0x5, 0x2}, {0x5, 0x3}, {0x5}, {0x7, 0x5}, {0x3, 0x3}, {0x3, 0x6}, {0x0, 0x5}, {0x6}, {0x7, 0x7}, {0x0, 0x3}, {0x0, 0x7}, {0x4, 0x9}, {0x7, 0x5}, {0x3, 0x6}, {0x2, 0x1}, {0x5, 0x1}, {0x3, 0x6}, {0x7, 0x9}, {0x1, 0x1}, {0x1, 0x7}, {0x2, 0x7}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_LEGACY={0x15, 0x1, [0x39, 0x2d, 0x4, 0x36, 0xc, 0x36, 0x18, 0x24, 0x24, 0x5, 0x4, 0x60, 0x1b, 0x5, 0x60, 0xc, 0x5]}, @NL80211_TXRATE_HT={0x5, 0x2, [{0x6, 0x9}]}, @NL80211_TXRATE_HT={0x1e, 0x2, [{0x4, 0x7}, {0x6, 0x7}, {0x2, 0x1}, {0x5, 0x5}, {0x0, 0x9}, {0x1, 0x4}, {0x0, 0x9}, {0x1, 0x2}, {0x0, 0x9}, {0x5, 0x9}, {0x1, 0x6}, {0x1}, {0x7, 0x9}, {0x3, 0x2}, {0x3, 0x7}, {0x7, 0x3}, {0x0, 0xa}, {0x0, 0x6}, {0x1, 0x8}, {0x1, 0x7}, {0x1, 0x1}, {0x0, 0xa}, {0x1, 0x8}, {0x5, 0x8}, {0x2, 0x5}, {0x2, 0x7}]}]}, @NL80211_BAND_60GHZ={0x20, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1c, 0x1, [0x1, 0x12, 0x1, 0xc, 0x6, 0x4, 0x48, 0x5, 0x5c, 0x0, 0x2b, 0x1, 0x48, 0x5, 0x6c, 0x9, 0x6, 0x12, 0x2, 0x30, 0x24, 0x36, 0x3, 0x36]}]}]}, @NL80211_ATTR_TX_RATES={0xf4, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x44, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x6, 0x9, 0x8, 0xff, 0x800, 0x2, 0x7]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x8, 0x1, 0x9, 0x7, 0x200, 0x6, 0x2]}}, @NL80211_TXRATE_HE_LTF={0x5}]}, @NL80211_BAND_60GHZ={0x70, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x8, 0x20, 0xabc, 0x101, 0x7, 0x5, 0x0, 0x2]}}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0x15, 0x1, [0x24, 0x6, 0x6c, 0x5, 0x12, 0x24, 0x60, 0x24, 0x1, 0x18, 0x18, 0x12, 0x24, 0x1, 0x6, 0x6, 0x2e]}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_2GHZ={0x3c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x20, 0x5, 0x6, 0x200, 0x20, 0x9, 0x9, 0x3f60]}}, @NL80211_TXRATE_HT={0x9, 0x2, [{0x4, 0xa}, {0x3, 0x4}, {0x6, 0x8}, {0x3, 0xa}, {0x3}]}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}]}, @NL80211_ATTR_TX_RATES={0x80, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_60GHZ={0x20, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1c, 0x1, [0x2, 0x16, 0x6, 0x6, 0x36, 0x2, 0x9, 0x60, 0x18, 0x1b, 0x1b, 0x12, 0x24, 0x6c, 0x7, 0x9, 0x0, 0x3, 0x19, 0x18, 0x12, 0x60, 0x16, 0x16]}]}, @NL80211_BAND_6GHZ={0x50, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x7fff, 0x660, 0x2, 0x80, 0x3f, 0x6, 0x4, 0x1]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_LEGACY={0x1e, 0x1, [0xb, 0x30, 0x4, 0xc, 0x30, 0x6, 0x60, 0x24, 0xc, 0x2, 0x1, 0x9, 0x0, 0x5, 0x60, 0x48, 0x4, 0x48, 0x24, 0x1b, 0x30, 0x9, 0x1, 0x1, 0x18, 0xb]}]}]}, @NL80211_ATTR_TX_RATES={0x24, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x20, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0xf17, 0x3, 0x2, 0x0, 0x7ff, 0x400, 0x1, 0x5]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}]}, @NL80211_ATTR_TX_RATES={0xa4, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x30, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x6, 0x8001, 0x102d, 0x81, 0x8, 0x9, 0x1, 0x2]}}, @NL80211_TXRATE_LEGACY={0x6, 0x1, [0x6c, 0x6c]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_6GHZ={0x70, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1f, 0x1, [0x18, 0x12, 0xe, 0x30, 0x7e, 0x5, 0x48, 0x1f, 0x70, 0x12, 0x1, 0x6, 0x36, 0x3, 0x30, 0x6c, 0x4b, 0xb, 0x1, 0x16, 0x16, 0x16, 0x16, 0x48, 0x6, 0x5, 0x5]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3ff, 0x20, 0x8001, 0xb8f, 0xffff, 0x7, 0x3]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HT={0x27, 0x2, [{0x7, 0x4}, {0x5, 0x8}, {0x3, 0x2}, {0x0, 0xa}, {0x0, 0x3}, {0x0, 0x8}, {0x7, 0x1}, {0x5, 0x9}, {0x4, 0xa}, {0x7, 0x2}, {0x0, 0xa}, {0x0, 0x6}, {0x0, 0x6}, {0x1, 0x4}, {}, {0x7, 0x7}, {0x0, 0x7}, {0x5}, {0x2, 0xa}, {0x1, 0x4}, {0x1, 0x9}, {0x0, 0x5}, {0x1, 0x2}, {0x5, 0x7}, {0x0, 0x9}, {0x0, 0x3}, {0x7, 0x9}, {0x4, 0x3}, {0x0, 0x3}, {0x1, 0x6}, {0x0, 0x4}, {0x6, 0x7}, {0x6, 0x2}, {0x4, 0xa}, {0x0, 0x4}]}]}]}]}, 0x874}, 0x1, 0x0, 0x0, 0x68810}, 0x14) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) (async) write$snapshot(0xffffffffffffffff, &(0x7f0000000c40)="1fc18fe233a30483305fab414f8e2e7208c3bf9b6edb24a9c2303f8a79fd3897f55e6b7bfddee395bc17918ffe63818a54b8345e59a0e29429eeb6e9f446a4b2bdef24b73fd7f36e", 0x48) (async) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r4, &(0x7f0000000880)={&(0x7f0000000240), 0xc, &(0x7f0000000840)={&(0x7f00000002c0)={0x24, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TX_RATES={0x8, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x4}]}]}, 0x24}}, 0x0) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_LEAVE_MESH(r2, &(0x7f0000000c00)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x28, r5, 0x200, 0x70bd26, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x31a, 0x2d}}}}, ["", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) (async) setsockopt$inet6_dccp_int(0xffffffffffffffff, 0x21, 0x5, &(0x7f0000000000)=0x1, 0x4) (async) 09:32:11 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4", @ANYBLOB="00c387d34f9c19e53bbcd4b2e81d6fe0a9fab8b4e3bd49"]) 09:32:11 executing program 4: shmctl$IPC_STAT(0xffffffffffffffff, 0x2, &(0x7f0000000080)=""/64) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) shmctl$IPC_STAT(0xffffffffffffffff, 0x2, &(0x7f0000000080)=""/64) (async) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) 09:32:11 executing program 4: r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f0000000080)=0x14) ioctl$IMDELTIMER(r0, 0x80044941, &(0x7f0000000140)) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) r2 = socket(0x8, 0x800, 0x0) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r3) mkdirat$cgroup(r3, &(0x7f0000000180)='syz1\x00', 0x1ff) getsockopt$netrom_NETROM_T4(r2, 0x103, 0x6, &(0x7f00000000c0)=0x2fc, &(0x7f0000000100)=0x4) openat$cgroup_devices(r3, &(0x7f00000001c0)='devices.deny\x00', 0x2, 0x0) 09:32:11 executing program 4: r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f0000000080)=0x14) (async) ioctl$IMDELTIMER(r0, 0x80044941, &(0x7f0000000140)) (async) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) r2 = socket(0x8, 0x800, 0x0) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r3) mkdirat$cgroup(r3, &(0x7f0000000180)='syz1\x00', 0x1ff) (async) getsockopt$netrom_NETROM_T4(r2, 0x103, 0x6, &(0x7f00000000c0)=0x2fc, &(0x7f0000000100)=0x4) openat$cgroup_devices(r3, &(0x7f00000001c0)='devices.deny\x00', 0x2, 0x0) [ 1202.992953] R13: 0000000020000180 R14: 00007f3229c6ffe0 R15: 0000000020001340 [ 1203.012614] CPU: 1 PID: 30380 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1203.020510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1203.022961] hfsplus: unable to parse mount options [ 1203.029856] Call Trace: [ 1203.029871] dump_stack+0x1b2/0x281 [ 1203.029885] should_fail.cold+0x10a/0x149 [ 1203.029898] should_failslab+0xd6/0x130 [ 1203.029909] __kmalloc_track_caller+0x2bc/0x400 [ 1203.029921] ? strndup_user+0x5b/0xf0 [ 1203.057545] memdup_user+0x22/0xa0 [ 1203.061090] strndup_user+0x5b/0xf0 [ 1203.064711] ? copy_mnt_ns+0xa30/0xa30 [ 1203.068597] SyS_mount+0x39/0x120 [ 1203.072049] ? copy_mnt_ns+0xa30/0xa30 [ 1203.075941] do_syscall_64+0x1d5/0x640 [ 1203.079845] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1203.085029] RIP: 0033:0x7f463664e61a [ 1203.088736] RSP: 002b:00007f4634fc1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 09:32:11 executing program 4: r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f0000000080)=0x14) ioctl$IMDELTIMER(r0, 0x80044941, &(0x7f0000000140)) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) r2 = socket(0x8, 0x800, 0x0) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r3) (async) mkdirat$cgroup(r3, &(0x7f0000000180)='syz1\x00', 0x1ff) (async) getsockopt$netrom_NETROM_T4(r2, 0x103, 0x6, &(0x7f00000000c0)=0x2fc, &(0x7f0000000100)=0x4) openat$cgroup_devices(r3, &(0x7f00000001c0)='devices.deny\x00', 0x2, 0x0) [ 1203.096445] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f463664e61a [ 1203.103711] RDX: 0000000020000140 RSI: 0000000020000180 RDI: 00007f4634fc1fe0 [ 1203.110977] RBP: 00007f4634fc2020 R08: 00007f4634fc2020 R09: 0000000020000140 [ 1203.118245] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000140 [ 1203.125513] R13: 0000000020000180 R14: 00007f4634fc1fe0 R15: 0000000020001340 [ 1203.135817] hfsplus: creator requires a 4 character value 09:32:11 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4", @ANYBLOB="00c387d34f9c19e53bbcd4b2e81d6fe0a9fab8b4e3bd49"]) [ 1203.150470] hfsplus: unable to parse mount options 09:32:11 executing program 1: r0 = socket(0x25, 0x1, 0x0) r1 = socket(0x23, 0x5, 0x1) getsockopt$netrom_NETROM_N2(r1, 0x103, 0x3, &(0x7f0000000d00)=0x20, &(0x7f0000000d40)=0x4) sendto$l2tp(r0, &(0x7f0000000980)="271ed75ab25f3c2193b627afc2122bee69911fb01d43", 0x16, 0x800, &(0x7f0000000cc0)={0x2, 0x0, @remote}, 0x10) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r2, 0x0, 0x0) r3 = socket(0x9, 0x80800, 0x2) sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000b00)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x20, 0x0, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x20000080) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r2, &(0x7f0000000a00)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000009c0)={&(0x7f00000000c0)={0x874, 0x0, 0x400, 0x70bd27, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_TX_RATES={0x21c, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x7c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HT={0x41, 0x2, [{0x3, 0x8}, {0x2}, {0x1, 0x2}, {0x7, 0x3}, {0x6, 0x8}, {0x0, 0x6}, {0x7, 0x7}, {0x3, 0x2}, {0x4, 0x7}, {0x2}, {0x1, 0x4}, {0x4, 0x9}, {0x0, 0x7}, {0x1, 0x7}, {0x1, 0x6}, {0x2, 0x1}, {0x0, 0x9}, {0x2, 0x6}, {0x3, 0x2}, {0x0, 0x8}, {0x5, 0x5}, {0x3, 0x2}, {0x3, 0x3}, {0x0, 0x9}, {0x2, 0x2}, {0x0, 0x2}, {0x7, 0x2}, {0x5, 0xa}, {0x3, 0x7}, {0x0, 0x9}, {0x6}, {0x1, 0x9}, {0x3, 0x3}, {0x2, 0x3}, {0x3, 0x1}, {0x0, 0x2}, {0x1, 0x8}, {0x0, 0x9}, {0x0, 0x4}, {0x7, 0x7}, {0x4, 0xa}, {0x6, 0x4}, {0x0, 0x7}, {0x0, 0x7}, {0x6, 0x2}, {0x0, 0xa}, {0x4, 0x4}, {0x0, 0x9}, {0x1, 0x9}, {0x4, 0xa}, {0x1, 0x4}, {0x7, 0x1}, {0x1, 0x4}, {0x2, 0x5}, {0x1, 0x6}, {0x4, 0x4}, {0x3, 0x9}, {0x7, 0x1}, {0x2, 0x2}, {0x1, 0xa}, {0x3, 0x8}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x7fff, 0x9, 0x3ff, 0x4, 0x7, 0x803, 0x6]}}]}, @NL80211_BAND_6GHZ={0x38, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x81, 0x8000, 0x6, 0x1000, 0x1, 0x9, 0x1, 0x3f]}}, @NL80211_TXRATE_LEGACY={0xc, 0x1, [0xc, 0x9, 0x12, 0x16, 0x30, 0x12, 0x16, 0x6c]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x5, 0x100, 0x4, 0x0, 0x1000, 0x3, 0xffff, 0x3fc0]}}]}, @NL80211_BAND_2GHZ={0x78, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x2d, 0x2, [{0x6, 0x5}, {0x0, 0xa}, {0x0, 0x9}, {0x7, 0x1}, {0x4, 0x7}, {}, {0x4, 0x2}, {0x1, 0x5}, {0x3, 0x9}, {0x3, 0x1}, {0x2, 0x7}, {0x6, 0x3}, {0x5, 0x4}, {0x3, 0xa}, {0x3, 0x8}, {0x3, 0x8}, {0x0, 0x6}, {0x2}, {0x3, 0x6}, {0x6, 0x2}, {0x6, 0x2}, {0x2, 0x6}, {0x1, 0x9}, {0x6, 0x6}, {0x4, 0x6}, {0x2, 0x9}, {0x6, 0x2}, {0x2, 0x5}, {0x0, 0x7}, {0x6, 0x4}, {0x1, 0x4}, {0x7, 0x4}, {0x1, 0x9}, {0x0, 0x1}, {0x1, 0x9}, {0x0, 0x6}, {0x3, 0x2}, {0x4, 0x7}, {0x4, 0x3}, {0x7, 0x1}, {0x6, 0x1}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x1, 0x4, 0xae3, 0x4, 0x6, 0xe0, 0x200]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x800, 0xfffc, 0x7f, 0x81, 0x1, 0x1, 0x3ff, 0x20]}}, @NL80211_TXRATE_LEGACY={0x1c, 0x1, [0xb, 0xc, 0xb, 0x4, 0x24, 0x18, 0xc, 0x6, 0x6c, 0xb, 0x9, 0x4, 0x7a, 0x5, 0x24, 0x4, 0x48, 0x12, 0x3, 0x2c, 0x30, 0xc, 0xb, 0x36]}]}, @NL80211_BAND_6GHZ={0x4}, @NL80211_BAND_2GHZ={0x90, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1d, 0x1, [0x5, 0xc, 0x30, 0x36, 0x48, 0x36, 0x6, 0x18, 0x27, 0x4, 0x60, 0x16, 0x48, 0x2, 0xc, 0x36, 0x34, 0x12, 0x30, 0x36, 0x6, 0x3, 0x3, 0x4, 0x60]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HT={0x32, 0x2, [{0x1}, {0x7, 0x9}, {0x4, 0x6}, {0x4, 0x7}, {0x0, 0x8}, {0x3, 0x4}, {0x4, 0x3}, {0x2, 0x6}, {0x5, 0x6}, {0x2, 0x3}, {0x5, 0x1}, {0x7, 0x3}, {0x1, 0x6}, {0x5, 0x8}, {0x5, 0x3}, {0x2, 0x9}, {0x7, 0x4}, {0x1, 0x9}, {0x5, 0xa}, {0x6, 0x9}, {0x2}, {0x1}, {0x5}, {0x3, 0x3}, {0x0, 0x5}, {0x2, 0x6}, {0x3, 0x3}, {0x5, 0x2}, {0x5, 0x9}, {0x3, 0x6}, {0x2, 0xa}, {0x1, 0x3}, {0x7, 0x1}, {0x0, 0x7}, {0x5, 0x2}, {0x0, 0x1}, {0x2, 0x8}, {0x3, 0x1}, {0x7, 0x2}, {0x4, 0x3}, {0x2, 0x3}, {0x7, 0x5}, {0x2, 0x4}, {0x0, 0x7}, {0x0, 0x9}, {0x5, 0x1}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x6edd, 0x4, 0x6, 0x100, 0x0, 0x8, 0x81]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x1, 0xc25, 0x9, 0x2, 0x1ff, 0x2, 0x9]}}]}, @NL80211_BAND_6GHZ={0x20, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x81, 0x7fff, 0x5, 0x4, 0xffff, 0xff80, 0x0, 0x1]}}]}, @NL80211_BAND_6GHZ={0x38, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xe, 0x1, [0x68, 0x60, 0x5, 0x16, 0x60, 0x0, 0x6c, 0x24, 0x3, 0x18]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xfc88, 0x2, 0x36, 0x8, 0x71ba, 0x400, 0xff4d, 0x8001]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}]}, @NL80211_ATTR_TX_RATES={0xa4, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x8c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x20, 0x1, [0x12, 0x16, 0x2, 0x5, 0x1b, 0x14, 0x4, 0xc, 0x6, 0x3, 0xb, 0xc, 0x2, 0x6, 0x58, 0x3, 0x24, 0x30, 0x24, 0x5, 0x5, 0x6c, 0x3, 0x18, 0x48, 0x48, 0xb, 0x36]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x3f, 0x4, 0x3, 0xc072, 0x3, 0xa99e, 0xfffb]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1000, 0x0, 0x800, 0x84, 0x0, 0x71, 0x2, 0x1]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x82b, 0x200, 0x200, 0x3f, 0xe2, 0x0, 0x40, 0x591]}}, @NL80211_TXRATE_LEGACY={0x12, 0x1, [0x59, 0x6c, 0x1b, 0x9, 0x30, 0x18, 0x6, 0x48, 0x30, 0x9, 0x3, 0x6, 0x12, 0x1b]}]}, @NL80211_BAND_2GHZ={0x14, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}]}, @NL80211_ATTR_TX_RATES={0x1f8, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x98, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x26, 0x2, [{0x1, 0x1}, {0x0, 0x1}, {0x5, 0x4}, {0x3, 0x6}, {0x1, 0x8}, {0x7, 0x3}, {0x6, 0x6}, {0x2, 0x6}, {0x4, 0x9}, {0x4, 0xa}, {0x0, 0x8}, {0x3, 0x9}, {0x1, 0xa}, {0x7, 0x6}, {0x5, 0x5}, {0x3, 0x9}, {0x0, 0x2}, {0x7, 0x4}, {0x5, 0x1}, {0x0, 0x2}, {0x1, 0x2}, {0x3, 0x2}, {0x1, 0x8}, {0x6, 0x9}, {0x7, 0x8}, {0x4, 0x4}, {0x4, 0x1}, {0x0, 0x8}, {0x0, 0x1}, {0x3, 0x1}, {0x1, 0x4}, {0x4, 0x8}, {0x0, 0x8}, {0x0, 0xa}]}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x200, 0xa8, 0x2, 0x0, 0x0, 0x40, 0xfffa]}}, @NL80211_TXRATE_HT={0x26, 0x2, [{0x5, 0xa}, {0x5, 0x5}, {0x5, 0x8}, {0x4, 0x3}, {0x0, 0x3}, {0x7, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x3}, {0x2, 0x6}, {0x7, 0x7}, {0x4, 0x7}, {0x3, 0x8}, {0x0, 0x5}, {0x2}, {0x0, 0xa}, {0x3, 0x3}, {0x1, 0x1}, {0x3, 0x1}, {0x2, 0x7}, {0x5, 0x4}, {0x5, 0x2}, {0x0, 0x1}, {0x0, 0x5}, {0x4, 0x3}, {0x0, 0x4}, {0x0, 0x6}, {0x1, 0x9}, {0x5, 0x4}, {0x1, 0x5}, {0x2, 0xa}, {0x0, 0x6}, {0x4, 0x9}, {0x6, 0x3}]}, @NL80211_TXRATE_LEGACY={0x1d, 0x1, [0x30, 0x3, 0x16, 0x4, 0x9, 0x1b, 0x18, 0x30, 0x24, 0x0, 0xcc336d9a653a9a2f, 0x30, 0x0, 0x6, 0x30, 0x3, 0x12, 0x44, 0x18, 0x36, 0x6c, 0x5, 0x1, 0x9, 0x36]}]}, @NL80211_BAND_6GHZ={0x40, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x4, 0x1, 0x1f, 0x7, 0x2, 0x3, 0x1000]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0x8, 0x1, [0x48, 0x48, 0x7, 0x7f]}]}, @NL80211_BAND_6GHZ={0x18, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x7f, 0x40, 0x6, 0x7f, 0x3f, 0x680f, 0x6]}}]}, @NL80211_BAND_60GHZ={0x60, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HT={0x44, 0x2, [{0x4, 0x9}, {0x3, 0x6}, {0x0, 0x7}, {0x3, 0x9}, {0x0, 0x1}, {0x3, 0x5}, {0x3, 0x4}, {0x4, 0xa}, {0x1, 0x1}, {0x7, 0xa}, {0x0, 0x3}, {0x1, 0x9}, {0x1, 0x6}, {0x4, 0x7}, {0x6, 0x8}, {}, {0x7, 0x2}, {0x1, 0x7}, {0x7, 0x9}, {}, {0x0, 0xa}, {0x6, 0x7}, {0x7, 0xa}, {}, {0x1, 0x1}, {0x7, 0xa}, {0x0, 0x3}, {0x5, 0x2}, {0x1, 0x2}, {0x3, 0x7}, {0x7, 0x4}, {0x5, 0x1}, {0x2, 0x2}, {0x2, 0x1}, {0x2, 0x7}, {0x6, 0x9}, {0x4}, {0x1, 0x7}, {0x0, 0x7}, {0x3, 0x4}, {0x7, 0x6}, {0x1, 0x9}, {0x0, 0x6}, {0x2, 0x8}, {0x5, 0x2}, {0x4, 0x7}, {0x1, 0x6}, {0x4, 0x6}, {0x0, 0x1}, {0x2}, {0x5, 0x9}, {0x6, 0x2}, {0x1, 0x7}, {0x6, 0x3}, {0x6, 0x12}, {0x2, 0x1}, {0x2, 0x9}, {0x7, 0x6}, {0x0, 0x2}, {0x2, 0x7}, {0x4, 0x4}, {0x0, 0x1}, {0x0, 0x8}, {0x6, 0x4}]}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_6GHZ={0xa4, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x0, 0x8, 0x5, 0x6887, 0x400, 0x200, 0x7ff]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x1000, 0x2, 0x2, 0x6, 0x100, 0x101, 0x80]}}, @NL80211_TXRATE_HT={0x3e, 0x2, [{0x3, 0x7}, {0x5, 0x6}, {0x5, 0x4}, {0x3, 0x8}, {0x5, 0x9}, {0x7, 0xa}, {0x3, 0x7}, {0x3, 0x3}, {0x2, 0x7}, {0x3, 0xa}, {0x3, 0x2}, {0x6, 0x1}, {0x7, 0x2}, {0x3, 0x2}, {0x7, 0x9}, {0x0, 0x5}, {0x0, 0x3}, {0x7, 0xa}, {0x7, 0x1}, {0x0, 0x6}, {0x5, 0x8}, {0x7, 0x1}, {0x5, 0x4}, {0x2, 0x4}, {0x7}, {0x0, 0xa}, {0x3, 0x6}, {0x6, 0x2}, {0x6, 0x8}, {0x1}, {0x7, 0x3}, {0x1, 0x2}, {0x6, 0x1}, {0x5, 0x7}, {0x6, 0x4}, {0x6, 0x5}, {0x6, 0x6}, {0x6, 0x1}, {0x0, 0xa}, {0x6, 0x8}, {0x6, 0x3}, {0x7}, {0x5, 0x3}, {0x3}, {0x1}, {0x0, 0x2}, {0x4, 0x5}, {0x2, 0x2}, {0x6, 0x6}, {0x1, 0xa}, {0x0, 0x5}, {0x1, 0x9}, {0x5, 0xa}, {0x3, 0x9}, {0x0, 0x9}, {0x7, 0x2}, {0x4, 0x1}, {0x1, 0x8}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_LEGACY={0x1f, 0x1, [0x24, 0xc, 0x6, 0xc, 0x24, 0x9, 0x5, 0x16, 0x18, 0x9, 0x18, 0x6c, 0x19, 0x1, 0x60, 0x3, 0x1, 0x30, 0x1b, 0x16, 0x0, 0x9, 0x36, 0x1b, 0x18, 0x6, 0x5]}, @NL80211_TXRATE_HE_GI={0x5}]}]}, @NL80211_ATTR_TX_RATES={0x68, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x64, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x4}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x1, 0x3f, 0xf3e1, 0x0, 0x8, 0x0, 0x1]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x400, 0xff, 0xcb38, 0x59, 0x8, 0x3cd7]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0xa, 0x1, [0x2, 0x6c, 0x1b, 0x24, 0x4, 0x12]}, @NL80211_TXRATE_GI={0x5}]}]}, @NL80211_ATTR_TX_RATES={0x104, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0xe0, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x35, 0x2, [{0x1, 0x5}, {0x3, 0x7}, {0x0, 0x5}, {0x6, 0x8}, {0x5, 0x9}, {0x0, 0x3}, {0x7, 0xa}, {0x3, 0x3}, {0x6}, {0x3, 0x9}, {0x1}, {0x7, 0xa}, {0x2, 0x2}, {0x3, 0x3}, {0x3, 0x4}, {0x5, 0x7}, {0x0, 0x2}, {0x3, 0xa}, {0x7, 0x7}, {0x7, 0x8}, {0x4, 0x3}, {0x2, 0x7}, {0x3, 0x4}, {0x4, 0x6}, {0x0, 0x9}, {0x3, 0x3}, {0x7, 0x4}, {0x7, 0x5}, {0x6, 0x9}, {0x4, 0x4}, {0x1}, {0x1, 0x9}, {0x3}, {0x2, 0x5}, {0x4, 0x2}, {0x4, 0x1}, {0x0, 0x6}, {0x5, 0xa}, {0x4, 0x3}, {0x1, 0x1}, {0x6, 0x6}, {0x6, 0x2}, {0x6, 0x1}, {0x7}, {0x3, 0x1}, {0x1}, {0x5, 0x7}, {0x6, 0x5}, {0x0, 0x2}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HT={0x43, 0x2, [{0x7}, {0x7, 0x3}, {0x3, 0x3}, {0x3, 0x6}, {0x0, 0x2}, {0x4, 0x8}, {}, {0x5, 0x6}, {0x5, 0x1}, {0x4, 0x1}, {0x0, 0x6}, {0x7, 0x6}, {0x4, 0x3}, {0x4, 0x5}, {0x1, 0x6}, {0x0, 0x6}, {0x0, 0x9}, {0x1}, {0x7}, {0x3, 0x2}, {0x7, 0x9}, {0x0, 0x8}, {0x6, 0x3}, {0x0, 0x2}, {0x3, 0x4}, {0x4, 0x5}, {0x6, 0x9}, {0x4, 0x2}, {0x3, 0x4}, {0x3, 0x7}, {0x4, 0x6}, {0x5, 0xa}, {0x6, 0x6}, {0x7, 0x8}, {0x4, 0x1}, {0x1, 0x3}, {0x2, 0x6}, {0x6, 0x2}, {0x0, 0x9}, {0x5, 0x4}, {0x1, 0x8}, {0x6, 0x7}, {0x5, 0x2}, {0x5, 0x3}, {0x5}, {0x7, 0x5}, {0x3, 0x3}, {0x3, 0x6}, {0x0, 0x5}, {0x6}, {0x7, 0x7}, {0x0, 0x3}, {0x0, 0x7}, {0x4, 0x9}, {0x7, 0x5}, {0x3, 0x6}, {0x2, 0x1}, {0x5, 0x1}, {0x3, 0x6}, {0x7, 0x9}, {0x1, 0x1}, {0x1, 0x7}, {0x2, 0x7}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_LEGACY={0x15, 0x1, [0x39, 0x2d, 0x4, 0x36, 0xc, 0x36, 0x18, 0x24, 0x24, 0x5, 0x4, 0x60, 0x1b, 0x5, 0x60, 0xc, 0x5]}, @NL80211_TXRATE_HT={0x5, 0x2, [{0x6, 0x9}]}, @NL80211_TXRATE_HT={0x1e, 0x2, [{0x4, 0x7}, {0x6, 0x7}, {0x2, 0x1}, {0x5, 0x5}, {0x0, 0x9}, {0x1, 0x4}, {0x0, 0x9}, {0x1, 0x2}, {0x0, 0x9}, {0x5, 0x9}, {0x1, 0x6}, {0x1}, {0x7, 0x9}, {0x3, 0x2}, {0x3, 0x7}, {0x7, 0x3}, {0x0, 0xa}, {0x0, 0x6}, {0x1, 0x8}, {0x1, 0x7}, {0x1, 0x1}, {0x0, 0xa}, {0x1, 0x8}, {0x5, 0x8}, {0x2, 0x5}, {0x2, 0x7}]}]}, @NL80211_BAND_60GHZ={0x20, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1c, 0x1, [0x1, 0x12, 0x1, 0xc, 0x6, 0x4, 0x48, 0x5, 0x5c, 0x0, 0x2b, 0x1, 0x48, 0x5, 0x6c, 0x9, 0x6, 0x12, 0x2, 0x30, 0x24, 0x36, 0x3, 0x36]}]}]}, @NL80211_ATTR_TX_RATES={0xf4, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x44, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x6, 0x9, 0x8, 0xff, 0x800, 0x2, 0x7]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x8, 0x1, 0x9, 0x7, 0x200, 0x6, 0x2]}}, @NL80211_TXRATE_HE_LTF={0x5}]}, @NL80211_BAND_60GHZ={0x70, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x8, 0x20, 0xabc, 0x101, 0x7, 0x5, 0x0, 0x2]}}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0x15, 0x1, [0x24, 0x6, 0x6c, 0x5, 0x12, 0x24, 0x60, 0x24, 0x1, 0x18, 0x18, 0x12, 0x24, 0x1, 0x6, 0x6, 0x2e]}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_2GHZ={0x3c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x20, 0x5, 0x6, 0x200, 0x20, 0x9, 0x9, 0x3f60]}}, @NL80211_TXRATE_HT={0x9, 0x2, [{0x4, 0xa}, {0x3, 0x4}, {0x6, 0x8}, {0x3, 0xa}, {0x3}]}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}]}, @NL80211_ATTR_TX_RATES={0x80, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_60GHZ={0x20, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1c, 0x1, [0x2, 0x16, 0x6, 0x6, 0x36, 0x2, 0x9, 0x60, 0x18, 0x1b, 0x1b, 0x12, 0x24, 0x6c, 0x7, 0x9, 0x0, 0x3, 0x19, 0x18, 0x12, 0x60, 0x16, 0x16]}]}, @NL80211_BAND_6GHZ={0x50, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x7fff, 0x660, 0x2, 0x80, 0x3f, 0x6, 0x4, 0x1]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_LEGACY={0x1e, 0x1, [0xb, 0x30, 0x4, 0xc, 0x30, 0x6, 0x60, 0x24, 0xc, 0x2, 0x1, 0x9, 0x0, 0x5, 0x60, 0x48, 0x4, 0x48, 0x24, 0x1b, 0x30, 0x9, 0x1, 0x1, 0x18, 0xb]}]}]}, @NL80211_ATTR_TX_RATES={0x24, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x20, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0xf17, 0x3, 0x2, 0x0, 0x7ff, 0x400, 0x1, 0x5]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}]}, @NL80211_ATTR_TX_RATES={0xa4, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x30, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x6, 0x8001, 0x102d, 0x81, 0x8, 0x9, 0x1, 0x2]}}, @NL80211_TXRATE_LEGACY={0x6, 0x1, [0x6c, 0x6c]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_6GHZ={0x70, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1f, 0x1, [0x18, 0x12, 0xe, 0x30, 0x7e, 0x5, 0x48, 0x1f, 0x70, 0x12, 0x1, 0x6, 0x36, 0x3, 0x30, 0x6c, 0x4b, 0xb, 0x1, 0x16, 0x16, 0x16, 0x16, 0x48, 0x6, 0x5, 0x5]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3ff, 0x20, 0x8001, 0xb8f, 0xffff, 0x7, 0x3]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HT={0x27, 0x2, [{0x7, 0x4}, {0x5, 0x8}, {0x3, 0x2}, {0x0, 0xa}, {0x0, 0x3}, {0x0, 0x8}, {0x7, 0x1}, {0x5, 0x9}, {0x4, 0xa}, {0x7, 0x2}, {0x0, 0xa}, {0x0, 0x6}, {0x0, 0x6}, {0x1, 0x4}, {}, {0x7, 0x7}, {0x0, 0x7}, {0x5}, {0x2, 0xa}, {0x1, 0x4}, {0x1, 0x9}, {0x0, 0x5}, {0x1, 0x2}, {0x5, 0x7}, {0x0, 0x9}, {0x0, 0x3}, {0x7, 0x9}, {0x4, 0x3}, {0x0, 0x3}, {0x1, 0x6}, {0x0, 0x4}, {0x6, 0x7}, {0x6, 0x2}, {0x4, 0xa}, {0x0, 0x4}]}]}]}]}, 0x874}, 0x1, 0x0, 0x0, 0x68810}, 0x14) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) write$snapshot(0xffffffffffffffff, &(0x7f0000000c40)="1fc18fe233a30483305fab414f8e2e7208c3bf9b6edb24a9c2303f8a79fd3897f55e6b7bfddee395bc17918ffe63818a54b8345e59a0e29429eeb6e9f446a4b2bdef24b73fd7f36e", 0x48) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r4, &(0x7f0000000880)={&(0x7f0000000240), 0xc, &(0x7f0000000840)={&(0x7f00000002c0)={0x24, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TX_RATES={0x8, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x4}]}]}, 0x24}}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_LEAVE_MESH(r2, &(0x7f0000000c00)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x28, r5, 0x200, 0x70bd26, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x31a, 0x2d}}}}, ["", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) setsockopt$inet6_dccp_int(0xffffffffffffffff, 0x21, 0x5, &(0x7f0000000000)=0x1, 0x4) socket(0x25, 0x1, 0x0) (async) socket(0x23, 0x5, 0x1) (async) getsockopt$netrom_NETROM_N2(r1, 0x103, 0x3, &(0x7f0000000d00)=0x20, &(0x7f0000000d40)=0x4) (async) sendto$l2tp(r0, &(0x7f0000000980)="271ed75ab25f3c2193b627afc2122bee69911fb01d43", 0x16, 0x800, &(0x7f0000000cc0)={0x2, 0x0, @remote}, 0x10) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$SMC_PNETID_DEL(r2, 0x0, 0x0) (async) socket(0x9, 0x80800, 0x2) (async) sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000b00)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x20, 0x0, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x20000080) (async) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r2, &(0x7f0000000a00)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000009c0)={&(0x7f00000000c0)={0x874, 0x0, 0x400, 0x70bd27, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_TX_RATES={0x21c, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x7c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HT={0x41, 0x2, [{0x3, 0x8}, {0x2}, {0x1, 0x2}, {0x7, 0x3}, {0x6, 0x8}, {0x0, 0x6}, {0x7, 0x7}, {0x3, 0x2}, {0x4, 0x7}, {0x2}, {0x1, 0x4}, {0x4, 0x9}, {0x0, 0x7}, {0x1, 0x7}, {0x1, 0x6}, {0x2, 0x1}, {0x0, 0x9}, {0x2, 0x6}, {0x3, 0x2}, {0x0, 0x8}, {0x5, 0x5}, {0x3, 0x2}, {0x3, 0x3}, {0x0, 0x9}, {0x2, 0x2}, {0x0, 0x2}, {0x7, 0x2}, {0x5, 0xa}, {0x3, 0x7}, {0x0, 0x9}, {0x6}, {0x1, 0x9}, {0x3, 0x3}, {0x2, 0x3}, {0x3, 0x1}, {0x0, 0x2}, {0x1, 0x8}, {0x0, 0x9}, {0x0, 0x4}, {0x7, 0x7}, {0x4, 0xa}, {0x6, 0x4}, {0x0, 0x7}, {0x0, 0x7}, {0x6, 0x2}, {0x0, 0xa}, {0x4, 0x4}, {0x0, 0x9}, {0x1, 0x9}, {0x4, 0xa}, {0x1, 0x4}, {0x7, 0x1}, {0x1, 0x4}, {0x2, 0x5}, {0x1, 0x6}, {0x4, 0x4}, {0x3, 0x9}, {0x7, 0x1}, {0x2, 0x2}, {0x1, 0xa}, {0x3, 0x8}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x7fff, 0x9, 0x3ff, 0x4, 0x7, 0x803, 0x6]}}]}, @NL80211_BAND_6GHZ={0x38, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x81, 0x8000, 0x6, 0x1000, 0x1, 0x9, 0x1, 0x3f]}}, @NL80211_TXRATE_LEGACY={0xc, 0x1, [0xc, 0x9, 0x12, 0x16, 0x30, 0x12, 0x16, 0x6c]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x5, 0x100, 0x4, 0x0, 0x1000, 0x3, 0xffff, 0x3fc0]}}]}, @NL80211_BAND_2GHZ={0x78, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x2d, 0x2, [{0x6, 0x5}, {0x0, 0xa}, {0x0, 0x9}, {0x7, 0x1}, {0x4, 0x7}, {}, {0x4, 0x2}, {0x1, 0x5}, {0x3, 0x9}, {0x3, 0x1}, {0x2, 0x7}, {0x6, 0x3}, {0x5, 0x4}, {0x3, 0xa}, {0x3, 0x8}, {0x3, 0x8}, {0x0, 0x6}, {0x2}, {0x3, 0x6}, {0x6, 0x2}, {0x6, 0x2}, {0x2, 0x6}, {0x1, 0x9}, {0x6, 0x6}, {0x4, 0x6}, {0x2, 0x9}, {0x6, 0x2}, {0x2, 0x5}, {0x0, 0x7}, {0x6, 0x4}, {0x1, 0x4}, {0x7, 0x4}, {0x1, 0x9}, {0x0, 0x1}, {0x1, 0x9}, {0x0, 0x6}, {0x3, 0x2}, {0x4, 0x7}, {0x4, 0x3}, {0x7, 0x1}, {0x6, 0x1}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x1, 0x4, 0xae3, 0x4, 0x6, 0xe0, 0x200]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x800, 0xfffc, 0x7f, 0x81, 0x1, 0x1, 0x3ff, 0x20]}}, @NL80211_TXRATE_LEGACY={0x1c, 0x1, [0xb, 0xc, 0xb, 0x4, 0x24, 0x18, 0xc, 0x6, 0x6c, 0xb, 0x9, 0x4, 0x7a, 0x5, 0x24, 0x4, 0x48, 0x12, 0x3, 0x2c, 0x30, 0xc, 0xb, 0x36]}]}, @NL80211_BAND_6GHZ={0x4}, @NL80211_BAND_2GHZ={0x90, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1d, 0x1, [0x5, 0xc, 0x30, 0x36, 0x48, 0x36, 0x6, 0x18, 0x27, 0x4, 0x60, 0x16, 0x48, 0x2, 0xc, 0x36, 0x34, 0x12, 0x30, 0x36, 0x6, 0x3, 0x3, 0x4, 0x60]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HT={0x32, 0x2, [{0x1}, {0x7, 0x9}, {0x4, 0x6}, {0x4, 0x7}, {0x0, 0x8}, {0x3, 0x4}, {0x4, 0x3}, {0x2, 0x6}, {0x5, 0x6}, {0x2, 0x3}, {0x5, 0x1}, {0x7, 0x3}, {0x1, 0x6}, {0x5, 0x8}, {0x5, 0x3}, {0x2, 0x9}, {0x7, 0x4}, {0x1, 0x9}, {0x5, 0xa}, {0x6, 0x9}, {0x2}, {0x1}, {0x5}, {0x3, 0x3}, {0x0, 0x5}, {0x2, 0x6}, {0x3, 0x3}, {0x5, 0x2}, {0x5, 0x9}, {0x3, 0x6}, {0x2, 0xa}, {0x1, 0x3}, {0x7, 0x1}, {0x0, 0x7}, {0x5, 0x2}, {0x0, 0x1}, {0x2, 0x8}, {0x3, 0x1}, {0x7, 0x2}, {0x4, 0x3}, {0x2, 0x3}, {0x7, 0x5}, {0x2, 0x4}, {0x0, 0x7}, {0x0, 0x9}, {0x5, 0x1}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x6edd, 0x4, 0x6, 0x100, 0x0, 0x8, 0x81]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x1, 0xc25, 0x9, 0x2, 0x1ff, 0x2, 0x9]}}]}, @NL80211_BAND_6GHZ={0x20, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x81, 0x7fff, 0x5, 0x4, 0xffff, 0xff80, 0x0, 0x1]}}]}, @NL80211_BAND_6GHZ={0x38, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xe, 0x1, [0x68, 0x60, 0x5, 0x16, 0x60, 0x0, 0x6c, 0x24, 0x3, 0x18]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xfc88, 0x2, 0x36, 0x8, 0x71ba, 0x400, 0xff4d, 0x8001]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}]}, @NL80211_ATTR_TX_RATES={0xa4, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x8c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x20, 0x1, [0x12, 0x16, 0x2, 0x5, 0x1b, 0x14, 0x4, 0xc, 0x6, 0x3, 0xb, 0xc, 0x2, 0x6, 0x58, 0x3, 0x24, 0x30, 0x24, 0x5, 0x5, 0x6c, 0x3, 0x18, 0x48, 0x48, 0xb, 0x36]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x3f, 0x4, 0x3, 0xc072, 0x3, 0xa99e, 0xfffb]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1000, 0x0, 0x800, 0x84, 0x0, 0x71, 0x2, 0x1]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x82b, 0x200, 0x200, 0x3f, 0xe2, 0x0, 0x40, 0x591]}}, @NL80211_TXRATE_LEGACY={0x12, 0x1, [0x59, 0x6c, 0x1b, 0x9, 0x30, 0x18, 0x6, 0x48, 0x30, 0x9, 0x3, 0x6, 0x12, 0x1b]}]}, @NL80211_BAND_2GHZ={0x14, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}]}, @NL80211_ATTR_TX_RATES={0x1f8, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x98, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x26, 0x2, [{0x1, 0x1}, {0x0, 0x1}, {0x5, 0x4}, {0x3, 0x6}, {0x1, 0x8}, {0x7, 0x3}, {0x6, 0x6}, {0x2, 0x6}, {0x4, 0x9}, {0x4, 0xa}, {0x0, 0x8}, {0x3, 0x9}, {0x1, 0xa}, {0x7, 0x6}, {0x5, 0x5}, {0x3, 0x9}, {0x0, 0x2}, {0x7, 0x4}, {0x5, 0x1}, {0x0, 0x2}, {0x1, 0x2}, {0x3, 0x2}, {0x1, 0x8}, {0x6, 0x9}, {0x7, 0x8}, {0x4, 0x4}, {0x4, 0x1}, {0x0, 0x8}, {0x0, 0x1}, {0x3, 0x1}, {0x1, 0x4}, {0x4, 0x8}, {0x0, 0x8}, {0x0, 0xa}]}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x200, 0xa8, 0x2, 0x0, 0x0, 0x40, 0xfffa]}}, @NL80211_TXRATE_HT={0x26, 0x2, [{0x5, 0xa}, {0x5, 0x5}, {0x5, 0x8}, {0x4, 0x3}, {0x0, 0x3}, {0x7, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x3}, {0x2, 0x6}, {0x7, 0x7}, {0x4, 0x7}, {0x3, 0x8}, {0x0, 0x5}, {0x2}, {0x0, 0xa}, {0x3, 0x3}, {0x1, 0x1}, {0x3, 0x1}, {0x2, 0x7}, {0x5, 0x4}, {0x5, 0x2}, {0x0, 0x1}, {0x0, 0x5}, {0x4, 0x3}, {0x0, 0x4}, {0x0, 0x6}, {0x1, 0x9}, {0x5, 0x4}, {0x1, 0x5}, {0x2, 0xa}, {0x0, 0x6}, {0x4, 0x9}, {0x6, 0x3}]}, @NL80211_TXRATE_LEGACY={0x1d, 0x1, [0x30, 0x3, 0x16, 0x4, 0x9, 0x1b, 0x18, 0x30, 0x24, 0x0, 0xcc336d9a653a9a2f, 0x30, 0x0, 0x6, 0x30, 0x3, 0x12, 0x44, 0x18, 0x36, 0x6c, 0x5, 0x1, 0x9, 0x36]}]}, @NL80211_BAND_6GHZ={0x40, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x4, 0x1, 0x1f, 0x7, 0x2, 0x3, 0x1000]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0x8, 0x1, [0x48, 0x48, 0x7, 0x7f]}]}, @NL80211_BAND_6GHZ={0x18, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x7f, 0x40, 0x6, 0x7f, 0x3f, 0x680f, 0x6]}}]}, @NL80211_BAND_60GHZ={0x60, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HT={0x44, 0x2, [{0x4, 0x9}, {0x3, 0x6}, {0x0, 0x7}, {0x3, 0x9}, {0x0, 0x1}, {0x3, 0x5}, {0x3, 0x4}, {0x4, 0xa}, {0x1, 0x1}, {0x7, 0xa}, {0x0, 0x3}, {0x1, 0x9}, {0x1, 0x6}, {0x4, 0x7}, {0x6, 0x8}, {}, {0x7, 0x2}, {0x1, 0x7}, {0x7, 0x9}, {}, {0x0, 0xa}, {0x6, 0x7}, {0x7, 0xa}, {}, {0x1, 0x1}, {0x7, 0xa}, {0x0, 0x3}, {0x5, 0x2}, {0x1, 0x2}, {0x3, 0x7}, {0x7, 0x4}, {0x5, 0x1}, {0x2, 0x2}, {0x2, 0x1}, {0x2, 0x7}, {0x6, 0x9}, {0x4}, {0x1, 0x7}, {0x0, 0x7}, {0x3, 0x4}, {0x7, 0x6}, {0x1, 0x9}, {0x0, 0x6}, {0x2, 0x8}, {0x5, 0x2}, {0x4, 0x7}, {0x1, 0x6}, {0x4, 0x6}, {0x0, 0x1}, {0x2}, {0x5, 0x9}, {0x6, 0x2}, {0x1, 0x7}, {0x6, 0x3}, {0x6, 0x12}, {0x2, 0x1}, {0x2, 0x9}, {0x7, 0x6}, {0x0, 0x2}, {0x2, 0x7}, {0x4, 0x4}, {0x0, 0x1}, {0x0, 0x8}, {0x6, 0x4}]}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_6GHZ={0xa4, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x0, 0x8, 0x5, 0x6887, 0x400, 0x200, 0x7ff]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x1000, 0x2, 0x2, 0x6, 0x100, 0x101, 0x80]}}, @NL80211_TXRATE_HT={0x3e, 0x2, [{0x3, 0x7}, {0x5, 0x6}, {0x5, 0x4}, {0x3, 0x8}, {0x5, 0x9}, {0x7, 0xa}, {0x3, 0x7}, {0x3, 0x3}, {0x2, 0x7}, {0x3, 0xa}, {0x3, 0x2}, {0x6, 0x1}, {0x7, 0x2}, {0x3, 0x2}, {0x7, 0x9}, {0x0, 0x5}, {0x0, 0x3}, {0x7, 0xa}, {0x7, 0x1}, {0x0, 0x6}, {0x5, 0x8}, {0x7, 0x1}, {0x5, 0x4}, {0x2, 0x4}, {0x7}, {0x0, 0xa}, {0x3, 0x6}, {0x6, 0x2}, {0x6, 0x8}, {0x1}, {0x7, 0x3}, {0x1, 0x2}, {0x6, 0x1}, {0x5, 0x7}, {0x6, 0x4}, {0x6, 0x5}, {0x6, 0x6}, {0x6, 0x1}, {0x0, 0xa}, {0x6, 0x8}, {0x6, 0x3}, {0x7}, {0x5, 0x3}, {0x3}, {0x1}, {0x0, 0x2}, {0x4, 0x5}, {0x2, 0x2}, {0x6, 0x6}, {0x1, 0xa}, {0x0, 0x5}, {0x1, 0x9}, {0x5, 0xa}, {0x3, 0x9}, {0x0, 0x9}, {0x7, 0x2}, {0x4, 0x1}, {0x1, 0x8}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_LEGACY={0x1f, 0x1, [0x24, 0xc, 0x6, 0xc, 0x24, 0x9, 0x5, 0x16, 0x18, 0x9, 0x18, 0x6c, 0x19, 0x1, 0x60, 0x3, 0x1, 0x30, 0x1b, 0x16, 0x0, 0x9, 0x36, 0x1b, 0x18, 0x6, 0x5]}, @NL80211_TXRATE_HE_GI={0x5}]}]}, @NL80211_ATTR_TX_RATES={0x68, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x64, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x4}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x1, 0x3f, 0xf3e1, 0x0, 0x8, 0x0, 0x1]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x400, 0xff, 0xcb38, 0x59, 0x8, 0x3cd7]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0xa, 0x1, [0x2, 0x6c, 0x1b, 0x24, 0x4, 0x12]}, @NL80211_TXRATE_GI={0x5}]}]}, @NL80211_ATTR_TX_RATES={0x104, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0xe0, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x35, 0x2, [{0x1, 0x5}, {0x3, 0x7}, {0x0, 0x5}, {0x6, 0x8}, {0x5, 0x9}, {0x0, 0x3}, {0x7, 0xa}, {0x3, 0x3}, {0x6}, {0x3, 0x9}, {0x1}, {0x7, 0xa}, {0x2, 0x2}, {0x3, 0x3}, {0x3, 0x4}, {0x5, 0x7}, {0x0, 0x2}, {0x3, 0xa}, {0x7, 0x7}, {0x7, 0x8}, {0x4, 0x3}, {0x2, 0x7}, {0x3, 0x4}, {0x4, 0x6}, {0x0, 0x9}, {0x3, 0x3}, {0x7, 0x4}, {0x7, 0x5}, {0x6, 0x9}, {0x4, 0x4}, {0x1}, {0x1, 0x9}, {0x3}, {0x2, 0x5}, {0x4, 0x2}, {0x4, 0x1}, {0x0, 0x6}, {0x5, 0xa}, {0x4, 0x3}, {0x1, 0x1}, {0x6, 0x6}, {0x6, 0x2}, {0x6, 0x1}, {0x7}, {0x3, 0x1}, {0x1}, {0x5, 0x7}, {0x6, 0x5}, {0x0, 0x2}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HT={0x43, 0x2, [{0x7}, {0x7, 0x3}, {0x3, 0x3}, {0x3, 0x6}, {0x0, 0x2}, {0x4, 0x8}, {}, {0x5, 0x6}, {0x5, 0x1}, {0x4, 0x1}, {0x0, 0x6}, {0x7, 0x6}, {0x4, 0x3}, {0x4, 0x5}, {0x1, 0x6}, {0x0, 0x6}, {0x0, 0x9}, {0x1}, {0x7}, {0x3, 0x2}, {0x7, 0x9}, {0x0, 0x8}, {0x6, 0x3}, {0x0, 0x2}, {0x3, 0x4}, {0x4, 0x5}, {0x6, 0x9}, {0x4, 0x2}, {0x3, 0x4}, {0x3, 0x7}, {0x4, 0x6}, {0x5, 0xa}, {0x6, 0x6}, {0x7, 0x8}, {0x4, 0x1}, {0x1, 0x3}, {0x2, 0x6}, {0x6, 0x2}, {0x0, 0x9}, {0x5, 0x4}, {0x1, 0x8}, {0x6, 0x7}, {0x5, 0x2}, {0x5, 0x3}, {0x5}, {0x7, 0x5}, {0x3, 0x3}, {0x3, 0x6}, {0x0, 0x5}, {0x6}, {0x7, 0x7}, {0x0, 0x3}, {0x0, 0x7}, {0x4, 0x9}, {0x7, 0x5}, {0x3, 0x6}, {0x2, 0x1}, {0x5, 0x1}, {0x3, 0x6}, {0x7, 0x9}, {0x1, 0x1}, {0x1, 0x7}, {0x2, 0x7}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_LEGACY={0x15, 0x1, [0x39, 0x2d, 0x4, 0x36, 0xc, 0x36, 0x18, 0x24, 0x24, 0x5, 0x4, 0x60, 0x1b, 0x5, 0x60, 0xc, 0x5]}, @NL80211_TXRATE_HT={0x5, 0x2, [{0x6, 0x9}]}, @NL80211_TXRATE_HT={0x1e, 0x2, [{0x4, 0x7}, {0x6, 0x7}, {0x2, 0x1}, {0x5, 0x5}, {0x0, 0x9}, {0x1, 0x4}, {0x0, 0x9}, {0x1, 0x2}, {0x0, 0x9}, {0x5, 0x9}, {0x1, 0x6}, {0x1}, {0x7, 0x9}, {0x3, 0x2}, {0x3, 0x7}, {0x7, 0x3}, {0x0, 0xa}, {0x0, 0x6}, {0x1, 0x8}, {0x1, 0x7}, {0x1, 0x1}, {0x0, 0xa}, {0x1, 0x8}, {0x5, 0x8}, {0x2, 0x5}, {0x2, 0x7}]}]}, @NL80211_BAND_60GHZ={0x20, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1c, 0x1, [0x1, 0x12, 0x1, 0xc, 0x6, 0x4, 0x48, 0x5, 0x5c, 0x0, 0x2b, 0x1, 0x48, 0x5, 0x6c, 0x9, 0x6, 0x12, 0x2, 0x30, 0x24, 0x36, 0x3, 0x36]}]}]}, @NL80211_ATTR_TX_RATES={0xf4, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x44, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x6, 0x9, 0x8, 0xff, 0x800, 0x2, 0x7]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x8, 0x1, 0x9, 0x7, 0x200, 0x6, 0x2]}}, @NL80211_TXRATE_HE_LTF={0x5}]}, @NL80211_BAND_60GHZ={0x70, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x8, 0x20, 0xabc, 0x101, 0x7, 0x5, 0x0, 0x2]}}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0x15, 0x1, [0x24, 0x6, 0x6c, 0x5, 0x12, 0x24, 0x60, 0x24, 0x1, 0x18, 0x18, 0x12, 0x24, 0x1, 0x6, 0x6, 0x2e]}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_2GHZ={0x3c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x20, 0x5, 0x6, 0x200, 0x20, 0x9, 0x9, 0x3f60]}}, @NL80211_TXRATE_HT={0x9, 0x2, [{0x4, 0xa}, {0x3, 0x4}, {0x6, 0x8}, {0x3, 0xa}, {0x3}]}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}]}, @NL80211_ATTR_TX_RATES={0x80, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_60GHZ={0x20, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1c, 0x1, [0x2, 0x16, 0x6, 0x6, 0x36, 0x2, 0x9, 0x60, 0x18, 0x1b, 0x1b, 0x12, 0x24, 0x6c, 0x7, 0x9, 0x0, 0x3, 0x19, 0x18, 0x12, 0x60, 0x16, 0x16]}]}, @NL80211_BAND_6GHZ={0x50, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x7fff, 0x660, 0x2, 0x80, 0x3f, 0x6, 0x4, 0x1]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_LEGACY={0x1e, 0x1, [0xb, 0x30, 0x4, 0xc, 0x30, 0x6, 0x60, 0x24, 0xc, 0x2, 0x1, 0x9, 0x0, 0x5, 0x60, 0x48, 0x4, 0x48, 0x24, 0x1b, 0x30, 0x9, 0x1, 0x1, 0x18, 0xb]}]}]}, @NL80211_ATTR_TX_RATES={0x24, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x20, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0xf17, 0x3, 0x2, 0x0, 0x7ff, 0x400, 0x1, 0x5]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}]}, @NL80211_ATTR_TX_RATES={0xa4, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x30, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x6, 0x8001, 0x102d, 0x81, 0x8, 0x9, 0x1, 0x2]}}, @NL80211_TXRATE_LEGACY={0x6, 0x1, [0x6c, 0x6c]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_6GHZ={0x70, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1f, 0x1, [0x18, 0x12, 0xe, 0x30, 0x7e, 0x5, 0x48, 0x1f, 0x70, 0x12, 0x1, 0x6, 0x36, 0x3, 0x30, 0x6c, 0x4b, 0xb, 0x1, 0x16, 0x16, 0x16, 0x16, 0x48, 0x6, 0x5, 0x5]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3ff, 0x20, 0x8001, 0xb8f, 0xffff, 0x7, 0x3]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HT={0x27, 0x2, [{0x7, 0x4}, {0x5, 0x8}, {0x3, 0x2}, {0x0, 0xa}, {0x0, 0x3}, {0x0, 0x8}, {0x7, 0x1}, {0x5, 0x9}, {0x4, 0xa}, {0x7, 0x2}, {0x0, 0xa}, {0x0, 0x6}, {0x0, 0x6}, {0x1, 0x4}, {}, {0x7, 0x7}, {0x0, 0x7}, {0x5}, {0x2, 0xa}, {0x1, 0x4}, {0x1, 0x9}, {0x0, 0x5}, {0x1, 0x2}, {0x5, 0x7}, {0x0, 0x9}, {0x0, 0x3}, {0x7, 0x9}, {0x4, 0x3}, {0x0, 0x3}, {0x1, 0x6}, {0x0, 0x4}, {0x6, 0x7}, {0x6, 0x2}, {0x4, 0xa}, {0x0, 0x4}]}]}]}]}, 0x874}, 0x1, 0x0, 0x0, 0x68810}, 0x14) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) (async) write$snapshot(0xffffffffffffffff, &(0x7f0000000c40)="1fc18fe233a30483305fab414f8e2e7208c3bf9b6edb24a9c2303f8a79fd3897f55e6b7bfddee395bc17918ffe63818a54b8345e59a0e29429eeb6e9f446a4b2bdef24b73fd7f36e", 0x48) (async) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r4, &(0x7f0000000880)={&(0x7f0000000240), 0xc, &(0x7f0000000840)={&(0x7f00000002c0)={0x24, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TX_RATES={0x8, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x4}]}]}, 0x24}}, 0x0) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NL80211_CMD_LEAVE_MESH(r2, &(0x7f0000000c00)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x28, r5, 0x200, 0x70bd26, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x31a, 0x2d}}}}, ["", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) (async) setsockopt$inet6_dccp_int(0xffffffffffffffff, 0x21, 0x5, &(0x7f0000000000)=0x1, 0x4) (async) [ 1203.227772] hfsplus: creator requires a 4 character value [ 1203.242359] hfsplus: unable to parse mount options [ 1203.253359] hfsplus: unable to parse mount options [ 1203.261728] hfsplus: creator requires a 4 character value [ 1203.267365] hfsplus: unable to parse mount options 09:32:11 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) 09:32:11 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x200002000000, 0x9}) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r0, 0x330f, 0x3ff) 09:32:11 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 45) 09:32:11 executing program 1: r0 = socket(0x25, 0x1, 0x0) ioctl$VFIO_IOMMU_GET_INFO(0xffffffffffffffff, 0x3b70, &(0x7f0000000000)={0x18, 0x0, 0x0, 0x8}) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) sendmsg$L2TP_CMD_SESSION_GET(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x20, 0x0, 0x100, 0x70bd27, 0x25dfdbfd, {}, [@L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x31}]}, 0x20}}, 0x4044800) 09:32:11 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4", @ANYBLOB="00c387d34f9c19e53bbcd4b2e81d6fe0a9fab8b4e3bd49"]) 09:32:11 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 44) 09:32:11 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x200002000000, 0x9}) (async) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r0, 0x330f, 0x3ff) [ 1203.377713] FAULT_INJECTION: forcing a failure. [ 1203.377713] name failslab, interval 1, probability 0, space 0, times 0 [ 1203.403977] hfsplus: creator requires a 4 character value [ 1203.410120] FAULT_INJECTION: forcing a failure. [ 1203.410120] name failslab, interval 1, probability 0, space 0, times 0 [ 1203.416462] CPU: 0 PID: 30475 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1203.428442] hfsplus: creator requires a 4 character value [ 1203.429183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1203.435065] hfsplus: unable to parse mount options [ 1203.444035] Call Trace: [ 1203.444052] dump_stack+0x1b2/0x281 [ 1203.444065] should_fail.cold+0x10a/0x149 [ 1203.444079] should_failslab+0xd6/0x130 [ 1203.444091] __kmalloc_track_caller+0x2bc/0x400 [ 1203.444102] ? strndup_user+0x5b/0xf0 [ 1203.452216] hfsplus: unable to parse mount options [ 1203.455206] memdup_user+0x22/0xa0 [ 1203.455217] strndup_user+0x5b/0xf0 [ 1203.455229] ? copy_mnt_ns+0xa30/0xa30 [ 1203.487624] SyS_mount+0x39/0x120 [ 1203.491059] ? copy_mnt_ns+0xa30/0xa30 [ 1203.494928] do_syscall_64+0x1d5/0x640 [ 1203.498803] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1203.503971] RIP: 0033:0x7f463664e61a [ 1203.507664] RSP: 002b:00007f4634fc1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1203.515358] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f463664e61a [ 1203.522607] RDX: 0000000020000140 RSI: 0000000020000180 RDI: 00007f4634fc1fe0 [ 1203.529858] RBP: 00007f4634fc2020 R08: 00007f4634fc2020 R09: 0000000020000140 [ 1203.537114] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000140 [ 1203.544363] R13: 0000000020000180 R14: 00007f4634fc1fe0 R15: 0000000020001340 [ 1203.551628] CPU: 1 PID: 30480 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1203.559512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1203.568858] Call Trace: [ 1203.571445] dump_stack+0x1b2/0x281 [ 1203.575075] should_fail.cold+0x10a/0x149 [ 1203.579226] should_failslab+0xd6/0x130 [ 1203.583207] __kmalloc_track_caller+0x2bc/0x400 [ 1203.587871] ? strndup_user+0x5b/0xf0 [ 1203.591675] memdup_user+0x22/0xa0 [ 1203.595215] strndup_user+0x5b/0xf0 [ 1203.598841] ? copy_mnt_ns+0xa30/0xa30 [ 1203.602736] SyS_mount+0x39/0x120 [ 1203.606185] ? copy_mnt_ns+0xa30/0xa30 [ 1203.610072] do_syscall_64+0x1d5/0x640 [ 1203.613979] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1203.619165] RIP: 0033:0x7f322b2fc61a 09:32:11 executing program 1: r0 = socket(0x25, 0x1, 0x0) ioctl$VFIO_IOMMU_GET_INFO(0xffffffffffffffff, 0x3b70, &(0x7f0000000000)={0x18, 0x0, 0x0, 0x8}) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) sendmsg$L2TP_CMD_SESSION_GET(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x20, 0x0, 0x100, 0x70bd27, 0x25dfdbfd, {}, [@L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x31}]}, 0x20}}, 0x4044800) 09:32:11 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x200002000000, 0x9}) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r0, 0x330f, 0x3ff) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x200002000000, 0x9}) (async) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r0, 0x330f, 0x3ff) (async) [ 1203.622882] RSP: 002b:00007f3229c6ff88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1203.630592] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f322b2fc61a [ 1203.637861] RDX: 0000000020000140 RSI: 0000000020000180 RDI: 00007f3229c6ffe0 [ 1203.645135] RBP: 00007f3229c70020 R08: 00007f3229c70020 R09: 0000000020000140 [ 1203.652403] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000140 [ 1203.659672] R13: 0000000020000180 R14: 00007f3229c6ffe0 R15: 0000000020001340 09:32:11 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) 09:32:11 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 46) 09:32:11 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000040), 0x4000, &(0x7f0000000000)=ANY=[@ANYRESDEC]) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) r1 = getegid() syz_mount_image$fuse(&(0x7f00000003c0), &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x20e2000, &(0x7f0000000440)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x1000}, 0x2c, {'user_id', 0x3d, 0xffffffffffffffff}, 0x2c, {'group_id', 0x3d, r1}, 0x2c, {[{@allow_other}, {@blksize={'blksize', 0x3d, 0x600}}, {@max_read={'max_read', 0x3d, 0x1}}, {@max_read={'max_read', 0x3d, 0x6}}, {@blksize={'blksize', 0x3d, 0x1e00}}, {@blksize={'blksize', 0x3d, 0x400}}], [{@uid_lt}, {@uid_lt}, {@euid_eq={'euid', 0x3d, 0xffffffffffffffff}}, {@dont_measure}, {@context={'context', 0x3d, 'system_u'}}, {@hash}, {@fsuuid={'fsuuid', 0x3d, {[0x66, 0x35, 0x39, 0x64, 0x63, 0x30, 0x38, 0x38], 0x2d, [0x61, 0x65, 0x37, 0x61], 0x2d, [0x63, 0x33, 0x37, 0x66], 0x2d, [0x66, 0x61, 0x35, 0x63], 0x2d, [0x36, 0x37, 0x64, 0x38, 0x30, 0x65, 0x33, 0x31]}}}, {@subj_type={'subj_type', 0x3d, 'allocsize'}}, {@permit_directio}]}}) syz_mount_image$xfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0xb3e4, 0x3, &(0x7f00000002c0)=[{&(0x7f00000001c0)="a8bfd99d093e8430cdc712d47efc5a79cc65597ea8a141106630d9db7e236e500069e88a28ae69aae0462aff26544e4bc511c1a5bd9ce2150e829c7bb359fe46917b5d0739da312feb8185f08b0f400a28c17205faa222f5325b82e0789fc4aafe4e0720758e767be61b530600e04a6375f24f603fc177c0f447a7d086d7a35bfbcacc652325252d2e81f1b68dca2763b47ce5f5475ee9afbc2778b77fe90af9b3dfb27fb6e7205047f180048ce7c272baeb349f03399333f29da88d0941a8932823b427cf1bdf0c67b9171cc586c3b5f648dbd20e5539f97984c18f599436b9ac786d621af2a74d491233f1fb7b43", 0xef, 0x20000}, {&(0x7f00000000c0)="ec84d34c7e79b00fca3871c094f8a35dddbca9676c6a6f", 0x17, 0x501d}, {&(0x7f0000000100)="ef8e7feb7037d6c25df833728e0b759d3116039e1e2c6378fe6e34465635fc36645802c259cbef30c8eb5e", 0x2b, 0x76c8}], 0x8804c2, &(0x7f0000000340)={[{@barrier}, {@filestreams}, {@dax}, {@noikeep}, {@allocsize={'allocsize', 0x3d, [0x67, 0x78, 0x70, 0x31]}}, {@gqnoenforce}, {@nobarrier}, {@attr2}, {@pqnoenforce}], [{@obj_role={'obj_role', 0x3d, '/'}}, {@measure}]}) 09:32:11 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 45) 09:32:12 executing program 1: r0 = socket(0x25, 0x1, 0x0) ioctl$VFIO_IOMMU_GET_INFO(0xffffffffffffffff, 0x3b70, &(0x7f0000000000)={0x18, 0x0, 0x0, 0x8}) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) sendmsg$L2TP_CMD_SESSION_GET(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x20, 0x0, 0x100, 0x70bd27, 0x25dfdbfd, {}, [@L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x31}]}, 0x20}}, 0x4044800) 09:32:12 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) ioctl$SNAPSHOT_S2RAM(0xffffffffffffffff, 0x330b) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x301682, 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(r1, 0x3312, 0x0) [ 1203.765220] hfsplus: unable to parse mount options [ 1203.786670] FAULT_INJECTION: forcing a failure. [ 1203.786670] name failslab, interval 1, probability 0, space 0, times 0 [ 1203.801801] hfsplus: creator requires a 4 character value [ 1203.814244] hfsplus: unable to parse mount options [ 1203.821723] FAULT_INJECTION: forcing a failure. [ 1203.821723] name failslab, interval 1, probability 0, space 0, times 0 [ 1203.846284] CPU: 0 PID: 30517 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1203.854180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1203.863532] Call Trace: [ 1203.866124] dump_stack+0x1b2/0x281 [ 1203.869759] should_fail.cold+0x10a/0x149 [ 1203.873912] should_failslab+0xd6/0x130 [ 1203.877892] __kmalloc_track_caller+0x2bc/0x400 [ 1203.882559] ? strndup_user+0x5b/0xf0 [ 1203.886363] memdup_user+0x22/0xa0 [ 1203.889902] strndup_user+0x5b/0xf0 [ 1203.893526] ? copy_mnt_ns+0xa30/0xa30 [ 1203.897411] SyS_mount+0x68/0x120 [ 1203.900864] ? copy_mnt_ns+0xa30/0xa30 [ 1203.904756] do_syscall_64+0x1d5/0x640 [ 1203.908651] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1203.913833] RIP: 0033:0x7f322b2fc61a [ 1203.917533] RSP: 002b:00007f3229c6ff88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1203.925247] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f322b2fc61a [ 1203.932515] RDX: 0000000020000140 RSI: 0000000020000180 RDI: 00007f3229c6ffe0 [ 1203.939775] RBP: 00007f3229c70020 R08: 00007f3229c70020 R09: 0000000020000140 09:32:12 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) ioctl$SNAPSHOT_S2RAM(0xffffffffffffffff, 0x330b) (async) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x301682, 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(r1, 0x3312, 0x0) 09:32:12 executing program 1: r0 = socket(0x25, 0x1, 0x0) r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) accept$netrom(r1, 0x0, 0x0) pipe2$9p(&(0x7f0000000100), 0x80000) setsockopt$netrom_NETROM_T2(r1, 0x103, 0x2, &(0x7f0000000000)=0x40, 0x4) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) bpf$OBJ_GET_PROG(0x7, &(0x7f00000000c0)={&(0x7f0000000080)='./file0\x00', 0x0, 0x2c}, 0x10) syz_mount_image$xfs(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x8000, 0x4, &(0x7f00000003c0)=[{&(0x7f00000001c0)="520b104885cabc75add6ea443157be6d6f451f86c41b671f02ecca24b7637e1808479ffc290444147c6a4e7201cd2d436b", 0x31, 0x100000000}, {&(0x7f0000000200)="1070167c53b91c5b12f67a3b33f8746e47cd47cf987d4d9bc3400d795782338026e9818ca5504c06a8421e11a8ef5720a1130d2e8c9f8dfb058d77f82e1cc5ecec4c52b96f0590d9e0e206", 0x4b, 0xfffffffffffff91f}, {&(0x7f0000000280)="b1abf7b867032bcb33f62b8c666c6d27382b8401fdaa2974f5706b024397a9851301ea2b749dc3eaa4882d6e55cced5d49f76ed6699b18505fea5bde6d8bf8e20c93f54dc1a693fdbb378090284ecfd8bc62470c4b38de", 0x57, 0x80000000000}, {&(0x7f0000000300)="ee878dccf95fad3632286de8ff48e6bdb5aad84abaebb89f865c98493468837a31d40ac4984515ce9cfc3f8c1e645e77c022a155fdff21ab4fa91ef447c5cecbd418eb439cf8e07fd32782e3138ac08231a398d8e74476bceba8a6dc4a836ef3cc3cd055b2f48909d2fe1db51540cc8f774e3e976529a50ad5559b52abd1ae7d80faea1419f22b6c32f0d8911afc2268000f2bbf", 0x94, 0x5}], 0x4000, &(0x7f0000000440)={[{@nodiscard}], [{@permit_directio}]}) 09:32:12 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) ioctl$SNAPSHOT_S2RAM(0xffffffffffffffff, 0x330b) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x301682, 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(r1, 0x3312, 0x0) 09:32:12 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r2) ioctl$SNAPSHOT_SET_SWAP_AREA(r2, 0x400c330d, &(0x7f0000000000)={0x2, 0x4}) read$snapshot(r0, &(0x7f00000000c0)=""/143, 0x8f) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000080)={0x0, 0x4}) 09:32:12 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r2) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r2, 0x400c330d, &(0x7f0000000000)={0x2, 0x4}) (async) read$snapshot(r0, &(0x7f00000000c0)=""/143, 0x8f) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000080)={0x0, 0x4}) 09:32:12 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r2) ioctl$SNAPSHOT_SET_SWAP_AREA(r2, 0x400c330d, &(0x7f0000000000)={0x2, 0x4}) read$snapshot(r0, &(0x7f00000000c0)=""/143, 0x8f) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000080)={0x0, 0x4}) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r2) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r2, 0x400c330d, &(0x7f0000000000)={0x2, 0x4}) (async) read$snapshot(r0, &(0x7f00000000c0)=""/143, 0x8f) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000080)={0x0, 0x4}) (async) [ 1203.947032] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000140 [ 1203.954294] R13: 0000000020000180 R14: 00007f3229c6ffe0 R15: 0000000020001340 [ 1203.967584] XFS (loop1): unknown mount option [permit_directio]. [ 1203.972057] CPU: 0 PID: 30525 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1203.981614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1203.990959] Call Trace: [ 1203.993546] dump_stack+0x1b2/0x281 [ 1203.997175] should_fail.cold+0x10a/0x149 [ 1204.001324] should_failslab+0xd6/0x130 [ 1204.005296] kmem_cache_alloc_trace+0x29a/0x3d0 [ 1204.009960] ? copy_mnt_ns+0xa30/0xa30 [ 1204.013849] copy_mount_options+0x59/0x2f0 [ 1204.018172] ? copy_mnt_ns+0xa30/0xa30 [ 1204.022061] SyS_mount+0x84/0x120 [ 1204.025516] ? copy_mnt_ns+0xa30/0xa30 [ 1204.029406] do_syscall_64+0x1d5/0x640 [ 1204.033294] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1204.038475] RIP: 0033:0x7f463664e61a 09:32:12 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) [ 1204.042180] RSP: 002b:00007f4634fc1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1204.049885] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f463664e61a [ 1204.057158] RDX: 0000000020000140 RSI: 0000000020000180 RDI: 00007f4634fc1fe0 [ 1204.064421] RBP: 00007f4634fc2020 R08: 00007f4634fc2020 R09: 0000000020000140 [ 1204.071682] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000140 [ 1204.078951] R13: 0000000020000180 R14: 00007f4634fc1fe0 R15: 0000000020001340 09:32:12 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 47) 09:32:12 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) socket$l2tp6(0xa, 0x2, 0x73) ioctl$SNAPSHOT_FREE(r1, 0x3305) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r2) r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_GET(r4, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r3, 0xb09}, 0x14}}, 0x0) r5 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/am_droprate\x00', 0x2, 0x0) sendmsg$L2TP_CMD_SESSION_CREATE(r2, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x48, r3, 0x2, 0x70bd2c, 0x25dfdbfd, {}, [@L2TP_ATTR_MRU={0x6, 0x1d, 0x8001}, @L2TP_ATTR_FD={0x8, 0x17, @udp=r5}, @L2TP_ATTR_MTU={0x6, 0x1c, 0x6}, @L2TP_ATTR_MRU={0x6, 0x1d, 0xffff}, @L2TP_ATTR_IFNAME={0x14, 0x8, 'bond_slave_1\x00'}]}, 0x48}, 0x1, 0x0, 0x0, 0x8c0}, 0x4041) ioctl$SOUND_MIXER_READ_VOLUME(r2, 0x80044d15, &(0x7f0000000080)) 09:32:12 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000040), 0x4000, &(0x7f0000000000)=ANY=[@ANYRESDEC]) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) r1 = getegid() syz_mount_image$fuse(&(0x7f00000003c0), &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x20e2000, &(0x7f0000000440)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x1000}, 0x2c, {'user_id', 0x3d, 0xffffffffffffffff}, 0x2c, {'group_id', 0x3d, r1}, 0x2c, {[{@allow_other}, {@blksize={'blksize', 0x3d, 0x600}}, {@max_read={'max_read', 0x3d, 0x1}}, {@max_read={'max_read', 0x3d, 0x6}}, {@blksize={'blksize', 0x3d, 0x1e00}}, {@blksize={'blksize', 0x3d, 0x400}}], [{@uid_lt}, {@uid_lt}, {@euid_eq={'euid', 0x3d, 0xffffffffffffffff}}, {@dont_measure}, {@context={'context', 0x3d, 'system_u'}}, {@hash}, {@fsuuid={'fsuuid', 0x3d, {[0x66, 0x35, 0x39, 0x64, 0x63, 0x30, 0x38, 0x38], 0x2d, [0x61, 0x65, 0x37, 0x61], 0x2d, [0x63, 0x33, 0x37, 0x66], 0x2d, [0x66, 0x61, 0x35, 0x63], 0x2d, [0x36, 0x37, 0x64, 0x38, 0x30, 0x65, 0x33, 0x31]}}}, {@subj_type={'subj_type', 0x3d, 'allocsize'}}, {@permit_directio}]}}) syz_mount_image$xfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0xb3e4, 0x3, &(0x7f00000002c0)=[{&(0x7f00000001c0)="a8bfd99d093e8430cdc712d47efc5a79cc65597ea8a141106630d9db7e236e500069e88a28ae69aae0462aff26544e4bc511c1a5bd9ce2150e829c7bb359fe46917b5d0739da312feb8185f08b0f400a28c17205faa222f5325b82e0789fc4aafe4e0720758e767be61b530600e04a6375f24f603fc177c0f447a7d086d7a35bfbcacc652325252d2e81f1b68dca2763b47ce5f5475ee9afbc2778b77fe90af9b3dfb27fb6e7205047f180048ce7c272baeb349f03399333f29da88d0941a8932823b427cf1bdf0c67b9171cc586c3b5f648dbd20e5539f97984c18f599436b9ac786d621af2a74d491233f1fb7b43", 0xef, 0x20000}, {&(0x7f00000000c0)="ec84d34c7e79b00fca3871c094f8a35dddbca9676c6a6f", 0x17, 0x501d}, {&(0x7f0000000100)="ef8e7feb7037d6c25df833728e0b759d3116039e1e2c6378fe6e34465635fc36645802c259cbef30c8eb5e", 0x2b, 0x76c8}], 0x8804c2, &(0x7f0000000340)={[{@barrier}, {@filestreams}, {@dax}, {@noikeep}, {@allocsize={'allocsize', 0x3d, [0x67, 0x78, 0x70, 0x31]}}, {@gqnoenforce}, {@nobarrier}, {@attr2}, {@pqnoenforce}], [{@obj_role={'obj_role', 0x3d, '/'}}, {@measure}]}) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000040), 0x4000, &(0x7f0000000000)=ANY=[@ANYRESDEC]) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) (async) getegid() (async) syz_mount_image$fuse(&(0x7f00000003c0), &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x20e2000, &(0x7f0000000440)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x1000}, 0x2c, {'user_id', 0x3d, 0xffffffffffffffff}, 0x2c, {'group_id', 0x3d, r1}, 0x2c, {[{@allow_other}, {@blksize={'blksize', 0x3d, 0x600}}, {@max_read={'max_read', 0x3d, 0x1}}, {@max_read={'max_read', 0x3d, 0x6}}, {@blksize={'blksize', 0x3d, 0x1e00}}, {@blksize={'blksize', 0x3d, 0x400}}], [{@uid_lt}, {@uid_lt}, {@euid_eq={'euid', 0x3d, 0xffffffffffffffff}}, {@dont_measure}, {@context={'context', 0x3d, 'system_u'}}, {@hash}, {@fsuuid={'fsuuid', 0x3d, {[0x66, 0x35, 0x39, 0x64, 0x63, 0x30, 0x38, 0x38], 0x2d, [0x61, 0x65, 0x37, 0x61], 0x2d, [0x63, 0x33, 0x37, 0x66], 0x2d, [0x66, 0x61, 0x35, 0x63], 0x2d, [0x36, 0x37, 0x64, 0x38, 0x30, 0x65, 0x33, 0x31]}}}, {@subj_type={'subj_type', 0x3d, 'allocsize'}}, {@permit_directio}]}}) (async) syz_mount_image$xfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0xb3e4, 0x3, &(0x7f00000002c0)=[{&(0x7f00000001c0)="a8bfd99d093e8430cdc712d47efc5a79cc65597ea8a141106630d9db7e236e500069e88a28ae69aae0462aff26544e4bc511c1a5bd9ce2150e829c7bb359fe46917b5d0739da312feb8185f08b0f400a28c17205faa222f5325b82e0789fc4aafe4e0720758e767be61b530600e04a6375f24f603fc177c0f447a7d086d7a35bfbcacc652325252d2e81f1b68dca2763b47ce5f5475ee9afbc2778b77fe90af9b3dfb27fb6e7205047f180048ce7c272baeb349f03399333f29da88d0941a8932823b427cf1bdf0c67b9171cc586c3b5f648dbd20e5539f97984c18f599436b9ac786d621af2a74d491233f1fb7b43", 0xef, 0x20000}, {&(0x7f00000000c0)="ec84d34c7e79b00fca3871c094f8a35dddbca9676c6a6f", 0x17, 0x501d}, {&(0x7f0000000100)="ef8e7feb7037d6c25df833728e0b759d3116039e1e2c6378fe6e34465635fc36645802c259cbef30c8eb5e", 0x2b, 0x76c8}], 0x8804c2, &(0x7f0000000340)={[{@barrier}, {@filestreams}, {@dax}, {@noikeep}, {@allocsize={'allocsize', 0x3d, [0x67, 0x78, 0x70, 0x31]}}, {@gqnoenforce}, {@nobarrier}, {@attr2}, {@pqnoenforce}], [{@obj_role={'obj_role', 0x3d, '/'}}, {@measure}]}) (async) 09:32:12 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 46) 09:32:12 executing program 1: r0 = socket(0x25, 0x1, 0x0) (async) r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) accept$netrom(r1, 0x0, 0x0) (async) pipe2$9p(&(0x7f0000000100), 0x80000) (async, rerun: 64) setsockopt$netrom_NETROM_T2(r1, 0x103, 0x2, &(0x7f0000000000)=0x40, 0x4) (async, rerun: 64) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) bpf$OBJ_GET_PROG(0x7, &(0x7f00000000c0)={&(0x7f0000000080)='./file0\x00', 0x0, 0x2c}, 0x10) (async) syz_mount_image$xfs(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x8000, 0x4, &(0x7f00000003c0)=[{&(0x7f00000001c0)="520b104885cabc75add6ea443157be6d6f451f86c41b671f02ecca24b7637e1808479ffc290444147c6a4e7201cd2d436b", 0x31, 0x100000000}, {&(0x7f0000000200)="1070167c53b91c5b12f67a3b33f8746e47cd47cf987d4d9bc3400d795782338026e9818ca5504c06a8421e11a8ef5720a1130d2e8c9f8dfb058d77f82e1cc5ecec4c52b96f0590d9e0e206", 0x4b, 0xfffffffffffff91f}, {&(0x7f0000000280)="b1abf7b867032bcb33f62b8c666c6d27382b8401fdaa2974f5706b024397a9851301ea2b749dc3eaa4882d6e55cced5d49f76ed6699b18505fea5bde6d8bf8e20c93f54dc1a693fdbb378090284ecfd8bc62470c4b38de", 0x57, 0x80000000000}, {&(0x7f0000000300)="ee878dccf95fad3632286de8ff48e6bdb5aad84abaebb89f865c98493468837a31d40ac4984515ce9cfc3f8c1e645e77c022a155fdff21ab4fa91ef447c5cecbd418eb439cf8e07fd32782e3138ac08231a398d8e74476bceba8a6dc4a836ef3cc3cd055b2f48909d2fe1db51540cc8f774e3e976529a50ad5559b52abd1ae7d80faea1419f22b6c32f0d8911afc2268000f2bbf", 0x94, 0x5}], 0x4000, &(0x7f0000000440)={[{@nodiscard}], [{@permit_directio}]}) [ 1204.156883] hfsplus: creator requires a 4 character value [ 1204.164210] hfsplus: unable to parse mount options [ 1204.171851] FAULT_INJECTION: forcing a failure. [ 1204.171851] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1204.183663] CPU: 0 PID: 30588 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1204.191544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1204.193813] FAULT_INJECTION: forcing a failure. [ 1204.193813] name failslab, interval 1, probability 0, space 0, times 0 [ 1204.200891] Call Trace: [ 1204.200910] dump_stack+0x1b2/0x281 [ 1204.200923] should_fail.cold+0x10a/0x149 [ 1204.200936] __alloc_pages_nodemask+0x22c/0x2720 [ 1204.200955] ? __lock_acquire+0x5fc/0x3f20 [ 1204.231396] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1204.236256] ? do_fault_around+0x35e/0x620 [ 1204.240581] ? __handle_mm_fault+0x80f/0x4620 [ 1204.245083] cache_grow_begin+0x91/0x700 [ 1204.249143] ? fs_reclaim_release+0xd0/0x110 [ 1204.253557] ? check_preemption_disabled+0x35/0x240 [ 1204.258577] cache_alloc_refill+0x273/0x350 [ 1204.262908] kmem_cache_alloc_trace+0x340/0x3d0 [ 1204.267579] ? copy_mnt_ns+0xa30/0xa30 [ 1204.271469] copy_mount_options+0x59/0x2f0 [ 1204.275706] ? copy_mnt_ns+0xa30/0xa30 [ 1204.276934] XFS (loop1): unknown mount option [permit_directio]. [ 1204.279588] SyS_mount+0x84/0x120 [ 1204.289170] ? copy_mnt_ns+0xa30/0xa30 [ 1204.293056] do_syscall_64+0x1d5/0x640 [ 1204.296948] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1204.302132] RIP: 0033:0x7f463664e61a [ 1204.305835] RSP: 002b:00007f4634fc1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1204.313632] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f463664e61a [ 1204.320896] RDX: 0000000020000140 RSI: 0000000020000180 RDI: 00007f4634fc1fe0 [ 1204.328154] RBP: 00007f4634fc2020 R08: 00007f4634fc2020 R09: 0000000020000140 [ 1204.335405] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000140 [ 1204.342657] R13: 0000000020000180 R14: 00007f4634fc1fe0 R15: 0000000020001340 [ 1204.353541] CPU: 1 PID: 30593 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1204.360360] hfsplus: creator requires a 4 character value [ 1204.361420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1204.361425] Call Trace: [ 1204.361442] dump_stack+0x1b2/0x281 [ 1204.361458] should_fail.cold+0x10a/0x149 [ 1204.361471] should_failslab+0xd6/0x130 [ 1204.361484] kmem_cache_alloc_trace+0x29a/0x3d0 [ 1204.367170] hfsplus: unable to parse mount options [ 1204.376341] ? copy_mnt_ns+0xa30/0xa30 09:32:12 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="0004000000f7ffffff00000000"]) sendmsg$SEG6_CMD_SET_TUNSRC(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x0, 0x100, 0x70bd2c, 0x25dfdbfb, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20040804}, 0x0) 09:32:12 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) socket$l2tp6(0xa, 0x2, 0x73) ioctl$SNAPSHOT_FREE(r1, 0x3305) (async) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r2) (async) r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_GET(r4, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r3, 0xb09}, 0x14}}, 0x0) r5 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/am_droprate\x00', 0x2, 0x0) sendmsg$L2TP_CMD_SESSION_CREATE(r2, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x48, r3, 0x2, 0x70bd2c, 0x25dfdbfd, {}, [@L2TP_ATTR_MRU={0x6, 0x1d, 0x8001}, @L2TP_ATTR_FD={0x8, 0x17, @udp=r5}, @L2TP_ATTR_MTU={0x6, 0x1c, 0x6}, @L2TP_ATTR_MRU={0x6, 0x1d, 0xffff}, @L2TP_ATTR_IFNAME={0x14, 0x8, 'bond_slave_1\x00'}]}, 0x48}, 0x1, 0x0, 0x0, 0x8c0}, 0x4041) (async) ioctl$SOUND_MIXER_READ_VOLUME(r2, 0x80044d15, &(0x7f0000000080)) [ 1204.376353] copy_mount_options+0x59/0x2f0 [ 1204.376363] ? copy_mnt_ns+0xa30/0xa30 [ 1204.376374] SyS_mount+0x84/0x120 [ 1204.376382] ? copy_mnt_ns+0xa30/0xa30 [ 1204.376392] do_syscall_64+0x1d5/0x640 [ 1204.376408] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1204.376415] RIP: 0033:0x7f322b2fc61a [ 1204.376419] RSP: 002b:00007f3229c6ff88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1204.376429] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f322b2fc61a [ 1204.376434] RDX: 0000000020000140 RSI: 0000000020000180 RDI: 00007f3229c6ffe0 09:32:12 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) socket$l2tp6(0xa, 0x2, 0x73) ioctl$SNAPSHOT_FREE(r1, 0x3305) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r2) r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_GET(r4, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r3, 0xb09}, 0x14}}, 0x0) r5 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/am_droprate\x00', 0x2, 0x0) sendmsg$L2TP_CMD_SESSION_CREATE(r2, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x48, r3, 0x2, 0x70bd2c, 0x25dfdbfd, {}, [@L2TP_ATTR_MRU={0x6, 0x1d, 0x8001}, @L2TP_ATTR_FD={0x8, 0x17, @udp=r5}, @L2TP_ATTR_MTU={0x6, 0x1c, 0x6}, @L2TP_ATTR_MRU={0x6, 0x1d, 0xffff}, @L2TP_ATTR_IFNAME={0x14, 0x8, 'bond_slave_1\x00'}]}, 0x48}, 0x1, 0x0, 0x0, 0x8c0}, 0x4041) ioctl$SOUND_MIXER_READ_VOLUME(r2, 0x80044d15, &(0x7f0000000080)) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) (async) socket$l2tp6(0xa, 0x2, 0x73) (async) ioctl$SNAPSHOT_FREE(r1, 0x3305) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r2) (async) syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$L2TP_CMD_SESSION_GET(r4, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r3, 0xb09}, 0x14}}, 0x0) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/am_droprate\x00', 0x2, 0x0) (async) sendmsg$L2TP_CMD_SESSION_CREATE(r2, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x48, r3, 0x2, 0x70bd2c, 0x25dfdbfd, {}, [@L2TP_ATTR_MRU={0x6, 0x1d, 0x8001}, @L2TP_ATTR_FD={0x8, 0x17, @udp=r5}, @L2TP_ATTR_MTU={0x6, 0x1c, 0x6}, @L2TP_ATTR_MRU={0x6, 0x1d, 0xffff}, @L2TP_ATTR_IFNAME={0x14, 0x8, 'bond_slave_1\x00'}]}, 0x48}, 0x1, 0x0, 0x0, 0x8c0}, 0x4041) (async) ioctl$SOUND_MIXER_READ_VOLUME(r2, 0x80044d15, &(0x7f0000000080)) (async) 09:32:12 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 48) 09:32:12 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 47) 09:32:12 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="0004000000f7ffffff00000000"]) sendmsg$SEG6_CMD_SET_TUNSRC(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x0, 0x100, 0x70bd2c, 0x25dfdbfb, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20040804}, 0x0) 09:32:12 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000040), 0x4000, &(0x7f0000000000)=ANY=[@ANYRESDEC]) (async) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) (async, rerun: 64) r1 = getegid() (rerun: 64) syz_mount_image$fuse(&(0x7f00000003c0), &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x20e2000, &(0x7f0000000440)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x1000}, 0x2c, {'user_id', 0x3d, 0xffffffffffffffff}, 0x2c, {'group_id', 0x3d, r1}, 0x2c, {[{@allow_other}, {@blksize={'blksize', 0x3d, 0x600}}, {@max_read={'max_read', 0x3d, 0x1}}, {@max_read={'max_read', 0x3d, 0x6}}, {@blksize={'blksize', 0x3d, 0x1e00}}, {@blksize={'blksize', 0x3d, 0x400}}], [{@uid_lt}, {@uid_lt}, {@euid_eq={'euid', 0x3d, 0xffffffffffffffff}}, {@dont_measure}, {@context={'context', 0x3d, 'system_u'}}, {@hash}, {@fsuuid={'fsuuid', 0x3d, {[0x66, 0x35, 0x39, 0x64, 0x63, 0x30, 0x38, 0x38], 0x2d, [0x61, 0x65, 0x37, 0x61], 0x2d, [0x63, 0x33, 0x37, 0x66], 0x2d, [0x66, 0x61, 0x35, 0x63], 0x2d, [0x36, 0x37, 0x64, 0x38, 0x30, 0x65, 0x33, 0x31]}}}, {@subj_type={'subj_type', 0x3d, 'allocsize'}}, {@permit_directio}]}}) (async) syz_mount_image$xfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0xb3e4, 0x3, &(0x7f00000002c0)=[{&(0x7f00000001c0)="a8bfd99d093e8430cdc712d47efc5a79cc65597ea8a141106630d9db7e236e500069e88a28ae69aae0462aff26544e4bc511c1a5bd9ce2150e829c7bb359fe46917b5d0739da312feb8185f08b0f400a28c17205faa222f5325b82e0789fc4aafe4e0720758e767be61b530600e04a6375f24f603fc177c0f447a7d086d7a35bfbcacc652325252d2e81f1b68dca2763b47ce5f5475ee9afbc2778b77fe90af9b3dfb27fb6e7205047f180048ce7c272baeb349f03399333f29da88d0941a8932823b427cf1bdf0c67b9171cc586c3b5f648dbd20e5539f97984c18f599436b9ac786d621af2a74d491233f1fb7b43", 0xef, 0x20000}, {&(0x7f00000000c0)="ec84d34c7e79b00fca3871c094f8a35dddbca9676c6a6f", 0x17, 0x501d}, {&(0x7f0000000100)="ef8e7feb7037d6c25df833728e0b759d3116039e1e2c6378fe6e34465635fc36645802c259cbef30c8eb5e", 0x2b, 0x76c8}], 0x8804c2, &(0x7f0000000340)={[{@barrier}, {@filestreams}, {@dax}, {@noikeep}, {@allocsize={'allocsize', 0x3d, [0x67, 0x78, 0x70, 0x31]}}, {@gqnoenforce}, {@nobarrier}, {@attr2}, {@pqnoenforce}], [{@obj_role={'obj_role', 0x3d, '/'}}, {@measure}]}) [ 1204.376439] RBP: 00007f3229c70020 R08: 00007f3229c70020 R09: 0000000020000140 [ 1204.376445] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000140 [ 1204.376450] R13: 0000000020000180 R14: 00007f3229c6ffe0 R15: 0000000020001340 [ 1204.450345] hfsplus: unable to find HFS+ superblock [ 1204.482854] print_req_error: I/O error, dev loop5, sector 0 09:32:12 executing program 1: r0 = socket(0x25, 0x1, 0x0) r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) accept$netrom(r1, 0x0, 0x0) (async) pipe2$9p(&(0x7f0000000100), 0x80000) setsockopt$netrom_NETROM_T2(r1, 0x103, 0x2, &(0x7f0000000000)=0x40, 0x4) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async, rerun: 64) bpf$OBJ_GET_PROG(0x7, &(0x7f00000000c0)={&(0x7f0000000080)='./file0\x00', 0x0, 0x2c}, 0x10) (rerun: 64) syz_mount_image$xfs(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x8000, 0x4, &(0x7f00000003c0)=[{&(0x7f00000001c0)="520b104885cabc75add6ea443157be6d6f451f86c41b671f02ecca24b7637e1808479ffc290444147c6a4e7201cd2d436b", 0x31, 0x100000000}, {&(0x7f0000000200)="1070167c53b91c5b12f67a3b33f8746e47cd47cf987d4d9bc3400d795782338026e9818ca5504c06a8421e11a8ef5720a1130d2e8c9f8dfb058d77f82e1cc5ecec4c52b96f0590d9e0e206", 0x4b, 0xfffffffffffff91f}, {&(0x7f0000000280)="b1abf7b867032bcb33f62b8c666c6d27382b8401fdaa2974f5706b024397a9851301ea2b749dc3eaa4882d6e55cced5d49f76ed6699b18505fea5bde6d8bf8e20c93f54dc1a693fdbb378090284ecfd8bc62470c4b38de", 0x57, 0x80000000000}, {&(0x7f0000000300)="ee878dccf95fad3632286de8ff48e6bdb5aad84abaebb89f865c98493468837a31d40ac4984515ce9cfc3f8c1e645e77c022a155fdff21ab4fa91ef447c5cecbd418eb439cf8e07fd32782e3138ac08231a398d8e74476bceba8a6dc4a836ef3cc3cd055b2f48909d2fe1db51540cc8f774e3e976529a50ad5559b52abd1ae7d80faea1419f22b6c32f0d8911afc2268000f2bbf", 0x94, 0x5}], 0x4000, &(0x7f0000000440)={[{@nodiscard}], [{@permit_directio}]}) 09:32:12 executing program 4: openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/lblc_expiration\x00', 0x2, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) [ 1204.573323] FAULT_INJECTION: forcing a failure. [ 1204.573323] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1204.574763] hfsplus: unable to find HFS+ superblock [ 1204.585139] CPU: 1 PID: 30657 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1204.585147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1204.585150] Call Trace: [ 1204.585171] dump_stack+0x1b2/0x281 [ 1204.585186] should_fail.cold+0x10a/0x149 [ 1204.585201] __alloc_pages_nodemask+0x22c/0x2720 09:32:12 executing program 4: openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/lblc_expiration\x00', 0x2, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) [ 1204.585209] ? __save_stack_trace+0x63/0x160 [ 1204.585222] ? is_bpf_text_address+0x91/0x150 [ 1204.585236] ? __lock_acquire+0x5fc/0x3f20 [ 1204.585248] ? cmp_ex_sort+0xb0/0xb0 [ 1204.585259] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1204.585267] ? search_extable+0x6f/0x80 [ 1204.585276] ? trim_init_extable+0x280/0x280 [ 1204.585284] ? __kernel_text_address+0x9/0x30 [ 1204.585292] ? copy_mount_options+0x194/0x2f0 [ 1204.585305] ? fixup_exception+0x93/0xd0 [ 1204.585315] ? no_context+0x9c/0x7c0 09:32:12 executing program 4: openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/lblc_expiration\x00', 0x2, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) [ 1204.585328] ? force_sig_info_fault.constprop.0+0x260/0x260 [ 1204.585337] ? bad_area_access_error+0x1f8/0x3e0 [ 1204.585349] cache_grow_begin+0x91/0x700 [ 1204.585357] ? fs_reclaim_release+0xd0/0x110 [ 1204.585366] ? check_preemption_disabled+0x35/0x240 [ 1204.585377] cache_alloc_refill+0x273/0x350 [ 1204.607824] hfsplus: unable to parse mount options [ 1204.610168] kmem_cache_alloc+0x333/0x3c0 [ 1204.637017] XFS (loop1): unknown mount option [permit_directio]. [ 1204.639421] getname_flags+0xc8/0x550 [ 1204.639434] ? __do_page_fault+0x159/0xad0 [ 1204.720698] user_path_at_empty+0x2a/0x50 [ 1204.724851] do_mount+0x118/0x2a10 [ 1204.728403] ? __do_page_fault+0x159/0xad0 [ 1204.732639] ? retint_kernel+0x2d/0x2d [ 1204.736530] ? copy_mount_string+0x40/0x40 [ 1204.740776] ? memset+0x20/0x40 [ 1204.744066] ? copy_mount_options+0x1fa/0x2f0 [ 1204.748561] ? copy_mnt_ns+0xa30/0xa30 [ 1204.753058] SyS_mount+0xa8/0x120 [ 1204.756509] ? copy_mnt_ns+0xa30/0xa30 [ 1204.760399] do_syscall_64+0x1d5/0x640 [ 1204.760560] FAULT_INJECTION: forcing a failure. 09:32:13 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) ioctl$SNAPSHOT_CREATE_IMAGE(r0, 0x40043311, &(0x7f0000000080)) [ 1204.760560] name failslab, interval 1, probability 0, space 0, times 0 [ 1204.764287] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1204.764298] RIP: 0033:0x7f463664e61a [ 1204.764310] RSP: 002b:00007f4634fc1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1204.792075] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f463664e61a [ 1204.799341] RDX: 0000000020000140 RSI: 0000000020000180 RDI: 00007f4634fc1fe0 [ 1204.806606] RBP: 00007f4634fc2020 R08: 00007f4634fc2020 R09: 0000000020000140 [ 1204.813871] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000140 [ 1204.821135] R13: 0000000020000180 R14: 00007f4634fc1fe0 R15: 0000000020001340 [ 1204.835157] CPU: 0 PID: 30658 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1204.843065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1204.845788] hfsplus: creator requires a 4 character value [ 1204.852410] Call Trace: [ 1204.852427] dump_stack+0x1b2/0x281 [ 1204.852441] should_fail.cold+0x10a/0x149 [ 1204.852455] should_failslab+0xd6/0x130 [ 1204.852468] __kmalloc_track_caller+0x2bc/0x400 [ 1204.852478] ? strndup_user+0x5b/0xf0 [ 1204.852489] memdup_user+0x22/0xa0 [ 1204.852500] strndup_user+0x5b/0xf0 [ 1204.858174] hfsplus: unable to parse mount options [ 1204.860599] ? copy_mnt_ns+0xa30/0xa30 [ 1204.860610] SyS_mount+0x39/0x120 [ 1204.860619] ? copy_mnt_ns+0xa30/0xa30 [ 1204.860631] do_syscall_64+0x1d5/0x640 [ 1204.860647] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1204.860657] RIP: 0033:0x7f322b2fc61a [ 1204.916696] RSP: 002b:00007f3229c6ff88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 09:32:13 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) ioctl$SNAPSHOT_CREATE_IMAGE(r0, 0x40043311, &(0x7f0000000080)) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) ioctl$SNAPSHOT_CREATE_IMAGE(r0, 0x40043311, &(0x7f0000000080)) (async) 09:32:13 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 49) 09:32:13 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="0004000000f7ffffff00000000"]) sendmsg$SEG6_CMD_SET_TUNSRC(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x0, 0x100, 0x70bd2c, 0x25dfdbfb, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20040804}, 0x0) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="0004000000f7ffffff00000000"]) (async) sendmsg$SEG6_CMD_SET_TUNSRC(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x0, 0x100, 0x70bd2c, 0x25dfdbfb, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20040804}, 0x0) (async) 09:32:13 executing program 1: syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) [ 1204.924476] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f322b2fc61a [ 1204.931744] RDX: 0000000020000140 RSI: 0000000020000180 RDI: 00007f3229c6ffe0 [ 1204.939003] RBP: 00007f3229c70020 R08: 00007f3229c70020 R09: 0000000020000140 [ 1204.946261] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000140 [ 1204.953509] R13: 0000000020000180 R14: 00007f3229c6ffe0 R15: 0000000020001340 09:32:13 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 48) [ 1205.035633] FAULT_INJECTION: forcing a failure. [ 1205.035633] name failslab, interval 1, probability 0, space 0, times 0 [ 1205.043098] FAULT_INJECTION: forcing a failure. [ 1205.043098] name failslab, interval 1, probability 0, space 0, times 0 [ 1205.053946] CPU: 1 PID: 30701 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1205.063264] hfsplus: unable to find HFS+ superblock [ 1205.065954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1205.065960] Call Trace: [ 1205.065975] dump_stack+0x1b2/0x281 [ 1205.065989] should_fail.cold+0x10a/0x149 [ 1205.066002] should_failslab+0xd6/0x130 [ 1205.066013] kmem_cache_alloc+0x28e/0x3c0 [ 1205.066024] alloc_vfsmnt+0x23/0x7f0 [ 1205.066036] ? _raw_read_unlock+0x29/0x40 [ 1205.106571] vfs_kern_mount.part.0+0x27/0x470 [ 1205.111067] do_mount+0xe65/0x2a10 [ 1205.114605] ? __do_page_fault+0x159/0xad0 [ 1205.118836] ? retint_kernel+0x2d/0x2d [ 1205.122729] ? copy_mount_string+0x40/0x40 [ 1205.126967] ? memset+0x20/0x40 [ 1205.130246] ? copy_mount_options+0x1fa/0x2f0 [ 1205.134743] ? copy_mnt_ns+0xa30/0xa30 [ 1205.138627] SyS_mount+0xa8/0x120 [ 1205.142075] ? copy_mnt_ns+0xa30/0xa30 [ 1205.145963] do_syscall_64+0x1d5/0x640 [ 1205.149857] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1205.155061] RIP: 0033:0x7f463664e61a [ 1205.158766] RSP: 002b:00007f4634fc1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1205.166472] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f463664e61a [ 1205.173737] RDX: 0000000020000140 RSI: 0000000020000180 RDI: 00007f4634fc1fe0 09:32:13 executing program 1: syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) (async) [ 1205.181004] RBP: 00007f4634fc2020 R08: 00007f4634fc2020 R09: 0000000020000140 [ 1205.188269] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000140 [ 1205.195525] R13: 0000000020000180 R14: 00007f4634fc1fe0 R15: 0000000020001340 [ 1205.202791] CPU: 0 PID: 30705 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1205.210674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1205.220025] Call Trace: [ 1205.222612] dump_stack+0x1b2/0x281 [ 1205.226243] should_fail.cold+0x10a/0x149 [ 1205.230386] should_failslab+0xd6/0x130 [ 1205.234453] kmem_cache_alloc+0x28e/0x3c0 [ 1205.238617] alloc_vfsmnt+0x23/0x7f0 [ 1205.242328] ? _raw_read_unlock+0x29/0x40 [ 1205.246477] vfs_kern_mount.part.0+0x27/0x470 [ 1205.250977] do_mount+0xe65/0x2a10 [ 1205.254523] ? __do_page_fault+0x159/0xad0 [ 1205.258755] ? retint_kernel+0x2d/0x2d [ 1205.262640] ? copy_mount_string+0x40/0x40 [ 1205.266884] ? memset+0x20/0x40 [ 1205.270161] ? copy_mount_options+0x1fa/0x2f0 [ 1205.274647] ? copy_mnt_ns+0xa30/0xa30 [ 1205.278513] SyS_mount+0xa8/0x120 [ 1205.281942] ? copy_mnt_ns+0xa30/0xa30 [ 1205.285816] do_syscall_64+0x1d5/0x640 [ 1205.289695] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1205.294862] RIP: 0033:0x7f322b2fc61a [ 1205.298550] RSP: 002b:00007f3229c6ff88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1205.306250] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f322b2fc61a [ 1205.313509] RDX: 0000000020000140 RSI: 0000000020000180 RDI: 00007f3229c6ffe0 [ 1205.320763] RBP: 00007f3229c70020 R08: 00007f3229c70020 R09: 0000000020000140 [ 1205.328013] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000140 09:32:13 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) ioctl$SNAPSHOT_CREATE_IMAGE(r0, 0x40043311, &(0x7f0000000080)) 09:32:13 executing program 1: syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) 09:32:13 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 50) [ 1205.335358] R13: 0000000020000180 R14: 00007f3229c6ffe0 R15: 0000000020001340 [ 1205.346590] print_req_error: I/O error, dev loop5, sector 0 09:32:13 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) getresuid(&(0x7f0000000440)=0x0, &(0x7f0000000480), &(0x7f00000004c0)) getresuid(&(0x7f0000000840), &(0x7f0000000880), &(0x7f00000008c0)=0x0) r2 = geteuid() syz_mount_image$hfsplus(&(0x7f0000000640), &(0x7f0000000680)='./file0\x00', 0x6, 0x2, &(0x7f0000000800)=[{&(0x7f00000006c0), 0x0, 0x2}, {&(0x7f0000000700)="1019f104e77993e60ee4dc1350d0a2c3809cd0622938531ad2d4dc772eeda007a0bb8823ed55f725d4a89cfe3e612aef7f9d474ecbd2fd61703a0119a19e2cbb75f4728b580967be69f7750aadf9008bd2dd9dcd7ba3f6d1699f4a4c75a8047d0a2ac35bb0dc631dbf0422054319681927a765659242f268a39e718b23a31043966a24b41f4a8da8a4802b84ac5efbf5d9bc2b2b0f52ed702caf1ec2da4443d741bf0dcd3064c82475e7370052dd2ecbd38325bec4be80a7edc25c50c2f404dba631deafd676930789239a36078d0cc7fa077c99d96a78b9f78c08a23c4a23e579f7b351aed7660b654f4996", 0xec, 0xd0}], 0x800000, &(0x7f0000000900)={[{@force}, {@part={'part', 0x3d, 0x6}}, {@part={'part', 0x3d, 0x401}}, {@creator={'creator', 0x3d, "f28ead65"}}, {@gid}, {@type={'type', 0x3d, "2fbf18ed"}}, {@nobarrier}, {@uid={'uid', 0x3d, r0}}, {@umask={'umask', 0x3d, 0xffffffffffffffff}}], [{@uid_lt={'uid<', r1}}, {@defcontext={'defcontext', 0x3d, 'system_u'}}, {@obj_type={'obj_type', 0x3d, '\xe8:'}}, {@fowner_gt={'fowner>', r2}}]}) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x200002, 0x0) openat$cgroup_int(r3, &(0x7f0000000040)='blkio.reset_stats\x00', 0x2, 0x0) 09:32:13 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 49) [ 1205.406048] hfsplus: unable to find HFS+ superblock 09:32:13 executing program 2: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/expire_nodest_conn\x00', 0x2, 0x0) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$L2TP_CMD_SESSION_MODIFY(r0, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1008400}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="54020000", @ANYRES16=r1, @ANYBLOB="00032abd7000fedbdf25070000000c000f000400000000000000050007000200000008000c000200000014002000fe800000000000000000000000000044050005000000000008001900e0000001"], 0x54}, 0x1, 0x0, 0x0, 0x480c0}, 0x26048800) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) 09:32:13 executing program 1: r0 = socket(0x25, 0xa, 0x8001) sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, 0x0, 0x100, 0x70bd2b, 0x25dfdbfb, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3ff}, @NBD_ATTR_BACKEND_IDENTIFIER={0x9, 0xa, 'SEG6\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x4000000) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) [ 1205.434460] FAULT_INJECTION: forcing a failure. [ 1205.434460] name failslab, interval 1, probability 0, space 0, times 0 [ 1205.447956] hfsplus: creator requires a 4 character value [ 1205.453506] hfsplus: unable to parse mount options [ 1205.502265] CPU: 1 PID: 30738 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1205.510177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1205.514319] FAULT_INJECTION: forcing a failure. [ 1205.514319] name failslab, interval 1, probability 0, space 0, times 0 [ 1205.519524] Call Trace: [ 1205.519543] dump_stack+0x1b2/0x281 [ 1205.519558] should_fail.cold+0x10a/0x149 [ 1205.519570] should_failslab+0xd6/0x130 [ 1205.519581] __kmalloc_track_caller+0x2bc/0x400 [ 1205.519590] ? kstrdup_const+0x35/0x60 [ 1205.519599] ? lock_downgrade+0x740/0x740 [ 1205.519608] kstrdup+0x36/0x70 [ 1205.519616] kstrdup_const+0x35/0x60 [ 1205.519624] alloc_vfsmnt+0xe0/0x7f0 [ 1205.519633] ? _raw_read_unlock+0x29/0x40 [ 1205.519650] vfs_kern_mount.part.0+0x27/0x470 [ 1205.576846] do_mount+0xe65/0x2a10 [ 1205.580373] ? __do_page_fault+0x159/0xad0 [ 1205.584591] ? retint_kernel+0x2d/0x2d [ 1205.588460] ? copy_mount_string+0x40/0x40 [ 1205.592684] ? memset+0x20/0x40 [ 1205.595953] ? copy_mount_options+0x1fa/0x2f0 [ 1205.600434] ? copy_mnt_ns+0xa30/0xa30 [ 1205.604303] SyS_mount+0xa8/0x120 [ 1205.607746] ? copy_mnt_ns+0xa30/0xa30 [ 1205.611633] do_syscall_64+0x1d5/0x640 [ 1205.615516] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1205.620691] RIP: 0033:0x7f463664e61a [ 1205.624383] RSP: 002b:00007f4634fc1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1205.632074] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f463664e61a [ 1205.639325] RDX: 0000000020000140 RSI: 0000000020000180 RDI: 00007f4634fc1fe0 09:32:13 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000340)='blkio.bfq.io_serviced_recursive\x00', 0x0, 0x0) ioctl$SNAPSHOT_FREE_SWAP_PAGES(r0, 0x3309) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x2c8500, 0x0) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x2b4440, 0x0) write$P9_RRENAMEAT(0xffffffffffffffff, &(0x7f0000000240)={0x7, 0x4b, 0x1}, 0x7) ioctl$SNAPSHOT_FREE_SWAP_PAGES(r2, 0x3309) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000000)={0x0, 0x5}) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='blkio.bfq.io_service_bytes_recursive\x00', 0x0, 0x0) write$P9_RFSYNC(r3, &(0x7f0000000300)={0x7, 0x33, 0x2}, 0x7) r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r4) ioctl$SNAPSHOT_CREATE_IMAGE(r4, 0x40043311, &(0x7f00000003c0)) r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000100), 0xffffffffffffffff) ioctl$SOUND_MIXER_READ_DEVMASK(r1, 0x80044dfe, &(0x7f0000000380)) sendmsg$L2TP_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="44acc01f04b5208fd108ee0064", @ANYRES16=r5, @ANYBLOB="10005d401cf5e4b4dff30000000006001d00050000000800110000000000050007000300000006000100050000000500120001000000080018007f0000010600020000000000"], 0x4c}, 0x1, 0x0, 0x0, 0x20000000}, 0x14) r6 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r6) ioctl$SOUND_OLD_MIXER_INFO(r6, 0x80304d65, &(0x7f0000000280)) 09:32:13 executing program 1: r0 = socket(0x25, 0xa, 0x8001) sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, 0x0, 0x100, 0x70bd2b, 0x25dfdbfb, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3ff}, @NBD_ATTR_BACKEND_IDENTIFIER={0x9, 0xa, 'SEG6\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x4000000) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) socket(0x25, 0xa, 0x8001) (async) sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, 0x0, 0x100, 0x70bd2b, 0x25dfdbfb, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3ff}, @NBD_ATTR_BACKEND_IDENTIFIER={0x9, 0xa, 'SEG6\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x4000000) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) [ 1205.646574] RBP: 00007f4634fc2020 R08: 00007f4634fc2020 R09: 0000000020000140 [ 1205.653822] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000140 [ 1205.661080] R13: 0000000020000180 R14: 00007f4634fc1fe0 R15: 0000000020001340 [ 1205.668348] CPU: 0 PID: 30743 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1205.676231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1205.685586] Call Trace: [ 1205.688177] dump_stack+0x1b2/0x281 [ 1205.691806] should_fail.cold+0x10a/0x149 [ 1205.695946] should_failslab+0xd6/0x130 [ 1205.699901] kmem_cache_alloc+0x28e/0x3c0 [ 1205.704029] alloc_vfsmnt+0x23/0x7f0 [ 1205.707723] ? _raw_read_unlock+0x29/0x40 [ 1205.711848] vfs_kern_mount.part.0+0x27/0x470 [ 1205.716319] do_mount+0xe65/0x2a10 [ 1205.719839] ? __do_page_fault+0x159/0xad0 [ 1205.724051] ? retint_kernel+0x2d/0x2d [ 1205.727927] ? copy_mount_string+0x40/0x40 [ 1205.732142] ? memset+0x20/0x40 [ 1205.735401] ? copy_mount_options+0x1fa/0x2f0 [ 1205.739878] ? copy_mnt_ns+0xa30/0xa30 [ 1205.743749] SyS_mount+0xa8/0x120 [ 1205.747182] ? copy_mnt_ns+0xa30/0xa30 [ 1205.751055] do_syscall_64+0x1d5/0x640 [ 1205.754926] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1205.760099] RIP: 0033:0x7f322b2fc61a [ 1205.763793] RSP: 002b:00007f3229c6ff88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1205.771479] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f322b2fc61a [ 1205.778730] RDX: 0000000020000140 RSI: 0000000020000180 RDI: 00007f3229c6ffe0 [ 1205.785980] RBP: 00007f3229c70020 R08: 00007f3229c70020 R09: 0000000020000140 [ 1205.793228] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000140 09:32:14 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000340)='blkio.bfq.io_serviced_recursive\x00', 0x0, 0x0) ioctl$SNAPSHOT_FREE_SWAP_PAGES(r0, 0x3309) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x2c8500, 0x0) (async, rerun: 32) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x2b4440, 0x0) (rerun: 32) write$P9_RRENAMEAT(0xffffffffffffffff, &(0x7f0000000240)={0x7, 0x4b, 0x1}, 0x7) (async, rerun: 32) ioctl$SNAPSHOT_FREE_SWAP_PAGES(r2, 0x3309) (async, rerun: 32) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000000)={0x0, 0x5}) (async) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='blkio.bfq.io_service_bytes_recursive\x00', 0x0, 0x0) write$P9_RFSYNC(r3, &(0x7f0000000300)={0x7, 0x33, 0x2}, 0x7) (async) r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r4) (async) ioctl$SNAPSHOT_CREATE_IMAGE(r4, 0x40043311, &(0x7f00000003c0)) (async) r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000100), 0xffffffffffffffff) ioctl$SOUND_MIXER_READ_DEVMASK(r1, 0x80044dfe, &(0x7f0000000380)) (async, rerun: 64) sendmsg$L2TP_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="44acc01f04b5208fd108ee0064", @ANYRES16=r5, @ANYBLOB="10005d401cf5e4b4dff30000000006001d00050000000800110000000000050007000300000006000100050000000500120001000000080018007f0000010600020000000000"], 0x4c}, 0x1, 0x0, 0x0, 0x20000000}, 0x14) (async, rerun: 64) r6 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r6) (async, rerun: 32) ioctl$SOUND_OLD_MIXER_INFO(r6, 0x80304d65, &(0x7f0000000280)) (rerun: 32) 09:32:14 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 51) 09:32:14 executing program 1: r0 = socket(0x25, 0xa, 0x8001) sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, 0x0, 0x100, 0x70bd2b, 0x25dfdbfb, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3ff}, @NBD_ATTR_BACKEND_IDENTIFIER={0x9, 0xa, 'SEG6\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x4000000) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) 09:32:14 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 50) [ 1205.800479] R13: 0000000020000180 R14: 00007f3229c6ffe0 R15: 0000000020001340 [ 1205.816009] hfsplus: creator requires a 4 character value [ 1205.821580] hfsplus: unable to parse mount options [ 1205.837350] hfsplus: unable to parse mount options 09:32:14 executing program 2: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/expire_nodest_conn\x00', 0x2, 0x0) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$L2TP_CMD_SESSION_MODIFY(r0, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1008400}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="54020000", @ANYRES16=r1, @ANYBLOB="00032abd7000fedbdf25070000000c000f000400000000000000050007000200000008000c000200000014002000fe800000000000000000000000000044050005000000000008001900e0000001"], 0x54}, 0x1, 0x0, 0x0, 0x480c0}, 0x26048800) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) 09:32:14 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (async) getresuid(&(0x7f0000000440)=0x0, &(0x7f0000000480), &(0x7f00000004c0)) getresuid(&(0x7f0000000840), &(0x7f0000000880), &(0x7f00000008c0)=0x0) (async) r2 = geteuid() syz_mount_image$hfsplus(&(0x7f0000000640), &(0x7f0000000680)='./file0\x00', 0x6, 0x2, &(0x7f0000000800)=[{&(0x7f00000006c0), 0x0, 0x2}, {&(0x7f0000000700)="1019f104e77993e60ee4dc1350d0a2c3809cd0622938531ad2d4dc772eeda007a0bb8823ed55f725d4a89cfe3e612aef7f9d474ecbd2fd61703a0119a19e2cbb75f4728b580967be69f7750aadf9008bd2dd9dcd7ba3f6d1699f4a4c75a8047d0a2ac35bb0dc631dbf0422054319681927a765659242f268a39e718b23a31043966a24b41f4a8da8a4802b84ac5efbf5d9bc2b2b0f52ed702caf1ec2da4443d741bf0dcd3064c82475e7370052dd2ecbd38325bec4be80a7edc25c50c2f404dba631deafd676930789239a36078d0cc7fa077c99d96a78b9f78c08a23c4a23e579f7b351aed7660b654f4996", 0xec, 0xd0}], 0x800000, &(0x7f0000000900)={[{@force}, {@part={'part', 0x3d, 0x6}}, {@part={'part', 0x3d, 0x401}}, {@creator={'creator', 0x3d, "f28ead65"}}, {@gid}, {@type={'type', 0x3d, "2fbf18ed"}}, {@nobarrier}, {@uid={'uid', 0x3d, r0}}, {@umask={'umask', 0x3d, 0xffffffffffffffff}}], [{@uid_lt={'uid<', r1}}, {@defcontext={'defcontext', 0x3d, 'system_u'}}, {@obj_type={'obj_type', 0x3d, '\xe8:'}}, {@fowner_gt={'fowner>', r2}}]}) (async) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x200002, 0x0) openat$cgroup_int(r3, &(0x7f0000000040)='blkio.reset_stats\x00', 0x2, 0x0) [ 1205.914932] FAULT_INJECTION: forcing a failure. [ 1205.914932] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1205.924447] FAULT_INJECTION: forcing a failure. [ 1205.924447] name failslab, interval 1, probability 0, space 0, times 0 [ 1205.933770] CPU: 1 PID: 30784 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1205.945855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1205.955204] Call Trace: [ 1205.957790] dump_stack+0x1b2/0x281 [ 1205.961422] should_fail.cold+0x10a/0x149 [ 1205.965574] __alloc_pages_nodemask+0x22c/0x2720 [ 1205.970337] ? trace_hardirqs_on+0x10/0x10 [ 1205.974573] ? pcpu_alloc+0xbe0/0xf50 [ 1205.978376] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1205.983228] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 1205.988680] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 1205.993702] alloc_pages_current+0x155/0x260 [ 1205.998108] ? __lockdep_init_map+0x100/0x560 [ 1206.002602] get_zeroed_page+0x19/0x50 [ 1206.006484] mount_fs+0x1c7/0x2a0 [ 1206.009938] vfs_kern_mount.part.0+0x5b/0x470 [ 1206.014432] do_mount+0xe65/0x2a10 [ 1206.017970] ? __do_page_fault+0x159/0xad0 [ 1206.022201] ? retint_kernel+0x2d/0x2d [ 1206.026085] ? copy_mount_string+0x40/0x40 [ 1206.030320] ? memset+0x20/0x40 [ 1206.033604] ? copy_mount_options+0x1fa/0x2f0 [ 1206.038095] ? copy_mnt_ns+0xa30/0xa30 [ 1206.041983] SyS_mount+0xa8/0x120 [ 1206.045431] ? copy_mnt_ns+0xa30/0xa30 [ 1206.049338] do_syscall_64+0x1d5/0x640 [ 1206.053225] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1206.058406] RIP: 0033:0x7f463664e61a [ 1206.062107] RSP: 002b:00007f4634fc1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1206.069813] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f463664e61a [ 1206.077078] RDX: 0000000020000140 RSI: 0000000020000180 RDI: 00007f4634fc1fe0 [ 1206.084342] RBP: 00007f4634fc2020 R08: 00007f4634fc2020 R09: 0000000020000140 [ 1206.091605] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000140 [ 1206.098872] R13: 0000000020000180 R14: 00007f4634fc1fe0 R15: 0000000020001340 [ 1206.105210] hfsplus: unable to parse mount options 09:32:14 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000340)='blkio.bfq.io_serviced_recursive\x00', 0x0, 0x0) ioctl$SNAPSHOT_FREE_SWAP_PAGES(r0, 0x3309) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x2c8500, 0x0) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x2b4440, 0x0) write$P9_RRENAMEAT(0xffffffffffffffff, &(0x7f0000000240)={0x7, 0x4b, 0x1}, 0x7) ioctl$SNAPSHOT_FREE_SWAP_PAGES(r2, 0x3309) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000000)={0x0, 0x5}) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='blkio.bfq.io_service_bytes_recursive\x00', 0x0, 0x0) write$P9_RFSYNC(r3, &(0x7f0000000300)={0x7, 0x33, 0x2}, 0x7) r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r4) ioctl$SNAPSHOT_CREATE_IMAGE(r4, 0x40043311, &(0x7f00000003c0)) r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000100), 0xffffffffffffffff) ioctl$SOUND_MIXER_READ_DEVMASK(r1, 0x80044dfe, &(0x7f0000000380)) sendmsg$L2TP_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="44acc01f04b5208fd108ee0064", @ANYRES16=r5, @ANYBLOB="10005d401cf5e4b4dff30000000006001d00050000000800110000000000050007000300000006000100050000000500120001000000080018007f0000010600020000000000"], 0x4c}, 0x1, 0x0, 0x0, 0x20000000}, 0x14) r6 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r6) ioctl$SOUND_OLD_MIXER_INFO(r6, 0x80304d65, &(0x7f0000000280)) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000340)='blkio.bfq.io_serviced_recursive\x00', 0x0, 0x0) (async) ioctl$SNAPSHOT_FREE_SWAP_PAGES(r0, 0x3309) (async) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x2c8500, 0x0) (async) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x2b4440, 0x0) (async) write$P9_RRENAMEAT(0xffffffffffffffff, &(0x7f0000000240)={0x7, 0x4b, 0x1}, 0x7) (async) ioctl$SNAPSHOT_FREE_SWAP_PAGES(r2, 0x3309) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000000)={0x0, 0x5}) (async) openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='blkio.bfq.io_service_bytes_recursive\x00', 0x0, 0x0) (async) write$P9_RFSYNC(r3, &(0x7f0000000300)={0x7, 0x33, 0x2}, 0x7) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r4) (async) ioctl$SNAPSHOT_CREATE_IMAGE(r4, 0x40043311, &(0x7f00000003c0)) (async) syz_genetlink_get_family_id$l2tp(&(0x7f0000000100), 0xffffffffffffffff) (async) ioctl$SOUND_MIXER_READ_DEVMASK(r1, 0x80044dfe, &(0x7f0000000380)) (async) sendmsg$L2TP_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="44acc01f04b5208fd108ee0064", @ANYRES16=r5, @ANYBLOB="10005d401cf5e4b4dff30000000006001d00050000000800110000000000050007000300000006000100050000000500120001000000080018007f0000010600020000000000"], 0x4c}, 0x1, 0x0, 0x0, 0x20000000}, 0x14) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r6) (async) ioctl$SOUND_OLD_MIXER_INFO(r6, 0x80304d65, &(0x7f0000000280)) (async) [ 1206.111432] hfsplus: creator requires a 4 character value [ 1206.117195] CPU: 0 PID: 30781 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1206.122686] hfsplus: unable to parse mount options [ 1206.125071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1206.125076] Call Trace: [ 1206.125092] dump_stack+0x1b2/0x281 [ 1206.125108] should_fail.cold+0x10a/0x149 [ 1206.125122] should_failslab+0xd6/0x130 [ 1206.125134] kmem_cache_alloc+0x28e/0x3c0 [ 1206.125147] getname_kernel+0x4e/0x340 [ 1206.161650] kern_path+0x1b/0x40 09:32:14 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) setsockopt$netrom_NETROM_T2(r0, 0x103, 0x2, &(0x7f0000000000)=0xffffffff, 0x4) [ 1206.165022] lookup_bdev+0xc6/0x1c0 [ 1206.168648] ? bd_acquire+0x440/0x440 [ 1206.172441] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 1206.177886] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 1206.182898] blkdev_get_by_path+0x1b/0xa0 [ 1206.187045] mount_bdev+0x4c/0x360 [ 1206.190588] ? hfsplus_iget+0x700/0x700 [ 1206.194558] mount_fs+0x92/0x2a0 [ 1206.197924] vfs_kern_mount.part.0+0x5b/0x470 [ 1206.202416] do_mount+0xe65/0x2a10 [ 1206.205953] ? __do_page_fault+0x159/0xad0 [ 1206.210179] ? retint_kernel+0x2d/0x2d [ 1206.214063] ? copy_mount_string+0x40/0x40 [ 1206.214077] ? memset+0x20/0x40 [ 1206.214088] ? copy_mount_options+0x1fa/0x2f0 [ 1206.214098] ? copy_mnt_ns+0xa30/0xa30 [ 1206.214109] SyS_mount+0xa8/0x120 [ 1206.214118] ? copy_mnt_ns+0xa30/0xa30 [ 1206.214128] do_syscall_64+0x1d5/0x640 [ 1206.214142] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1206.246277] RIP: 0033:0x7f322b2fc61a [ 1206.249971] RSP: 002b:00007f3229c6ff88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1206.257659] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f322b2fc61a 09:32:14 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) setsockopt$netrom_NETROM_T2(r0, 0x103, 0x2, &(0x7f0000000000)=0xffffffff, 0x4) socket(0x25, 0x1, 0x0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) setsockopt$netrom_NETROM_T2(r0, 0x103, 0x2, &(0x7f0000000000)=0xffffffff, 0x4) (async) [ 1206.264911] RDX: 0000000020000140 RSI: 0000000020000180 RDI: 00007f3229c6ffe0 [ 1206.272156] RBP: 00007f3229c70020 R08: 00007f3229c70020 R09: 0000000020000140 [ 1206.279406] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000140 [ 1206.286652] R13: 0000000020000180 R14: 00007f3229c6ffe0 R15: 0000000020001340 09:32:14 executing program 2: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/expire_nodest_conn\x00', 0x2, 0x0) (async) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$L2TP_CMD_SESSION_MODIFY(r0, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1008400}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="54020000", @ANYRES16=r1, @ANYBLOB="00032abd7000fedbdf25070000000c000f000400000000000000050007000200000008000c000200000014002000fe800000000000000000000000000044050005000000000008001900e0000001"], 0x54}, 0x1, 0x0, 0x0, 0x480c0}, 0x26048800) (async) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) 09:32:14 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 51) 09:32:14 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 52) [ 1206.313804] hfsplus: creator requires a 4 character value [ 1206.335068] hfsplus: unable to parse mount options [ 1206.357361] FAULT_INJECTION: forcing a failure. [ 1206.357361] name failslab, interval 1, probability 0, space 0, times 0 [ 1206.371067] CPU: 0 PID: 30841 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1206.379041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1206.388388] Call Trace: [ 1206.390975] dump_stack+0x1b2/0x281 [ 1206.394610] should_fail.cold+0x10a/0x149 [ 1206.398760] should_failslab+0xd6/0x130 [ 1206.402733] __kmalloc+0x2c1/0x400 [ 1206.406271] ? __list_lru_init+0x67/0x710 [ 1206.410420] __list_lru_init+0x67/0x710 [ 1206.414395] sget_userns+0x4e4/0xc10 [ 1206.418099] ? set_bdev_super+0x110/0x110 [ 1206.422242] ? ns_test_super+0x50/0x50 [ 1206.426129] ? set_bdev_super+0x110/0x110 [ 1206.430272] ? ns_test_super+0x50/0x50 [ 1206.434156] sget+0xd1/0x110 [ 1206.437174] mount_bdev+0xcd/0x360 [ 1206.440708] ? hfsplus_iget+0x700/0x700 [ 1206.444678] mount_fs+0x92/0x2a0 [ 1206.448035] vfs_kern_mount.part.0+0x5b/0x470 [ 1206.451404] hfsplus: creator requires a 4 character value [ 1206.453473] do_mount+0xe65/0x2a10 [ 1206.462531] ? __do_page_fault+0x159/0xad0 [ 1206.466759] ? retint_kernel+0x2d/0x2d [ 1206.470641] ? copy_mount_string+0x40/0x40 [ 1206.474874] ? memset+0x20/0x40 [ 1206.476175] hfsplus: unable to parse mount options [ 1206.478143] ? copy_mount_options+0x1fa/0x2f0 [ 1206.478152] ? copy_mnt_ns+0xa30/0xa30 [ 1206.478164] SyS_mount+0xa8/0x120 [ 1206.478172] ? copy_mnt_ns+0xa30/0xa30 [ 1206.478183] do_syscall_64+0x1d5/0x640 [ 1206.502608] entry_SYSCALL_64_after_hwframe+0x46/0xbb 09:32:14 executing program 4: ioctl$SNAPSHOT_SET_SWAP_AREA(0xffffffffffffffff, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) [ 1206.507790] RIP: 0033:0x7f322b2fc61a [ 1206.511495] RSP: 002b:00007f3229c6ff88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1206.519197] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f322b2fc61a [ 1206.520239] FAULT_INJECTION: forcing a failure. [ 1206.520239] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1206.526465] RDX: 0000000020000140 RSI: 0000000020000180 RDI: 00007f3229c6ffe0 [ 1206.545492] RBP: 00007f3229c70020 R08: 00007f3229c70020 R09: 0000000020000140 [ 1206.552746] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000140 [ 1206.559995] R13: 0000000020000180 R14: 00007f3229c6ffe0 R15: 0000000020001340 [ 1206.567263] CPU: 1 PID: 30842 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1206.575137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1206.584491] Call Trace: [ 1206.587075] dump_stack+0x1b2/0x281 [ 1206.590697] should_fail.cold+0x10a/0x149 [ 1206.594845] __alloc_pages_nodemask+0x22c/0x2720 [ 1206.599598] ? __save_stack_trace+0x63/0x160 [ 1206.604008] ? is_bpf_text_address+0x91/0x150 09:32:14 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (async) getresuid(&(0x7f0000000440)=0x0, &(0x7f0000000480), &(0x7f00000004c0)) getresuid(&(0x7f0000000840), &(0x7f0000000880), &(0x7f00000008c0)=0x0) r2 = geteuid() syz_mount_image$hfsplus(&(0x7f0000000640), &(0x7f0000000680)='./file0\x00', 0x6, 0x2, &(0x7f0000000800)=[{&(0x7f00000006c0), 0x0, 0x2}, {&(0x7f0000000700)="1019f104e77993e60ee4dc1350d0a2c3809cd0622938531ad2d4dc772eeda007a0bb8823ed55f725d4a89cfe3e612aef7f9d474ecbd2fd61703a0119a19e2cbb75f4728b580967be69f7750aadf9008bd2dd9dcd7ba3f6d1699f4a4c75a8047d0a2ac35bb0dc631dbf0422054319681927a765659242f268a39e718b23a31043966a24b41f4a8da8a4802b84ac5efbf5d9bc2b2b0f52ed702caf1ec2da4443d741bf0dcd3064c82475e7370052dd2ecbd38325bec4be80a7edc25c50c2f404dba631deafd676930789239a36078d0cc7fa077c99d96a78b9f78c08a23c4a23e579f7b351aed7660b654f4996", 0xec, 0xd0}], 0x800000, &(0x7f0000000900)={[{@force}, {@part={'part', 0x3d, 0x6}}, {@part={'part', 0x3d, 0x401}}, {@creator={'creator', 0x3d, "f28ead65"}}, {@gid}, {@type={'type', 0x3d, "2fbf18ed"}}, {@nobarrier}, {@uid={'uid', 0x3d, r0}}, {@umask={'umask', 0x3d, 0xffffffffffffffff}}], [{@uid_lt={'uid<', r1}}, {@defcontext={'defcontext', 0x3d, 'system_u'}}, {@obj_type={'obj_type', 0x3d, '\xe8:'}}, {@fowner_gt={'fowner>', r2}}]}) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x200002, 0x0) openat$cgroup_int(r3, &(0x7f0000000040)='blkio.reset_stats\x00', 0x2, 0x0) 09:32:14 executing program 4: ioctl$SNAPSHOT_SET_SWAP_AREA(0xffffffffffffffff, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) 09:32:14 executing program 4: ioctl$SNAPSHOT_SET_SWAP_AREA(0xffffffffffffffff, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) [ 1206.608505] ? __lock_acquire+0x5fc/0x3f20 [ 1206.612740] ? cmp_ex_sort+0xb0/0xb0 [ 1206.616452] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1206.617479] hfsplus: unable to parse mount options [ 1206.621292] ? search_extable+0x6f/0x80 [ 1206.630164] ? trim_init_extable+0x280/0x280 [ 1206.634675] ? __kernel_text_address+0x9/0x30 [ 1206.639164] ? copy_mount_options+0x194/0x2f0 [ 1206.643657] ? fixup_exception+0x93/0xd0 [ 1206.647717] ? no_context+0x9c/0x7c0 [ 1206.651431] ? force_sig_info_fault.constprop.0+0x260/0x260 [ 1206.657131] ? bad_area_access_error+0x1f8/0x3e0 [ 1206.661879] cache_grow_begin+0x91/0x700 [ 1206.665928] ? fs_reclaim_release+0xd0/0x110 [ 1206.670316] ? check_preemption_disabled+0x35/0x240 [ 1206.675314] cache_alloc_refill+0x273/0x350 [ 1206.679637] kmem_cache_alloc+0x333/0x3c0 [ 1206.683781] getname_flags+0xc8/0x550 [ 1206.687567] ? __do_page_fault+0x159/0xad0 [ 1206.691789] user_path_at_empty+0x2a/0x50 [ 1206.695931] do_mount+0x118/0x2a10 [ 1206.699450] ? __do_page_fault+0x159/0xad0 [ 1206.703661] ? retint_kernel+0x2d/0x2d [ 1206.707534] ? copy_mount_string+0x40/0x40 [ 1206.711747] ? memset+0x20/0x40 [ 1206.715001] ? copy_mount_options+0x1fa/0x2f0 [ 1206.719475] ? copy_mnt_ns+0xa30/0xa30 [ 1206.723354] SyS_mount+0xa8/0x120 [ 1206.726786] ? copy_mnt_ns+0xa30/0xa30 [ 1206.730663] do_syscall_64+0x1d5/0x640 [ 1206.734539] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1206.739706] RIP: 0033:0x7f463664e61a [ 1206.743393] RSP: 002b:00007f4634fc1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1206.751078] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f463664e61a 09:32:15 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) setsockopt$netrom_NETROM_T2(r0, 0x103, 0x2, &(0x7f0000000000)=0xffffffff, 0x4) [ 1206.758426] RDX: 0000000020000140 RSI: 0000000020000180 RDI: 00007f4634fc1fe0 [ 1206.765677] RBP: 00007f4634fc2020 R08: 00007f4634fc2020 R09: 0000000020000140 [ 1206.772931] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000140 [ 1206.780177] R13: 0000000020000180 R14: 00007f4634fc1fe0 R15: 0000000020001340 09:32:15 executing program 5: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) r1 = accept$netrom(r0, 0x0, 0x0) r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) accept$netrom(r2, 0x0, 0x0) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000000)='./file0/file0\x00', 0x97, 0x8, &(0x7f0000000740)=[{&(0x7f0000000040)="1ee18f4df32d16d0a1646643e53741efe80a7f14898e2afeb1d237edcfbbc499e16da6298bc3c37fe823c1ccb6099bf9ae11406f468253eeef68b0022be6d752facb", 0x42, 0x1}, {&(0x7f0000000180)="1e42e539480878c6500635ef74ee3f00d1390a0bcaf07525e49c7beaca63cc54b3cd07c3b538d358d043c7fffabb43e568abca1069952c60abedbfa3d9e519140177216e9ad34a8f8379aa65693e0597d0e74ba4fd4006c973648cdb6beb7a50cb963d2bef5c4b183d95759f60b8a1bf746a94e70ffb3cc5fd1eb1e916a3ec7154a99d6bb3066f939ba55d3d33deb2e1f5e54d812c6d40f4ca915a38a60519af7bf7f63e20de1bb469ff988d5bb1be10790f2e75c6b696d87b354f291f5412de2314a7eb300314", 0xc7, 0x100}, {&(0x7f0000000400)="25c96b685691d1e51792dbcee7d0fab81693c5d525fe473e72f4ddce9f306d004c3516beee8e93c979d868bf78c434384b528555e16ef20a318621b046ca5159968d42982e3d2cd1139f20cdbc21af1e64d4ee7e8301352e854fcd5a535b4ece5c1114abcb72ebd02b7aa3a59c47653f57f56a57bb12e5f1add3b873cc4d8f771cca69551ef7a58ee8af1f536f6de4cf3e89e59eea685df83c2d7bc5d0b02f017f3260f5a795d8b0405f5f8ed4c32c087b5e43558b14c213e26345d352679bf22d1aed5a3a14a66996e11ab59bafd168676e2e0d5e0c", 0xd6, 0x5}, {&(0x7f0000000500)="9f4138db2d5b95338cab7db27671aeee4005d04fdbce595c96d0469e195d6e52365737cc62204c4de73f871685ccbd96f02b3b6aad860e79cea2a7791add379f096472367ab2485029ae56848ebe8aa4f634275a7f1e453fab03025f35ce31207898b3a64d6de5a8248cd39a7e7a4fc6176cb6bfd97379da1d2536502828aef7bad3815651a3a9431ce2a2d5aeda911ed343718f29c71d46c420fc119bc026f98a36ceef5a21502e0d0db17c34a89c7eee14aeba0204b25e96bdf5951d9e9342ae6db5084995af8f5f8e4194b81846299c04e2cf87f6162e", 0xd8, 0x3f}, {&(0x7f00000000c0)="a895b4456eadebb8756e01a2061fb96c7c9d6a4e88882d85", 0x18, 0x7f}, {&(0x7f0000000600)="a14fb2122c4e65d5aa97239684c152ef0cce19584af27ea5e8122716d16690ff793ae4c3dd54995bcd64500273113ea8ace16acdd453bd7bdb2c73c2009b49d22120b82eb37b", 0x46, 0x1000000000080}, {&(0x7f0000000680)="b9df692db9d3266cde17551d1b1a3c6306ad3689f4e5fbd5847e37af5eed863357bbc74e389de9bc7874d26537debcdfed91802a42c90bac023dc92cf7107ff172ea151c27c9a78a5b5496b27d7ac18cd48fa7a5e7b6abda8e99d5795a38ea2ec3822074af02be21183f389ee4ee67d047ab3bfc9b33ef8a67d195b6ea5bb5f1cdd18af6c719b0c48e139062126ca1776a60f3e333c188194b1a2398adfaa0af57008b1e9d29bfd1aa2241b915d36c48e39967d4a4a77fd2", 0xb8, 0xa0c3}, {&(0x7f0000000100)="3451fc95ab5d12d813e96634f1546f3f2f0f00e0ca2fe54771b5eb9493997ad77e3a4ff117ac3e31aa2355", 0x2b, 0x1}], 0x0, &(0x7f00000002c0)=ANY=[@ANYRESOCT=r1, @ANYRESHEX=r0, @ANYRES32=r1, @ANYRESOCT=r2, @ANYBLOB="5f319ca065ebd45536c2b8f970ca2f7cb9bbc5345ba9498ee77f78da015ca0afb9ef53719104e7b97555d441dd87151b06c6b86d288cb1de4f9639e914a2c112ca1d3a6b713f02058465042570598ff62e885bb95e41d0ba64c18ee7554382a5918636a5146caa81631255f13784f8d0cac6284f3241e14a5ce9d453b5871bb736bb962971e64636ce6effb2f5f523584d4e1998cdadc0df6303b573773644b95f6b31de6990ea02085d46a307bcb2fdd3a95fde9c4daafb718cbe8daba94fc44d27cab32873a95e08c9f134af5cd144582ba5a80a03a5c9a7b9fd53"]) 09:32:15 executing program 2: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) accept$netrom(r0, 0x0, 0x0) r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) accept$netrom(r1, 0x0, 0x0) sendto$netrom(r1, &(0x7f0000000280)="91a940b64a328795c8ad0164d7b78fc737b270b55f4050e40fe9e69412c3ff1f08cf01d577594db118f77f5f97e81b02445201df604d701147c7bd0186662a78532706efd9c685573b93350f1f8ab66394e08263fbd8f5f992b6d6b8564e91f73f34963109e8fa98d2cdbd2353dd2abf6e5849d7cfbef11bf7c85025acacdf661d7653add5ab05c1ba954b09a37d1900"/155, 0x9b, 0x4000080, &(0x7f0000000200)={{0x3, @bcast, 0x5}, [@bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @bcast, @default, @null]}, 0x48) recvfrom$netrom(r0, &(0x7f0000000080)=""/199, 0xc7, 0x40012140, 0x0, 0x0) ioctl$SOUND_MIXER_READ_RECMASK(0xffffffffffffffff, 0x80044dfd, &(0x7f0000000000)) getsockopt$netrom_NETROM_N2(r0, 0x103, 0x3, &(0x7f00000001c0)=0x10000000, &(0x7f0000000340)=0x4) syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x8028a0, &(0x7f0000000040)=ANY=[]) 09:32:15 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 52) 09:32:15 executing program 1: r0 = socket(0x25, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), r0) sendmsg$L2TP_CMD_TUNNEL_GET(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x28, r2, 0x4, 0x70bd26, 0x25dfdbfb, {}, [@L2TP_ATTR_VLAN_ID={0x6, 0xe, 0xc43}, @L2TP_ATTR_COOKIE={0xc, 0xf, 0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) [ 1206.826436] hfsplus: creator requires a 4 character value [ 1206.846073] hfsplus: unable to parse mount options 09:32:15 executing program 5: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) r1 = accept$netrom(r0, 0x0, 0x0) r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) accept$netrom(r2, 0x0, 0x0) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000000)='./file0/file0\x00', 0x97, 0x8, &(0x7f0000000740)=[{&(0x7f0000000040)="1ee18f4df32d16d0a1646643e53741efe80a7f14898e2afeb1d237edcfbbc499e16da6298bc3c37fe823c1ccb6099bf9ae11406f468253eeef68b0022be6d752facb", 0x42, 0x1}, {&(0x7f0000000180)="1e42e539480878c6500635ef74ee3f00d1390a0bcaf07525e49c7beaca63cc54b3cd07c3b538d358d043c7fffabb43e568abca1069952c60abedbfa3d9e519140177216e9ad34a8f8379aa65693e0597d0e74ba4fd4006c973648cdb6beb7a50cb963d2bef5c4b183d95759f60b8a1bf746a94e70ffb3cc5fd1eb1e916a3ec7154a99d6bb3066f939ba55d3d33deb2e1f5e54d812c6d40f4ca915a38a60519af7bf7f63e20de1bb469ff988d5bb1be10790f2e75c6b696d87b354f291f5412de2314a7eb300314", 0xc7, 0x100}, {&(0x7f0000000400)="25c96b685691d1e51792dbcee7d0fab81693c5d525fe473e72f4ddce9f306d004c3516beee8e93c979d868bf78c434384b528555e16ef20a318621b046ca5159968d42982e3d2cd1139f20cdbc21af1e64d4ee7e8301352e854fcd5a535b4ece5c1114abcb72ebd02b7aa3a59c47653f57f56a57bb12e5f1add3b873cc4d8f771cca69551ef7a58ee8af1f536f6de4cf3e89e59eea685df83c2d7bc5d0b02f017f3260f5a795d8b0405f5f8ed4c32c087b5e43558b14c213e26345d352679bf22d1aed5a3a14a66996e11ab59bafd168676e2e0d5e0c", 0xd6, 0x5}, {&(0x7f0000000500)="9f4138db2d5b95338cab7db27671aeee4005d04fdbce595c96d0469e195d6e52365737cc62204c4de73f871685ccbd96f02b3b6aad860e79cea2a7791add379f096472367ab2485029ae56848ebe8aa4f634275a7f1e453fab03025f35ce31207898b3a64d6de5a8248cd39a7e7a4fc6176cb6bfd97379da1d2536502828aef7bad3815651a3a9431ce2a2d5aeda911ed343718f29c71d46c420fc119bc026f98a36ceef5a21502e0d0db17c34a89c7eee14aeba0204b25e96bdf5951d9e9342ae6db5084995af8f5f8e4194b81846299c04e2cf87f6162e", 0xd8, 0x3f}, {&(0x7f00000000c0)="a895b4456eadebb8756e01a2061fb96c7c9d6a4e88882d85", 0x18, 0x7f}, {&(0x7f0000000600)="a14fb2122c4e65d5aa97239684c152ef0cce19584af27ea5e8122716d16690ff793ae4c3dd54995bcd64500273113ea8ace16acdd453bd7bdb2c73c2009b49d22120b82eb37b", 0x46, 0x1000000000080}, {&(0x7f0000000680)="b9df692db9d3266cde17551d1b1a3c6306ad3689f4e5fbd5847e37af5eed863357bbc74e389de9bc7874d26537debcdfed91802a42c90bac023dc92cf7107ff172ea151c27c9a78a5b5496b27d7ac18cd48fa7a5e7b6abda8e99d5795a38ea2ec3822074af02be21183f389ee4ee67d047ab3bfc9b33ef8a67d195b6ea5bb5f1cdd18af6c719b0c48e139062126ca1776a60f3e333c188194b1a2398adfaa0af57008b1e9d29bfd1aa2241b915d36c48e39967d4a4a77fd2", 0xb8, 0xa0c3}, {&(0x7f0000000100)="3451fc95ab5d12d813e96634f1546f3f2f0f00e0ca2fe54771b5eb9493997ad77e3a4ff117ac3e31aa2355", 0x2b, 0x1}], 0x0, &(0x7f00000002c0)=ANY=[@ANYRESOCT=r1, @ANYRESHEX=r0, @ANYRES32=r1, @ANYRESOCT=r2, @ANYBLOB="5f319ca065ebd45536c2b8f970ca2f7cb9bbc5345ba9498ee77f78da015ca0afb9ef53719104e7b97555d441dd87151b06c6b86d288cb1de4f9639e914a2c112ca1d3a6b713f02058465042570598ff62e885bb95e41d0ba64c18ee7554382a5918636a5146caa81631255f13784f8d0cac6284f3241e14a5ce9d453b5871bb736bb962971e64636ce6effb2f5f523584d4e1998cdadc0df6303b573773644b95f6b31de6990ea02085d46a307bcb2fdd3a95fde9c4daafb718cbe8daba94fc44d27cab32873a95e08c9f134af5cd144582ba5a80a03a5c9a7b9fd53"]) syz_init_net_socket$netrom(0x6, 0x5, 0x0) (async) accept$netrom(r0, 0x0, 0x0) (async) syz_init_net_socket$netrom(0x6, 0x5, 0x0) (async) accept$netrom(r2, 0x0, 0x0) (async) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000000)='./file0/file0\x00', 0x97, 0x8, &(0x7f0000000740)=[{&(0x7f0000000040)="1ee18f4df32d16d0a1646643e53741efe80a7f14898e2afeb1d237edcfbbc499e16da6298bc3c37fe823c1ccb6099bf9ae11406f468253eeef68b0022be6d752facb", 0x42, 0x1}, {&(0x7f0000000180)="1e42e539480878c6500635ef74ee3f00d1390a0bcaf07525e49c7beaca63cc54b3cd07c3b538d358d043c7fffabb43e568abca1069952c60abedbfa3d9e519140177216e9ad34a8f8379aa65693e0597d0e74ba4fd4006c973648cdb6beb7a50cb963d2bef5c4b183d95759f60b8a1bf746a94e70ffb3cc5fd1eb1e916a3ec7154a99d6bb3066f939ba55d3d33deb2e1f5e54d812c6d40f4ca915a38a60519af7bf7f63e20de1bb469ff988d5bb1be10790f2e75c6b696d87b354f291f5412de2314a7eb300314", 0xc7, 0x100}, {&(0x7f0000000400)="25c96b685691d1e51792dbcee7d0fab81693c5d525fe473e72f4ddce9f306d004c3516beee8e93c979d868bf78c434384b528555e16ef20a318621b046ca5159968d42982e3d2cd1139f20cdbc21af1e64d4ee7e8301352e854fcd5a535b4ece5c1114abcb72ebd02b7aa3a59c47653f57f56a57bb12e5f1add3b873cc4d8f771cca69551ef7a58ee8af1f536f6de4cf3e89e59eea685df83c2d7bc5d0b02f017f3260f5a795d8b0405f5f8ed4c32c087b5e43558b14c213e26345d352679bf22d1aed5a3a14a66996e11ab59bafd168676e2e0d5e0c", 0xd6, 0x5}, {&(0x7f0000000500)="9f4138db2d5b95338cab7db27671aeee4005d04fdbce595c96d0469e195d6e52365737cc62204c4de73f871685ccbd96f02b3b6aad860e79cea2a7791add379f096472367ab2485029ae56848ebe8aa4f634275a7f1e453fab03025f35ce31207898b3a64d6de5a8248cd39a7e7a4fc6176cb6bfd97379da1d2536502828aef7bad3815651a3a9431ce2a2d5aeda911ed343718f29c71d46c420fc119bc026f98a36ceef5a21502e0d0db17c34a89c7eee14aeba0204b25e96bdf5951d9e9342ae6db5084995af8f5f8e4194b81846299c04e2cf87f6162e", 0xd8, 0x3f}, {&(0x7f00000000c0)="a895b4456eadebb8756e01a2061fb96c7c9d6a4e88882d85", 0x18, 0x7f}, {&(0x7f0000000600)="a14fb2122c4e65d5aa97239684c152ef0cce19584af27ea5e8122716d16690ff793ae4c3dd54995bcd64500273113ea8ace16acdd453bd7bdb2c73c2009b49d22120b82eb37b", 0x46, 0x1000000000080}, {&(0x7f0000000680)="b9df692db9d3266cde17551d1b1a3c6306ad3689f4e5fbd5847e37af5eed863357bbc74e389de9bc7874d26537debcdfed91802a42c90bac023dc92cf7107ff172ea151c27c9a78a5b5496b27d7ac18cd48fa7a5e7b6abda8e99d5795a38ea2ec3822074af02be21183f389ee4ee67d047ab3bfc9b33ef8a67d195b6ea5bb5f1cdd18af6c719b0c48e139062126ca1776a60f3e333c188194b1a2398adfaa0af57008b1e9d29bfd1aa2241b915d36c48e39967d4a4a77fd2", 0xb8, 0xa0c3}, {&(0x7f0000000100)="3451fc95ab5d12d813e96634f1546f3f2f0f00e0ca2fe54771b5eb9493997ad77e3a4ff117ac3e31aa2355", 0x2b, 0x1}], 0x0, &(0x7f00000002c0)=ANY=[@ANYRESOCT=r1, @ANYRESHEX=r0, @ANYRES32=r1, @ANYRESOCT=r2, @ANYBLOB="5f319ca065ebd45536c2b8f970ca2f7cb9bbc5345ba9498ee77f78da015ca0afb9ef53719104e7b97555d441dd87151b06c6b86d288cb1de4f9639e914a2c112ca1d3a6b713f02058465042570598ff62e885bb95e41d0ba64c18ee7554382a5918636a5146caa81631255f13784f8d0cac6284f3241e14a5ce9d453b5871bb736bb962971e64636ce6effb2f5f523584d4e1998cdadc0df6303b573773644b95f6b31de6990ea02085d46a307bcb2fdd3a95fde9c4daafb718cbe8daba94fc44d27cab32873a95e08c9f134af5cd144582ba5a80a03a5c9a7b9fd53"]) (async) 09:32:15 executing program 1: r0 = socket(0x25, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) (async) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), r0) sendmsg$L2TP_CMD_TUNNEL_GET(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x28, r2, 0x4, 0x70bd26, 0x25dfdbfb, {}, [@L2TP_ATTR_VLAN_ID={0x6, 0xe, 0xc43}, @L2TP_ATTR_COOKIE={0xc, 0xf, 0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) 09:32:15 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 53) 09:32:15 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) read$snapshot(r1, &(0x7f0000000080)=""/71, 0x47) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) [ 1206.899844] FAULT_INJECTION: forcing a failure. [ 1206.899844] name failslab, interval 1, probability 0, space 0, times 0 09:32:15 executing program 2: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) accept$netrom(r0, 0x0, 0x0) r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) accept$netrom(r1, 0x0, 0x0) sendto$netrom(r1, &(0x7f0000000280)="91a940b64a328795c8ad0164d7b78fc737b270b55f4050e40fe9e69412c3ff1f08cf01d577594db118f77f5f97e81b02445201df604d701147c7bd0186662a78532706efd9c685573b93350f1f8ab66394e08263fbd8f5f992b6d6b8564e91f73f34963109e8fa98d2cdbd2353dd2abf6e5849d7cfbef11bf7c85025acacdf661d7653add5ab05c1ba954b09a37d1900"/155, 0x9b, 0x4000080, &(0x7f0000000200)={{0x3, @bcast, 0x5}, [@bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @bcast, @default, @null]}, 0x48) recvfrom$netrom(r0, &(0x7f0000000080)=""/199, 0xc7, 0x40012140, 0x0, 0x0) ioctl$SOUND_MIXER_READ_RECMASK(0xffffffffffffffff, 0x80044dfd, &(0x7f0000000000)) getsockopt$netrom_NETROM_N2(r0, 0x103, 0x3, &(0x7f00000001c0)=0x10000000, &(0x7f0000000340)=0x4) syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x8028a0, &(0x7f0000000040)=ANY=[]) syz_init_net_socket$netrom(0x6, 0x5, 0x0) (async) accept$netrom(r0, 0x0, 0x0) (async) syz_init_net_socket$netrom(0x6, 0x5, 0x0) (async) accept$netrom(r1, 0x0, 0x0) (async) sendto$netrom(r1, &(0x7f0000000280)="91a940b64a328795c8ad0164d7b78fc737b270b55f4050e40fe9e69412c3ff1f08cf01d577594db118f77f5f97e81b02445201df604d701147c7bd0186662a78532706efd9c685573b93350f1f8ab66394e08263fbd8f5f992b6d6b8564e91f73f34963109e8fa98d2cdbd2353dd2abf6e5849d7cfbef11bf7c85025acacdf661d7653add5ab05c1ba954b09a37d1900"/155, 0x9b, 0x4000080, &(0x7f0000000200)={{0x3, @bcast, 0x5}, [@bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @bcast, @default, @null]}, 0x48) (async) recvfrom$netrom(r0, &(0x7f0000000080)=""/199, 0xc7, 0x40012140, 0x0, 0x0) (async) ioctl$SOUND_MIXER_READ_RECMASK(0xffffffffffffffff, 0x80044dfd, &(0x7f0000000000)) (async) getsockopt$netrom_NETROM_N2(r0, 0x103, 0x3, &(0x7f00000001c0)=0x10000000, &(0x7f0000000340)=0x4) (async) syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x8028a0, &(0x7f0000000040)=ANY=[]) (async) 09:32:15 executing program 1: r0 = socket(0x25, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r1, 0x0, 0x0) (async) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), r0) sendmsg$L2TP_CMD_TUNNEL_GET(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x28, r2, 0x4, 0x70bd26, 0x25dfdbfb, {}, [@L2TP_ATTR_VLAN_ID={0x6, 0xe, 0xc43}, @L2TP_ATTR_COOKIE={0xc, 0xf, 0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) [ 1206.972542] FAULT_INJECTION: forcing a failure. [ 1206.972542] name failslab, interval 1, probability 0, space 0, times 0 [ 1206.984229] CPU: 1 PID: 30889 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1206.992121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1207.001475] Call Trace: [ 1207.004061] dump_stack+0x1b2/0x281 [ 1207.007686] should_fail.cold+0x10a/0x149 [ 1207.011830] should_failslab+0xd6/0x130 [ 1207.015807] kmem_cache_alloc+0x28e/0x3c0 [ 1207.019952] getname_kernel+0x4e/0x340 [ 1207.023829] kern_path+0x1b/0x40 [ 1207.027185] lookup_bdev+0xc6/0x1c0 [ 1207.030806] ? bd_acquire+0x440/0x440 [ 1207.034603] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 1207.040046] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 1207.045057] blkdev_get_by_path+0x1b/0xa0 [ 1207.049194] mount_bdev+0x4c/0x360 [ 1207.052724] ? hfsplus_iget+0x700/0x700 [ 1207.056696] mount_fs+0x92/0x2a0 [ 1207.060068] vfs_kern_mount.part.0+0x5b/0x470 [ 1207.064566] do_mount+0xe65/0x2a10 [ 1207.068105] ? __do_page_fault+0x159/0xad0 [ 1207.072329] ? retint_kernel+0x2d/0x2d [ 1207.076215] ? copy_mount_string+0x40/0x40 [ 1207.080447] ? memset+0x20/0x40 [ 1207.083720] ? copy_mount_options+0x1fa/0x2f0 [ 1207.088209] ? copy_mnt_ns+0xa30/0xa30 [ 1207.092091] SyS_mount+0xa8/0x120 [ 1207.095533] ? copy_mnt_ns+0xa30/0xa30 [ 1207.099415] do_syscall_64+0x1d5/0x640 [ 1207.103308] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1207.108487] RIP: 0033:0x7f322b2fc61a [ 1207.112185] RSP: 002b:00007f3229c6ff88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1207.119889] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f322b2fc61a [ 1207.127154] RDX: 0000000020000140 RSI: 0000000020000180 RDI: 00007f3229c6ffe0 [ 1207.134429] RBP: 00007f3229c70020 R08: 00007f3229c70020 R09: 0000000020000140 [ 1207.141725] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000140 [ 1207.148984] R13: 0000000020000180 R14: 00007f3229c6ffe0 R15: 0000000020001340 [ 1207.162316] CPU: 0 PID: 30908 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1207.170213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1207.179561] Call Trace: [ 1207.182151] dump_stack+0x1b2/0x281 [ 1207.182168] should_fail.cold+0x10a/0x149 [ 1207.182182] should_failslab+0xd6/0x130 [ 1207.182193] __kmalloc_track_caller+0x2bc/0x400 [ 1207.198536] ? kstrdup_const+0x35/0x60 [ 1207.202427] ? lock_downgrade+0x740/0x740 [ 1207.206576] kstrdup+0x36/0x70 [ 1207.209780] kstrdup_const+0x35/0x60 [ 1207.213494] alloc_vfsmnt+0xe0/0x7f0 [ 1207.217213] ? _raw_read_unlock+0x29/0x40 [ 1207.221360] vfs_kern_mount.part.0+0x27/0x470 [ 1207.225852] do_mount+0xe65/0x2a10 [ 1207.229391] ? __do_page_fault+0x159/0xad0 [ 1207.233621] ? retint_kernel+0x2d/0x2d [ 1207.237511] ? copy_mount_string+0x40/0x40 [ 1207.241744] ? memset+0x20/0x40 [ 1207.245026] ? copy_mount_options+0x1fa/0x2f0 [ 1207.249516] ? copy_mnt_ns+0xa30/0xa30 [ 1207.253404] SyS_mount+0xa8/0x120 [ 1207.256845] ? copy_mnt_ns+0xa30/0xa30 [ 1207.260713] do_syscall_64+0x1d5/0x640 [ 1207.264590] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1207.269762] RIP: 0033:0x7f463664e61a 09:32:15 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) (async) read$snapshot(r1, &(0x7f0000000080)=""/71, 0x47) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) 09:32:15 executing program 1: write$P9_ROPEN(0xffffffffffffffff, &(0x7f0000000100)={0x18, 0x71, 0x1, {{0x20, 0x3}, 0x9}}, 0x18) r0 = socket(0xb, 0x1, 0x1) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000400)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0) setsockopt$netrom_NETROM_T2(r1, 0x103, 0x2, &(0x7f0000000440)=0x1, 0x4) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket(0xf, 0x4, 0x1f) getsockname$netrom(r3, &(0x7f0000000080)={{0x3, @bcast}, [@remote, @rose, @default, @default, @bcast, @remote, @null]}, &(0x7f0000000000)=0x48) r4 = openat$cgroup_ro(r0, &(0x7f0000000180)='blkio.bfq.io_serviced\x00', 0x0, 0x0) sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20080000}, 0xc, &(0x7f0000000380)={&(0x7f0000000200)={0x158, 0x0, 0x220, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8, 0xa}}}}, [@mon_options=[@NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @broadcast}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @broadcast}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "d0050a1f276ebdfa2d4d4ab4a19ddaceb688b7d0bfb6ecee"}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "021ed536e45431ee16b01a16338a785ee87a2f05a45280ae"}], @NL80211_ATTR_MESH_ID={0xa}, @mon_options=[@NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "1024dc31e960a9c15e6a07cc3989653c3d4640a5c05cf1f6"}], @mon_options=[@NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "eb5a47453ed408f83480e9a5e27393e16f6e736cc3c129ad"}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "5021316cf4bd2a1bccfa083dc01ee2d00874d502455ab751"}, @NL80211_ATTR_MNTR_FLAGS={0x8, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_OTHER_BSS={0x4}]}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @device_b}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "fe1303f1fc0c60e09bd86867d35132643103b0df414cf5ec"}, @NL80211_ATTR_MNTR_FLAGS={0x14, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}]}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "8580753add55ac317d91054affdeef13be8d8776c7fbabd3"}, @NL80211_ATTR_MNTR_FLAGS={0xc, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}]}], @NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}]}, 0x158}, 0x1, 0x0, 0x0, 0x1084}, 0x80) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0) sendmsg$SMC_PNETID_DEL(r2, 0x0, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r2) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r5, 0x0, 0x0) r6 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000005c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00043ebd7000fedbdf250600000008000300", @ANYRES32=r8, @ANYBLOB="0c0099000500000050000000080005000c00000005005300010000000800050004000000"], 0x40}, 0x1, 0x0, 0x0, 0x40}, 0x40) sendmsg$L2TP_CMD_SESSION_GET(r7, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r6, 0xb09}, 0x14}}, 0x0) sendmsg$L2TP_CMD_SESSION_GET(r5, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x1c, r6, 0x4, 0x70bd26, 0x25dfdbfd, {}, [@L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e22}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4840}, 0x4000) [ 1207.273455] RSP: 002b:00007f4634fc1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1207.281152] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f463664e61a [ 1207.288405] RDX: 0000000020000140 RSI: 0000000020000180 RDI: 00007f4634fc1fe0 [ 1207.295654] RBP: 00007f4634fc2020 R08: 00007f4634fc2020 R09: 0000000020000140 [ 1207.302907] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000140 [ 1207.310151] R13: 0000000020000180 R14: 00007f4634fc1fe0 R15: 0000000020001340 09:32:15 executing program 5: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) r1 = accept$netrom(r0, 0x0, 0x0) r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) accept$netrom(r2, 0x0, 0x0) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000000)='./file0/file0\x00', 0x97, 0x8, &(0x7f0000000740)=[{&(0x7f0000000040)="1ee18f4df32d16d0a1646643e53741efe80a7f14898e2afeb1d237edcfbbc499e16da6298bc3c37fe823c1ccb6099bf9ae11406f468253eeef68b0022be6d752facb", 0x42, 0x1}, {&(0x7f0000000180)="1e42e539480878c6500635ef74ee3f00d1390a0bcaf07525e49c7beaca63cc54b3cd07c3b538d358d043c7fffabb43e568abca1069952c60abedbfa3d9e519140177216e9ad34a8f8379aa65693e0597d0e74ba4fd4006c973648cdb6beb7a50cb963d2bef5c4b183d95759f60b8a1bf746a94e70ffb3cc5fd1eb1e916a3ec7154a99d6bb3066f939ba55d3d33deb2e1f5e54d812c6d40f4ca915a38a60519af7bf7f63e20de1bb469ff988d5bb1be10790f2e75c6b696d87b354f291f5412de2314a7eb300314", 0xc7, 0x100}, {&(0x7f0000000400)="25c96b685691d1e51792dbcee7d0fab81693c5d525fe473e72f4ddce9f306d004c3516beee8e93c979d868bf78c434384b528555e16ef20a318621b046ca5159968d42982e3d2cd1139f20cdbc21af1e64d4ee7e8301352e854fcd5a535b4ece5c1114abcb72ebd02b7aa3a59c47653f57f56a57bb12e5f1add3b873cc4d8f771cca69551ef7a58ee8af1f536f6de4cf3e89e59eea685df83c2d7bc5d0b02f017f3260f5a795d8b0405f5f8ed4c32c087b5e43558b14c213e26345d352679bf22d1aed5a3a14a66996e11ab59bafd168676e2e0d5e0c", 0xd6, 0x5}, {&(0x7f0000000500)="9f4138db2d5b95338cab7db27671aeee4005d04fdbce595c96d0469e195d6e52365737cc62204c4de73f871685ccbd96f02b3b6aad860e79cea2a7791add379f096472367ab2485029ae56848ebe8aa4f634275a7f1e453fab03025f35ce31207898b3a64d6de5a8248cd39a7e7a4fc6176cb6bfd97379da1d2536502828aef7bad3815651a3a9431ce2a2d5aeda911ed343718f29c71d46c420fc119bc026f98a36ceef5a21502e0d0db17c34a89c7eee14aeba0204b25e96bdf5951d9e9342ae6db5084995af8f5f8e4194b81846299c04e2cf87f6162e", 0xd8, 0x3f}, {&(0x7f00000000c0)="a895b4456eadebb8756e01a2061fb96c7c9d6a4e88882d85", 0x18, 0x7f}, {&(0x7f0000000600)="a14fb2122c4e65d5aa97239684c152ef0cce19584af27ea5e8122716d16690ff793ae4c3dd54995bcd64500273113ea8ace16acdd453bd7bdb2c73c2009b49d22120b82eb37b", 0x46, 0x1000000000080}, {&(0x7f0000000680)="b9df692db9d3266cde17551d1b1a3c6306ad3689f4e5fbd5847e37af5eed863357bbc74e389de9bc7874d26537debcdfed91802a42c90bac023dc92cf7107ff172ea151c27c9a78a5b5496b27d7ac18cd48fa7a5e7b6abda8e99d5795a38ea2ec3822074af02be21183f389ee4ee67d047ab3bfc9b33ef8a67d195b6ea5bb5f1cdd18af6c719b0c48e139062126ca1776a60f3e333c188194b1a2398adfaa0af57008b1e9d29bfd1aa2241b915d36c48e39967d4a4a77fd2", 0xb8, 0xa0c3}, {&(0x7f0000000100)="3451fc95ab5d12d813e96634f1546f3f2f0f00e0ca2fe54771b5eb9493997ad77e3a4ff117ac3e31aa2355", 0x2b, 0x1}], 0x0, &(0x7f00000002c0)=ANY=[@ANYRESOCT=r1, @ANYRESHEX=r0, @ANYRES32=r1, @ANYRESOCT=r2, @ANYBLOB="5f319ca065ebd45536c2b8f970ca2f7cb9bbc5345ba9498ee77f78da015ca0afb9ef53719104e7b97555d441dd87151b06c6b86d288cb1de4f9639e914a2c112ca1d3a6b713f02058465042570598ff62e885bb95e41d0ba64c18ee7554382a5918636a5146caa81631255f13784f8d0cac6284f3241e14a5ce9d453b5871bb736bb962971e64636ce6effb2f5f523584d4e1998cdadc0df6303b573773644b95f6b31de6990ea02085d46a307bcb2fdd3a95fde9c4daafb718cbe8daba94fc44d27cab32873a95e08c9f134af5cd144582ba5a80a03a5c9a7b9fd53"]) 09:32:15 executing program 2: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) accept$netrom(r0, 0x0, 0x0) (async) r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) accept$netrom(r1, 0x0, 0x0) sendto$netrom(r1, &(0x7f0000000280)="91a940b64a328795c8ad0164d7b78fc737b270b55f4050e40fe9e69412c3ff1f08cf01d577594db118f77f5f97e81b02445201df604d701147c7bd0186662a78532706efd9c685573b93350f1f8ab66394e08263fbd8f5f992b6d6b8564e91f73f34963109e8fa98d2cdbd2353dd2abf6e5849d7cfbef11bf7c85025acacdf661d7653add5ab05c1ba954b09a37d1900"/155, 0x9b, 0x4000080, &(0x7f0000000200)={{0x3, @bcast, 0x5}, [@bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @bcast, @default, @null]}, 0x48) (async, rerun: 64) recvfrom$netrom(r0, &(0x7f0000000080)=""/199, 0xc7, 0x40012140, 0x0, 0x0) (async, rerun: 64) ioctl$SOUND_MIXER_READ_RECMASK(0xffffffffffffffff, 0x80044dfd, &(0x7f0000000000)) (async) getsockopt$netrom_NETROM_N2(r0, 0x103, 0x3, &(0x7f00000001c0)=0x10000000, &(0x7f0000000340)=0x4) (async) syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x8028a0, &(0x7f0000000040)=ANY=[]) 09:32:15 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 53) 09:32:15 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 54) 09:32:15 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) read$snapshot(r1, &(0x7f0000000080)=""/71, 0x47) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) 09:32:15 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x3, &(0x7f00000000c0)=[{&(0x7f0000000000)="b024dd6b231ee89a868528448ff99f22cecfe81a583e0639bb98ae547c", 0x1d, 0x3ff}, {&(0x7f0000000040)="c76578f255e1e0e2553d2270f5b32f0ec5ea2662aedceecfa3aa7bb182e169d08e5a58264af5b3beb2eeaa05d3860784ae76755015c1b8f9bd65e115897324232ea00b36926663c26bf33040e4e8fa8abb017a86a9165cb6e4bea785d77d465aac6fcb37", 0x64, 0x2}, {&(0x7f00000001c0)="c181f69e9b6c86033d3cc8aaaa7796d7665e8f78cfc0e4e05c23ecf2caf159120339d424f735453d7bcf7324eda5cbff033d284dc0462b25086785ade137c9dcc1574a9b244f57f18d8d23095304cb1efef70e01eca17b14f2955d837ebed76c7e128abfae6510b46b06bafcb8a599329a5abb6e3a4ce238e9d79980739a082feecc8a4d8debbcee4300037102bca0bd17a1093b", 0x94, 0x7fffffffffffffff}], 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="ffffff7f00000000e9d7ce6751"]) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) r1 = getegid() r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000480), r0) sendmsg$L2TP_CMD_SESSION_GET(r0, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x28, r2, 0x10, 0x70bd25, 0x25dfdbfb, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x88d5}, 0x80) syz_mount_image$fuse(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, 0x0, 0xc30804, &(0x7f0000000300)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x2000}, 0x2c, {}, 0x2c, {'group_id', 0x3d, r1}, 0x2c, {[{@blksize={'blksize', 0x3d, 0x800}}, {@default_permissions}, {@max_read={'max_read', 0x3d, 0x6}}, {@allow_other}, {@default_permissions}], [{@smackfsroot={'smackfsroot', 0x3d, '*('}}, {@uid_lt={'uid<', 0xee00}}, {@dont_appraise}, {@subj_role={'subj_role', 0x3d, '+$()'}}]}}) [ 1207.447810] FAULT_INJECTION: forcing a failure. [ 1207.447810] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1207.460326] CPU: 0 PID: 30972 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1207.468188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1207.477533] Call Trace: [ 1207.480103] dump_stack+0x1b2/0x281 [ 1207.483798] should_fail.cold+0x10a/0x149 [ 1207.487949] ? get_page_from_freelist+0xaf6/0x25a0 [ 1207.492859] __alloc_pages_nodemask+0x22c/0x2720 [ 1207.497598] ? lock_downgrade+0x740/0x740 [ 1207.501722] ? page_outside_zone_boundaries+0x1db/0x310 [ 1207.507068] ? __lock_acquire+0x5fc/0x3f20 [ 1207.511288] ? preempt_count_add+0xaf/0x170 [ 1207.515592] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1207.520435] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 1207.525876] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 1207.530873] ? __alloc_pages_nodemask+0x1a6e/0x2720 [ 1207.535911] cache_grow_begin+0x91/0x700 [ 1207.539949] ? fs_reclaim_release+0xd0/0x110 [ 1207.544343] ? check_preemption_disabled+0x35/0x240 [ 1207.549341] cache_alloc_refill+0x273/0x350 [ 1207.553640] kmem_cache_alloc+0x333/0x3c0 [ 1207.557776] getname_kernel+0x4e/0x340 [ 1207.561643] kern_path+0x1b/0x40 [ 1207.564986] lookup_bdev+0xc6/0x1c0 [ 1207.568589] ? bd_acquire+0x440/0x440 [ 1207.572375] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 1207.577809] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 1207.582804] blkdev_get_by_path+0x1b/0xa0 [ 1207.586931] mount_bdev+0x4c/0x360 [ 1207.590449] ? hfsplus_iget+0x700/0x700 [ 1207.594400] mount_fs+0x92/0x2a0 [ 1207.597756] vfs_kern_mount.part.0+0x5b/0x470 [ 1207.602229] do_mount+0xe65/0x2a10 [ 1207.605749] ? __do_page_fault+0x159/0xad0 [ 1207.609965] ? retint_kernel+0x2d/0x2d [ 1207.613829] ? copy_mount_string+0x40/0x40 [ 1207.618066] ? memset+0x20/0x40 [ 1207.621323] ? copy_mount_options+0x1fa/0x2f0 [ 1207.625797] ? copy_mnt_ns+0xa30/0xa30 [ 1207.629662] SyS_mount+0xa8/0x120 [ 1207.633092] ? copy_mnt_ns+0xa30/0xa30 [ 1207.636958] do_syscall_64+0x1d5/0x640 [ 1207.640829] entry_SYSCALL_64_after_hwframe+0x46/0xbb 09:32:15 executing program 1: write$P9_ROPEN(0xffffffffffffffff, &(0x7f0000000100)={0x18, 0x71, 0x1, {{0x20, 0x3}, 0x9}}, 0x18) (async) r0 = socket(0xb, 0x1, 0x1) (async) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000400)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0) setsockopt$netrom_NETROM_T2(r1, 0x103, 0x2, &(0x7f0000000440)=0x1, 0x4) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = socket(0xf, 0x4, 0x1f) getsockname$netrom(r3, &(0x7f0000000080)={{0x3, @bcast}, [@remote, @rose, @default, @default, @bcast, @remote, @null]}, &(0x7f0000000000)=0x48) (async) r4 = openat$cgroup_ro(r0, &(0x7f0000000180)='blkio.bfq.io_serviced\x00', 0x0, 0x0) sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20080000}, 0xc, &(0x7f0000000380)={&(0x7f0000000200)={0x158, 0x0, 0x220, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8, 0xa}}}}, [@mon_options=[@NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @broadcast}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @broadcast}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "d0050a1f276ebdfa2d4d4ab4a19ddaceb688b7d0bfb6ecee"}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "021ed536e45431ee16b01a16338a785ee87a2f05a45280ae"}], @NL80211_ATTR_MESH_ID={0xa}, @mon_options=[@NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "1024dc31e960a9c15e6a07cc3989653c3d4640a5c05cf1f6"}], @mon_options=[@NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "eb5a47453ed408f83480e9a5e27393e16f6e736cc3c129ad"}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "5021316cf4bd2a1bccfa083dc01ee2d00874d502455ab751"}, @NL80211_ATTR_MNTR_FLAGS={0x8, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_OTHER_BSS={0x4}]}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @device_b}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "fe1303f1fc0c60e09bd86867d35132643103b0df414cf5ec"}, @NL80211_ATTR_MNTR_FLAGS={0x14, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}]}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "8580753add55ac317d91054affdeef13be8d8776c7fbabd3"}, @NL80211_ATTR_MNTR_FLAGS={0xc, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}]}], @NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}]}, 0x158}, 0x1, 0x0, 0x0, 0x1084}, 0x80) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0) sendmsg$SMC_PNETID_DEL(r2, 0x0, 0x0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r2) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r5, 0x0, 0x0) (async) r6 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000005c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00043ebd7000fedbdf250600000008000300", @ANYRES32=r8, @ANYBLOB="0c0099000500000050000000080005000c00000005005300010000000800050004000000"], 0x40}, 0x1, 0x0, 0x0, 0x40}, 0x40) sendmsg$L2TP_CMD_SESSION_GET(r7, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r6, 0xb09}, 0x14}}, 0x0) (async) sendmsg$L2TP_CMD_SESSION_GET(r5, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x1c, r6, 0x4, 0x70bd26, 0x25dfdbfd, {}, [@L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e22}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4840}, 0x4000) 09:32:15 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x280000, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x7, 0x9}) ioctl$SNAPSHOT_FREE(r0, 0x3305) r1 = syz_open_dev$loop(&(0x7f0000000080), 0x400, 0x480000) syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$LOOP_SET_DIRECT_IO(r1, 0x4c08, 0x727) [ 1207.645995] RIP: 0033:0x7f322b2fc61a [ 1207.649680] RSP: 002b:00007f3229c6ff88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1207.657374] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f322b2fc61a [ 1207.664636] RDX: 0000000020000140 RSI: 0000000020000180 RDI: 00007f3229c6ffe0 [ 1207.671893] RBP: 00007f3229c70020 R08: 00007f3229c70020 R09: 0000000020000140 [ 1207.679149] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000140 [ 1207.686395] R13: 0000000020000180 R14: 00007f3229c6ffe0 R15: 0000000020001340 09:32:15 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000040)) write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0x10) 09:32:16 executing program 1: write$P9_ROPEN(0xffffffffffffffff, &(0x7f0000000100)={0x18, 0x71, 0x1, {{0x20, 0x3}, 0x9}}, 0x18) (async) r0 = socket(0xb, 0x1, 0x1) (async, rerun: 32) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000400)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0) (rerun: 32) setsockopt$netrom_NETROM_T2(r1, 0x103, 0x2, &(0x7f0000000440)=0x1, 0x4) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = socket(0xf, 0x4, 0x1f) getsockname$netrom(r3, &(0x7f0000000080)={{0x3, @bcast}, [@remote, @rose, @default, @default, @bcast, @remote, @null]}, &(0x7f0000000000)=0x48) (async, rerun: 64) r4 = openat$cgroup_ro(r0, &(0x7f0000000180)='blkio.bfq.io_serviced\x00', 0x0, 0x0) (rerun: 64) sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20080000}, 0xc, &(0x7f0000000380)={&(0x7f0000000200)={0x158, 0x0, 0x220, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8, 0xa}}}}, [@mon_options=[@NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @broadcast}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @broadcast}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "d0050a1f276ebdfa2d4d4ab4a19ddaceb688b7d0bfb6ecee"}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "021ed536e45431ee16b01a16338a785ee87a2f05a45280ae"}], @NL80211_ATTR_MESH_ID={0xa}, @mon_options=[@NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "1024dc31e960a9c15e6a07cc3989653c3d4640a5c05cf1f6"}], @mon_options=[@NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "eb5a47453ed408f83480e9a5e27393e16f6e736cc3c129ad"}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "5021316cf4bd2a1bccfa083dc01ee2d00874d502455ab751"}, @NL80211_ATTR_MNTR_FLAGS={0x8, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_OTHER_BSS={0x4}]}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @device_b}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "fe1303f1fc0c60e09bd86867d35132643103b0df414cf5ec"}, @NL80211_ATTR_MNTR_FLAGS={0x14, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}]}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "8580753add55ac317d91054affdeef13be8d8776c7fbabd3"}, @NL80211_ATTR_MNTR_FLAGS={0xc, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}]}], @NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}]}, 0x158}, 0x1, 0x0, 0x0, 0x1084}, 0x80) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0) sendmsg$SMC_PNETID_DEL(r2, 0x0, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r2) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r5, 0x0, 0x0) r6 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) (async) r7 = socket$nl_generic(0x10, 0x3, 0x10) (async) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000005c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00043ebd7000fedbdf250600000008000300", @ANYRES32=r8, @ANYBLOB="0c0099000500000050000000080005000c00000005005300010000000800050004000000"], 0x40}, 0x1, 0x0, 0x0, 0x40}, 0x40) (async) sendmsg$L2TP_CMD_SESSION_GET(r7, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r6, 0xb09}, 0x14}}, 0x0) (async, rerun: 32) sendmsg$L2TP_CMD_SESSION_GET(r5, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x1c, r6, 0x4, 0x70bd26, 0x25dfdbfd, {}, [@L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e22}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4840}, 0x4000) (rerun: 32) [ 1207.718883] hfsplus: creator requires a 4 character value [ 1207.736137] hfsplus: unable to parse mount options [ 1207.747301] FAULT_INJECTION: forcing a failure. [ 1207.747301] name failslab, interval 1, probability 0, space 0, times 0 [ 1207.792516] hfsplus: creator requires a 4 character value [ 1207.796751] hfsplus: unable to parse mount options [ 1207.801048] hfsplus: unable to parse mount options [ 1207.813902] CPU: 1 PID: 30974 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1207.821800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1207.831149] Call Trace: [ 1207.833734] dump_stack+0x1b2/0x281 [ 1207.837368] should_fail.cold+0x10a/0x149 [ 1207.841526] should_failslab+0xd6/0x130 [ 1207.845504] kmem_cache_alloc+0x28e/0x3c0 [ 1207.849663] getname_kernel+0x4e/0x340 [ 1207.853559] kern_path+0x1b/0x40 [ 1207.856925] lookup_bdev+0xc6/0x1c0 [ 1207.860551] ? bd_acquire+0x440/0x440 [ 1207.864350] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 1207.869801] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 1207.874822] blkdev_get_by_path+0x1b/0xa0 [ 1207.878971] mount_bdev+0x4c/0x360 [ 1207.882510] ? hfsplus_iget+0x700/0x700 [ 1207.886488] mount_fs+0x92/0x2a0 [ 1207.889854] vfs_kern_mount.part.0+0x5b/0x470 [ 1207.894375] do_mount+0xe65/0x2a10 [ 1207.897923] ? __do_page_fault+0x159/0xad0 [ 1207.902155] ? retint_kernel+0x2d/0x2d [ 1207.906042] ? copy_mount_string+0x40/0x40 [ 1207.910273] ? memset+0x20/0x40 [ 1207.913564] ? copy_mount_options+0x1fa/0x2f0 [ 1207.918071] ? copy_mnt_ns+0xa30/0xa30 [ 1207.921964] SyS_mount+0xa8/0x120 [ 1207.925415] ? copy_mnt_ns+0xa30/0xa30 [ 1207.929312] do_syscall_64+0x1d5/0x640 [ 1207.933208] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1207.938392] RIP: 0033:0x7f463664e61a 09:32:16 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000001c0)={r1, 0x20, &(0x7f0000000000)={&(0x7f0000000080)=""/138, 0x8a, 0x0, &(0x7f0000000140)=""/73, 0x49}}, 0x10) 09:32:16 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 54) 09:32:16 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000040)) write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0x10) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) (async) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000040)) (async) write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0x10) (async) 09:32:16 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x3, &(0x7f00000000c0)=[{&(0x7f0000000000)="b024dd6b231ee89a868528448ff99f22cecfe81a583e0639bb98ae547c", 0x1d, 0x3ff}, {&(0x7f0000000040)="c76578f255e1e0e2553d2270f5b32f0ec5ea2662aedceecfa3aa7bb182e169d08e5a58264af5b3beb2eeaa05d3860784ae76755015c1b8f9bd65e115897324232ea00b36926663c26bf33040e4e8fa8abb017a86a9165cb6e4bea785d77d465aac6fcb37", 0x64, 0x2}, {&(0x7f00000001c0)="c181f69e9b6c86033d3cc8aaaa7796d7665e8f78cfc0e4e05c23ecf2caf159120339d424f735453d7bcf7324eda5cbff033d284dc0462b25086785ade137c9dcc1574a9b244f57f18d8d23095304cb1efef70e01eca17b14f2955d837ebed76c7e128abfae6510b46b06bafcb8a599329a5abb6e3a4ce238e9d79980739a082feecc8a4d8debbcee4300037102bca0bd17a1093b", 0x94, 0x7fffffffffffffff}], 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="ffffff7f00000000e9d7ce6751"]) (async) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) (async) r1 = getegid() (async) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000480), r0) sendmsg$L2TP_CMD_SESSION_GET(r0, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x28, r2, 0x10, 0x70bd25, 0x25dfdbfb, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x88d5}, 0x80) (async) syz_mount_image$fuse(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, 0x0, 0xc30804, &(0x7f0000000300)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x2000}, 0x2c, {}, 0x2c, {'group_id', 0x3d, r1}, 0x2c, {[{@blksize={'blksize', 0x3d, 0x800}}, {@default_permissions}, {@max_read={'max_read', 0x3d, 0x6}}, {@allow_other}, {@default_permissions}], [{@smackfsroot={'smackfsroot', 0x3d, '*('}}, {@uid_lt={'uid<', 0xee00}}, {@dont_appraise}, {@subj_role={'subj_role', 0x3d, '+$()'}}]}}) [ 1207.942096] RSP: 002b:00007f4634fc1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1207.949804] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f463664e61a [ 1207.957075] RDX: 0000000020000140 RSI: 0000000020000180 RDI: 00007f4634fc1fe0 [ 1207.964344] RBP: 00007f4634fc2020 R08: 00007f4634fc2020 R09: 0000000020000140 [ 1207.971612] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000140 [ 1207.978879] R13: 0000000020000180 R14: 00007f4634fc1fe0 R15: 0000000020001340 09:32:16 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000001c0)={r1, 0x20, &(0x7f0000000000)={&(0x7f0000000080)=""/138, 0x8a, 0x0, &(0x7f0000000140)=""/73, 0x49}}, 0x10) [ 1208.046446] hfsplus: unable to parse mount options [ 1208.061847] hfsplus: creator requires a 4 character value [ 1208.077444] FAULT_INJECTION: forcing a failure. [ 1208.077444] name failslab, interval 1, probability 0, space 0, times 0 [ 1208.090018] hfsplus: unable to parse mount options [ 1208.110722] CPU: 0 PID: 31036 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1208.118626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1208.127980] Call Trace: [ 1208.130572] dump_stack+0x1b2/0x281 [ 1208.134204] should_fail.cold+0x10a/0x149 [ 1208.138357] should_failslab+0xd6/0x130 [ 1208.142334] kmem_cache_alloc_trace+0x29a/0x3d0 [ 1208.147003] ? set_bdev_super+0x110/0x110 [ 1208.151149] sget_userns+0x102/0xc10 [ 1208.154857] ? set_bdev_super+0x110/0x110 09:32:16 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 55) 09:32:16 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x280000, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x7, 0x9}) (async) ioctl$SNAPSHOT_FREE(r0, 0x3305) (async, rerun: 32) r1 = syz_open_dev$loop(&(0x7f0000000080), 0x400, 0x480000) (rerun: 32) syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) (async, rerun: 64) ioctl$LOOP_SET_DIRECT_IO(r1, 0x4c08, 0x727) (rerun: 64) 09:32:16 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x3, &(0x7f00000000c0)=[{&(0x7f0000000000)="b024dd6b231ee89a868528448ff99f22cecfe81a583e0639bb98ae547c", 0x1d, 0x3ff}, {&(0x7f0000000040)="c76578f255e1e0e2553d2270f5b32f0ec5ea2662aedceecfa3aa7bb182e169d08e5a58264af5b3beb2eeaa05d3860784ae76755015c1b8f9bd65e115897324232ea00b36926663c26bf33040e4e8fa8abb017a86a9165cb6e4bea785d77d465aac6fcb37", 0x64, 0x2}, {&(0x7f00000001c0)="c181f69e9b6c86033d3cc8aaaa7796d7665e8f78cfc0e4e05c23ecf2caf159120339d424f735453d7bcf7324eda5cbff033d284dc0462b25086785ade137c9dcc1574a9b244f57f18d8d23095304cb1efef70e01eca17b14f2955d837ebed76c7e128abfae6510b46b06bafcb8a599329a5abb6e3a4ce238e9d79980739a082feecc8a4d8debbcee4300037102bca0bd17a1093b", 0x94, 0x7fffffffffffffff}], 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="ffffff7f00000000e9d7ce6751"]) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) r1 = getegid() r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000480), r0) sendmsg$L2TP_CMD_SESSION_GET(r0, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x28, r2, 0x10, 0x70bd25, 0x25dfdbfb, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x88d5}, 0x80) syz_mount_image$fuse(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, 0x0, 0xc30804, &(0x7f0000000300)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x2000}, 0x2c, {}, 0x2c, {'group_id', 0x3d, r1}, 0x2c, {[{@blksize={'blksize', 0x3d, 0x800}}, {@default_permissions}, {@max_read={'max_read', 0x3d, 0x6}}, {@allow_other}, {@default_permissions}], [{@smackfsroot={'smackfsroot', 0x3d, '*('}}, {@uid_lt={'uid<', 0xee00}}, {@dont_appraise}, {@subj_role={'subj_role', 0x3d, '+$()'}}]}}) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x3, &(0x7f00000000c0)=[{&(0x7f0000000000)="b024dd6b231ee89a868528448ff99f22cecfe81a583e0639bb98ae547c", 0x1d, 0x3ff}, {&(0x7f0000000040)="c76578f255e1e0e2553d2270f5b32f0ec5ea2662aedceecfa3aa7bb182e169d08e5a58264af5b3beb2eeaa05d3860784ae76755015c1b8f9bd65e115897324232ea00b36926663c26bf33040e4e8fa8abb017a86a9165cb6e4bea785d77d465aac6fcb37", 0x64, 0x2}, {&(0x7f00000001c0)="c181f69e9b6c86033d3cc8aaaa7796d7665e8f78cfc0e4e05c23ecf2caf159120339d424f735453d7bcf7324eda5cbff033d284dc0462b25086785ade137c9dcc1574a9b244f57f18d8d23095304cb1efef70e01eca17b14f2955d837ebed76c7e128abfae6510b46b06bafcb8a599329a5abb6e3a4ce238e9d79980739a082feecc8a4d8debbcee4300037102bca0bd17a1093b", 0x94, 0x7fffffffffffffff}], 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="ffffff7f00000000e9d7ce6751"]) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) (async) getegid() (async) syz_genetlink_get_family_id$l2tp(&(0x7f0000000480), r0) (async) sendmsg$L2TP_CMD_SESSION_GET(r0, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x28, r2, 0x10, 0x70bd25, 0x25dfdbfb, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x88d5}, 0x80) (async) syz_mount_image$fuse(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, 0x0, 0xc30804, &(0x7f0000000300)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x2000}, 0x2c, {}, 0x2c, {'group_id', 0x3d, r1}, 0x2c, {[{@blksize={'blksize', 0x3d, 0x800}}, {@default_permissions}, {@max_read={'max_read', 0x3d, 0x6}}, {@allow_other}, {@default_permissions}], [{@smackfsroot={'smackfsroot', 0x3d, '*('}}, {@uid_lt={'uid<', 0xee00}}, {@dont_appraise}, {@subj_role={'subj_role', 0x3d, '+$()'}}]}}) (async) 09:32:16 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000001c0)={r1, 0x20, &(0x7f0000000000)={&(0x7f0000000080)=""/138, 0x8a, 0x0, &(0x7f0000000140)=""/73, 0x49}}, 0x10) socket(0x25, 0x1, 0x0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) (async) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000001c0)={r1, 0x20, &(0x7f0000000000)={&(0x7f0000000080)=""/138, 0x8a, 0x0, &(0x7f0000000140)=""/73, 0x49}}, 0x10) (async) 09:32:16 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x280000, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x7, 0x9}) ioctl$SNAPSHOT_FREE(r0, 0x3305) r1 = syz_open_dev$loop(&(0x7f0000000080), 0x400, 0x480000) syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$LOOP_SET_DIRECT_IO(r1, 0x4c08, 0x727) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x280000, 0x0) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x7, 0x9}) (async) ioctl$SNAPSHOT_FREE(r0, 0x3305) (async) syz_open_dev$loop(&(0x7f0000000080), 0x400, 0x480000) (async) syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) (async) ioctl$LOOP_SET_DIRECT_IO(r1, 0x4c08, 0x727) (async) [ 1208.159010] ? ns_test_super+0x50/0x50 [ 1208.162905] ? set_bdev_super+0x110/0x110 [ 1208.167045] ? ns_test_super+0x50/0x50 [ 1208.170922] sget+0xd1/0x110 [ 1208.173933] mount_bdev+0xcd/0x360 [ 1208.177459] ? hfsplus_iget+0x700/0x700 [ 1208.181413] mount_fs+0x92/0x2a0 [ 1208.184769] vfs_kern_mount.part.0+0x5b/0x470 [ 1208.189264] do_mount+0xe65/0x2a10 [ 1208.192795] ? __do_page_fault+0x159/0xad0 [ 1208.197013] ? retint_kernel+0x2d/0x2d [ 1208.200889] ? copy_mount_string+0x40/0x40 [ 1208.205110] ? memset+0x20/0x40 [ 1208.208364] ? copy_mount_options+0x1fa/0x2f0 [ 1208.212838] ? copy_mnt_ns+0xa30/0xa30 [ 1208.216706] SyS_mount+0xa8/0x120 [ 1208.220144] ? copy_mnt_ns+0xa30/0xa30 [ 1208.224017] do_syscall_64+0x1d5/0x640 [ 1208.227888] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1208.233060] RIP: 0033:0x7f322b2fc61a [ 1208.236746] RSP: 002b:00007f3229c6ff88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1208.244431] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f322b2fc61a [ 1208.251689] RDX: 0000000020000140 RSI: 0000000020000180 RDI: 00007f3229c6ffe0 09:32:16 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x7c, 0x7c, 0x3, [@var={0x4, 0x0, 0x0, 0xe, 0x5}, @ptr={0x6, 0x0, 0x0, 0x2, 0x5}, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0xa, 0x0, 0x45, 0x7}, @const={0xa, 0x0, 0x0, 0xa, 0x3}, @ptr={0xb, 0x0, 0x0, 0x2, 0x3}, @const={0xb, 0x0, 0x0, 0xa, 0x1}, @int={0x3, 0x0, 0x0, 0x1, 0x0, 0x21, 0x0, 0x75, 0x1}, @int={0xf, 0x0, 0x0, 0x1, 0x0, 0x40, 0x0, 0x74, 0x5}, @ptr={0xb, 0x0, 0x0, 0x2, 0x1}]}, {0x0, [0x5f]}}, &(0x7f00000000c0)=""/86, 0x97, 0x56, 0x1}, 0x20) 09:32:16 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000040)) write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0x10) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) (async) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) (async) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000040)) (async) write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0x10) (async) [ 1208.258946] RBP: 00007f3229c70020 R08: 00007f3229c70020 R09: 0000000020000140 [ 1208.266203] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000140 [ 1208.273470] R13: 0000000020000180 R14: 00007f3229c6ffe0 R15: 0000000020001340 [ 1208.347948] FAULT_INJECTION: forcing a failure. [ 1208.347948] name failslab, interval 1, probability 0, space 0, times 0 [ 1208.354813] hfsplus: creator requires a 4 character value [ 1208.383315] CPU: 1 PID: 31070 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1208.391215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1208.391221] Call Trace: [ 1208.391238] dump_stack+0x1b2/0x281 [ 1208.391251] should_fail.cold+0x10a/0x149 [ 1208.391265] should_failslab+0xd6/0x130 [ 1208.391278] __kmalloc+0x2c1/0x400 [ 1208.391289] ? __list_lru_init+0x67/0x710 [ 1208.391302] __list_lru_init+0x67/0x710 [ 1208.391318] sget_userns+0x4e4/0xc10 [ 1208.391326] ? set_bdev_super+0x110/0x110 [ 1208.391336] ? ns_test_super+0x50/0x50 [ 1208.391346] ? set_bdev_super+0x110/0x110 [ 1208.391354] ? ns_test_super+0x50/0x50 [ 1208.391363] sget+0xd1/0x110 [ 1208.391373] mount_bdev+0xcd/0x360 [ 1208.391381] ? hfsplus_iget+0x700/0x700 [ 1208.391391] mount_fs+0x92/0x2a0 [ 1208.426313] hfsplus: unable to parse mount options [ 1208.426604] vfs_kern_mount.part.0+0x5b/0x470 [ 1208.426616] do_mount+0xe65/0x2a10 [ 1208.473037] ? __do_page_fault+0x159/0xad0 [ 1208.477273] ? retint_kernel+0x2d/0x2d [ 1208.481161] ? copy_mount_string+0x40/0x40 [ 1208.485395] ? memset+0x20/0x40 [ 1208.488762] ? copy_mount_options+0x1fa/0x2f0 [ 1208.493253] ? copy_mnt_ns+0xa30/0xa30 [ 1208.497142] SyS_mount+0xa8/0x120 [ 1208.500593] ? copy_mnt_ns+0xa30/0xa30 [ 1208.504490] do_syscall_64+0x1d5/0x640 [ 1208.505884] FAULT_INJECTION: forcing a failure. [ 1208.505884] name failslab, interval 1, probability 0, space 0, times 0 [ 1208.508377] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1208.508387] RIP: 0033:0x7f463664e61a [ 1208.508392] RSP: 002b:00007f4634fc1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1208.508408] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f463664e61a 09:32:16 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x5, &(0x7f00000000c0)=[{0x7ee7, 0x0, 0xf9, 0x1}, {0x8, 0xf2, 0xff, 0x7}, {0x6b63, 0x40, 0xb4, 0x3}, {0xe0ed, 0x2, 0x81, 0xfffffff7}, {0x20, 0x8, 0x6, 0x2}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000140)={0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f00000001c0)={r2, 0x2, r3, 0x8000, 0x80000}) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/nat_icmp_send\x00', 0x2, 0x0) 09:32:16 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 55) 09:32:16 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x5, &(0x7f00000000c0)=[{0x7ee7, 0x0, 0xf9, 0x1}, {0x8, 0xf2, 0xff, 0x7}, {0x6b63, 0x40, 0xb4, 0x3}, {0xe0ed, 0x2, 0x81, 0xfffffff7}, {0x20, 0x8, 0x6, 0x2}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000140)={0x0}) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f00000001c0)={r2, 0x2, r3, 0x8000, 0x80000}) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/nat_icmp_send\x00', 0x2, 0x0) 09:32:16 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x5, &(0x7f00000000c0)=[{0x7ee7, 0x0, 0xf9, 0x1}, {0x8, 0xf2, 0xff, 0x7}, {0x6b63, 0x40, 0xb4, 0x3}, {0xe0ed, 0x2, 0x81, 0xfffffff7}, {0x20, 0x8, 0x6, 0x2}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000140)={0x0}) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f00000001c0)={r2, 0x2, r3, 0x8000, 0x80000}) (async) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/nat_icmp_send\x00', 0x2, 0x0) 09:32:16 executing program 4: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) r1 = accept$netrom(r0, 0x0, 0x0) getsockname$netrom(r0, &(0x7f0000000080)={{0x3, @rose}, [@default, @null, @remote, @rose, @default, @default, @netrom]}, &(0x7f0000000100)=0x48) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r2, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) r3 = accept4$netrom(r1, &(0x7f00000001c0)={{0x3, @rose}, [@rose, @null, @netrom, @remote, @bcast, @null, @null]}, &(0x7f0000000240)=0x48, 0x80800) getpeername$netrom(r3, &(0x7f0000000280)={{0x3, @netrom}, [@netrom, @rose, @null, @bcast, @bcast, @rose, @rose, @netrom]}, &(0x7f0000000300)=0x48) r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) accept$netrom(r4, 0x0, 0x0) getsockopt$netrom_NETROM_IDLE(r4, 0x103, 0x7, &(0x7f0000000140)=0x3, &(0x7f0000000180)=0x4) [ 1208.543406] RDX: 0000000020000140 RSI: 0000000020000180 RDI: 00007f4634fc1fe0 [ 1208.550668] RBP: 00007f4634fc2020 R08: 00007f4634fc2020 R09: 0000000020000140 [ 1208.557933] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000140 [ 1208.565194] R13: 0000000020000180 R14: 00007f4634fc1fe0 R15: 0000000020001340 [ 1208.572460] CPU: 0 PID: 31102 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1208.580525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1208.589874] Call Trace: [ 1208.592465] dump_stack+0x1b2/0x281 [ 1208.596096] should_fail.cold+0x10a/0x149 [ 1208.600339] should_failslab+0xd6/0x130 [ 1208.604315] __kmalloc+0x2c1/0x400 [ 1208.607865] ? __list_lru_init+0x67/0x710 [ 1208.612014] __list_lru_init+0x67/0x710 [ 1208.615991] sget_userns+0x4e4/0xc10 [ 1208.619970] ? set_bdev_super+0x110/0x110 [ 1208.624126] ? ns_test_super+0x50/0x50 [ 1208.628014] ? set_bdev_super+0x110/0x110 [ 1208.632169] ? ns_test_super+0x50/0x50 [ 1208.636068] sget+0xd1/0x110 [ 1208.639086] mount_bdev+0xcd/0x360 [ 1208.642624] ? hfsplus_iget+0x700/0x700 [ 1208.646599] mount_fs+0x92/0x2a0 [ 1208.649972] vfs_kern_mount.part.0+0x5b/0x470 [ 1208.654463] do_mount+0xe65/0x2a10 [ 1208.658000] ? __do_page_fault+0x159/0xad0 [ 1208.662234] ? retint_kernel+0x2d/0x2d [ 1208.666122] ? copy_mount_string+0x40/0x40 [ 1208.670362] ? memset+0x20/0x40 [ 1208.673646] ? copy_mount_options+0x1fa/0x2f0 [ 1208.678144] ? copy_mnt_ns+0xa30/0xa30 [ 1208.682045] SyS_mount+0xa8/0x120 [ 1208.685500] ? copy_mnt_ns+0xa30/0xa30 [ 1208.689391] do_syscall_64+0x1d5/0x640 [ 1208.693287] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1208.698474] RIP: 0033:0x7f322b2fc61a [ 1208.702178] RSP: 002b:00007f3229c6ff88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1208.709901] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f322b2fc61a [ 1208.717177] RDX: 0000000020000140 RSI: 0000000020000180 RDI: 00007f3229c6ffe0 [ 1208.724454] RBP: 00007f3229c70020 R08: 00007f3229c70020 R09: 0000000020000140 [ 1208.731723] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000140 [ 1208.739000] R13: 0000000020000180 R14: 00007f3229c6ffe0 R15: 0000000020001340 [ 1208.745646] hfsplus: creator requires a 4 character value 09:32:17 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 56) 09:32:17 executing program 4: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) r1 = accept$netrom(r0, 0x0, 0x0) getsockname$netrom(r0, &(0x7f0000000080)={{0x3, @rose}, [@default, @null, @remote, @rose, @default, @default, @netrom]}, &(0x7f0000000100)=0x48) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r2, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) r3 = accept4$netrom(r1, &(0x7f00000001c0)={{0x3, @rose}, [@rose, @null, @netrom, @remote, @bcast, @null, @null]}, &(0x7f0000000240)=0x48, 0x80800) getpeername$netrom(r3, &(0x7f0000000280)={{0x3, @netrom}, [@netrom, @rose, @null, @bcast, @bcast, @rose, @rose, @netrom]}, &(0x7f0000000300)=0x48) r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) accept$netrom(r4, 0x0, 0x0) getsockopt$netrom_NETROM_IDLE(r4, 0x103, 0x7, &(0x7f0000000140)=0x3, &(0x7f0000000180)=0x4) syz_init_net_socket$netrom(0x6, 0x5, 0x0) (async) accept$netrom(r0, 0x0, 0x0) (async) getsockname$netrom(r0, &(0x7f0000000080)={{0x3, @rose}, [@default, @null, @remote, @rose, @default, @default, @netrom]}, &(0x7f0000000100)=0x48) (async) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r2, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) accept4$netrom(r1, &(0x7f00000001c0)={{0x3, @rose}, [@rose, @null, @netrom, @remote, @bcast, @null, @null]}, &(0x7f0000000240)=0x48, 0x80800) (async) getpeername$netrom(r3, &(0x7f0000000280)={{0x3, @netrom}, [@netrom, @rose, @null, @bcast, @bcast, @rose, @rose, @netrom]}, &(0x7f0000000300)=0x48) (async) syz_init_net_socket$netrom(0x6, 0x5, 0x0) (async) accept$netrom(r4, 0x0, 0x0) (async) getsockopt$netrom_NETROM_IDLE(r4, 0x103, 0x7, &(0x7f0000000140)=0x3, &(0x7f0000000180)=0x4) (async) 09:32:17 executing program 1: r0 = socket(0x8, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) [ 1208.778009] hfsplus: unable to parse mount options 09:32:17 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (async) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x7c, 0x7c, 0x3, [@var={0x4, 0x0, 0x0, 0xe, 0x5}, @ptr={0x6, 0x0, 0x0, 0x2, 0x5}, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0xa, 0x0, 0x45, 0x7}, @const={0xa, 0x0, 0x0, 0xa, 0x3}, @ptr={0xb, 0x0, 0x0, 0x2, 0x3}, @const={0xb, 0x0, 0x0, 0xa, 0x1}, @int={0x3, 0x0, 0x0, 0x1, 0x0, 0x21, 0x0, 0x75, 0x1}, @int={0xf, 0x0, 0x0, 0x1, 0x0, 0x40, 0x0, 0x74, 0x5}, @ptr={0xb, 0x0, 0x0, 0x2, 0x1}]}, {0x0, [0x5f]}}, &(0x7f00000000c0)=""/86, 0x97, 0x56, 0x1}, 0x20) 09:32:17 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 56) 09:32:17 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="6b726561746f723dd7ce6751d4"]) 09:32:17 executing program 4: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) r1 = accept$netrom(r0, 0x0, 0x0) (async) getsockname$netrom(r0, &(0x7f0000000080)={{0x3, @rose}, [@default, @null, @remote, @rose, @default, @default, @netrom]}, &(0x7f0000000100)=0x48) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r2, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) (async) r3 = accept4$netrom(r1, &(0x7f00000001c0)={{0x3, @rose}, [@rose, @null, @netrom, @remote, @bcast, @null, @null]}, &(0x7f0000000240)=0x48, 0x80800) getpeername$netrom(r3, &(0x7f0000000280)={{0x3, @netrom}, [@netrom, @rose, @null, @bcast, @bcast, @rose, @rose, @netrom]}, &(0x7f0000000300)=0x48) (async) r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) accept$netrom(r4, 0x0, 0x0) (async) getsockopt$netrom_NETROM_IDLE(r4, 0x103, 0x7, &(0x7f0000000140)=0x3, &(0x7f0000000180)=0x4) 09:32:17 executing program 1: r0 = socket(0x8, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) socket(0x8, 0x1, 0x0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) [ 1208.896707] hfsplus: creator requires a 4 character value [ 1208.897911] hfsplus: unable to parse mount options [ 1208.902278] hfsplus: unable to parse mount options [ 1208.916857] hfsplus: creator requires a 4 character value [ 1208.922761] hfsplus: unable to parse mount options [ 1208.937533] FAULT_INJECTION: forcing a failure. 09:32:17 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x240401, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) ioctl$SNAPSHOT_UNFREEZE(r1, 0x3302) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000040)={0x0, 0x9}) 09:32:17 executing program 5: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (async) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x7c, 0x7c, 0x3, [@var={0x4, 0x0, 0x0, 0xe, 0x5}, @ptr={0x6, 0x0, 0x0, 0x2, 0x5}, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0xa, 0x0, 0x45, 0x7}, @const={0xa, 0x0, 0x0, 0xa, 0x3}, @ptr={0xb, 0x0, 0x0, 0x2, 0x3}, @const={0xb, 0x0, 0x0, 0xa, 0x1}, @int={0x3, 0x0, 0x0, 0x1, 0x0, 0x21, 0x0, 0x75, 0x1}, @int={0xf, 0x0, 0x0, 0x1, 0x0, 0x40, 0x0, 0x74, 0x5}, @ptr={0xb, 0x0, 0x0, 0x2, 0x1}]}, {0x0, [0x5f]}}, &(0x7f00000000c0)=""/86, 0x97, 0x56, 0x1}, 0x20) 09:32:17 executing program 1: r0 = socket(0x8, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) socket(0x8, 0x1, 0x0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) [ 1208.937533] name failslab, interval 1, probability 0, space 0, times 0 [ 1208.986378] FAULT_INJECTION: forcing a failure. [ 1208.986378] name failslab, interval 1, probability 0, space 0, times 0 [ 1208.992291] CPU: 0 PID: 31147 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1209.005544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1209.014893] Call Trace: [ 1209.017482] dump_stack+0x1b2/0x281 [ 1209.021105] should_fail.cold+0x10a/0x149 [ 1209.025251] should_failslab+0xd6/0x130 [ 1209.029222] __kmalloc+0x2c1/0x400 [ 1209.032753] ? __list_lru_init+0x67/0x710 [ 1209.036892] __list_lru_init+0x67/0x710 [ 1209.040878] sget_userns+0x504/0xc10 [ 1209.044592] ? set_bdev_super+0x110/0x110 [ 1209.048745] ? ns_test_super+0x50/0x50 [ 1209.052635] ? set_bdev_super+0x110/0x110 [ 1209.056782] ? ns_test_super+0x50/0x50 [ 1209.060667] sget+0xd1/0x110 [ 1209.063689] mount_bdev+0xcd/0x360 [ 1209.067227] ? hfsplus_iget+0x700/0x700 [ 1209.071197] mount_fs+0x92/0x2a0 [ 1209.074568] vfs_kern_mount.part.0+0x5b/0x470 [ 1209.079068] do_mount+0xe65/0x2a10 [ 1209.082610] ? __do_page_fault+0x159/0xad0 [ 1209.086842] ? retint_kernel+0x2d/0x2d [ 1209.090728] ? copy_mount_string+0x40/0x40 [ 1209.094960] ? memset+0x20/0x40 [ 1209.098230] ? copy_mount_options+0x1fa/0x2f0 [ 1209.102718] ? copy_mnt_ns+0xa30/0xa30 [ 1209.106586] SyS_mount+0xa8/0x120 [ 1209.110022] ? copy_mnt_ns+0xa30/0xa30 [ 1209.113891] do_syscall_64+0x1d5/0x640 [ 1209.117766] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1209.122941] RIP: 0033:0x7f322b2fc61a [ 1209.126631] RSP: 002b:00007f3229c6ff88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1209.134317] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f322b2fc61a [ 1209.141569] RDX: 0000000020000140 RSI: 0000000020000180 RDI: 00007f3229c6ffe0 [ 1209.148817] RBP: 00007f3229c70020 R08: 00007f3229c70020 R09: 0000000020000140 [ 1209.156063] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000140 [ 1209.163339] R13: 0000000020000180 R14: 00007f3229c6ffe0 R15: 0000000020001340 [ 1209.170606] CPU: 1 PID: 31146 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1209.178484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1209.187830] Call Trace: [ 1209.190419] dump_stack+0x1b2/0x281 [ 1209.194048] should_fail.cold+0x10a/0x149 [ 1209.198216] should_failslab+0xd6/0x130 [ 1209.202189] kmem_cache_alloc_trace+0x29a/0x3d0 [ 1209.204018] hfsplus: creator requires a 4 character value [ 1209.206850] ? dev_uevent_filter+0xd0/0xd0 [ 1209.206862] kobject_uevent_env+0x20c/0xf30 [ 1209.206878] loop_clr_fd+0x59f/0xc20 [ 1209.206890] lo_ioctl+0x895/0x1cd0 [ 1209.206903] ? kasan_slab_free+0x12d/0x1a0 [ 1209.212851] hfsplus: unable to parse mount options 09:32:17 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) recvfrom$netrom(0xffffffffffffffff, &(0x7f00000001c0)=""/111, 0x6f, 0x1, &(0x7f0000000240)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}}, [@bcast, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default, @bcast, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default]}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0) sendmsg$L2TP_CMD_SESSION_CREATE(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x60, 0x0, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [@L2TP_ATTR_L2SPEC_TYPE={0x5}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x4}, @L2TP_ATTR_OFFSET={0x6, 0x3, 0x3bfa}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0xd6}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @private1}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @multicast2}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}]}, 0x60}}, 0x4010) [ 1209.216633] ? loop_set_status64+0xe0/0xe0 [ 1209.216646] blkdev_ioctl+0x540/0x1830 [ 1209.216658] ? entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1209.216668] ? blkpg_ioctl+0x8d0/0x8d0 [ 1209.216678] ? trace_hardirqs_on+0x10/0x10 [ 1209.216691] ? debug_check_no_obj_freed+0x2c0/0x680 [ 1209.216700] ? lock_acquire+0x170/0x3f0 [ 1209.216712] block_ioctl+0xd9/0x120 [ 1209.216720] ? blkdev_fallocate+0x3a0/0x3a0 [ 1209.216729] do_vfs_ioctl+0x75a/0xff0 [ 1209.216737] ? lock_acquire+0x170/0x3f0 [ 1209.216746] ? ioctl_preallocate+0x1a0/0x1a0 [ 1209.216762] ? __fget+0x265/0x3e0 [ 1209.237424] ? do_vfs_ioctl+0xff0/0xff0 [ 1209.237436] ? security_file_ioctl+0x83/0xb0 [ 1209.237448] SyS_ioctl+0x7f/0xb0 [ 1209.237457] ? do_vfs_ioctl+0xff0/0xff0 [ 1209.237468] do_syscall_64+0x1d5/0x640 [ 1209.237482] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1209.237490] RIP: 0033:0x7f463664cea7 [ 1209.237494] RSP: 002b:00007f4634fc1f88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1209.237503] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f463664cea7 [ 1209.237508] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000005 [ 1209.237512] RBP: 00007f4634fc26b8 R08: 00007f4634fc2020 R09: 0000000020000140 [ 1209.237517] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 1209.237522] R13: 0000000000000016 R14: 00007f4634fc1fe0 R15: 0000000020001340 09:32:17 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 57) 09:32:17 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x240401, 0x0) (async) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) (async) ioctl$SNAPSHOT_UNFREEZE(r1, 0x3302) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000040)={0x0, 0x9}) 09:32:17 executing program 2: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="6b726561746f723dd7ce6751d4"]) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="6b726561746f723dd7ce6751d4"]) (async) 09:32:17 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) recvfrom$netrom(0xffffffffffffffff, &(0x7f00000001c0)=""/111, 0x6f, 0x1, &(0x7f0000000240)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}}, [@bcast, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default, @bcast, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default]}, 0x48) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0) sendmsg$L2TP_CMD_SESSION_CREATE(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x60, 0x0, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [@L2TP_ATTR_L2SPEC_TYPE={0x5}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x4}, @L2TP_ATTR_OFFSET={0x6, 0x3, 0x3bfa}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0xd6}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @private1}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @multicast2}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}]}, 0x60}}, 0x4010) socket(0x25, 0x1, 0x0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) recvfrom$netrom(0xffffffffffffffff, &(0x7f00000001c0)=""/111, 0x6f, 0x1, &(0x7f0000000240)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}}, [@bcast, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default, @bcast, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default]}, 0x48) (async) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0) (async) sendmsg$L2TP_CMD_SESSION_CREATE(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x60, 0x0, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [@L2TP_ATTR_L2SPEC_TYPE={0x5}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x4}, @L2TP_ATTR_OFFSET={0x6, 0x3, 0x3bfa}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0xd6}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @private1}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @multicast2}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}]}, 0x60}}, 0x4010) (async) 09:32:17 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 57) 09:32:17 executing program 5: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) openat$cgroup_type(r0, &(0x7f0000001980), 0x2, 0x0) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000000)='./file1\x00', 0x0, 0x0, &(0x7f00000012c0), 0x4000, &(0x7f0000001340)=ANY=[]) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000280), 0xffffffffffffffff) r5 = syz_mount_image$hfsplus(&(0x7f00000003c0), &(0x7f0000000400)='./file1\x00', 0x0, 0x5, &(0x7f00000016c0)=[{&(0x7f0000000440)="82f6f5efc50a7a5e40323614aea43741fa40b2aa670c03dc75175a8565aa0fb944bd8e06bd11a3076053e442bc61122c9ac5ab2de5fca56dc862c0983cdfe107c7af5422fcd15fc316baf77d9f5b84c5f54f2cd7da4d81e18aafe3af80404b682f2d6f4f392ce04b293549fb84867d7187", 0x71, 0x5}, {&(0x7f00000004c0)="6aff049b1a61eba001d51bceca6603ea8c68a783c6794cc29be317fdb0e5f294d2efec686687bafbfdfc75c1ef3705698aeba9263bef097ae2e80ede2bec8dfba38a2162ce0504f3a71ab7de95b154b94f66f803f0597fa578a108fc05209afd8f17ce383bb15993176e359d52ccaa28ce1bd8f4717b3bf8d10f8351a46f83fa829dee9044003dca9287018d695b2f9794bb5dea3c8235ef6b064c0f6a0065c2f36626cc6358bda7de1f6d1cd495923bbfec3ba12d3d6ef31dac22a1c5b42a3c4db37e8a98f82480df2a9c650240480cc66f0c78cef69a577d", 0xd9, 0x3f}, {&(0x7f00000005c0)="9057a805453cd3c2623d0925eb42a155b214d73521a3078e016911ac7049687c5aa87e06257586f39921bd7fdcf66e0b980b1bd74b611bdb73515db91765ca283f15a3947dd67413611a17e0f6f461d9055a0a634901", 0x56}, {&(0x7f0000000640)="07707f1279c21f8041381ba0ed48b7a7014e19fa97717ad7f8f02c1a402c61da28ac6e9c18c71ad74c48ab348ed354e1ecebc96297f247940bcadddca817f0e7d3a62acae73fa598f0e35d273c56ddded37d3d02a1f78222ad43314497e9c9a51ecc041416e0032b054a945bfe5652b1a78243e3e90779ff98038a0f06c4eec04aac352d7d4e7293ab040fea8e7e5bb09674ca49e28171123ba8eecece0ed3e276337468a0b12a6cb59e0bd973057232214eee1289c66b56aa7c7ece0215e87131ee1f166d0c993cdf315c4b4b906fcebe1450c9d03eeb3b6737a121b8444ea37b8264366d58a458b62d68e28bc8735a8a7728e1e3379342ef019c6a638ef1f12e77d6eb89e9098aa495699d57ea19ed75e7bca847c2bea406bfaaa3459c3d0f8edab919fe338bdcc399f101350ef6c7de1238d6449c8d93230fe38f4c8c833ad381bdb84f0058cf4e06c7d9526a0628ed3c3116730d7a94a16bc546351b82c96cce21c82303c68827a1eb4bfb767e7bf9d71c6a0c1ad05cabaac33663fa5b724ca5115bb222432b592b1bf945a416ba6b727b510571bfedcfa4d61e6ddf23cb3490f7673773c5724f053b75cf5c782e120dc72fc58bedaca2a4091225836f7398e34154385529c414515a9d3b1eea7d036dae0b520f3ad7abd34e096ded5524f8fa6104485ad7e35fe717ccbd1e478eec8849d343e6279af30dab7766f8df47ea5cceb8388b3cd87fc2c3ffa76db4dd33cfcd89ff601e2a2dab236b0768968936de641651c6c8e3198cb243c4021b1a06fde652241a0ad63dde74655293c70e2ca93a78ece7300a6a982245a9636d7a2e355bc3125964a2d0bc3142a305b30d986c4faad8928ebbcdbd0cb38eedc3841885c9b8399ddbbe7953bb2b775d51a6276874353226f11da557df5209b8dc485d1508a94dfab64ff63607c310358bea61953c6390aa09b0d02dcc12754bbef6487292985eba9573b5814ad25e980197fa1621de0fc8b6f2f737000868773517f6dcc72b5cb255c2c79f60606229df352a389a2c5ac5a3e5dbbabddc87c99dec99c3434485b96c128b4db6e5db9000bdc260f0e9856d53dc39ffe71f7cd82b0196d96e577fa4e2e755fd90c6148fdee6cc52e63a95999dfe5b89f76efb7737559e87a834553c01301bbbad6b8712a6979c6a3354abc973c104a5c1ff2ec6ed5286548a1daf802a1f0c060286d49b549bf20520e4ac1ce308373a5a882dbcf228f55514966c9637947a7760524fccfd525fd19fc7ecc47a9f576b54f1396e252fb9603fb8d1bfba152c88e62cde8df2b0ca1bce57a9a6c90556bd10592d175e782792abb0710a3eaa1c9573022ef8142ac5693ab69c2442bd14a1cc4549dc13fb6e17802ef8df25629dba6d6302c4ea81bd0738794da0deaeede299a60479e44ba7a6899f9d19b27289b1d92bbbab94d17c912b7bb74b2cbc18c6c2854254be12cb8a8fb674721af58143110da2ec4cc4e5d82ea7ada968f738af9bcbe5ff0de2547a5e3949cf7048d1aa93655b519c304fff8bf08e2c1f601832886a89cfa19220e53e773ad26466ceaf1d27f70e0dd7ae540dc3a9ec59aae1d006aaf38878886bbf8e2045ca4611b45aa661f1c4462907596b655c357a50212cba24546be6044f4523c3e2f79bb77dccd0a785017c51d9f4d82ca001ca25ad4fce908f4c0721e525dee1b10d489ac28700b45fe125f7e4763c8443ffc50b68284902f0f17c2cb08e22745478e3bc10d0cc44a39b833b64e34cb355e9fdcbba7d0c771cdf0d4897c6b1857403efd4e5f5a6aadb906345e0e409194aa6c982a056c44f7679a1dd430f298a354dbfe23d6299211d44ebb928ec689e7f2b65112c814b7a85d80342a0ac038b5a026c2f969910fdf5c534381beea6b8feecb54c038f861b2ef83d35f3934411aafa3faaaece1863fb8a8c63f211cfc3e58dae9d65b6ce9a00230fa4b11dac8d678cd3aea772971a3ad26f44da52fa24b9e2c9a29babc9a1d82919e4b0af8dc0a25e65950cce984237fb03826f8399ce8d55b89f5d3ecbff6d725303a6631288accb20d72bb0d5a22be4e8f927060a8bfd951680d51c102d7051091a4cf90ca91a7a943f83c87a98ceed43dbfe4f560f38ce173b2765c206b2c8cb3d9ba39b1e720ffe2953a0a9eb040f8fd763651e5a2b3e094592f64ed4c13a088ad88c957a248951e5181458f3488aa466477ec5c6af780ad4830aa8e3fe313f5ad0a91b607ea58e03cb9ae54e3e6f5ac04ad826502b38b15912303f1576d910dcdea58e44d1b05f3efdddba42c6c3cabac71f0efb5dd6b6577171535ab7ba9c58ed81c74436ff832fe177c371874ce7f47cdfc55937cf830b5d433d7c1a47b4c3bf398b44f32a2b9b4c2e1024f3745968e43ca01cedc1be7dc894392211d98d2368aefad4a1f1bc874f7b65c30d7b4a0257b427bc74057502a7325bc82ba46c54b9b626505644a6cadb7b7d01f2b67a1174b85f69de94cbb56c3dedcf03b5f2932022133806d4869507f70c47072f1aa43274d03c203d35ac78213039380c3175fd4247cf6874d8cbcc92aaaeb5e731ed001510d87ae995b90e611748e4c4b754f569f21a3e92341aa44f4e4b7e826ca43d1d5c704a7b704880d811012e4cb7f187fb5e9a541a0d964eb9da1ba5da1ff1c0e7bfd9eb9b330094c22c31bc67a10ec9f0a943481cb9f4ba0a92719ea273c545561f476f9c10b0b02cf148498a8f88a1806a1f5ca3ff19a56e4133424e80cfb266f18a31a8762e2ad3493f1d30aa4dfb284d4a162c6c6d4be0f735ac9e3d7f343871df614f8e213d1d1666e61c1ffb2003428e4848b41d743e4d959a9ae947a6b3dae0321fe74176a41d552b0b9b2bc0027801c7442ad784057f24ca07376116baf0a08dbf74e3d3d2f679ba5b32c00845fc7d074014605d4dc45c1d2006587b08cd44647ff5aee7ddc01affbf027ee70dbe2b530e29188288fae63628a0b5a34b792be856cd5b806756001449bf0847d93ccf8049a5c4e82ac41611be241b57a5568ad95e609f8d9d8d9c55ae64f87d5662e3623c804b14edb574bc60cee88d8fb758bb52f03cfe62ee91a2defd446f60b69eedfe9fdc4b957b30b8a44bda61c8d195580dfd124ae483b70d522b5e7541aac33b90e7740be4150f02e8ea716c0a23ab21cd84dede9f3bafef49f62a00fc7ca8dfe57f7098008f9db2cd119cdae55d7a5ecb541160b2bb67dd4f5ea88132f7ce0a5eba347086c810ca84747f67611e66c386c2f26bbe2791fd572aa00f108e92914946c35f399604f4045e89752f0171827c43bc93b816ef018a75bf0ea25824880b49d02964dfb3d17ad0763646779dc01fc496556f58fe9b28bbc1d7b6837f006eebd5538caf5d2f2eeef27d18155c0cb5f51de61963fc234233225d9e74bfffb1292d32374c4383879c650d8e2eddcdf7f68fad2b359a3973b4c35280a9f6ebf06d958c4cae6c130f823a62cbd101195e4620b55d97a97c6f96d2d6bf6326b065a44ccb24ff29922c43eb46341a965f6e907c363816d277a3f6b462164d6cc7dac13fe97110d952630e3b812043ec44ef962f9d8a49d9284256b31c4504b91d5de5f980a1e5fdb65d1f100f73bc2977808ce507b9c5e64075d270a7b5ac35922ff40ed363f3d4303ad65ed981f0f0e1206b83e1759f7d2113ff7e8db7be49b9379ab8fbe04db189ead21b73e8828b44704dc07547ba0abe6ca69179ae473fe1eaf6499cd5932205d389d17bc856113e7452bfa84a0569b962eff63779951c9d2116536baa76801d299bae2a2be2d93ff460110af3514b0285058373ccba82ecf60f7818a8116bc2d929570ecbab924db94ceefce24dc3b6d318ca139e9b524abe222f4a7973a967a08aed772d4a3c84100431ea58c054d8f625c142a9177dd3e0baa569ebacd232458c8444196e09beb717c0a1d702b3b84fa77e9c37be31eae4cce1c518ba017d731cb77beddb5dc71b702fdd0459f250e1bb9452ba36f7ba5ef598ca1dc9c8ce2be63f7aca61cd03170dd2ad0e13e31d2665d75a552acfd5609004847012524b32b0da63eb311c150e48fb6ab6472b00e893534e6bb68ce9ffa4bd463e57858e33eb0ef297150ac6a4dd6207c367917a2f7399e2095ae85b8438b1f83e4ffa6d17eb642638eb1899e0dda90b8299770b92e8a951834f6be589c58a76e9a623c6d3fc3bc9ea6a7aa1b18d65e870a6ac937e9a010d914aac01388ea07aac407df1a5c595e229faa70740dc0948ad7597eb9bc2e88cecec49eead3e3769369b44db745c33507186e474c96f68d09f85e645e608de04ed105afa2c4da30c504315c23b8909496d38d8903004813e5dc236701346f376de138bc26c673b53dd2deb1f93cd02c86c5095664bdb2bd0e0ef406cc4df4955c83628a8c556f643bde865462c62e6f89e426ebf6b902d8ecd493b95a1e5cc1f68a44f7afa07c99d50b4fe8820f8a2c60a942d0d76e4ac760c2498fa61a492c39ecda83abab2b0c6fb9797cc518d4c1bd3f93c08c608192797bb700e6d95791ce482a54f3398d88a59332361ddad5b92d30f94db32493bd131f3658f6d6475ea112a4c6498fa293b7b93ab7f1d4f16ca64a3892053f736ea8015f9dfe09bfc0f774597c91e9348b3be2e92c0864aed146fc62b3e4ebe482aba829ec9e1f8cfff0af373db84428710e10a48bf6f3e17a9b0805d13461a4a865a13fae8db059da7e4bf8397b35f4efab2062ad7fb01be20c11a989cc79e5193143205e244540fabe0e9237620f045177db22285f8492363c4d1f5e0bf85f8ce4570a0b4edaafe1eb6cf2c528c4c564648cec6aeb15861bafac56c6bea2ae5cdf64204df44b44a5dfd024e8c020faec940d4f2c4e1a01e5d246cd0bf488c5fbed9deb5bd3229e8a245a3cf9d99cb8c893aea07a3be48f8644e0197b3982e038fd184340bf431fbc64960f99380ef8f7929b682987b7b570dff1bf0f042fb01eda20d0ddbf3b7321f254cfe0e5805f075397b8311ca45c235fa8fdf78a6c89eca4d353924a9309b7063dbabb404d83431d0de4871c51cc1ba6a84952469e92af7b68e9ec65a704ca9f45c8196a1e695f6c6d7059fad70e8c6a18cc7c373bca8fb7049f2c699e48daa0d0a0845daff07882f580d7a3e78a58031c55eede588c0e49d63f8088ed64d11731ecb222d639249115b33dc3ef6f46c578f605d560e8bb3097f3fdaf4a5cf3fce8688d8d2267ec2fbe26298ad467db7ae936999682edf8eb98040b7a32af5e6934d1596163fd01da63f24e120192186e4b3633b2dc75a5ad2757fa8898b6861099d7c92bb61cc5343cf0c540497f8065b776d6f772c669b9ec2b1e33c0d3ff6daa756aaa2f2c1fd8539da5f6940d206196155c516722c8830aa89f1a74461a6b7a0de13117e52f7fd719717d205c26e80f7b7ddfd3faa6625356db5d53b06d2e4b6e92d1e9325a68a620ebc16703bb04c7d7dd48dd8d1160bc0b6e53baa80600c3955e556bc706729020a791087f8fd71394857042229c20acd22ef720e78af74a4a1e2306c99a2efe5226747a57ffd92d032123d78e9ec5c0c430fe1dc9ed92bda2613bda5093dba34563bdbb2c5905966224f7724ba93f401c5a7edbcf15ea1d1098a89ad455c41db063800c78db9b8892ed51b0e0d168e47f3128c1e38d7561006ef88840ea32899233100ea466326760966bda02ec29648af50084ff5f609a904707e25f6a66f908692845b6b6462ab669e3601b19bdb3af70c8851e217a9e9feef90a3fb6672374d4839a0a9", 0x1000, 0xff76}, {&(0x7f0000001640)="327d8c48cecc0cce798b37cd8db9d31ca8cee9312d4805eed4a72b292080c7b4983d0173499060fd4a8bd6da7e4d0a918fd2812afddf7bf0ebb1fcaef586bd9d6327b3a9abf85cd81ced4c2f3954faa0533ee70b34c9e23309c90acc5a644f318dac7dd8934f735a1366d4f8d26eb0c362abf180caa34066f29e9acf", 0x7c, 0x3a49}], 0xc1888, &(0x7f0000001740)=ANY=[@ANYBLOB='session=0xffffffffffff7fff,euid<', @ANYRESDEC=0xee01, @ANYBLOB=',rootcontext=root,obj_role=]-,smackfsroot=SMC_PNETID\x00,uid>', @ANYRESDEC, @ANYBLOB="2c646566636f6e746578743d756e636f6e66696e65645f752c736d61636b66736465663d86402a2c2c646f6e745f686173682c666f776e65723e", @ANYRESDEC, @ANYBLOB="2c7375626a81757365723d2c00"]) fanotify_mark(0xffffffffffffffff, 0x22, 0x1, r5, &(0x7f0000001840)='./file1\x00') sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x14, r4, 0x1}, 0x14}}, 0x0) sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x34, r4, 0x10, 0x70bd2b, 0x25dfdbfc, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'nr0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x8800}, 0x2) sendmsg$L2TP_CMD_SESSION_GET(r2, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r1, 0xb09}, 0x14}}, 0x0) sendmsg$L2TP_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r1, 0x8, 0x70bd28, 0x25dfdbff, {}, [@L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0x4}, @L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x8000) sendmsg$L2TP_CMD_TUNNEL_MODIFY(r2, &(0x7f0000001940)={&(0x7f0000001880)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001900)={&(0x7f00000018c0)={0x30, r1, 0x70d, 0x70bd2a, 0x25dfdbfc, {}, [@L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x4}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}, 0x30}}, 0x10) [ 1209.466902] hfsplus: unable to parse mount options [ 1209.474800] FAULT_INJECTION: forcing a failure. [ 1209.474800] name failslab, interval 1, probability 0, space 0, times 0 [ 1209.487652] CPU: 0 PID: 31208 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1209.495540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1209.495544] Call Trace: [ 1209.495561] dump_stack+0x1b2/0x281 [ 1209.495577] should_fail.cold+0x10a/0x149 09:32:17 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x240401, 0x0) (async) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r1) (async) ioctl$SNAPSHOT_UNFREEZE(r1, 0x3302) (async) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000040)={0x0, 0x9}) [ 1209.495590] should_failslab+0xd6/0x130 [ 1209.495602] __kmalloc+0x2c1/0x400 [ 1209.495612] ? __list_lru_init+0x67/0x710 [ 1209.495623] __list_lru_init+0x67/0x710 [ 1209.495638] sget_userns+0x504/0xc10 [ 1209.495648] ? set_bdev_super+0x110/0x110 [ 1209.495658] ? ns_test_super+0x50/0x50 [ 1209.495667] ? set_bdev_super+0x110/0x110 [ 1209.495674] ? ns_test_super+0x50/0x50 [ 1209.495682] sget+0xd1/0x110 [ 1209.495694] mount_bdev+0xcd/0x360 [ 1209.495703] ? hfsplus_iget+0x700/0x700 [ 1209.495712] mount_fs+0x92/0x2a0 09:32:17 executing program 4: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/lblc_expiration\x00', 0x2, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x2}) bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000080)={0xffffff80, 0x0}, 0x8) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r1}, 0x4) [ 1209.495726] vfs_kern_mount.part.0+0x5b/0x470 [ 1209.495738] do_mount+0xe65/0x2a10 [ 1209.495750] ? __do_page_fault+0x159/0xad0 [ 1209.495760] ? retint_kernel+0x2d/0x2d [ 1209.495770] ? copy_mount_string+0x40/0x40 [ 1209.495782] ? memset+0x20/0x40 [ 1209.495791] ? copy_mount_options+0x1fa/0x2f0 [ 1209.495800] ? copy_mnt_ns+0xa30/0xa30 [ 1209.495810] SyS_mount+0xa8/0x120 [ 1209.495817] ? copy_mnt_ns+0xa30/0xa30 [ 1209.495829] do_syscall_64+0x1d5/0x640 [ 1209.607708] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1209.612893] RIP: 0033:0x7f463664e61a 09:32:17 executing program 4: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/lblc_expiration\x00', 0x2, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x2}) (async) bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000080)={0xffffff80, 0x0}, 0x8) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r1}, 0x4) 09:32:17 executing program 4: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/lblc_expiration\x00', 0x2, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x2}) (async) bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000080)={0xffffff80, 0x0}, 0x8) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r1}, 0x4) [ 1209.616597] RSP: 002b:00007f4634fc1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1209.624304] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f463664e61a [ 1209.631567] RDX: 0000000020000140 RSI: 0000000020000180 RDI: 00007f4634fc1fe0 [ 1209.638838] RBP: 00007f4634fc2020 R08: 00007f4634fc2020 R09: 0000000020000140 [ 1209.646105] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000140 [ 1209.653369] R13: 0000000020000180 R14: 00007f4634fc1fe0 R15: 0000000020001340 09:32:17 executing program 1: r0 = socket(0x25, 0x1, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) (async) recvfrom$netrom(0xffffffffffffffff, &(0x7f00000001c0)=""/111, 0x6f, 0x1, &(0x7f0000000240)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}}, [@bcast, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default, @bcast, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default]}, 0x48) (async, rerun: 32) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0) (rerun: 32) sendmsg$L2TP_CMD_SESSION_CREATE(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x60, 0x0, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [@L2TP_ATTR_L2SPEC_TYPE={0x5}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x4}, @L2TP_ATTR_OFFSET={0x6, 0x3, 0x3bfa}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0xd6}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @private1}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @multicast2}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}]}, 0x60}}, 0x4010) 09:32:17 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x400001, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000000)={0x0, 0x9}) [ 1209.664937] hfsplus: unable to parse mount options [ 1209.674133] FAULT_INJECTION: forcing a failure. [ 1209.674133] name failslab, interval 1, probability 0, space 0, times 0 [ 1209.705305] CPU: 1 PID: 31219 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1209.713209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1209.722559] Call Trace: [ 1209.725149] dump_stack+0x1b2/0x281 [ 1209.728828] should_fail.cold+0x10a/0x149 [ 1209.729870] hfsplus: unable to parse mount options [ 1209.732972] should_failslab+0xd6/0x130 [ 1209.741842] __kmalloc+0x2c1/0x400 [ 1209.745376] ? register_shrinker+0x1ab/0x220 [ 1209.749784] register_shrinker+0x1ab/0x220 [ 1209.754019] sget_userns+0x9aa/0xc10 [ 1209.754030] ? set_bdev_super+0x110/0x110 [ 1209.754041] ? ns_test_super+0x50/0x50 [ 1209.754052] ? set_bdev_super+0x110/0x110 [ 1209.769889] ? ns_test_super+0x50/0x50 [ 1209.773778] sget+0xd1/0x110 [ 1209.776796] mount_bdev+0xcd/0x360 [ 1209.779954] hfsplus: unable to find HFS+ superblock [ 1209.780327] ? hfsplus_iget+0x700/0x700 [ 1209.780340] mount_fs+0x92/0x2a0 [ 1209.780355] vfs_kern_mount.part.0+0x5b/0x470 [ 1209.780366] do_mount+0xe65/0x2a10 [ 1209.780379] ? __do_page_fault+0x159/0xad0 [ 1209.804313] FAULT_INJECTION: forcing a failure. [ 1209.804313] name failslab, interval 1, probability 0, space 0, times 0 [ 1209.804936] ? retint_kernel+0x2d/0x2d [ 1209.820009] ? copy_mount_string+0x40/0x40 [ 1209.824246] ? memset+0x20/0x40 [ 1209.827514] ? copy_mount_options+0x1fa/0x2f0 [ 1209.832002] ? copy_mnt_ns+0xa30/0xa30 [ 1209.835879] SyS_mount+0xa8/0x120 [ 1209.839326] ? copy_mnt_ns+0xa30/0xa30 [ 1209.843214] do_syscall_64+0x1d5/0x640 [ 1209.847089] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1209.852264] RIP: 0033:0x7f322b2fc61a [ 1209.855962] RSP: 002b:00007f3229c6ff88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 09:32:17 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="63726561746f723dd7ce6751d4"]) (fail_nth: 58) 09:32:17 executing program 5: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000001140), r0) (async) openat$cgroup_type(r0, &(0x7f0000001980), 0x2, 0x0) (async) syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000000)='./file1\x00', 0x0, 0x0, &(0x7f00000012c0), 0x4000, &(0x7f0000001340)=ANY=[]) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000280), 0xffffffffffffffff) (async, rerun: 64) r5 = syz_mount_image$hfsplus(&(0x7f00000003c0), &(0x7f0000000400)='./file1\x00', 0x0, 0x5, &(0x7f00000016c0)=[{&(0x7f0000000440)="82f6f5efc50a7a5e40323614aea43741fa40b2aa670c03dc75175a8565aa0fb944bd8e06bd11a3076053e442bc61122c9ac5ab2de5fca56dc862c0983cdfe107c7af5422fcd15fc316baf77d9f5b84c5f54f2cd7da4d81e18aafe3af80404b682f2d6f4f392ce04b293549fb84867d7187", 0x71, 0x5}, {&(0x7f00000004c0)="6aff049b1a61eba001d51bceca6603ea8c68a783c6794cc29be317fdb0e5f294d2efec686687bafbfdfc75c1ef3705698aeba9263bef097ae2e80ede2bec8dfba38a2162ce0504f3a71ab7de95b154b94f66f803f0597fa578a108fc05209afd8f17ce383bb15993176e359d52ccaa28ce1bd8f4717b3bf8d10f8351a46f83fa829dee9044003dca9287018d695b2f9794bb5dea3c8235ef6b064c0f6a0065c2f36626cc6358bda7de1f6d1cd495923bbfec3ba12d3d6ef31dac22a1c5b42a3c4db37e8a98f82480df2a9c650240480cc66f0c78cef69a577d", 0xd9, 0x3f}, {&(0x7f00000005c0)="9057a805453cd3c2623d0925eb42a155b214d73521a3078e016911ac7049687c5aa87e06257586f39921bd7fdcf66e0b980b1bd74b611bdb73515db91765ca283f15a3947dd67413611a17e0f6f461d9055a0a634901", 0x56}, {&(0x7f0000000640)="07707f1279c21f8041381ba0ed48b7a7014e19fa97717ad7f8f02c1a402c61da28ac6e9c18c71ad74c48ab348ed354e1ecebc96297f247940bcadddca817f0e7d3a62acae73fa598f0e35d273c56ddded37d3d02a1f78222ad43314497e9c9a51ecc041416e0032b054a945bfe5652b1a78243e3e90779ff98038a0f06c4eec04aac352d7d4e7293ab040fea8e7e5bb09674ca49e28171123ba8eecece0ed3e276337468a0b12a6cb59e0bd973057232214eee1289c66b56aa7c7ece0215e87131ee1f166d0c993cdf315c4b4b906fcebe1450c9d03eeb3b6737a121b8444ea37b8264366d58a458b62d68e28bc8735a8a7728e1e3379342ef019c6a638ef1f12e77d6eb89e9098aa495699d57ea19ed75e7bca847c2bea406bfaaa3459c3d0f8edab919fe338bdcc399f101350ef6c7de1238d6449c8d93230fe38f4c8c833ad381bdb84f0058cf4e06c7d9526a0628ed3c3116730d7a94a16bc546351b82c96cce21c82303c68827a1eb4bfb767e7bf9d71c6a0c1ad05cabaac33663fa5b724ca5115bb222432b592b1bf945a416ba6b727b510571bfedcfa4d61e6ddf23cb3490f7673773c5724f053b75cf5c782e120dc72fc58bedaca2a4091225836f7398e34154385529c414515a9d3b1eea7d036dae0b520f3ad7abd34e096ded5524f8fa6104485ad7e35fe717ccbd1e478eec8849d343e6279af30dab7766f8df47ea5cceb8388b3cd87fc2c3ffa76db4dd33cfcd89ff601e2a2dab236b0768968936de641651c6c8e3198cb243c4021b1a06fde652241a0ad63dde74655293c70e2ca93a78ece7300a6a982245a9636d7a2e355bc3125964a2d0bc3142a305b30d986c4faad8928ebbcdbd0cb38eedc3841885c9b8399ddbbe7953bb2b775d51a6276874353226f11da557df5209b8dc485d1508a94dfab64ff63607c310358bea61953c6390aa09b0d02dcc12754bbef6487292985eba9573b5814ad25e980197fa1621de0fc8b6f2f737000868773517f6dcc72b5cb255c2c79f60606229df352a389a2c5ac5a3e5dbbabddc87c99dec99c3434485b96c128b4db6e5db9000bdc260f0e9856d53dc39ffe71f7cd82b0196d96e577fa4e2e755fd90c6148fdee6cc52e63a95999dfe5b89f76efb7737559e87a834553c01301bbbad6b8712a6979c6a3354abc973c104a5c1ff2ec6ed5286548a1daf802a1f0c060286d49b549bf20520e4ac1ce308373a5a882dbcf228f55514966c9637947a7760524fccfd525fd19fc7ecc47a9f576b54f1396e252fb9603fb8d1bfba152c88e62cde8df2b0ca1bce57a9a6c90556bd10592d175e782792abb0710a3eaa1c9573022ef8142ac5693ab69c2442bd14a1cc4549dc13fb6e17802ef8df25629dba6d6302c4ea81bd0738794da0deaeede299a60479e44ba7a6899f9d19b27289b1d92bbbab94d17c912b7bb74b2cbc18c6c2854254be12cb8a8fb674721af58143110da2ec4cc4e5d82ea7ada968f738af9bcbe5ff0de2547a5e3949cf7048d1aa93655b519c304fff8bf08e2c1f601832886a89cfa19220e53e773ad26466ceaf1d27f70e0dd7ae540dc3a9ec59aae1d006aaf38878886bbf8e2045ca4611b45aa661f1c4462907596b655c357a50212cba24546be6044f4523c3e2f79bb77dccd0a785017c51d9f4d82ca001ca25ad4fce908f4c0721e525dee1b10d489ac28700b45fe125f7e4763c8443ffc50b68284902f0f17c2cb08e22745478e3bc10d0cc44a39b833b64e34cb355e9fdcbba7d0c771cdf0d4897c6b1857403efd4e5f5a6aadb906345e0e409194aa6c982a056c44f7679a1dd430f298a354dbfe23d6299211d44ebb928ec689e7f2b65112c814b7a85d80342a0ac038b5a026c2f969910fdf5c534381beea6b8feecb54c038f861b2ef83d35f3934411aafa3faaaece1863fb8a8c63f211cfc3e58dae9d65b6ce9a00230fa4b11dac8d678cd3aea772971a3ad26f44da52fa24b9e2c9a29babc9a1d82919e4b0af8dc0a25e65950cce984237fb03826f8399ce8d55b89f5d3ecbff6d725303a6631288accb20d72bb0d5a22be4e8f927060a8bfd951680d51c102d7051091a4cf90ca91a7a943f83c87a98ceed43dbfe4f560f38ce173b2765c206b2c8cb3d9ba39b1e720ffe2953a0a9eb040f8fd763651e5a2b3e094592f64ed4c13a088ad88c957a248951e5181458f3488aa466477ec5c6af780ad4830aa8e3fe313f5ad0a91b607ea58e03cb9ae54e3e6f5ac04ad826502b38b15912303f1576d910dcdea58e44d1b05f3efdddba42c6c3cabac71f0efb5dd6b6577171535ab7ba9c58ed81c74436ff832fe177c371874ce7f47cdfc55937cf830b5d433d7c1a47b4c3bf398b44f32a2b9b4c2e1024f3745968e43ca01cedc1be7dc894392211d98d2368aefad4a1f1bc874f7b65c30d7b4a0257b427bc74057502a7325bc82ba46c54b9b626505644a6cadb7b7d01f2b67a1174b85f69de94cbb56c3dedcf03b5f2932022133806d4869507f70c47072f1aa43274d03c203d35ac78213039380c3175fd4247cf6874d8cbcc92aaaeb5e731ed001510d87ae995b90e611748e4c4b754f569f21a3e92341aa44f4e4b7e826ca43d1d5c704a7b704880d811012e4cb7f187fb5e9a541a0d964eb9da1ba5da1ff1c0e7bfd9eb9b330094c22c31bc67a10ec9f0a943481cb9f4ba0a92719ea273c545561f476f9c10b0b02cf148498a8f88a1806a1f5ca3ff19a56e4133424e80cfb266f18a31a8762e2ad3493f1d30aa4dfb284d4a162c6c6d4be0f735ac9e3d7f343871df614f8e213d1d1666e61c1ffb2003428e4848b41d743e4d959a9ae947a6b3dae0321fe74176a41d552b0b9b2bc0027801c7442ad784057f24ca07376116baf0a08dbf74e3d3d2f679ba5b32c00845fc7d074014605d4dc45c1d2006587b08cd44647ff5aee7ddc01affbf027ee70dbe2b530e29188288fae63628a0b5a34b792be856cd5b806756001449bf0847d93ccf8049a5c4e82ac41611be241b57a5568ad95e609f8d9d8d9c55ae64f87d5662e3623c804b14edb574bc60cee88d8fb758bb52f03cfe62ee91a2defd446f60b69eedfe9fdc4b957b30b8a44bda61c8d195580dfd124ae483b70d522b5e7541aac33b90e7740be4150f02e8ea716c0a23ab21cd84dede9f3bafef49f62a00fc7ca8dfe57f7098008f9db2cd119cdae55d7a5ecb541160b2bb67dd4f5ea88132f7ce0a5eba347086c810ca84747f67611e66c386c2f26bbe2791fd572aa00f108e92914946c35f399604f4045e89752f0171827c43bc93b816ef018a75bf0ea25824880b49d02964dfb3d17ad0763646779dc01fc496556f58fe9b28bbc1d7b6837f006eebd5538caf5d2f2eeef27d18155c0cb5f51de61963fc234233225d9e74bfffb1292d32374c4383879c650d8e2eddcdf7f68fad2b359a3973b4c35280a9f6ebf06d958c4cae6c130f823a62cbd101195e4620b55d97a97c6f96d2d6bf6326b065a44ccb24ff29922c43eb46341a965f6e907c363816d277a3f6b462164d6cc7dac13fe97110d952630e3b812043ec44ef962f9d8a49d9284256b31c4504b91d5de5f980a1e5fdb65d1f100f73bc2977808ce507b9c5e64075d270a7b5ac35922ff40ed363f3d4303ad65ed981f0f0e1206b83e1759f7d2113ff7e8db7be49b9379ab8fbe04db189ead21b73e8828b44704dc07547ba0abe6ca69179ae473fe1eaf6499cd5932205d389d17bc856113e7452bfa84a0569b962eff63779951c9d2116536baa76801d299bae2a2be2d93ff460110af3514b0285058373ccba82ecf60f7818a8116bc2d929570ecbab924db94ceefce24dc3b6d318ca139e9b524abe222f4a7973a967a08aed772d4a3c84100431ea58c054d8f625c142a9177dd3e0baa569ebacd232458c8444196e09beb717c0a1d702b3b84fa77e9c37be31eae4cce1c518ba017d731cb77beddb5dc71b702fdd0459f250e1bb9452ba36f7ba5ef598ca1dc9c8ce2be63f7aca61cd03170dd2ad0e13e31d2665d75a552acfd5609004847012524b32b0da63eb311c150e48fb6ab6472b00e893534e6bb68ce9ffa4bd463e57858e33eb0ef297150ac6a4dd6207c367917a2f7399e2095ae85b8438b1f83e4ffa6d17eb642638eb1899e0dda90b8299770b92e8a951834f6be589c58a76e9a623c6d3fc3bc9ea6a7aa1b18d65e870a6ac937e9a010d914aac01388ea07aac407df1a5c595e229faa70740dc0948ad7597eb9bc2e88cecec49eead3e3769369b44db745c33507186e474c96f68d09f85e645e608de04ed105afa2c4da30c504315c23b8909496d38d8903004813e5dc236701346f376de138bc26c673b53dd2deb1f93cd02c86c5095664bdb2bd0e0ef406cc4df4955c83628a8c556f643bde865462c62e6f89e426ebf6b902d8ecd493b95a1e5cc1f68a44f7afa07c99d50b4fe8820f8a2c60a942d0d76e4ac760c2498fa61a492c39ecda83abab2b0c6fb9797cc518d4c1bd3f93c08c608192797bb700e6d95791ce482a54f3398d88a59332361ddad5b92d30f94db32493bd131f3658f6d6475ea112a4c6498fa293b7b93ab7f1d4f16ca64a3892053f736ea8015f9dfe09bfc0f774597c91e9348b3be2e92c0864aed146fc62b3e4ebe482aba829ec9e1f8cfff0af373db84428710e10a48bf6f3e17a9b0805d13461a4a865a13fae8db059da7e4bf8397b35f4efab2062ad7fb01be20c11a989cc79e5193143205e244540fabe0e9237620f045177db22285f8492363c4d1f5e0bf85f8ce4570a0b4edaafe1eb6cf2c528c4c564648cec6aeb15861bafac56c6bea2ae5cdf64204df44b44a5dfd024e8c020faec940d4f2c4e1a01e5d246cd0bf488c5fbed9deb5bd3229e8a245a3cf9d99cb8c893aea07a3be48f8644e0197b3982e038fd184340bf431fbc64960f99380ef8f7929b682987b7b570dff1bf0f042fb01eda20d0ddbf3b7321f254cfe0e5805f075397b8311ca45c235fa8fdf78a6c89eca4d353924a9309b7063dbabb404d83431d0de4871c51cc1ba6a84952469e92af7b68e9ec65a704ca9f45c8196a1e695f6c6d7059fad70e8c6a18cc7c373bca8fb7049f2c699e48daa0d0a0845daff07882f580d7a3e78a58031c55eede588c0e49d63f8088ed64d11731ecb222d639249115b33dc3ef6f46c578f605d560e8bb3097f3fdaf4a5cf3fce8688d8d2267ec2fbe26298ad467db7ae936999682edf8eb98040b7a32af5e6934d1596163fd01da63f24e120192186e4b3633b2dc75a5ad2757fa8898b6861099d7c92bb61cc5343cf0c540497f8065b776d6f772c669b9ec2b1e33c0d3ff6daa756aaa2f2c1fd8539da5f6940d206196155c516722c8830aa89f1a74461a6b7a0de13117e52f7fd719717d205c26e80f7b7ddfd3faa6625356db5d53b06d2e4b6e92d1e9325a68a620ebc16703bb04c7d7dd48dd8d1160bc0b6e53baa80600c3955e556bc706729020a791087f8fd71394857042229c20acd22ef720e78af74a4a1e2306c99a2efe5226747a57ffd92d032123d78e9ec5c0c430fe1dc9ed92bda2613bda5093dba34563bdbb2c5905966224f7724ba93f401c5a7edbcf15ea1d1098a89ad455c41db063800c78db9b8892ed51b0e0d168e47f3128c1e38d7561006ef88840ea32899233100ea466326760966bda02ec29648af50084ff5f609a904707e25f6a66f908692845b6b6462ab669e3601b19bdb3af70c8851e217a9e9feef90a3fb6672374d4839a0a9", 0x1000, 0xff76}, {&(0x7f0000001640)="327d8c48cecc0cce798b37cd8db9d31ca8cee9312d4805eed4a72b292080c7b4983d0173499060fd4a8bd6da7e4d0a918fd2812afddf7bf0ebb1fcaef586bd9d6327b3a9abf85cd81ced4c2f3954faa0533ee70b34c9e23309c90acc5a644f318dac7dd8934f735a1366d4f8d26eb0c362abf180caa34066f29e9acf", 0x7c, 0x3a49}], 0xc1888, &(0x7f0000001740)=ANY=[@ANYBLOB='session=0xffffffffffff7fff,euid<', @ANYRESDEC=0xee01, @ANYBLOB=',rootcontext=root,obj_role=]-,smackfsroot=SMC_PNETID\x00,uid>', @ANYRESDEC, @ANYBLOB="2c646566636f6e746578743d756e636f6e66696e65645f752c736d61636b66736465663d86402a2c2c646f6e745f686173682c666f776e65723e", @ANYRESDEC, @ANYBLOB="2c7375626a81757365723d2c00"]) (rerun: 64) fanotify_mark(0xffffffffffffffff, 0x22, 0x1, r5, &(0x7f0000001840)='./file1\x00') sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x14, r4, 0x1}, 0x14}}, 0x0) sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x34, r4, 0x10, 0x70bd2b, 0x25dfdbfc, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'nr0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x8800}, 0x2) (async) sendmsg$L2TP_CMD_SESSION_GET(r2, &(0x7f0000000240)={&(0x7f0000000180), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r1, 0xb09}, 0x14}}, 0x0) (async) sendmsg$L2TP_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r1, 0x8, 0x70bd28, 0x25dfdbff, {}, [@L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0x4}, @L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x8000) (async) sendmsg$L2TP_CMD_TUNNEL_MODIFY(r2, &(0x7f0000001940)={&(0x7f0000001880)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001900)={&(0x7f00000018c0)={0x30, r1, 0x70d, 0x70bd2a, 0x25dfdbfc, {}, [@L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x4}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}, 0x30}}, 0x10) [ 1209.863659] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f322b2fc61a [ 1209.870910] RDX: 0000000020000140 RSI: 0000000020000180 RDI: 00007f3229c6ffe0 [ 1209.878175] RBP: 00007f3229c70020 R08: 00007f3229c70020 R09: 0000000020000140 [ 1209.885444] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000140 [ 1209.892705] R13: 0000000020000180 R14: 00007f3229c6ffe0 R15: 0000000020001340 [ 1209.926044] CPU: 0 PID: 31265 Comm: syz-executor.0 Not tainted 4.14.277-syzkaller #0 [ 1209.933949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1209.943304] Call Trace: [ 1209.945892] dump_stack+0x1b2/0x281 [ 1209.949524] should_fail.cold+0x10a/0x149 [ 1209.953682] should_failslab+0xd6/0x130 [ 1209.957665] __kmalloc+0x2c1/0x400 [ 1209.961203] ? __list_lru_init+0x67/0x710 [ 1209.965351] __list_lru_init+0x67/0x710 [ 1209.969326] sget_userns+0x504/0xc10 [ 1209.973037] ? set_bdev_super+0x110/0x110 [ 1209.977187] ? ns_test_super+0x50/0x50 [ 1209.981075] ? set_bdev_super+0x110/0x110 [ 1209.985219] ? ns_test_super+0x50/0x50 [ 1209.989101] sget+0xd1/0x110 [ 1209.992119] mount_bdev+0xcd/0x360 [ 1209.995655] ? hfsplus_iget+0x700/0x700 [ 1209.999624] mount_fs+0x92/0x2a0 [ 1210.002997] vfs_kern_mount.part.0+0x5b/0x470 [ 1210.008361] do_mount+0xe65/0x2a10 [ 1210.011905] ? __do_page_fault+0x159/0xad0 [ 1210.016136] ? retint_kernel+0x2d/0x2d [ 1210.020024] ? copy_mount_string+0x40/0x40 [ 1210.021982] ------------[ cut here ]------------ [ 1210.024258] ? memset+0x20/0x40 [ 1210.028998] WARNING: CPU: 1 PID: 31219 at fs/super.c:1163 kill_block_super+0xbe/0xe0 [ 1210.032248] ? copy_mount_options+0x1fa/0x2f0 [ 1210.040097] Kernel panic - not syncing: panic_on_warn set ... [ 1210.040097] [ 1210.044575] ? copy_mnt_ns+0xa30/0xa30 [ 1210.055766] SyS_mount+0xa8/0x120 [ 1210.059200] ? copy_mnt_ns+0xa30/0xa30 [ 1210.063071] do_syscall_64+0x1d5/0x640 [ 1210.066944] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1210.072115] RIP: 0033:0x7f463664e61a [ 1210.075804] RSP: 002b:00007f4634fc1f88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1210.083492] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f463664e61a [ 1210.090742] RDX: 0000000020000140 RSI: 0000000020000180 RDI: 00007f4634fc1fe0 [ 1210.097992] RBP: 00007f4634fc2020 R08: 00007f4634fc2020 R09: 0000000020000140 [ 1210.105239] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000140 [ 1210.112491] R13: 0000000020000180 R14: 00007f4634fc1fe0 R15: 0000000020001340 [ 1210.119756] CPU: 1 PID: 31219 Comm: syz-executor.3 Not tainted 4.14.277-syzkaller #0 [ 1210.127634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1210.136981] Call Trace: [ 1210.139569] dump_stack+0x1b2/0x281 [ 1210.143197] panic+0x1f9/0x42d [ 1210.146388] ? add_taint.cold+0x16/0x16 [ 1210.150363] ? kill_block_super+0xbe/0xe0 [ 1210.154510] ? __warn.cold+0x5/0x44 [ 1210.158146] ? kill_block_super+0xbe/0xe0 [ 1210.162293] __warn.cold+0x20/0x44 [ 1210.165830] ? ist_end_non_atomic+0x10/0x10 [ 1210.170181] ? kill_block_super+0xbe/0xe0 [ 1210.174326] report_bug+0x208/0x250 [ 1210.177950] do_error_trap+0x195/0x2d0 [ 1210.181836] ? math_error+0x2d0/0x2d0 [ 1210.185633] ? retint_kernel+0x2d/0x2d [ 1210.189528] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1210.194371] invalid_op+0x1b/0x40 [ 1210.197823] RIP: 0010:kill_block_super+0xbe/0xe0 [ 1210.202567] RSP: 0018:ffff8880b3427bc8 EFLAGS: 00010246 [ 1210.207924] RAX: 0000000000040000 RBX: 0000000000000000 RCX: ffffc900073f4000 [ 1210.215186] RDX: 0000000000040000 RSI: ffffffff818759be RDI: ffff888090355d70 [ 1210.222451] RBP: ffff88809b546d40 R08: ffffffff8b9d2748 R09: 0000000000000001 [ 1210.229715] R10: 0000000000000000 R11: ffff888095578380 R12: ffff8880903558c0 [ 1210.236983] R13: ffffffff890b0bd0 R14: ffffffff88f45500 R15: dffffc0000000000 [ 1210.244268] ? kill_block_super+0xbe/0xe0 [ 1210.248420] ? kill_block_super+0xbe/0xe0 [ 1210.252568] deactivate_locked_super+0x6c/0xd0 [ 1210.257160] sget_userns+0x9c4/0xc10 [ 1210.260869] ? set_bdev_super+0x110/0x110 [ 1210.265019] ? ns_test_super+0x50/0x50 [ 1210.268905] ? set_bdev_super+0x110/0x110 [ 1210.273055] ? ns_test_super+0x50/0x50 [ 1210.276940] sget+0xd1/0x110 [ 1210.279956] mount_bdev+0xcd/0x360 [ 1210.283490] ? hfsplus_iget+0x700/0x700 [ 1210.287463] mount_fs+0x92/0x2a0 [ 1210.290824] vfs_kern_mount.part.0+0x5b/0x470 [ 1210.295312] do_mount+0xe65/0x2a10 [ 1210.298851] ? __do_page_fault+0x159/0xad0 [ 1210.303086] ? retint_kernel+0x2d/0x2d [ 1210.306972] ? copy_mount_string+0x40/0x40 [ 1210.311205] ? memset+0x20/0x40 [ 1210.314484] ? copy_mount_options+0x1fa/0x2f0 [ 1210.318973] ? copy_mnt_ns+0xa30/0xa30 [ 1210.322855] SyS_mount+0xa8/0x120 [ 1210.326304] ? copy_mnt_ns+0xa30/0xa30 [ 1210.330187] do_syscall_64+0x1d5/0x640 [ 1210.334077] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1210.339256] RIP: 0033:0x7f322b2fc61a [ 1210.342953] RSP: 002b:00007f3229c6ff88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 1210.347263] hfsplus: unable to parse mount options [ 1210.350649] RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 00007f322b2fc61a [ 1210.350656] RDX: 0000000020000140 RSI: 0000000020000180 RDI: 00007f3229c6ffe0 [ 1210.350662] RBP: 00007f3229c70020 R08: 00007f3229c70020 R09: 0000000020000140 [ 1210.350668] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000140 [ 1210.350673] R13: 0000000020000180 R14: 00007f3229c6ffe0 R15: 0000000020001340 [ 1210.355771] Kernel Offset: disabled [ 1210.395665] Rebooting in 86400 seconds..